Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wirus tworzący skrót na pendrive

KruszonPro 12 Lis 2015 17:06 912 11
  • #1 12 Lis 2015 17:06
    KruszonPro
    Poziom 4  

    Witam,
    Po raz kolejny mam wirusa , który tworzy skrót na pendrive..
    pomoże mi ktoś to usunąć?...bo nie wiem dokładnie jak to się robi

    0 11
  • #2 12 Lis 2015 17:21
    igor1516
    Poziom 22  

    Co to za skrot? Jakas konkretna nazwa.

    0
  • #3 12 Lis 2015 17:24
    KruszonPro
    Poziom 4  

    na pendrivie tworzy się skrót do tego pendrive.
    mam dwa zarażone pendrive'y

    0
  • #9 12 Lis 2015 18:47
    Acorus 20
    Spec od komputerów

    Odinstaluj Akamai NetSession Interface, Ge-Force, Image Editor Packages, Sense, VuuPC Packages. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {3DD801A2-6EEF-458A-90A7-A06C226BB393} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-08-30] (globalUpdate) <==== UWAGA
    Task: {4F16E0EA-F6EF-4D9A-AE4A-E9E94A0A7201} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-08-30] (globalUpdate) <==== UWAGA
    Task: {60654649-CB06-4FF7-A6AF-BC821E36A39B} - System32\Tasks\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-7 => C:\Program Files (x86)\Ge-Force\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-7.exe <==== UWAGA
    Task: {ABEF02D2-E9F4-4978-970A-ABCEBEBD6DCC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3396797596-932553299-299937181-1000Core => C:\Users\HP\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23] (Facebook Inc.)
    Task: {BCE544EE-7951-4BD4-87DD-D27A82940EAD} - System32\Tasks\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-6 => C:\Program Files (x86)\Ge-Force\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-6.exe <==== UWAGA
    Task: {CA4064FD-7F31-47FF-9D79-961B47565D5C} - System32\Tasks\8feed68c-2e39-440c-aa5a-2b462ea8260e-3 => C:\Program Files (x86)\Sense\8feed68c-2e39-440c-aa5a-2b462ea8260e-3.exe [2014-08-30] (Object Browser) <==== UWAGA
    Task: {D4FDC01A-A4F9-493C-A37D-669309D8CFE3} - System32\Tasks\8feed68c-2e39-440c-aa5a-2b462ea8260e-11 => C:\Program Files (x86)\Sense\8feed68c-2e39-440c-aa5a-2b462ea8260e-11.exe <==== UWAGA
    Task: {E380C75C-338D-4C3F-889B-FBF2E616792C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3396797596-932553299-299937181-1000UA => C:\Users\HP\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23] (Facebook Inc.)
    Task: {EE8C46AC-D124-4F15-9974-394ED722DD20} - System32\Tasks\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-11 => C:\Program Files (x86)\Ge-Force\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-11.exe [2014-08-30] (iWebar) <==== UWAGA
    Task: C:\Windows\Tasks\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-11.job => C:\Program Files (x86)\Ge-Force\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-11.exe <==== UWAGA
    Task: C:\Windows\Tasks\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-6.job => C:\Program Files (x86)\Ge-Force\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-6.exe҃/agentregpath='Ge-Force-nv' /appid=61911 /srcid='001729' /subid='0' /zdata='eyJkYXRhIjp7ImRhdGUiOiJFOFV3b2JyeWMxLDdkYTlkNGU2LTQ5OWEtNDViNi05NWU3LTQ2MTdiMDIyNjBhZiwiLCJ1bnEiOiI3ZGE5ZDRlNi00OTlhLTQ1YjYtOTVlNy00NjE3YjAyMjYwYWYifQ==' /bic=F0718EAD64AF4F26919D50A0923565AEIE /verifier=b66d722ee67966f3113ce5f582b6950a /installerversion=1_34_08_12 /installerfullversion=1.34.8.12 /installationtime=1409414556 /statsdomain=hxxp:/stats.loadclientinputsrv.com /errorsdomain=hxxp:/errors.loadclientinputsrv.com /codedownloaddomain=hxxp:/js.loadclientinputsrv.com /defbro=ff /DllName32ToInjectToChrome='1cde5358-1d0a-4aa3-a0fa-02b162867000.dll' /DllName64ToInjectToChrome='d0a9c3cc-3f58-43f3-a72e-6f2f1613d328.dll' /nova64bitexe='3b4ff9b7-b774-412b-9ba4-58d6f55cc810-64.exe' /browsername='nova' /usehklm /crregname='Ge-Force' /fbcodedownloaddomain=hxxp:/js.clientdemocloud.com /addinfojson='{asw:[2, -1577058299, 12288],browser_name:__BROWSER_NAME__}' /autoupdateulr='hxxp:/update.loadclientinputsrv.com/novarun/{CAMP_ID}/update.json' /autoupdate64url='hxxp:/update.loadclientinputsrv.com/novarun64/{CAMP_ID}/update.jso <==== UWAGA




    Task: C:\Windows\Tasks\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-7.job => C:\Program Files (x86)\Ge-Force\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-7.exeх/updateapp /agentregpath='Ge-Force-nv' /appid=61911 /srcid='001729' /subid='0' /zdata='eyJkYXRhIjp7ImRhdGUiOiJFOFV3b2JyeWMxLDdkYTlkNGU2LTQ5OWEtNDViNi05NWU3LTQ2MTdiMDIyNjBhZiwiLCJ1bnEiOiI3ZGE5ZDRlNi00OTlhLTQ1YjYtOTVlNy00NjE3YjAyMjYwYWYifQ==' /bic=F0718EAD64AF4F26919D50A0923565AEIE /verifier=b66d722ee67966f3113ce5f582b6950a /installerversion=1_34_08_12 /installerfullversion=1.34.8.12 /installationtime=1409414556 /statsdomain=hxxp:/stats.loadclientinputsrv.com /errorsdomain=hxxp:/errors.loadclientinputsrv.com /codedownloaddomain=hxxp:/js.loadclientinputsrv.com /defbro=ff /DllName32ToInjectToChrome='1cde5358-1d0a-4aa3-a0fa-02b162867000.dll' /DllName64ToInjectToChrome='d0a9c3cc-3f58-43f3-a72e-6f2f1613d328.dll' /nova64bitexe='3b4ff9b7-b774-412b-9ba4-58d6f55cc810-64.exe' /browsername='nova' /usehklm /crregname='Ge-Force' /fbcodedownloaddomain=hxxp:/js.clientdemocloud.com /addinfojson='{asw:[2, -1577058299, 12288],browser_name:__BROWSER_NAME__}' /runfrom=task /autoupdateulr='hxxp:/update.loadclientinputsrv.com/novacode/{CAMP_ID}/update.jso <==== UWAGA
    Task: C:\Windows\Tasks\8feed68c-2e39-440c-aa5a-2b462ea8260e-11.job => C:\Program Files (x86)\Sense\8feed68c-2e39-440c-aa5a-2b462ea8260e-11.exe <==== UWAGA
    Task: C:\Windows\Tasks\8feed68c-2e39-440c-aa5a-2b462ea8260e-3.job => C:\Program Files (x86)\Sense\8feed68c-2e39-440c-aa5a-2b462ea8260e-3.exe <==== UWAGA
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3396797596-932553299-299937181-1000Core.job => C:\Users\HP\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3396797596-932553299-299937181-1000UA.job => C:\Users\HP\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== UWAGA
    Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== UWAGA
    HKLM-x32\...\RunOnce: [] => [X]
    HKU\S-1-5-21-3396797596-932553299-299937181-1000\...\Run: [Facebook Update] => C:\Users\HP\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-23] (Facebook Inc.)
    HKU\S-1-5-21-3396797596-932553299-299937181-1000\...\Run: [Tok-Cirrhatus] => "C:\Users\HP\AppData\Local\smss.exe"
    HKU\S-1-5-21-3396797596-932553299-299937181-1000\...\Run: [Akamai NetSession Interface] => C:\Users\HP\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-3396797596-932553299-299937181-1000\...\Policies\Explorer: []
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.funmoods.com/?f=1&a=ironpub&...EtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1001641714
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/pivotstickfigure/{9DC6E0F0-F860-BA8A-07B9-BBF5270F15CF}
    HKU\S-1-5-21-3396797596-932553299-299937181-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchnu.com/406
    HKU\S-1-5-21-3396797596-932553299-299937181-1000\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://search.babylon.com/?affID=113679&t...s&mntrId=a409a5110000000000000026c70ae58e
    URLSearchHook: HKU\S-1-5-21-3396797596-932553299-299937181-1000 - (Brak nazwy) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - Brak pliku
    SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&...=APN10645&apn_uid=4331339565024131&q={searchTerms}
    SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&...=APN10645&apn_uid=4331339565024131&q={searchTerms}
    SearchScopes: HKLM -> {BAB7CF87-B637-4C83-8466-502C1F98AEA5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
    SearchScopes: HKLM -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzytCyC0AtA0EtC0AyDtCtCtN0D0Tzu0StBtAyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1001641714
    SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&...=APN10645&apn_uid=4331339565024131&q={searchTerms}
    SearchScopes: HKLM-x32 -> {454EEA07-36ED-24E4-24D8-67C609D54540} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={9C9482C8-B354-4310-A028-5A3DEA3026BC}
    SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&...=APN10645&apn_uid=4331339565024131&q={searchTerms}
    SearchScopes: HKLM-x32 -> {BAB7CF87-B637-4C83-8466-502C1F98AEA5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {E627DC4B-8C04-4234-A2D4-1D634EE01C41} URL = hxxp://www.bigseekpro.com/search/toolbar/pivotstickfigure/{9DC6E0F0-F860-BA8A-07B9-BBF5270F15CF}?q={searchTerms}
    SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzytCyC0AtA0EtC0AyDtCtCtN0D0Tzu0StBtAyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1001641714
    SearchScopes: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=umail3&s={searchTerms}&f=4
    SearchScopes: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=110808&tt=3412_4&babsrc=SP_ss&mntrId=a409a5110000000000000026c70ae58e
    SearchScopes: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> {454EEA07-36ED-24E4-24D8-67C609D54540} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=113679&tt=3412_7&babsrc=SP_ss&mntrId=a409a5110000000000000026c70ae58e
    SearchScopes: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&...=APN10645&apn_uid=4331339565024131&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> {BAB7CF87-B637-4C83-8466-502C1F98AEA5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb188/?search={searchTerms}&loc=IB_DS&a=6R8EyPa6H7&i=26
    SearchScopes: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> {E627DC4B-8C04-4234-A2D4-1D634EE01C41} URL = hxxp://www.bigseekpro.com/search/toolbar/pivotstickfigure/{9DC6E0F0-F860-BA8A-07B9-BBF5270F15CF}?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={9C9482C8-B354-4310-A028-5A3DEA3026BC}
    Toolbar: HKLM-x32 - Brak nazwy - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - Brak pliku
    Toolbar: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> Brak nazwy - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Brak pliku
    Toolbar: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> Brak nazwy - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - Brak pliku
    Toolbar: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> Brak nazwy - {EEE6C35B-6118-11DC-9C72-001320C79847} - Brak pliku
    Toolbar: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> Brak nazwy - {60EACC1A-33FA-443D-9846-17B28E2C9BDB} - Brak pliku
    Toolbar: HKU\S-1-5-21-3396797596-932553299-299937181-1000 -> Brak nazwy - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Brak pliku
    FF DefaultSearchUrl: hxxp://www.bigseekpro.com/search/toolbar/pivotstickfigure/{9DC6E0F0-F860-BA8A-07B9-BBF5270F15CF}?q={searchTerms}
    FF SearchEngineOrder.1: Search
    FF SearchPlugin: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ksiw6xzf.default\searchplugins\MyStart Search.xml [2012-09-08]
    FF SearchPlugin: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ksiw6xzf.default\searchplugins\Search.xml [2012-08-22]
    FF SearchPlugin: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ksiw6xzf.default\searchplugins\Search_Results.xml [2012-10-29]
    FF SearchPlugin: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ksiw6xzf.default\searchplugins\sweetim.xml [2012-08-07]
    FF Extension: Conduit Engine - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\ksiw6xzf.default\Extensions\engine@conduit.com [2011-05-22] [Brak podpisu cyfrowego]
    CHR HomePage: Default -> hxxp://www.searchnu.com/406
    CHR StartupUrls: Default -> "hxxp://www.searchnu.com/406"
    CHR DefaultSearchURL: Default -> hxxp://dts.search-results.com/sr?src=crb&...=APN10645&apn_uid=4331339565024131&q={searchTerms}
    CHR Extension: (Funmoods) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh [2013-12-27] [UpdateUrl: hxxp://funmoods.com/public/download/chrome/update.xml] <==== UWAGA
    CHR Extension: (Sense) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bchnamjcpocgphheheekmchilaabjdnb [2014-09-06] [UpdateUrl: hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/chrome/update/61915.xml] <==== UWAGA
    CHR Extension: (Funmoods) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj [2014-08-24]
    CHR Extension: (Bookmark Manager) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-12]
    CHR Extension: (SweetIM for Facebook) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2012-08-07]
    CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\HP\AppData\Local\funmoods.crx [2012-08-22]
    CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\HP\AppData\Local\funmoods-speeddial.crx [2012-08-22]
    CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx <nie znaleziono>
    CHR HKU\S-1-5-21-3396797596-932553299-299937181-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\HP\AppData\Local\funmoods.crx [2012-08-22]
    CHR HKU\S-1-5-21-3396797596-932553299-299937181-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\HP\AppData\Local\funmoods-speeddial.crx [2012-08-22]
    CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\HP\AppData\Local\funmoods.crx [2012-08-22]
    CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\HP\AppData\Local\funmoods-speeddial.crx [2012-08-22]
    CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx <nie znaleziono>
    S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-30] (globalUpdate) [Brak podpisu cyfrowego] <==== UWAGA
    S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-30] (globalUpdate) [Brak podpisu cyfrowego] <==== UWAGA
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    2015-11-12 17:09 - 2015-11-12 17:09 - 00003100 _____ C:\Windows\System32\Tasks\{933B9DCA-63DF-481C-A7BC-06C1E85AD69A}
    2015-11-12 13:43 - 2010-08-09 11:38 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
    2015-11-12 13:42 - 2014-08-30 17:03 - 00004802 _____ C:\Windows\Tasks\8feed68c-2e39-440c-aa5a-2b462ea8260e-11.job
    2015-11-12 13:42 - 2014-08-30 17:03 - 00002532 _____ C:\Windows\Tasks\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-7.job
    2015-11-12 13:42 - 2014-08-30 17:02 - 00004808 _____ C:\Windows\Tasks\3b4ff9b7-b774-412b-9ba4-58d6f55cc810-11.job
    2015-11-12 13:42 - 2014-08-30 17:02 - 00000898 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
    2011-11-06 13:49 - 2012-10-14 09:32 - 0000080 _____ () C:\Users\HP\AppData\Roaming\wklnhst.dat
    2013-01-08 11:12 - 2013-01-08 11:12 - 0012393 _____ () C:\Users\HP\AppData\Local\Bron.tok.A12.em.bin
    2012-08-22 13:57 - 2012-08-22 13:57 - 0384844 _____ () C:\Users\HP\AppData\Local\funmoods-speeddial.crx
    2012-08-22 13:57 - 2012-08-22 13:57 - 0031465 _____ () C:\Users\HP\AppData\Local\funmoods.crx
    2013-01-08 10:27 - 2013-01-08 10:27 - 0000051 _____ () C:\Users\HP\AppData\Local\Kosong.Bron.Tok.txt
    2013-09-11 17:56 - 2013-09-11 17:56 - 0012393 _____ () C:\Users\HP\AppData\Local\Update.12.Bron.Tok.bin
    J:\SONY_8GR (8GB).lnk
    J:\ \~$nssgzmcjipgtzyaoa.bak
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.
    Przeskanuj progr. Malwarebytes Anti-Malware https://data-cdn.mbamupdates.com/web/mbam-setup-2.1.8.1057.exe
    Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

    0
  • #10 12 Lis 2015 20:25
    KruszonPro
    Poziom 4  

    Zrobione.
    Malwarebytes wykrył 51 zarażonych plików które usunąłem.
    jak sprawdzić czy wszystko jest już jak powinno?

    0
  • #11 12 Lis 2015 20:26
    Kolobos
    Spec od komputerów

    Podlacz pendrive i sprawdz.

    0
  • #12 12 Lis 2015 20:30
    KruszonPro
    Poziom 4  

    skrótów brak ;)
    dzieki

    0