Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wirus blokuje programy typu adwcleaner, sam otwiera przeglądarkę

Leksionn 19 Lis 2018 14:51 105 7
  • #1 19 Lis 2018 14:51
    Leksionn
    Poziom 2  

    Witam, złapałem jakiegoś wirusa, który po wpisaniu w przeglądarkę Mozilla fierfox adwcleaner bądź inny program tego typu z miejsca ją wyłącza. Otwiera sam przeglądarkę, otwiera się kilkanaście razy w rożnych odstępach czasowych. Co jakiś czas nowa karta. Nie za bardzo wiem jak sobie z tym poradzić i średnio to ogarniam. Moze mi ktoś pomoc? Pokierować co zrobić? Z góry dziękuje

    0 7
  • CControls
  • CControls
  • Pomocny post
    #4 19 Lis 2018 15:33
    Kolobos
    Spec od komputerów

    Odinstaluj:
    IndepthSystem
    LibraryModule
    SectionEdit
    softutiful
    TampaTrim
    UpgraderLite
    Yahoo! Toolbar

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    CloseProcesses:
    Task: {07E31EE8-D435-41AE-BB3A-8375219F45F8} - System32\Tasks\{8A984F25-2747-4766-A0B6-98A009F1E67E} => C:\Windows\system32\pcalua.exe -a C:\Users\PeCet\Downloads\sa-mp-0.2.2-R2.exe -d C:\Users\PeCet\Downloads
    Task: {13B2032C-026D-4AC8-8882-4C44897AC3C4} - System32\Tasks\{D946CE07-1AC9-0DBE-FCBF-D31752CEF759} => "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://firsthitnews.ru/cl/?guid=x6matgfpvpqpduut0gmix2guvu704gds&prid=1&pid=4_1324_0
    C:\Program Files (x86)\Common Files\KyZUFIiMVho.exe
    Task: {215E3842-376F-422E-8AA6-A0625FE0FE96} - System32\Tasks\{85860BDA-CE59-245C-B8C7-F3E6D793905B} => C:\Program Files (x86)\Common Files\KyZUFIiMVho.exe [2009-07-14] (Microsoft Corporation)
    Task: {24EDF526-FCF1-4ED4-BC04-9803D1A3D070} - System32\Tasks\{202F884E-4DB7-F7B0-827B-698B643B78A3} => "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://addfleshitem.com/cl/?guid=f6pi1w08xg34toglxyllxihiir1qc2uh&prid=1&pid=4_1324_0
    C:\Users\PeCet\AppData\Local\bfUuuu.exe
    Task: {3879FB4C-0407-4B6A-9943-F5553B60D20E} - System32\Tasks\{6282E269-8253-8F2D-C464-4D1C280C8BB3} => C:\Users\PeCet\AppData\Local\bfUuuu.exe [2009-07-14] (Microsoft Corporation) <==== UWAGA
    Task: {389301C2-1911-4EE5-A24D-FF2027ABC4A4} - System32\Tasks\{62D14149-0C2F-4191-AC8C-864275326EDE} => C:\Windows\system32\pcalua.exe -a G:\Setup.exe -d G:\
    Task: {3B7080A2-CC9D-486B-90A4-011720FFC11D} - System32\Tasks\{6D804AC1-D11E-4010-93A3-9422D28CFC53} => C:\Windows\system32\pcalua.exe -a C:\Users\PeCet\Downloads\flash_player9(Dobrepliki.pl).exe -d C:\Users\PeCet\Downloads
    Task: {3DE8B554-2D05-47BA-9AB8-74025EAB35B2} - System32\Tasks\{27FB1C18-DA76-43CF-9051-A1B4889D9F63} => D:\Gry\Gothic 3\Gothic III Forsaken Gods.exe
    Task: {40E01098-AFB9-4F9D-9794-2DBCDE2B8272} - \AdobeFlashPlayerUpdate -> Brak pliku <==== UWAGA
    C:\Program Files (x86)\YourFileDownloader\
    Task: {453D4D6A-E634-4D68-8E53-2EFF762407E1} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== UWAGA
    c:\programdata\{e79debae-97e5-dcba-e79d-debae97eaeba}\
    Task: {4982F5D0-C575-4BAA-BBCE-3969AAC45A60} - System32\Tasks\Superclean => c:\programdata\{e79debae-97e5-dcba-e79d-debae97eaeba}\hqghumeaylnlf.exe [2014-08-18] (Super PC Tools Ltd) <==== UWAGA
    C:\Users\PeCet\AppData\Roaming\FoxTab\
    Task: {543EB95D-1E57-4D77-8DBF-29A07D2C8192} - System32\Tasks\FoxTab => C:\Users\PeCet\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== UWAGA




    Task: {5E172053-5D51-42C7-8EDC-DB01D6015846} - System32\Tasks\{A5567F87-E293-4A7A-95A8-2E28FE90CDE2} => C:\Windows\system32\pcalua.exe -a "D:\Komp\Gry instalki\Gothic 3\setup.exe" -d "D:\Komp\Gry instalki\Gothic 3"
    Task: {5E818188-B904-476B-96F6-44904805D824} - System32\Tasks\{13A74620-8661-45D2-BC69-A5A06ABC490D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{1C08A24C-B168-407E-A826-68FAF5F20710}\setup.exe" -c -runfromtemp -l0x0415
    Task: {61045454-4162-45A2-B420-9C42E9AE7C9D} - System32\Tasks\{FFEA011B-823C-48EE-93B9-8EF02745D676} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUn0415.exe -c -fd:\gothic\Uninst.isu
    Task: {6A42FB07-D2D9-45DB-8961-2A4F4B5513A1} - System32\Tasks\{718EF43F-187F-4F7B-9C47-B5A85AF61A5C} => C:\Users\PeCet\Downloads\Gta San Andreas (1)\Gta San Andreas - 1MB\GTA_SA\Gta San Andreas+Kgb Archiver\setup.EXE
    C:\Windows\SysWOW64\qWLiaum.exe
    C:\Windows\UOqU.exe
    Task: {6D514022-C81B-42C7-B416-D4EC44DF01DC} - System32\Tasks\{AAB811DE-7D03-9C02-CB88-AC3FFC4ED4B6} => C:\Windows\SysWOW64\qWLiaum.exe [2009-07-14] (Microsoft Corporation) <==== UWAGA
    Task: {7CEADAE5-D3C7-4439-A3E3-A2C2FA5F3195} - System32\Tasks\{6AD00C5E-16B7-80CF-98AC-DC1498436728} => C:\Windows\UOqU.exe [2009-07-14] (Microsoft Corporation)
    Task: {80A2F415-1D1F-41D1-9C7F-042A86A4E5B0} - System32\Tasks\{09E62643-9C29-4D5B-B096-CEA5C71A78A1} => C:\Windows\system32\pcalua.exe -a C:\Users\PeCet\Downloads\gothic1_playerkit-1.08k.exe -d C:\Users\PeCet\Downloads
    C:\Windows\SysWOW64\yoOB.exe
    Task: {843EAA18-9C61-4669-8353-DF2997EED66E} - System32\Tasks\{D5301818-17C4-D4A2-16C4-2EB1031134B0} => C:\Windows\SysWOW64\yoOB.exe [2009-07-14] (Microsoft Corporation) <==== UWAGA
    C:\Users\PeCet\AppData\Roaming\UJQAgrteIOvMZ.exe
    Task: {8FAC08BF-9E7F-489C-BB2F-A13DF7647D65} - System32\Tasks\{BA103F8D-D978-ED56-93BB-EBBBE4E92FCC} => C:\Users\PeCet\AppData\Roaming\UJQAgrteIOvMZ.exe [2009-07-14] (Microsoft Corporation)
    Task: {9E736564-DBA3-40FE-B3B3-AEC0B46DE5F2} - \AdobeFlashPlayerUpdate 2 -> Brak pliku <==== UWAGA
    Task: {A97C6B0A-AE3A-490E-AABB-63FEC479DD3A} - System32\Tasks\{591DDF40-1F8F-4A41-839F-9B4DA9B692A3} => C:\Windows\system32\pcalua.exe -a "C:\Users\PeCet\Downloads\GTA Mod Installer.exe" -d C:\Users\PeCet\Downloads
    Task: {ABC6A39A-3C21-405F-AF55-3221AD61DF6A} - System32\Tasks\{F56133EA-6BA9-4EE7-ACD7-F1A17A062B9F} => C:\Windows\system32\pcalua.exe -a "D:\Komp\Gry instalki\Assassin IV\Patche\1.01\ac_revelations_1.01_eu.exe" -d "D:\Komp\Gry instalki\Assassin IV\Patche\1.01"
    Task: {AF7B445D-38A0-46B5-940B-CF5E56DFC42E} - System32\Tasks\{BF1A58D2-65D0-41D4-99B2-4B42570C95AA} => C:\Users\PeCet\Downloads\Gta San Andreas (1)\Gta San Andreas - 1MB\GTA_SA\Gta San Andreas+Kgb Archiver\setup.EXE
    Task: {B8C854D6-D7F0-4CF3-92CA-9DF34E4DEBA5} - System32\Tasks\{F7CF8671-2941-4712-BED0-A1BFE6D76747} => D:\Gry\gwint\witcher1\The Witcher Enhanced Edition\launcher.exe [2018-10-23] (CD Projekt Red)
    Task: {BB37E82A-8041-47C5-B19B-B9BD5638F30D} - System32\Tasks\{44FA1DAC-08F0-4FE7-A256-8DBA5B2FFDD2} => C:\Windows\system32\pcalua.exe -a C:\Windows\UnGins.exe -c "D:\Heros\install.log"
    Task: {C41F96AF-A30E-4DC6-8D78-0F43F753F5DE} - System32\Tasks\{5ADFECAD-3207-4A46-B67E-60999A3E7986} => C:\Windows\system32\pcalua.exe -a "D:\Komp\Gry instalki\Assassin IV\Patche\1.02\ac_revelations_1.02_eu.exe" -d "D:\Komp\Gry instalki\Assassin IV\Patche\1.02"
    Task: {D496BC5F-EBA4-4121-A51A-842F4124B4CD} - System32\Tasks\{E39A87CE-E909-B3EF-042C-A7AD307B9125} => "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://first-news.org/cl/?guid=udv8ph14xig5f3ve12fkuflq32gpg9o0&prid=1&pid=4_1324_0
    Task: {D7049305-774C-4357-BC3A-FDCD7C687503} - System32\Tasks\{EA7306D8-9685-43E1-A6A1-280C46DD917F} => C:\Users\PeCet\Downloads\Hot Slot\MFME11.exe
    Task: {EC62E95B-E151-4E27-9ABB-0FD744A893D7} - System32\Tasks\{1DE1A3F9-6E20-4129-8AE0-0739ACA7C1C5} => D:\nowaGame of Thrones\Autorun\Exe\Autorun.exe
    Task: {F154D202-43E8-40AD-990B-B898557B934E} - System32\Tasks\{62D93549-6FBD-42B6-B786-906E08D6583C} => C:\Windows\system32\pcalua.exe -a C:\Windows\SysWOW64\PhysX.cpl -c AGEIA PhysX
    Task: C:\Windows\Tasks\FoxTab.job => C:\Users\PeCet\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== UWAGA
    Task: C:\Windows\Tasks\Superclean.job => c:\programdata\{e79debae-97e5-dcba-e79d-debae97eaeba}\hqghumeaylnlf.exe <==== UWAGA
    AlternateDataStreams: C:\Users\PeCet\Dane aplikacji:NT [40]
    AlternateDataStreams: C:\Users\PeCet\AppData\Roaming:NT [40]
    FirewallRules: [{29728182-A277-40BC-88FB-127406F22E4E}] => (Allow) C:\Windows\SysWOW64\yoOB.exe
    FirewallRules: [{EC2A9F00-0EBE-4FB5-993A-080C72A98563}] => (Allow) C:\Users\PeCet\AppData\Roaming\UJQAgrteIOvMZ.exe
    FirewallRules: [{138CCE81-AEB6-40F3-960E-7BD7EF44C0FF}] => (Allow) C:\Program Files (x86)\Common Files\KyZUFIiMVho.exe
    FirewallRules: [{CA040904-92BE-48D4-877C-F10CD621E352}] => (Allow) C:\Windows\UOqU.exe
    HKLM-x32\...\Run: [Otshot] => c:\program files\otshot\otshot.exe -minimize
    HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\...\Run: [ares] => "D:\Ares\Ares.exe" -h
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\...\Run: [PC Suite Tray] => "D:\nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\PeCet\AppData\Local\Akamai\netsession_win.exe"
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\...\MountPoints2: F - F:\LG_PC_Programs.exe
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\...\MountPoints2: {0a22e66e-6aa6-11e1-b79a-f46d04e6b81b} - F:\AutoRun.exe
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\...\MountPoints2: {0a22e68a-6aa6-11e1-b79a-f46d04e6b81b} - F:\AutoRun.exe
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\...\MountPoints2: {20a19bef-51ae-11e6-91b6-00e04c05b046} - G:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\...\MountPoints2: {48675828-cef9-11e7-b361-dd4d68f6054d} - G:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\...\MountPoints2: {b8b7daeb-16bf-11e6-a2e5-d2e4aadcd248} - F:\LG_PC_Programs.exe
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\...\MountPoints2: {c7ad4723-8f1b-11e7-997e-d9bad4bf5f59} - G:\HiSuiteDownLoader.exe
    Startup: C:\Users\PeCet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fliptoast.lnk [2011-12-10]
    ShortcutTarget: fliptoast.lnk -> C:\Program Files (x86)\fliptoast\fliptoast.exe (Brak pliku)
    GroupPolicy\User: Ograniczenia ? <==== UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
    ProxyEnable: [S-1-5-21-4226970486-307361039-2424810433-1000] => Proxy [funkcja włączona]
    Hosts:
    Tcpip\Parameters: [NameServer] 199.203.131.151 82.163.143.181
    Tcpip\..\Interfaces\{00D1E92D-E8DA-48D9-9B96-7B233F4E117E}: [NameServer] 199.203.131.151 82.163.143.181
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911...amp;GUID=EAC3D9B1-3FBE-42F1-8486-C7595A0330AC
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1330902302_540344
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=112555&t...s&mntrId=b8adde32000000000000f46d04e6b81b
    HKU\S-1-5-21-4226970486-307361039-2424810433-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=112555&t...s&mntrId=b8adde32000000000000f46d04e6b81b
    SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =
    SearchScopes: HKU\S-1-5-21-4226970486-307361039-2424810433-1000 -> DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    SearchScopes: HKU\S-1-5-21-4226970486-307361039-2424810433-1000 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    SearchScopes: HKU\S-1-5-21-4226970486-307361039-2424810433-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=119828&babsrc=SP_ss_sps&mntrId=b8adde32000000000000f46d04e6b81b
    SearchScopes: HKU\S-1-5-21-4226970486-307361039-2424810433-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    SearchScopes: HKU\S-1-5-21-4226970486-307361039-2424810433-1000 -> {40C764D0-0248-47E3-B186-795D708E6780} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-4226970486-307361039-2424810433-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-4226970486-307361039-2424810433-1000 -> {87C8DC67-3B81-487F-BE6A-9BCA22D8173A} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    SearchScopes: HKU\S-1-5-21-4226970486-307361039-2424810433-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={0762F309-CD3C-4ABA-9767-CCE444304277}&mid=576684f0eea447d0baef2524420251e8-1fbc1a55db8df2ff99b71e40b8bbd49edb249e5f&lang=en&ds=ft011&pr=sa&d=2012-06-17 19:01:22&v=11.1.0.7&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-4226970486-307361039-2424810433-1000 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    Toolbar: HKU\S-1-5-21-4226970486-307361039-2424810433-1000 -> Brak nazwy - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Brak pliku
    Toolbar: HKU\S-1-5-21-4226970486-307361039-2424810433-1000 -> Brak nazwy - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Brak pliku
    FF user.js: detected! => C:\Users\PeCet\AppData\Roaming\Mozilla\Firefox\Profiles\qq0j85h9.default\user.js [2013-12-15]
    FF NetworkProxy: Mozilla\Firefox\Profiles\qq0j85h9.default -> backup.ftp", "78.46.212.216"
    FF SearchPlugin: C:\Users\PeCet\AppData\Roaming\Mozilla\Firefox\Profiles\qq0j85h9.default\searchplugins\delta.xml [2013-02-28]
    FF Plugin HKU\S-1-5-21-4226970486-307361039-2424810433-1000: ubisoft.com/uplaypc -> D:\Gry\Assasin's 3\Ubisoft Game Launcher\npuplaypc.dll [Brak pliku]
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\1576733.js [2017-11-16] <==== UWAGA (Linkuje do pliku *.cfg)
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\1576733.cfg [2017-11-16] <==== UWAGA
    CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
    S2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-29] () [Brak podpisu cyfrowego]
    S3 AndnetBus; system32\DRIVERS\lgandnetbus64.sys [X]
    S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
    S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
    S1 beibleog; \??\C:\Windows\system32\drivers\beibleog.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S1 gfguncnf; \??\C:\Windows\system32\drivers\gfguncnf.sys [X]
    S1 jmaqafyk; \??\C:\Windows\system32\drivers\jmaqafyk.sys [X]
    S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
    2018-10-28 17:02 - 2018-10-28 17:02 - 000003004 _____ C:\Windows\System32\Tasks\{F7CF8671-2941-4712-BED0-A1BFE6D76747}
    2018-11-19 14:18 - 2013-11-06 03:18 - 000000288 _____ C:\Windows\Tasks\FoxTab.job
    2018-11-19 13:51 - 2015-08-18 00:51 - 000000340 _____ C:\Windows\Tasks\Superclean.job
    2009-07-14 02:14 - 2009-07-14 02:14 - 000186368 ____N (Microsoft Corporation) C:\Program Files (x86)\oMiNgcvSusoZr.exe
    2015-05-16 04:26 - 2015-05-16 04:26 - 000000079 _____ () C:\Program Files (x86)\prefs.js
    2009-07-14 02:14 - 2009-07-14 02:14 - 000073216 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\KyZUFIiMVho.exe
    2009-07-14 02:14 - 2009-07-14 02:14 - 000186368 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\ynuOEgO.exe
    2009-07-14 02:14 - 2009-07-14 02:14 - 000073216 ____N (Microsoft Corporation) C:\Users\PeCet\AppData\Roaming\UJQAgrteIOvMZ.exe
    2009-07-14 02:14 - 2009-07-14 02:14 - 000073216 ____N (Microsoft Corporation) C:\Users\PeCet\AppData\Local\bfUuuu.exe
    2018-11-09 16:58 - 2018-11-13 16:22 - 006161408 _____ () C:\Users\PeCet\AppData\Local\dump007.dat
    2018-07-25 10:10 - 2018-09-07 09:21 - 000000002 _____ () C:\Users\PeCet\AppData\Local\imw.ini
    2012-01-25 21:51 - 2012-01-25 21:51 - 000460624 _____ () C:\Users\PeCet\AppData\Local\promo.exe
    2012-02-20 14:22 - 2012-02-20 14:22 - 002371152 _____ (DownVision ) C:\Users\PeCet\AppData\Local\setup.exe
    EmptyTemp:

    W FRST wybierz Napraw.

    Uzyj AdwCleaner, opcja Scan/Szukaj i Clean/Usun: http://www.bleepingcomputer.com/download/adwcleaner/

    Zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/
    oraz http://ftp.drweb.com/pub/drweb/cureit/launch.exe

    0
  • Pomocny post
    #6 19 Lis 2018 16:54
    Kolobos
    Spec od komputerów

    Trudno, pomin, nie ma to znaczenia. Zamieszczaj normalnie screeny, a nie jakies pliki worda.

    0
  • #7 19 Lis 2018 19:00
    Leksionn
    Poziom 2  

    Zrobiłem wszystko wedle instrukcji, po skanowaniu tym ostatnim programem pokazało zero zagrożeń. Strony się puki co nie otwierają. Dziękuje bardzo za pomoc

    0
  • #8 19 Lis 2018 21:07
    Kolobos
    Spec od komputerów

    Usun katalog C:\FRST i to wszystko.

    0