Komputer się wiesza, nie mogę usunąć wirusów

bartek16743 · 4 Marzec 2012 20:21

Witam laptop się bardzo wiesza i dosłownie co chwile wyskakują komunikaty o wirusach.

Proszę o sprawdzenie logów. http://wklej.to/1Vufn

wiewi0r · 4 Marzec 2012 21:02

Przeskanuj tym programem : http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html

Wykonaj ręczną aktualizację bazy wirusów przed pełnym skanem komputera.

Po skanowaniu pokarz logi

Acorus · 5 Marzec 2012 09:19

Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

:OTL MOD - [2012-03-04 10:22:37 | 000,167,424 | ---- | M] () – C:\Users\Anusia\AppData\Roaming\64D16\921BA.exe MOD - [2012-03-02 11:41:58 | 000,279,552 | ---- | M] () – C:\Users\Anusia\AppData\Roaming\Microsoft\7B26\C0C.exe MOD - [2012-02-22 13:37:35 | 000,184,320 | ---- | M] () – C:\Users\Anusia\AppData\Roaming\16CE6\lvvm.exe IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyServer” = http=127.0.0.1:56505 FF - prefs.js…extensions.enabledItems: engine@conduit.com:3.3.2.1 FF - prefs.js…keyword.URL: “http://search.babylon.com/?AF=110000&tt=090212_ctrl&babsrc=adbartrp&mntrId=64d16ce6000000000000000000000000&q=” FF - prefs.js…network.proxy.http: “127.0.0.1” FF - prefs.js…network.proxy.http_port: 56505 FF - prefs.js…network.proxy.type: 1 O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found. O2 - BHO: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll File not found O3 - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM…\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKLM…\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM…\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll File not found O3 - HKCU…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU…\Toolbar\WebBrowser: (myBabylon English Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Program Files\myBabylon_English\tbmyBa.dll File not found O4 - HKLM…\Run: [341.exe] C:\Program Files\LP\7DF6\341.exe File not found O4 - HKCU…\Run: [0CE.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\58F6\0CE.exe File not found O4 - HKCU…\Run: [0ED.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\2A46\0ED.exe File not found O4 - HKCU…\Run: [0F9.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\9A56\0F9.exe File not found O4 - HKCU…\Run: [124.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\1A56\124.exe File not found O4 - HKCU…\Run: [167.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\BC86\167.exe File not found O4 - HKCU…\Run: [196.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\1A46\196.exe File not found O4 - HKCU…\Run: [1B5.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\88F6\1B5.exe File not found O4 - HKCU…\Run: [237.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\7846\237.exe File not found O4 - HKCU…\Run: [28A.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\4A76\28A.exe File not found O4 - HKCU…\Run: [310.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\B616\310.exe File not found O4 - HKCU…\Run: [341.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\7DF6\341.exe File not found O4 - HKCU…\Run: [347.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\6C16\347.exe File not found O4 - HKCU…\Run: [37A.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\DA56\37A.exe () O4 - HKCU…\Run: [3B6.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\68E6\3B6.exe File not found O4 - HKCU…\Run: [3D3.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\CA46\3D3.exe File not found O4 - HKCU…\Run: [3EF.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\2A56\3EF.exe File not found O4 - HKCU…\Run: [44C.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\5A56\44C.exe File not found O4 - HKCU…\Run: [59A.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\AB76\59A.exe File not found O4 - HKCU…\Run: [5F2.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\BBA6\5F2.exe File not found O4 - HKCU…\Run: [610.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\1A46\610.exe File not found O4 - HKCU…\Run: [617.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\6A46\617.exe File not found O4 - HKCU…\Run: [646.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\FBA6\646.exe File not found O4 - HKCU…\Run: [665.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\1A76\665.exe File not found O4 - HKCU…\Run: [683.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\2A56\683.exe File not found O4 - HKCU…\Run: [69B.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\CA46\69B.exe File not found O4 - HKCU…\Run: [6A6.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\5A46\6A6.exe File not found O4 - HKCU…\Run: [6B9.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\2A46\6B9.exe File not found O4 - HKCU…\Run: [6D8.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\CBB6\6D8.exe File not found O4 - HKCU…\Run: [6DC.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\EA76\6DC.exe File not found O4 - HKCU…\Run: [764.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\6BA6\764.exe File not found O4 - HKCU…\Run: [76A.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\3A46\76A.exe File not found O4 - HKCU…\Run: [77D.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\7C66\77D.exe File not found O4 - HKCU…\Run: [7A8.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\4A56\7A8.exe File not found O4 - HKCU…\Run: [7AE.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\AA56\7AE.exe File not found O4 - HKCU…\Run: [806.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\2A56\806.exe File not found O4 - HKCU…\Run: [819.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\AA56\819.exe File not found O4 - HKCU…\Run: [822.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\3A56\822.exe File not found O4 - HKCU…\Run: [855.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\7A46\855.exe File not found O4 - HKCU…\Run: [8BA.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\68E6\8BA.exe File not found O4 - HKCU…\Run: [8BD.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\2A46\8BD.exe File not found O4 - HKCU…\Run: [8D6.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\BA56\8D6.exe () O4 - HKCU…\Run: [915.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\DA46\915.exe File not found O4 - HKCU…\Run: [91C.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\AA56\91C.exe File not found O4 - HKCU…\Run: [929.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\CA46\929.exe File not found O4 - HKCU…\Run: [954.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\FBA6\954.exe File not found O4 - HKCU…\Run: [965.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\FA46\965.exe () O4 - HKCU…\Run: [987.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\2A66\987.exe File not found O4 - HKCU…\Run: [9BD.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\9A56\9BD.exe File not found O4 - HKCU…\Run: [A17.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\8B16\A17.exe File not found O4 - HKCU…\Run: [A2D.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\F846\A2D.exe File not found O4 - HKCU…\Run: [A93.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\5A66\A93.exe File not found O4 - HKCU…\Run: [AB4.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\3A46\AB4.exe File not found O4 - HKCU…\Run: [AC0.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\FA46\AC0.exe File not found O4 - HKCU…\Run: [Adobe] C:\Users\Anusia\AppData\Roaming\csrss.exe File not found O4 - HKCU…\Run: [AFC.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\6D86\AFC.exe File not found O4 - HKCU…\Run: [b4F.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\4A46\B4F.exe File not found O4 - HKCU…\Run: [b95.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\0A46\B95.exe File not found O4 - HKCU…\Run: [bDF.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\0A66\BDF.exe File not found O4 - HKCU…\Run: [C0C.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\7B26\C0C.exe () O4 - HKCU…\Run: [C15.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\2A46\C15.exe File not found O4 - HKCU…\Run: [C20.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\FA56\C20.exe File not found O4 - HKCU…\Run: [C46.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\CB46\C46.exe File not found O4 - HKCU…\Run: [C5E.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\2A56\C5E.exe File not found O4 - HKCU…\Run: [C61.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\1A46\C61.exe File not found O4 - HKCU…\Run: [C78.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\4B06\C78.exe File not found O4 - HKCU…\Run: [CC0.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\DB66\CC0.exe File not found O4 - HKCU…\Run: [D1E.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\6BA6\D1E.exe File not found O4 - HKCU…\Run: [D21.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\CA46\D21.exe () O4 - HKCU…\Run: [D3C.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\BC36\D3C.exe File not found O4 - HKCU…\Run: [DB8.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\2A46\DB8.exe File not found O4 - HKCU…\Run: [E6D.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\0A56\E6D.exe File not found O4 - HKCU…\Run: [E98.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\FA46\E98.exe File not found O4 - HKCU…\Run: [E99.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\DB66\E99.exe () O4 - HKCU…\Run: [EAD.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\FA46\EAD.exe File not found O4 - HKCU…\Run: [EBA.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\5A56\EBA.exe File not found O4 - HKCU…\Run: [EBB.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\1A56\EBB.exe File not found O4 - HKCU…\Run: [EC5.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\BA46\EC5.exe File not found O4 - HKCU…\Run: [EFA.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\7A46\EFA.exe File not found O4 - HKCU…\Run: [EFE.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\2BB6\EFE.exe File not found O4 - HKCU…\Run: [F61.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\EA56\F61.exe File not found O4 - HKCU…\Run: [F7A.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\0A66\F7A.exe File not found O4 - HKCU…\Run: [FAD.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\DA46\FAD.exe File not found O4 - HKCU…\Run: [FC1.exe] C:\Users\Anusia\AppData\Roaming\Microsoft\B486\FC1.exe () O4 - HKCU…\Run: [Microsoft] C:\Users\Anusia\AppData\Roaming\2512A4.exe File not found F3 - HKCU WinNT: Load - (C:\Users\Anusia\AppData\Roaming\16CE6\lvvm.exe) - C:\Users\Anusia\AppData\Roaming\16CE6\lvvm.exe () O20 - HKCU Winlogon: Shell - (C:\Users\Anusia\AppData\Roaming\64D16\B94CA.exe) - C:\Users\Anusia\AppData\Roaming\64D16\B94CA.exe () [2012-02-22 13:37:35 | 000,000,000 | —D | M] – C:\Users\Anusia\AppData\Roaming\16CE6 [2012-02-01 14:12:17 | 000,000,000 | —D | M] – C:\Users\Anusia\AppData\Roaming\40FA5 [2012-03-04 20:49:06 | 000,000,000 | —D | M] – C:\Users\Anusia\AppData\Roaming\64D16 [2012-01-22 17:11:05 | 000,000,396 | ---- | M] () – C:\Windows\Tasks\At1.job :Commands [emptytemp]

Kliknij Wykonaj skrypt.Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).

Pokaż nowy log OTL.txt oraz raport z usuwania.

Extras też.

bartek16743 · 5 Marzec 2012 11:48

raport po restarcie http://wklej.to/57dXv

I następny log http://wklej.to/sUY1a

Acorus · 5 Marzec 2012 12:16

Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

:OTL IE - HKCU…\SearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: “URL” = http://search.babylon.com/?q={searchTerms}&AF=110000&tt=090212_ctrl&babsrc=SP_ss&mntrId=64d16ce6000000000000000000000000 IE - HKCU…\SearchScopes{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: “URL” = http://www.daemon-search.com/search?q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyServer” = http=127.0.0.1:56505 FF - prefs.js…browser.search.defaultenginename: “Search the web (Babylon)” FF - prefs.js…browser.search.defaulturl: “http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542” FF - prefs.js…browser.search.order.1: “Search the web (Babylon)” [2010-08-13 13:01:10 | 000,000,000 | —D | M] (Winamp Toolbar) – C:\Users\Anusia\AppData\Roaming\mozilla\Firefox\Profiles\vqwuiobr.default\extensions{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2012-01-11 00:20:25 | 000,000,000 | —D | M] (myBabylon EnglishBB Community Toolbar) – C:\Users\Anusia\AppData\Roaming\mozilla\Firefox\Profiles\vqwuiobr.default\extensions{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} [2011-05-08 15:36:54 | 000,000,000 | —D | M] (Conduit Engine) – C:\Users\Anusia\AppData\Roaming\mozilla\Firefox\Profiles\vqwuiobr.default\extensions\engine@conduit.com [2009-03-24 20:46:15 | 000,002,921 | ---- | M] () – C:\Users\Anusia\AppData\Roaming\Mozilla\Firefox\Profiles\vqwuiobr.default\searchplugins\daemon-search.xml [2010-08-13 13:06:29 | 000,001,196 | ---- | M] () – C:\Users\Anusia\AppData\Roaming\Mozilla\Firefox\Profiles\vqwuiobr.default\searchplugins\winamp-search.xml O3 - HKCU…\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. :Commands [emptytemp]

Kliknij Wykonaj skrypt.W OTL użyj opcji Sprzątanie.Wyłącz i włącz przywracanie systemu.

http://www.searchengines.pl/Czyszczenie … 41981.html

Zainstaluj aktualizacje do programow wskazanych przez: http://screen317.spywareinfoforum.org/SecurityCheck.exe jako out of date.