Antivirus Protection 2012 - Proszę Was o Pomoc

holody · 4 Marzec 2012 15:49

Hej!

Mam problem z tym wirusem. O to mój raport OTL http://wklej.org/id/701655/

Bardzo proszę o pomoc.

P. Mariusz

Atis · 4 Marzec 2012 15:58

Do okna Własne opcje skanowania / skrypt wklej:

:OTL

IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20111201&user_guid=DB310045F7474504BB2376567A5C8A6E&machine_id=a982bc9d7cb91fe72ff5e417fb223ba5&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}

IE - HKCU\..\SearchScopes\{E5BF5EB7-B623-4382-AE22-81196819CF39}: "URL" = http://findgala.com/?&uid=3122&q={searchTerms}

FF - prefs.js..browser.startup.homepage: "http://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20111201&user_guid=DB310045F7474504BB2376567A5C8A6E&machine_id=a982bc9d7cb91fe72ff5e417fb223ba5&browser=FF&os=win&os_version=6.1-x64-SP1"

FF - prefs.js..keyword.URL: "http://klit.startnow.com/s/?src=addrbar&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20111201&user_guid=DB310045F7474504BB2376567A5C8A6E&machine_id=a982bc9d7cb91fe72ff5e417fb223ba5&browser=FF&os=win&os_version=6.1-x64-SP1&q="

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.

O4 - HKCU..\Run: [Antivirus Protection 2012] /STARTUP File not found

O4 - HKLM..\RunOnce: [ZTBHotfix5] C:\Windows\TEMP\ToolbarUpdate.exe ()

O20 - HKCU Winlogon: Shell - ("C:\Users\Tomek\winlogon.exe") - File not found


:Files

C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Protection 2012

C:\Users\Tomek\AppData\Roaming\Antivirus Protection 2012


:Reg

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

"Shell"=-


:Commands

[resethosts]

[emptytemp]

Kliknij Wykonaj skrypt i zatwierdź restart.

Pokaż raport z usuwania i nowy log Skanuj.

holody · 4 Marzec 2012 21:23

Bardzo Dziękuję “ATIS”. O to mój raport OTL po Skanowaniu: http://wklej.org/id/702053/

Raportu z usuwania niestety nie zapisałem. Ale naprawiło się i skanuję teraz cały dysk w Malwarebytes.