Kto pomoże mi z denerwującym mnie keyloggerem!

[did030]

http://wklej.org/id/914302/ - otl.txt
http://wklej.org/id/914303/ - extras.txt
http://wklej.org/id/914306/ - GMER
http://wklej.org/id/914311/ - SILENT RUNNEr
http://wklej.org/id/914314/ - RSIT
TDSSKILLER - http://wklej.org/id/914317/


OTO LINKI : PORSZe O POMOC

[mateo8898]

Odinstaluj: 4-Day Forecast. Następnie:

Uruchom OTL w oknie Własne opcje skanowania/skrypt wklej:

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDScannerService)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AntiLog32.sys -- (AntiLog32)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.certified-toolbar.com?si=41460&bs=true&tid=3228&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si=41460&bs=true&tid=3228&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&tt=4712_5&babsrc=SP_ss&mntrId=94de01c8000000000000000df30531f8
IE - HKCU\..\SearchScopes\{70BA3E6B-1059-2266-0B2C-40E4A85231B8}: "URL" = http://search.certified-toolbar.com?si=41460&bs=true&tid=3228&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si=41460&bs=true&tid=3228&q={searchTerms}
IE - HKCU\..\SearchScopes\{C4921F2E-153D-49C6-9BC9-F129621E72CD}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=411E8FA3-3162-4D21-A87B-7DAF35AFCF48&apn_sauid=8E8A4265-5A3F-4CA1-B215-D4211240ABF1
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..keyword.URL: "http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q="
[2012-10-31 17:45:13 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\A\Dane aplikacji\Mozilla\Firefox\Profiles\0fl1wz78.default\searchplugins\askcom.xml
[2012-11-23 18:01:38 | 000,002,536 | ---- | M] () -- C:\Documents and Settings\A\Dane aplikacji\Mozilla\Firefox\Profiles\0fl1wz78.default\searchplugins\mngr.xml
[2012-12-29 23:34:04 | 000,003,282 | ---- | M] () -- C:\Documents and Settings\A\Dane aplikacji\Mozilla\Firefox\Profiles\0fl1wz78.default\searchplugins\Web Search.xml
[2012-08-20 12:22:13 | 000,001,389 | ---- | M] () -- C:\Documents and Settings\A\Dane aplikacji\Mozilla\Firefox\Profiles\0fl1wz78.default\searchplugins\yahoo-zugo.xml
[2012-11-23 18:01:22 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-12-29 23:34:05 | 000,003,282 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Web Search.xml
O3 - HKLM\..\Toolbar: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O4 - HKLM..\Run: [AntiLogger] "C:\Program Files\AntiLogger\AntiLogger.exe" /minimized File not found
O4 - HKLM..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" File not found
O4 - HKCU..\Run: [ASRockIES] File not found
O4 - HKCU..\Run: [btcl] C:\Documents and Settings\A\Dane aplikacji\dist8\btcl.exe ()
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - Reg Error: Key error. File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
[2012-12-29 17:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\A\Ustawienia lokalne\Dane aplikacji\DDownTango5aToolbar
[2012-12-29 17:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\A\Dane aplikacji\DDownTango5aToolbar
[2012-12-29 17:17:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\A\Ustawienia lokalne\Dane aplikacji\DownTango
[2012-12-29 10:52:01 | 000,000,000 | ---D | C] -- C:\Program Files\lidor.net
[2012-06-22 19:10:44 | 000,000,026 | ---- | C] () -- C:\Program Files\Common Files\userInit.dll
[2012-06-22 08:45:25 | 000,027,958 | ---- | C] () -- C:\Program Files\Common Files\logonInit.dll
[2012-12-29 23:34:05 | 000,000,000 | ---D | M] (DownTango Launcher) -- C:\Documents and Settings\A\Dane aplikacji\Mozilla\Firefox\Profiles\0fl1wz78.default\extensions\{3995ab83-6d51-45cc-93fa-5e86e7e54286}

:Files
C:\Program Files\Spybot - Search & Destroy 2
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\PC SpeedUp Service Deactivator.job
C:\WINDOWS\tasks\Protected Search.job
C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\SpeedUpMyPC.job
C:\WINDOWS\tasks\spmonitor.job
C:\WINDOWS\tasks\YourFile Update.job

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=-
"Adobe Reader Speed Launcher"=-
"CTSyncService"=-
"VolPanel"=-
"SunJavaUpdateSched"=-
"NvMediaCenter"=-
"nwiz"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ASRockIES"=-
"MSMSGS"=-

:Commands
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Podajesz log z usuwania + nowe logi z OTL. Tylko zajrzyj w instrukcję http://forum.instalki.pl/otl-gmer-silent-runners-sdfix-i-inne-poradnik-t13967.html#p107754 i ustaw odpowiednio OTL, bo sprawdzanie loga długiego na kilometr to nic przyjemnego...

[did030]

Więc tak zainstalowałem bot do tibi , który był niby darmowy , i tam byłkeylogger ziomek mój miał to samo , i ten keylogger jest uruchamiany raz na jakiś czas !
http://wklej.org/id/914631/ - adwcleaner
otl log po skrypcie - http://wklej.org/id/914648/
RSIT - http://wklej.org/id/914658/
SILENTRUNNER - http://wklej.org/id/914666/
OTL - http://wklej.org/id/914676/


Folder z tym ibot wywaliłem , ale keylogg się pod jakiś inny plik podłączył.



SORY , ale nie chciałem sobie systemu rozwalić ;D

[mateo8898]

Co ty wyrabiasz?? Przecież wkleiłeś całkiem inny skrypt, a nie ten który ja podałem. Jaja sobie robisz??? Pousuwałeś nieszkodliwe wpisy i pliki...

EDIT:
Znalazłem http://forum.pcformat.pl/Kto-pomoze-mi- ... loggerem-t
Możesz podziękować temu "fachowcowi" od siedmiu boleści, co usuwa prawidłowe wpisy, a te szkodliwe pomija. Zresztą nie zakłada się tematu na kilku forach, bo potem różne nieciekawe rzeczy z tego wychodzą. I jak piszesz tutaj to masz się stosować do instrukcji stąd, a nie z innego forum.

[did030]

Sorki , czy mogę teraz zrobić skrypta tego od cb ? czy podasz mi nowego ( nie mogę usunąć 4day )

[mateo8898]

( nie mogę usunąć 4day )

Odinstaluj go tym http://www.instalki.pl/programy/download/Windows/narzedzia_systemowe/Revo_Uninstaller.html w trybie Zaawansowanym

W AdwCleaner użyj opcji Usuń i podaj utworzony log.

Następnie wejdź do folderu C:\_OTL odszukaj w nim plik msmsgs.exe i przenieś do folderu C:\Program Files\Messenger

Teraz wklej do OTL taki skrypt:

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDScannerService)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.certified-toolbar.com?si=41460&bs=true&tid=3228&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si=41460&bs=true&tid=3228&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=3228
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&tt=4712_5&babsrc=SP_ss&mntrId=94de01c8000000000000000df30531f8
IE - HKCU\..\SearchScopes\{70BA3E6B-1059-2266-0B2C-40E4A85231B8}: "URL" = http://search.certified-toolbar.com?si=41460&bs=true&tid=3228&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si=41460&bs=true&tid=3228&q={searchTerms}
IE - HKCU\..\SearchScopes\{C4921F2E-153D-49C6-9BC9-F129621E72CD}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=411E8FA3-3162-4D21-A87B-7DAF35AFCF48&apn_sauid=8E8A4265-5A3F-4CA1-B215-D4211240ABF1
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..keyword.URL: "http://search.certified-toolbar.com?si=41460&tid=3228&bs=true&q="
[2012-12-29 23:34:05 | 000,000,000 | ---D | M] (DownTango Launcher) -- C:\Documents and Settings\A\Dane aplikacji\Mozilla\Firefox\Profiles\0fl1wz78.default\extensions\{3995ab83-6d51-45cc-93fa-5e86e7e54286}
[2012-10-31 17:45:13 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\A\Dane aplikacji\Mozilla\Firefox\Profiles\0fl1wz78.default\searchplugins\askcom.xml
[2012-11-23 18:01:38 | 000,002,536 | ---- | M] () -- C:\Documents and Settings\A\Dane aplikacji\Mozilla\Firefox\Profiles\0fl1wz78.default\searchplugins\mngr.xml
[2012-12-29 23:34:04 | 000,003,282 | ---- | M] () -- C:\Documents and Settings\A\Dane aplikacji\Mozilla\Firefox\Profiles\0fl1wz78.default\searchplugins\Web Search.xml
[2012-08-20 12:22:13 | 000,001,389 | ---- | M] () -- C:\Documents and Settings\A\Dane aplikacji\Mozilla\Firefox\Profiles\0fl1wz78.default\searchplugins\yahoo-zugo.xml
[2012-11-23 18:01:22 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-12-29 23:34:05 | 000,003,282 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Web Search.xml
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AntiLogger] "C:\Program Files\AntiLogger\AntiLogger.exe" /minimized File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
[2013-01-01 17:38:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
[2013-01-01 17:37:54 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2012-12-29 17:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\A\Dane aplikacji\DDownTango5aToolbar
[2012-12-29 17:24:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\A\Ustawienia lokalne\Dane aplikacji\SimplyTech
[2012-12-29 17:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\A\Ustawienia lokalne\Dane aplikacji\DDownTango5aToolbar
[2013-01-04 21:05:00 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013-01-04 20:54:28 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013-01-04 20:54:25 | 000,000,620 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013-01-04 20:54:24 | 000,000,322 | ---- | M] () -- C:\WINDOWS\tasks\Protected Search.job
[2013-01-04 20:54:23 | 000,000,248 | ---- | M] () -- C:\WINDOWS\tasks\spmonitor.job
[2013-01-04 20:54:23 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\SpeedUpMyPC.job
[2013-01-04 20:54:22 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\YourFile Update.job
[2013-01-01 17:38:13 | 000,000,616 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013-01-01 17:38:13 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013-01-04 00:00:11 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\PC SpeedUp Service Deactivator.job
[2012-06-22 19:10:44 | 000,000,026 | ---- | C] () -- C:\Program Files\Common Files\userInit.dll
[2012-06-22 08:45:25 | 000,027,958 | ---- | C] () -- C:\Program Files\Common Files\logonInit.dll

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=-
"Adobe Reader Speed Launcher"=-
"CTSyncService"=-
"VolPanel"=-
"SunJavaUpdateSched"=-
"NvMediaCenter"=-
"nwiz"=-

:Commands
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Podajesz log z usuwania + nowe logi z OTL.

[did030]

Nie mogę odinstalować , ponieważ jest mi potrzebny , do pogody ;D

[mateo8898]

A o to chodzi, myślałem, że masz jakiś problem z odinstalowaniem. W takim razie go zostaw i przejdź do kolejnych kroków.

[did030]

http://wklej.eu/index.php?id=d025f334b8 - log po wykonanym skrypcie z otl

[did030]

Co ci jeszcze potrzebne ;d , sorki za takie komplikacje , ale jestem zielony w tych sprawach d;

[mateo8898]

Podaj jeszcze nowe logi z opcji Skanuj, oczywiście już nie wklejaj skryptu.

[did030]

http://wklej.org/id/915332/ - otl

[mateo8898]

Usunięte.

W OTL Sprzątanie

Przeczyść dysk oraz rejestr CCleaner

Wykonaj pełne skanowanie Malwarebytes' Anti-Malware - jeśli coś znajdzie usuń i daj raport (po uruchomieniu odrzuć okres testowy)

Odinstaluj starą wersję czytnika .PDF:

Adobe Reader 9

i zainstaluj najnowszą http://www.instalki.pl/programy/downloa ... eader.html

[did030]

Jak mogę sprawdzić , się upewnić , że nie mam keyloggera ;D?

[mateo8898]

Wykonaj powyższe, skan Malwarebytes to potwierdzi. Zresztą w logach już nic nie ma, to co było - usunięte.