Witam, mam problem z usunięciem wirusa robiącego skróty na pendrivie. Załączam log z USBfix i raport FRST i addition z FRST.
Czy wolisz polską wersję strony elektroda?
Nie, dziękuję Przekieruj mnie tam
Cytat:Task: {E0B298E1-53F0-46C4-AA19-F01054428F44} - System32\Tasks\{9BDE667F-2C16-4854-A79C-B3C3D16F7EA7} => Chrome.exe http://ui.skype.com/ui/0/7.1.59.105/pl/abandoninstall?page=tsProgressBar
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\RunOnce: [] => [X]
HKLM-x32\...\Run: [winsys] => C:\Windows\SysWOW64\winsys.exe [14336 2014-07-03] ()
HKU\S-1-5-21-3728316936-223909611-1148551543-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&a...D7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&a...D7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&a...D7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&a...D7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41&q={searchTerms}
HKU\S-1-5-21-3728316936-223909611-1148551543-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&am...D7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41&q={searchTerms}
HKU\S-1-5-21-3728316936-223909611-1148551543-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&t...d=WDCXWD7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41
HKU\S-1-5-21-3728316936-223909611-1148551543-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&t...d=WDCXWD7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41
HKU\S-1-5-21-3728316936-223909611-1148551543-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&am...D7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&a...D7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&a...D7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&a...D7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&a...D7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3728316936-223909611-1148551543-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&am...D7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41&q={searchTerms}
BHO-x32: WinToFlash Suggestor -> {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} -> C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll [2012-05-25] (Novicorp LLC)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?type=sc&ts=14...d=WDCXWD7500BPVT-80HXZT1_WD-WXH1E31DNX41DNX41
CHR Extension: (WinToFlash Suggestor) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf [2014-12-13]
CHR HKLM-x32\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx [2012-05-25]
CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2015-01-23]
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [757872 2014-06-19] (Cherished Technololgy LIMITED)
S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [463872 2015-01-19] (SysTool PasSame LIMITED) [File not signed]
S2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424624 2015-01-12] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
S1 nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [X]
2015-03-02 22:17 - 2015-03-02 22:17 - 00003106 _____ () C:\Windows\System32\Tasks\{9BDE667F-2C16-4854-A79C-B3C3D16F7EA7}
2015-02-12 17:13 - 2015-02-12 17:13 - 00003006 _____ () C:\Windows\System32\Tasks\{51308F5B-E244-4136-A541-D748C9B8DADE}
2015-02-12 00:12 - 2015-02-12 00:12 - 00003006 _____ () C:\Windows\System32\Tasks\{B5463043-5A70-483C-8D94-67E7DE550B3D}
EmptyTemp:
