ravsk8
(Ravsk8)
23 Sierpień 2011 16:46
#1
Leon1
(Leon$)
23 Sierpień 2011 21:27
#2
OTL w oknie Custom Scans-Fixes (własne opcje skanowania/skrypt)wklej następujący skrypt:
:OTL IE - HKLM…\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-233006258-18527085-3623643150-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://vshare.toolbarhome.com/?hp=df IE - HKU\S-1-5-21-233006258-18527085-3623643150-1001…\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.) O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - File not found O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - Reg Error: Value error. File not found O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.) O3:64bit: - HKLM…\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - File not found O3:64bit: - HKLM…\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM…\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - Reg Error: Value error. File not found O3 - HKLM…\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU.DEFAULT…\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.) O3 - HKU\S-1-5-18…\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-233006258-18527085-3623643150-1001…\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz0.dll (Conduit Ltd.) O4 - HKLM…\Run: [tray_ico] File not found O4 - HKLM…\Run: [tray_ico4] File not found O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Value error. File not found O31 - SafeBoot: AlternateShell - services32.exe O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - File not found O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - File not found [2011/08/21 16:36:08 | 000,000,000 | -H-D | C] – C:\Windows\update.7.1 [2011/08/21 16:33:24 | 000,000,000 | —D | C] – C:\Windows\ufa [2011/08/21 16:33:24 | 000,000,000 | —D | C] – C:\Windows\phoenix [2011/08/21 16:11:34 | 000,000,000 | —D | C] – C:\Windows\av_ico [2011/08/22 18:16:14 | 000,000,734 | ---- | M] () – C:\Windows\SysNative\drivers\etc\hîsts [2011/08/22 18:07:45 | 000,061,440 | ---- | M] () – C:\Windows\SysWow64\drivers\qldhbc.sys [2011/08/22 16:52:00 | 000,061,440 | ---- | M] () – C:\Windows\SysWow64\drivers\vkvaskf.sys [2011/08/22 15:23:59 | 000,000,202 | ---- | M] () – C:\Windows\info1 [2011/08/21 23:08:38 | 005,589,370 | ---- | M] () – C:\Windows\phoenix.rar [2011/08/21 23:08:38 | 000,246,272 | ---- | M] () – C:\Windows\unrar.exe [2011/08/21 23:08:37 | 001,075,284 | ---- | M] () – C:\Windows\rpcminer.rar [2011/08/21 23:06:18 | 000,000,520 | ---- | M] () – C:\Windows\tasks\One-Click Tweak.job [2011/08/21 16:31:56 | 000,000,000 | ---- | M] () – C:\Windows\loader2.exe_ok [2011/08/21 16:29:18 | 000,904,792 | ---- | M] () – C:\Windows\geoiplist.rar [2011/08/21 16:29:19 | 004,636,907 | ---- | C] () – C:\Windows\geoiplist :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] “AlternateShell”=“cmd.exe” [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] “C:\Users\RaV\Downloads\Flash-Player.exe”=- “C:\Windows\update.1\svchost.exe”=- “C:\Windows\services32.exe”=- “C:\Windows\update.tray-9-0\svchost.exe”=- “C:\Windows\update.tray-2-0\svchost.exe”=- “C:\Windows\update.2\svchost.exe”=- “C:\Users\RaV\Downloads\Flash-Player.exe”=- “C:\Windows\update.1\svchost.exe”=- “C:\Windows\services32.exe”=- “C:\Windows\update.tray-9-0\svchost.exe”=- “C:\Windows\update.tray-2-0\svchost.exe”=- “C:\Windows\update.2\svchost.exe”=- :Commands [CLEARALLRESTOREPOINTS] [RESETHOSTS] [emptytemp]
Kliknij w Run Fix (Wykonaj scrypt). Zatwierdź restart komputera.
Pokaż log z usuwania.
potem nowy log OTL robiony opcją Run Scan (Skanuj)
ravsk8
(Ravsk8)
24 Sierpień 2011 12:01
#3
Wielkie dzięki
otl: http://www.wklej.org/id/583643/
– Dodane 24.08.2011 (Śr) 14:14 –
Log z usuwania niestety przez przypadek zamknąłem ten pierwszy więc zrobiłem jeszcze raz scrypt mam nadzieje że coś to da :http://www.wklej.org/id/583651/
Jeszcze raz dzięki
Leon1
(Leon$)
24 Sierpień 2011 18:50
#4
Log wygląda na czysty
Pobierz CCleaner http://www.filehippo.com/download_ccleaner/
przeskanuj nim i wyczyść rejestr.
W OTL kilknij CleanUp (Sprzątanie)
przeskanuj
Dr.WEB CureIt! http://www.dobreprogramy.pl/DrWEB-CureI … 12976.html
ravsk8
(Ravsk8)
25 Sierpień 2011 12:52
#5
Wielkie dzięki jesteś mistrzem =D>