drdala
8 Marzec 2012 15:02
#1
Witam malwarebytes wykrył trojany co robić? na razie kazałem usunąć zaznaczone i malwarebytes już nic nie widzi. Teraz robię pełny skan dr webem. Co mam dalej robić?
tak wyglądają logi malwarebytes:
http://wklejto.pl/119483
http://wklejto.pl/119484
Acorus
8 Marzec 2012 15:05
#2
drdala
8 Marzec 2012 20:42
#3
dr web takie cos wykryl
MediaImpression Slideshow.scr;C:\Program Files (x86)\Arcsoft\TotalMedia Suite\MediaImpression 2;Dialer.Egroup.219;;
co to jest? groźne czy pomyłka?
– Dodane 08.03.2012 (Cz) 22:23 –
jest log z otl
http://wklejto.pl/119516
extras
http://wklejto.pl/119517
Acorus
9 Marzec 2012 08:38
#4
Odinstaluj MediaBar.Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:
:OTL IE:64bit: - HKLM…\SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: “URL” = http://search.bearshare.com//web?src=ie … =2&sr=0&q={searchTerms} IE - HKLM…\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} IE - HKLM…\SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: “URL” = http://search.bearshare.com//web?src=ie … =2&sr=0&q={searchTerms} IE - HKU\S-1-5-21-4001125125-2908731787-1596058553-1002…\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} IE - HKU\S-1-5-21-4001125125-2908731787-1596058553-1002…\SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: “URL” = http://search.bearshare.com//web?src=ie … =2&sr=0&q={searchTerms} O2:64bit: - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll (MusicLab, LLC) O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC) O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll () O3:64bit: - HKLM…\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM…\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll () O3 - HKLM…\Toolbar: (no name) - 10 - No CLSID value found. O4 - HKLM…\Run: [DATAMNGR] C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE (MusicLab, LLC) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll (MusicLab, LLC) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll (MusicLab, LLC) O20 - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll) - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC) O20 - AppInit_DLLs: (C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll) - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC) :Commands [emptytemp]
Kliknij Wykonaj skrypt.W OTL użyj opcji Sprzątanie.Zainstaluj aktualizacje do programow wskazanych przez: http://screen317.spywareinfoforum.org/SecurityCheck.exe jako out of date.
drdala
9 Marzec 2012 12:46
#5
Results of screen317’s Security Check version 0.99.31
Windows 7 x64 (UAC is disabled!)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Java 6 Update 29
Java version out of date!
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (10.0.2)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes’ Anti-Malware mbamservice.exe
``````````End of Log````````````
co mam zrobić?
Acorus
9 Marzec 2012 13:06
#6