Wirus instaluje i usuwa programy, odnawia się po usunięciu.

Cytat:

Task: {3A857E82-ABE6-4848-AB87-1513F0F301A9} - System32\Tasks\poEas97EKZvXl8p => C:\Users\ShowT\AppData\Roaming\poEas97EKZvXl8p.exe [2015-04-20] () <==== UWAGA
Task: {98FF7CE2-7AF2-4E07-8E58-9ED07C7BC349} - System32\Tasks\{7F0D0650-8DB5-417D-A91A-F5C2395819F4} => pcalua.exe -a C:\Users\ShowT\AppData\Roaming\omniboxes\UninstallManager.exe -c -ptid=amt
Task: C:\Windows\Tasks\poEas97EKZvXl8p.job => C:\Users\ShowT\AppData\Roaming\poEas97EKZvXl8p.exe <==== UWAGA
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-06-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-06-02] (Realtek Semiconductor)
HKU\S-1-5-21-1555503864-619611810-2226462112-1000\...\Run: [GoogleChromeAutoLaunch_F6F82C480DE9A9367B5558525ABBAE2F] => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-10-07 16:14 - 2015-10-07 16:17 - 00000000 ____D C:\AdwCleaner
2015-10-07 15:17 - 2015-10-07 15:17 - 00000000 ____D C:\Program Files (x86)\9e3e83c4-8c07-4880-b616-03f56e889963
2015-10-07 15:16 - 2015-10-07 15:16 - 00000296 _____ C:\task.vbs
2015-10-06 22:33 - 2015-10-06 22:33 - 00003156 _____ C:\Windows\System32\Tasks\{7F0D0650-8DB5-417D-A91A-F5C2395819F4}
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\ShowT\AppData\Roaming\poEas97EKZvXl8p
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\ShowT\AppData\Roaming\poEas97EKZvXl8p.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
EmptyTemp: