Witam.
Ostatnio mój antywirus wykrył wirusa HTML:RedirME-inf i nie chodził wgl internet, gdy wirus został usunięty wszystko już jest ok poza tym, że nie działają stroy oparte na htttps…
Prosze o sprawdzenie logów.
SREng
http://wklej.org/id/468770/
OTL:
http://wklej.org/id/468769/ (extras)
GMER:
http://wklej.org/id/468768/
dodaje plik OTL:
http://wklej.org/id/469061/
podałes tylko plik extras podaj jeszcze plik otl.txt
Leon1
(Leon$)
2 Luty 2011 18:12
#3
uruchom System Repair Engineer zakładka System Repair >> Browser Add-ons >> odszukaj i usuń
OTL w oknie Custom Scans-Fixes (własne opcje skanowania/skrypt)wklej następujący skrypt:
:OTL O4 - HKLM…\Run: [ACMON] File not found O4 - HKLM…\Run: [Alcmtr] File not found O4 - HKLM…\Run: [ASUS Camera ScreenSaver] File not found O4 - HKLM…\Run: [ASUS Live Update] File not found O4 - HKLM…\Run: [ASUS Screen Saver Protector] File not found O4 - HKLM…\Run: [ATKHOTKEY] File not found O4 - HKLM…\Run: [ATKOSD2] File not found O4 - HKLM…\Run: [brMfcWnd] File not found O4 - HKLM…\Run: [ControlCenter3] File not found O4 - HKLM…\Run: [G DATA AntiVirus Trayapplication] File not found O4 - HKLM…\Run: [GDFirewallTray] File not found O4 - HKLM…\Run: [HotKeysCmds] File not found O4 - HKLM…\Run: [HP Software Update] File not found O4 - HKLM…\Run: [igfxTray] File not found O4 - HKLM…\Run: [inCD] File not found O4 - HKLM…\Run: [indexSearch] File not found O4 - HKLM…\Run: [intelWireless] File not found O4 - HKLM…\Run: [intelZeroConfig] File not found O4 - HKLM…\Run: [LanguageShortcut] File not found O4 - HKLM…\Run: [NeroFilterCheck] File not found O4 - HKLM…\Run: [PaperPort PTD] File not found O4 - HKLM…\Run: [Persistence] File not found O4 - HKLM…\Run: [PowerForPhone] File not found O4 - HKLM…\Run: [RemoteControl] File not found O4 - HKLM…\Run: [RTHDCPL] File not found O4 - HKLM…\Run: [securDisc] File not found O4 - HKLM…\Run: [skyTel] File not found O4 - HKLM…\Run: [sMSERIAL] File not found O4 - HKLM…\Run: [sSBkgdUpdate] File not found O4 - HKLM…\Run: [synTPEnh] File not found O4 - HKLM…\Run: [userFaultCheck] File not found O4 - HKLM…\Run: [WinampAgent] File not found O4 - HKU\S-1-5-21-1844237615-926492609-1801674531-1005…\Run: [amva] File not found O4 - HKU\S-1-5-21-1844237615-926492609-1801674531-1005…\Run: [cdoosoft] File not found O4 - HKU\S-1-5-21-1844237615-926492609-1801674531-1005…\Run: [CTFMON.EXE] File not found O4 - HKU\S-1-5-21-1844237615-926492609-1801674531-1005…\Run: [KAL] File not found O4 - HKU\S-1-5-21-1844237615-926492609-1801674531-1005…\Run: [LightScribe Control Panel] File not found O4 - HKU\S-1-5-21-1844237615-926492609-1801674531-1005…\Run: [MSMSGS] File not found O4 - HKU\S-1-5-21-1844237615-926492609-1801674531-1005…\Run: [Power2GoExpress] File not found O32 - AutoRun File - [2009-04-27 22:03:59 | 000,000,000 | RHS- | M] () - E:\AUTORUN.FCB – [NTFS] O33 - MountPoints2{5890eaac-df52-11dd-95ef-0022151fb609}\Shell\AutoRun\command - “” = F:\minm.cmd O33 - MountPoints2{5890eaac-df52-11dd-95ef-0022151fb609}\Shell\open\Command - “” = F:\minm.cmd O33 - MountPoints2{c27ad7b2-b314-11dd-95a1-0022151fb609}\Shell\AutoRun\command - “” = F:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe O33 - MountPoints2{c27ad7b2-b314-11dd-95a1-0022151fb609}\Shell\open\command - “” = F:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe O33 - MountPoints2{cbe28afe-af79-11de-98f2-0022151fb609}\Shell - “” = AutoRun O33 - MountPoints2{cbe28afe-af79-11de-98f2-0022151fb609}\Shell\AutoRun\command - “” = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn O33 - MountPoints2{ef874686-833f-11dd-9532-001f3c8df732}\Shell - “” = AutoRun O33 - MountPoints2{ef874686-833f-11dd-9532-001f3c8df732}\Shell\AutoRun\command - “” = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] “cdoosoft”=- “KAL”=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] “Power_Gear”=- “Symantec PIF AlertEng”=- “UpdatePPShortCut”=- “PPort11reminder”=- :Commands [emptytemp] [start explorer] [Reboot]
Kliknij w Run Fix (Wykonaj scrypt). Zatwierdź restart komputera.
potem nowy log OTL robiony opcją Run Scan (Skanuj)