Jump to content

PC infected - Swizzor!IK


Recommended Posts

A-squared free is obsolete, no longer in the development and is not supported.  You should not be using it.

Copy the below code to Notepad; Save As fixlist.txt to your Desktop.

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Pas de fichier
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <non trouvé(e)>
2017-04-28 19:21 - 2017-04-28 19:21 - 00000000 ____D C:\ProgramData\pdfforge
2011-11-03 15:13 - 2011-11-03 15:13 - 1786688 _____ () C:\Users\Arthur\AppData\Local\Temp\sonarinst.exe
CustomCLSID: HKU\S-1-5-21-2768558785-2739680840-3553050652-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Arthur\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2768558785-2739680840-3553050652-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Arthur\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Pas de fichier
Task: {640A9457-6C1E-4303-95B4-5579D09EFDBD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {AC01A8C2-D7E6-4FA9-9E4C-0129A221A982} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {D52E14CC-2B17-4518-B12B-D89A959B896A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {EDB87307-869B-447D-BB80-A99B4DFE185B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {FDA5E30D-0F60-4599-A8CF-14D14873846D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
AlternateDataStreams: C:\Users\Arthur\Downloads:Shareaza.GUID [16]
AlternateDataStreams: C:\Users\Arthur\Downloads\Maze.Runner.The.Scorch.Trials.2015.1080p.BluRay.6CH.ShAaNiG:Shareaza.GUID [16]
HKU\S-1-5-21-2768558785-2739680840-3553050652-1001\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION
Reg: reg delete "HKEY_USERS\S-1-5-21-2768558785-2739680840-3553050652-1001\SOFTWARE\PDFFORGE" f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\PDFFORGE" /f

Close Notepad.

NOTE: It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST64 and press the Fix button just once and wait.

If the tool needed a restart please make sure you let the system restart normally and let the tool complete its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Attach it to your reply.

Note: If the tool warns you about an outdated version please download and run the updated version.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...