Live security platinum - problem

Dla specjalistów Bezpieczeństwo
#1

Bardzo proszę o pomoc. Zamieszczam loga:

http://www.wklej.org/id/809129/

#2

Pokaż drugi log:

Raporty.png

analiza-dezynfekcja-zestaw-nieingerencyjnych-narzedzi-t485632.html#p3059741

#3

Drugi log: http://www.wklej.org/id/809225/

#4
  1. Do okna Własne opcje skanowania / skrypt wklej:

Kliknij Wykonaj skrypt i zatwierdź restart.

Pokaż raport z usuwania.

  1. Wklej do OTL i kliknij Skanuj:

Pokaż ten log.

#5

raport z usuwania:

All processes killed

========== OTL ==========

HKU\S-1-5-21-995155576-2234300397-1597466958-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page| /E : value set successfully!

Registry key HKEY_USERS\S-1-5-21-995155576-2234300397-1597466958-1000\Software\Microsoft\Internet Explorer\SearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.

Prefs.js: “Search the web (Babylon)” removed from browser.search.defaultenginename

Prefs.js: “Search the web (Babylon)” removed from browser.search.order.1

Prefs.js: “Search the web (Babylon)” removed from browser.search.selectedEngine

Prefs.js: “http://search.babylon.com/?babsrc=HP_Prot” removed from browser.startup.homepage

Prefs.js: ffxtlbr@babylon.com:1.2.0 removed from extensions.enabledItems

Prefs.js: “http://search.babylon.com/?AF=109130&babsrc=adbartrp&mntrId=033ef52a000000000000001f3b7d705d&q=” removed from keyword.URL

C:\Users\olek\AppData\Roaming\mozilla\Firefox\Profiles\vkqy71u4.default\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.

C:\Users\olek\AppData\Roaming\mozilla\Firefox\Profiles\vkqy71u4.default\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.

C:\Users\olek\AppData\Roaming\mozilla\Firefox\Profiles\vkqy71u4.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.

C:\Users\olek\AppData\Roaming\mozilla\Firefox\Profiles\vkqy71u4.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.

C:\Users\olek\AppData\Roaming\mozilla\Firefox\Profiles\vkqy71u4.default\extensions\ffxtlbr@babylon.com\content folder moved successfully.

C:\Users\olek\AppData\Roaming\mozilla\Firefox\Profiles\vkqy71u4.default\extensions\ffxtlbr@babylon.com\components folder moved successfully.

C:\Users\olek\AppData\Roaming\mozilla\Firefox\Profiles\vkqy71u4.default\extensions\ffxtlbr@babylon.com folder moved successfully.

C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\TaskTray deleted successfully.

Registry value HKEY_USERS\S-1-5-21-995155576-2234300397-1597466958-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\036DFF61000C7413D9B6B1532F3B707C deleted successfully.

C:\ProgramData\036DFF61000C7413D9B6B1532F3B707C\036DFF61000C7413D9B6B1532F3B707C.exe moved successfully.

C:\Users\olek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum folder moved successfully.

File C:\Users\olek\Desktop\Live Security Platinum.lnk not found.

C:\Users\olek\AppData\Roaming\wklnhst.dat moved successfully.

C:\Users\olek\AppData\Local\bzhnwgkpl.exe moved successfully.

C:\Users\olek\AppData\Roaming\Babylon folder moved successfully.

========== FILES ==========

C:\Users\olek\AppData\Local\TempYx4024.html moved successfully.

C:\ProgramData\036DFF61000C7413D9B6B1532F3B707C folder moved successfully.

========== REGISTRY ==========

Registry key HKEY_USERS\S-1-5-21-995155576-2234300397-1597466958-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum\ deleted successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: olek

->Temp folder emptied: 152393928 bytes

->Temporary Internet Files folder emptied: 169379918 bytes

->Java cache emptied: 2938227 bytes

->FireFox cache emptied: 68010983 bytes

->Google Chrome cache emptied: 402206968 bytes

->Apple Safari cache emptied: 48550912 bytes

->Flash cache emptied: 3136728 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 128136652 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 930,00 mb

OTL by OldTimer - Version 3.2.57.0 log created on 08122012_113747

Files\Folders moved on Reboot…

PendingFileRenameOperations files…

Registry entries deleted on Reboot…

Dodane 12.08.2012 (N) 11:54

log: http://www.wklej.org/id/809267/

#6

Wklej i kliknij Wykonaj skrypt:

Odinstaluj starą wersję programu:

Java 6 Update 24

Java 6 Update 2

Adobe Flash Player 10 ActiveX

Adobe Shockwave Player

Adobe Reader 8.1.0

Później zainstaluj:

Adobe Reader

Flash Player

Java

Adobe Shockwave Player

Uruchom OTL i kliknij Sprzątanie.

Usuń stare punkty przywracania:

http://windows.microsoft.com/pl-PL/wind … tore-point

Uruchom SecurityCheck i aktualizuj programy oznaczone jako Out of date

#7

Dodane 12.08.2012 (N) 13:16

Dziękuję bardzo za pomoc!!

#8

Aktualizuj Firefox i to wszystko.