Problem z lollipop


(Agat N) #1

Witam,

zaatakował mnie lollipop. Co prawda usunęłam go, a okienka z reklamami przestały wyskakiwać, ale boję się, że coś jeszcze zostało. Z góry dziękuję za pomoc.

 

otl: OTL.Txt

extras: Extras.Txt


(Acorus) #2

Odinstaluj McAfee Security Scan Plus,Mobogenie.Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

:OTL
SRV - File not found [Auto | Stopped] -- C:\MSC.Software\Marc\2010\marc2010\intelmpi\win32\bin\ismpd.exe -- (impi_smpd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Agata\AppData\Local\Temp\catchme.sys -- (catchme)
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685query={searchTerms}invocationType=tb50winampie7
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685query={searchTerms}invocationType=tb50winampie7
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe ()
O4 - HKCU..\Run: [Facebook Update] C:\Users\Agata\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [NextLive] C:\Users\Agata\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
[2014-01-19 06:22:49 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-01-14 23:44:18 | 000,000,000 | ---D | C] -- C:\Users\Agata\AppData\Local\Lollipop
[2014-01-14 23:39:18 | 000,000,000 | ---D | C] -- C:\Users\Agata\.android
[2014-01-14 23:39:12 | 000,000,000 | ---D | C] -- C:\Users\Agata\AppData\Roaming\newnext.me
[2014-01-14 23:39:11 | 000,000,000 | ---D | C] -- C:\Users\Agata\Documents\Mobogenie
[2014-01-14 23:39:11 | 000,000,000 | ---D | C] -- C:\Users\Agata\AppData\Local\Mobogenie
[2014-01-14 23:39:11 | 000,000,000 | ---D | C] -- C:\Users\Agata\AppData\Local\genienext
[2014-01-14 23:38:36 | 000,000,000 | ---D | C] -- C:\Users\Agata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
[2014-01-14 23:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mobogenie
[2014-01-13 23:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2014-01-13 23:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014-01-13 23:51:44 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2014-01-19 16:12:25 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4054273785-1542696337-2258211826-1000UA.job
[2014-01-19 16:12:16 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4054273785-1542696337-2258211826-1000Core.job
[2012-12-10 21:12:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012-12-10 21:12:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012-12-10 21:12:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012-12-10 21:12:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012-12-10 21:12:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2009-12-16 18:55:06 | 000,022,788 | ---- | C] () -- C:\Users\Agata\AppData\Roaming\wklnhst.dat

:Commands
[emptytemp]

Kliknij Wykonaj skrypt.


(Agat N) #3

Dziękuję. Mam nadzieję, ze wszystko będzie ok.