Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] Wirus laserveradedomaina.com

Ajdahoa 18 Paź 2018 12:59 198 7
  • #1 18 Paź 2018 12:59
    Ajdahoa
    Poziom 6  

    Uruchamia www w dużych ilościach.

    adwcleaner_7.2.3.1, tdsskiller, Malwarebytes nic nie pomaga :(

    Komunikat na zablokowanych www jest taki: laserveradedomaina.com ale też wyskakują normalne reklamy www. Już męczę się z tym 2 godziny. Proszę o pomoc.
    Czym logi wykonać?

    0 7
  • #4 18 Paź 2018 17:00
    Ajdahoa
    Poziom 6  

    Wirus laserveradedomaina.com

    Dodano po 1 [godziny] 40 [minuty]:

    Sprawdzi ktoś logi? Błagam pomóżcie. Malwarebytes wykrył właśnie prawie 80 wirusów, nie wiem co jest grane, wczoraj nie było nic. Virusy z serii PUP i masę innych.... Coś ściąga mi wirusy?

    0
  • #5 18 Paź 2018 17:24
    Kolobos
    Spec od komputerów

    Odinstaluj:
    Spybot - Search & Destroy
    YoutubeAdBlock

    Wykonaj Fixlist.txt dla FRST:
    CloseProcesses:
    ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
    ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
    ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
    ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
    Task: {37031FB0-92AC-4470-86EA-51CA536C73FF} - System32\Tasks\RzmVfSQvlkpVqKr2 => rundll32 "C:\Program Files (x86)\deoRkBcMU\taaYyK.dll",#1
    Task: {3B81DB6A-50F9-45D0-9865-2061D4BC8953} - System32\Tasks\{0585D5EF-EC00-4178-AD39-0B43F5753502} => D:\gry\Might and Magic Heroes VII\Binaries\Win64\MMH7Game-Win64-Shipping.exe [2017-10-12] (Ubisoft, Inc.)
    Task: {4BECABA1-4592-4179-AF79-C7734FAB62BF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2018-04-20] (Safer-Networking Ltd.)
    Task: {4DEE5B7B-C52F-4196-A46B-42C181EFAF15} - System32\Tasks\Opera scheduled Autoupdate 2796787680 => C:\Users\TomeK\AppData\Roaming\Microsoft\Windows\agbdvrhe\svhhiafs.exe
    Task: {59082999-6168-42E1-B00F-033F41D5AE5D} - System32\Tasks\LgUiZWCNTEYJs2 => C:\Windows\system32\wscript.exe "C:\ProgramData\CvclQZOtucyvVSVB\YYtxcVk.wsf"
    Task: {89737FC0-7048-4FAB-9A77-7FBD60266093} - System32\Tasks\{51221A57-A03C-4847-936D-000291BF96ED} => C:\Windows\system32\pcalua.exe -a E:\torrent\Rage_of_Mages_2_FINAL-CLS\clsrom01\INSTALL.EXE -d E:\torrent\Rage_of_Mages_2_FINAL-CLS\clsrom01
    Task: {8ECB760A-DC0D-47C2-8456-4683C479D597} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2018-04-20] (Safer-Networking Ltd.)
    Task: {A2D50728-4379-429B-95EA-B1A052682111} - System32\Tasks\{297BE578-F613-4B86-9A2B-1DD696112483} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\UltraISO\UltraISO.exe" -d "D:\torrenty\Microsoft Office 2013 Professional Plus [ PL ] [ x 86 ] [Aktywator + Klucz mak]\Microsoft Office 2013 Professional Plus [ PL ] [ x 86 ] [Aktywator + Klucz mak]" -c "D:\torrenty\Microsoft Office 2013 Professional Plus [ PL ] [ x 86 ] [ (dane wartości zawierają 187 znaków więcej).
    Task: {B810E369-6FAA-4658-8598-EE5C5F58DBC8} - System32\Tasks\GItHvXoKUgtwAW => rundll32 "C:\Program Files (x86)\pObWEjsjndqU2\ftFadaJYEyKKe.dll",#1
    Task: {C04B44A6-61C2-4BC3-A80F-9B3ADDA2583A} - System32\Tasks\zkqtSUqvflBJtZIfTnB2 => rundll32 "C:\Program Files (x86)\YaNQOzjyhjQoC\QJENfsf.dll",#1




    Task: {C343F1E5-E461-4B50-B969-0729F586BD2E} - System32\Tasks\{AA0C2E94-0C42-432A-BDA2-AB8E57431108} => C:\Windows\system32\pcalua.exe -a E:\torrent\Rage_of_Mages_2_FINAL-CLS\clsrom01\INSTALL.EXE -d E:\torrent\Rage_of_Mages_2_FINAL-CLS\clsrom01
    Task: {DC0AA7D4-BFFE-46EA-B916-402FBB270DB3} - System32\Tasks\qZkEPNCGHOoYARSao2 => rundll32 "C:\Program Files (x86)\NOOfCcUskYMcdeyIflR\HQeotys.dll",#1
    Task: {F9235D18-B5A5-4A19-84BB-3059BEA68259} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2018-04-20] (Safer-Networking Ltd.)
    (CloudBees, Inc.) C:\ProgramData\Microsoft\Windows\EventSvc\eventsvc.exe
    () C:\Program Files (x86)\AZ\4978209.exe
    () C:\ProgramData\Microsoft\Windows\EventSvc\work0.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Bolly ) C:\Users\TomeK\AppData\Roaming\i3zhx514glc\2lcvopvjkyd.exe
    () C:\Users\TomeK\AppData\Local\Temp\is-MRCJM.tmp\2lcvopvjkyd.tmp
    (Bolly ) C:\Users\TomeK\AppData\Roaming\loucuazq1fy\c53kck4pydk.exe
    (Bolly ) C:\Users\TomeK\AppData\Roaming\jibudw03ply\y5mkkggkn4i.exe
    () C:\Users\TomeK\AppData\Local\Temp\is-P3C4E.tmp\c53kck4pydk.tmp
    (Bolly ) C:\Users\TomeK\AppData\Roaming\ivx32c0vryp\agya3qtipko.exe
    () C:\Users\TomeK\AppData\Local\Temp\is-KIHJJ.tmp\y5mkkggkn4i.tmp
    (Bolly ) C:\Users\TomeK\AppData\Roaming\j0pb1uh1ct4\2ywaqhtvqro.exe
    (B%TZP8X) C:\Program Files\WB6CSWJXFV\WB6CSWJXF.exe
    () C:\Users\TomeK\AppData\Local\Temp\is-RL0DG.tmp\agya3qtipko.tmp
    (Bolly ) C:\Users\TomeK\AppData\Roaming\p5t40cpmlyq\uyuxemedz3k.exe
    () C:\Users\TomeK\AppData\Local\Temp\is-N31KD.tmp\2ywaqhtvqro.tmp
    () C:\Users\TomeK\AppData\Local\Temp\is-8088Q.tmp\uyuxemedz3k.tmp
    (B%TZP8X) C:\Program Files\YVFFYC9FSR\YVFFYC9FS.exe
    (Bolly ) C:\Users\TomeK\AppData\Roaming\0qdof0ewzlo\mtp12dxtjwc.exe
    () C:\Users\TomeK\AppData\Local\Temp\is-CKFIB.tmp\mtp12dxtjwc.tmp
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd.)
    HKLM\...\RunOnce: [rmw0gdwdusy] => C:\Program Files (x86)\AZ\4978209.exe [671232 2018-10-17] ()
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [2AK8L1AKE2W4J2D] => "C:\Program Files\SVRKUIB8XP\SVRKUIB8X.exe"
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [6243862] => C:\Users\TomeK\AppData\Roaming\i3zhx514glc\2lcvopvjkyd.exe [543966 2018-10-18] (Bolly )
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [4EF3AHSATR83YV1] => "C:\Program Files\WA070F0NVY\WA070F0NV.exe"
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [4193149] => C:\Users\TomeK\AppData\Roaming\loucuazq1fy\c53kck4pydk.exe [543966 2018-10-18] (Bolly )
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [9123347] => C:\Users\TomeK\AppData\Roaming\jibudw03ply\y5mkkggkn4i.exe [543966 2018-10-18] (Bolly )
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [PHG1NTPIHA2Q5SH] => "C:\Program Files\1O9I5IVVUI\1O9I5IVVU.exe"
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [8945521] => C:\Users\TomeK\AppData\Roaming\ivx32c0vryp\agya3qtipko.exe [543966 2018-10-18] (Bolly )
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [XRAL9H3GH6UZX6X] => "C:\Program Files\KN70HD6MFV\E2O89HW5A.exe"
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [8044882] => C:\Users\TomeK\AppData\Roaming\j0pb1uh1ct4\2ywaqhtvqro.exe [543966 2018-10-18] (Bolly )
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [OTHT52LTU84HQQR] => "C:\Program Files\80VF0LTKJS\TAV90VH72.exe"
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [R45190SYLM5RXXF] => C:\Program Files\WB6CSWJXFV\WB6CSWJXF.exe [783872 2018-10-18] (B%TZP8X)
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [4534960] => C:\Users\TomeK\AppData\Roaming\p5t40cpmlyq\uyuxemedz3k.exe [543966 2018-10-18] (Bolly )
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [DW5KSVRJ6SJC3PI] => C:\Program Files\YVFFYC9FSR\YVFFYC9FS.exe [783872 2018-10-18] (B%TZP8X)
    HKU\S-1-5-21-2717323687-3300726671-3819604275-1000\...\Run: [8852015] => C:\Users\TomeK\AppData\Roaming\0qdof0ewzlo\mtp12dxtjwc.exe [543966 2018-10-18] (Bolly )
    Startup: C:\Users\TomeK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\agbdvrhe.lnk [2018-10-18]
    ShortcutTarget: agbdvrhe.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    BootExecute: autocheck autochk * sdnclean64.exe
    GroupPolicy: Ograniczenia - Chrome <==== UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
    BHO: YoutubeAdBlock -> {4380B7D5-B068-48A8-9012-70B2490292FB} -> C:\Program Files (x86)\vTGTErrEdIE\tG0t2en.dll [2018-10-18] ()
    BHO-x32: YoutubeAdBlock -> {4380B7D5-B068-48A8-9012-70B2490292FB} -> C:\Program Files (x86)\vTGTErrEdIE\k8Q08WMXJ.dll [2018-10-18] ()
    C:\Users\TomeK\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbnpbnmjmgabkfemdehelbgdppngihhg
    CHR Extension: (Adblocker for Youtube™) - C:\Users\TomeK\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbnpbnmjmgabkfemdehelbgdppngihhg [2018-10-18] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== UWAGA
    C:\Users\TomeK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\kbnpbnmjmgabkfemdehelbgdppngihhg
    CHR Extension: (Adblocker for Youtube™) - C:\Users\TomeK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\kbnpbnmjmgabkfemdehelbgdppngihhg [2018-10-18] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== UWAGA
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
    R2 EventSvc; C:\ProgramData\Microsoft\Windows\EventSvc\eventsvc.exe [360448 2018-07-24] (CloudBees, Inc.) [Brak podpisu cyfrowego] <==== UWAGA
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd.)
    S2 PowerSvc; "C:\ProgramData\Microsoft\Windows\Power\PowerSvc.exe" [X]
    S2 SysSvc; "C:\Users\TomeK\AppData\Local\NtvHost\syssvc.exe" [X]
    S3 ALSysIO; \??\C:\Users\TomeK\AppData\Local\Temp\ALSysIO64.sys [X] <==== UWAGA
    S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
    2018-10-18 13:16 - 2018-10-18 13:16 - 000003058 _____ C:\Windows\System32\Tasks\GItHvXoKUgtwAW
    2018-10-18 13:16 - 2018-10-18 13:16 - 000002890 _____ C:\Windows\System32\Tasks\LgUiZWCNTEYJs2
    2018-10-18 13:16 - 2018-10-18 13:16 - 000002872 _____ C:\Windows\System32\Tasks\qZkEPNCGHOoYARSao2
    2018-10-18 13:16 - 2018-10-18 13:16 - 000002860 _____ C:\Windows\System32\Tasks\zkqtSUqvflBJtZIfTnB2
    2018-10-18 13:16 - 2018-10-18 13:16 - 000002850 _____ C:\Windows\System32\Tasks\RzmVfSQvlkpVqKr2
    2018-10-18 13:16 - 2018-10-18 13:16 - 000000000 ____D C:\Users\TomeK\AppData\Roaming\0qdof0ewzlo
    2018-10-18 13:16 - 2018-10-18 13:16 - 000000000 ____D C:\ProgramData\CvclQZOtucyvVSVB
    2018-10-18 13:16 - 2018-10-18 13:16 - 000000000 ____D C:\Program Files\YVFFYC9FSR
    2018-10-18 13:16 - 2018-10-18 13:16 - 000000000 ____D C:\Program Files (x86)\YaNQOzjyhjQoC
    2018-10-18 13:16 - 2018-10-18 13:16 - 000000000 ____D C:\Program Files (x86)\vTGTErrEdIE
    2018-10-18 13:16 - 2018-10-18 13:16 - 000000000 ____D C:\Program Files (x86)\pObWEjsjndqU2
    2018-10-18 13:16 - 2018-10-18 13:16 - 000000000 ____D C:\Program Files (x86)\NOOfCcUskYMcdeyIflR
    2018-10-18 13:16 - 2018-10-18 13:16 - 000000000 ____D C:\Program Files (x86)\deoRkBcMU
    2018-10-18 13:16 - 2018-10-18 13:16 - 000000000 ____D C:\Program Files (x86)\DdJDUMRiVWUn
    2018-10-18 12:42 - 2018-10-18 13:24 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2018-10-18 12:42 - 2018-10-18 13:16 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2018-10-18 12:42 - 2018-10-18 12:42 - 000001395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2018-10-18 12:42 - 2018-10-18 12:42 - 000001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2018-10-18 12:42 - 2018-10-18 12:42 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
    2018-10-18 12:42 - 2018-10-18 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2018-10-18 12:42 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
    2018-10-18 12:40 - 2018-10-18 12:41 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\TomeK\Desktop\spybotsd-2.7.64.0.exe
    2018-10-18 12:32 - 2018-10-18 12:32 - 000000000 ____D C:\Users\TomeK\AppData\Roaming\p5t40cpmlyq
    2018-10-18 12:32 - 2018-10-18 12:32 - 000000000 ____D C:\Program Files\WB6CSWJXFV
    2018-10-18 12:31 - 2018-10-18 12:35 - 000210908 _____ C:\TDSSKiller.3.1.0.17_18.10.2018_12.31.18_log.txt
    2018-10-18 12:28 - 2018-10-18 12:28 - 000000000 ____D C:\TDSSKiller_Quarantine
    2018-10-18 12:26 - 2018-10-18 12:29 - 000222868 _____ C:\TDSSKiller.3.1.0.17_18.10.2018_12.26.32_log.txt
    2018-10-18 12:21 - 2018-10-18 12:30 - 000000000 ____D C:\Program Files\80VF0LTKJS
    2018-10-18 12:21 - 2018-10-18 12:21 - 000000000 ____D C:\Users\TomeK\AppData\Roaming\j0pb1uh1ct4
    2018-10-18 12:14 - 2018-10-18 12:30 - 000000000 ____D C:\Program Files\KN70HD6MFV
    2018-10-18 12:14 - 2018-10-18 12:14 - 000000000 ____D C:\Users\TomeK\AppData\Roaming\ivx32c0vryp
    2018-10-18 11:53 - 2018-10-18 12:30 - 000000000 ____D C:\Program Files\1O9I5IVVUI
    2018-10-18 11:53 - 2018-10-18 11:53 - 000000000 ____D C:\Users\TomeK\AppData\Roaming\jibudw03ply
    2018-10-18 11:45 - 2018-10-18 11:45 - 000000266 __RSH C:\Users\TomeK\ntuser.pol
    2018-10-18 11:44 - 2018-10-18 12:30 - 000000000 ____D C:\Program Files\WA070F0NVY
    2018-10-18 11:44 - 2018-10-18 11:44 - 000000000 ____D C:\Users\TomeK\AppData\Roaming\loucuazq1fy
    2018-10-18 11:41 - 2018-10-18 13:27 - 000000000 ____D C:\Users\TomeK\AppData\Local\GoogleChromeUserData
    2018-10-18 11:40 - 2018-10-18 11:41 - 000000000 ____D C:\Users\TomeK\AppData\Local\GoogleChromeApplication
    2018-10-18 11:39 - 2018-10-18 13:22 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
    2018-10-18 11:39 - 2018-10-18 12:30 - 000000000 ____D C:\Program Files\SVRKUIB8XP
    2018-10-18 11:39 - 2018-10-18 12:25 - 000000000 ____D C:\Users\TomeK\AppData\Local\NtvHost
    2018-10-18 11:39 - 2018-10-18 11:56 - 000000000 ____D C:\Program Files (x86)\Multitimer
    2018-10-18 11:39 - 2018-10-18 11:44 - 000003446 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 2796787680
    2018-10-18 11:39 - 2018-10-18 11:39 - 000000000 ____D C:\Users\TomeK\AppData\Roaming\i3zhx514glc
    2018-10-18 11:39 - 2018-10-18 11:39 - 000000000 ____D C:\Program Files (x86)\AZ
    2018-10-18 11:38 - 2018-10-18 11:38 - 000000000 ____D C:\Users\TomeK\AppData\Local\MicroService
    2018-10-18 11:38 - 2018-10-18 11:38 - 000000000 ____D C:\Users\TomeK\AppData\Local\AdvinstAnalytics
    2018-10-18 11:37 - 2018-10-18 11:43 - 000000000 ____D C:\ProgramData\Blogger
    2018-10-18 11:34 - 2018-10-18 11:38 - 000193536 _____ (IvoSoft) C:\ProgramData\Byr.exe
    2018-10-18 11:33 - 2018-10-18 11:33 - 000000000 ____D C:\ProgramData\Kor
    2018-10-18 11:34 - 2018-10-18 11:38 - 000193536 _____ (IvoSoft) C:\ProgramData\Byr.exe

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    1
  • Pomocny post
    #7 18 Paź 2018 18:16
    Kolobos
    Spec od komputerów

    Po co cytujesz caly post?

    Nowy Fixlist.txt dla FRST:
    S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
    S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
    2018-10-18 14:00 - 2018-10-18 17:37 - 000094673 _____ C:\Windows\ZAM_Guard.krnl.trace
    2018-10-18 14:00 - 2018-10-18 14:58 - 000166972 _____ C:\Windows\ZAM.krnl.trace
    2018-10-18 14:00 - 2018-10-18 14:00 - 000000000 ____D C:\Users\TomeK\AppData\Local\Wolf of Webstreet OPC Private Limited
    2018-10-18 13:59 - 2018-10-18 17:39 - 000000000 ____D C:\Program Files (x86)\MalwareFox AntiMalware
    2018-10-18 13:59 - 2018-10-18 13:59 - 000000000 ____D C:\Users\TomeK\AppData\Local\Zemana
    2018-10-18 13:52 - 2018-10-18 17:37 - 000000000 ____D C:\Users\TomeK\AppData\Roaming\0xntaqbzux3
    2018-10-18 13:52 - 2018-10-18 14:22 - 000000000 ____D C:\Users\TomeK\AppData\Roaming\CRMSvc
    2018-10-18 13:28 - 2018-10-18 13:29 - 000213774 _____ C:\TDSSKiller.3.1.0.17_18.10.2018_13.28.34_log.txt

    Po wykonaniu usun katalog C:\FRST i to wszystko.

    0
  • #8 18 Paź 2018 18:36
    Ajdahoa
    Poziom 6  

    Zrobione !!! Nic nie wyskakuje i zmniejszyła się lista procesów :) Super pomoc . Dzięki wielkie.

    0