Witam, prosiłbym o pomoc w usunięciu babylonu z przeglądarek, FF, chrom.
OTL - http://www.wklej.org/id/744533/
Extras - http://www.wklej.org/id/744534/
Acorus
(Acorus)
3 Maj 2012 08:46
#2
Odinstaluj Browsers Protector,LiveVDO plugin 1.3,StartSearch Toolbar 1.3,vShare Plugin,vShare.tv plugin 1.3.Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:
:OTL MOD - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () – C:\Program Files\Browsers Protector\regmon32.exe IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=b4c74662- … 241d698b80 IE - HKLM…\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM…\SearchScopes{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: “URL” = http://startsear.ch/?aff=1&src=sp&cf=b4 … d698b80&q={searchTerms} IE - HKLM…\SearchScopes{F0A61C8E-C258-41C9-9CF8-1AFC45EAC8D8}: “URL” = http://startsear.ch/?aff=1&src=sp&cf=b4 … d698b80&q={searchTerms} IE - HKU\S-1-5-21-1123561945-1606980848-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=b4c74662- … 241d698b80 IE - HKU\S-1-5-21-1123561945-1606980848-1801674531-500…\SearchScopes{043C5167-00BB-4324-AF7E-62013FAEDACF}: “URL” = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp IE - HKU\S-1-5-21-1123561945-1606980848-1801674531-500…\SearchScopes{05C637FC-0543-4C8D-ADED-4BD2BE513041}: “URL” = http://websearch.ask.com/redirect?clien … src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=PV&apn_dtid=YYYYYYYYPL&apn_uid=3E789201-8BF7-4CC5-A8E0-884C74606E92&apn_sauid=A4682C8E-DCEF-4DE1-95D2-8AD90E727261 IE - HKU\S-1-5-21-1123561945-1606980848-1801674531-500…\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-1123561945-1606980848-1801674531-500…\SearchScopes{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: “URL” = http://search.babylon.com/?q={searchTerms}&affID=111434&babsrc=SP_ss&mntrId=c8a3adbf00000000000000241d698b80 IE - HKU\S-1-5-21-1123561945-1606980848-1801674531-500…\SearchScopes{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: “URL” = http://startsear.ch/?aff=1&src=sp&cf=b4 … d698b80&q={searchTerms} IE - HKU\S-1-5-21-1123561945-1606980848-1801674531-500…\SearchScopes{ACA416A4-FD52-4A8C-BD6D-401A62E70E6D}: “URL” = http://startsear.ch/?aff=2&src=sp&cf=b4 … d698b80&q={searchTerms} IE - HKU\S-1-5-21-1123561945-1606980848-1801674531-500…\SearchScopes{F4D4C3A0-B556-4B9C-9CF1-AEED7A1F4878}: “URL” = http://websearch.ask.com/redirect?clien … src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=PV&apn_dtid=YYYYYYYYPL&apn_uid=3E789201-8BF7-4CC5-A8E0-884C74606E92&apn_sauid=A4682C8E-DCEF-4DE1-95D2-8AD90E727261 FF - prefs.js…browser.search.defaultengine: “Web Search” FF - prefs.js…browser.search.defaultenginename: “Search the web (Babylon)” FF - prefs.js…browser.search.order.1: “Search the web (Babylon)” FF - prefs.js…browser.search.selectedEngine: “Search the web (Babylon)” FF - prefs.js…browser.startup.homepage: “http://search.babylon.com/?affID=111434&babsrc=HP_ss&mntrId=c8a3adbf00000000000000241d698b80 ” FF - prefs.js…keyword.URL: “http://search.babylon.com/?affID=111434&babsrc=KW_ss&mntrId=c8a3adbf00000000000000241d698b80&q= ” [2012-03-08 21:14:32 | 000,002,573 | ---- | M] () – C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\8erceimp.default\searchplugins\askcom.xml [2012-04-17 20:23:32 | 000,000,792 | ---- | M] () – C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\8erceimp.default\searchplugins\startsear.xml CHR - plugin: LiveVDO plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll CHR - Extension: StartSearch Video plug-in = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\ CHR - Extension: vshare plugin = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: LiveVDO plugin = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\ O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) O3 - HKLM…\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKLM…\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) O3 - HKU\S-1-5-21-1123561945-1606980848-1801674531-500…\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKU\S-1-5-21-1123561945-1606980848-1801674531-500…\Toolbar\WebBrowser: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) O4 - HKLM…\Run: [browsers Protector] C:\Program Files\Browsers Protector\regmon32.exe () O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found :Commands [emptytemp] [resethosts]
Kliknij Wykonaj skrypt.Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).
Pokaż nowy log OTL.txt oraz raport z usuwania.
Zrobione, z FF znikł, ale w chrome po odpaleniu dalej babylon.
OTL - http://wklej.org/id/744546/
Z usunięcia - http://wklej.org/id/744547/
Acorus
(Acorus)
3 Maj 2012 09:17
#4
.W OTL użyj opcji Sprzątanie.Użyj AdwCleaner http://general-changelog-team.fr/outils/289-adwcleaner z funkcji Delete.
W chrome usuń ręcznie.
Zainstaluj aktualizacje do programow wskazanych przez: http://screen317.spywareinfoforum.org/SecurityCheck.exe jako out of date.