fiku16
12 Grudzień 2012 17:44
#1
Witam,
mam problem z tym wirusem a komputer jest mi bardzo potrzebny
tutaj wklejam logi:
OTL:
http://www.wklej.org/id/895308/
Extras:
http://www.wklej.org/id/895310/
proszę o pomoc
Acorus
12 Grudzień 2012 17:58
#2
Odinstaluj Browser Manager,BabylonObjectInstaller,Babylon toolbar on IE,FreeOnlineRadioPlayerRecorder Toolbar,Incredibar Toolbar on IE,McAfee Security Scan Plus,RadarSync2 Toolbar,Softonic-Polska Toolbar,uTorrentBar Toolbar,Deinstalator Strony V9.Użyj AdwCleaner http://general-changelog-team.fr/fr/dow … adwcleaner z funkcji Delete(w przypadku Visty/Windows7 uruchom z prawokliku jako Administrator).
Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:
:OTL MOD - [2012-12-10 12:43:44 | 000,200,192 | ---- | M] () – C:\Users\Tadek\wgsdgsdgdsgsd.exe MOD - [2012-10-11 12:17:06 | 002,069,528 | ---- | M] () – c:\ProgramData\Browser Manager\2.3.796.11{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll SRV:64bit: - [2012-11-26 14:39:30 | 000,188,760 | ---- | M] () [Auto | Running] – C:\Program Files\IB Updater\ExtensionUpdaterService.exe – (IB Updater) SRV:64bit: - [2012-10-02 16:20:24 | 001,261,936 | ---- | M] () [Auto | Running] – C:\Windows\SysNative\dmwu.exe – (IBUpdaterService) O2 - BHO: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\tbFree.dll (Conduit Ltd.) O3:64bit: - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O3 - HKLM…\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (RadarSync2 Toolbar) - {6edc3889-b841-4127-a2bf-c5fc48f972c7} - C:\Program Files (x86)\RadarSync2\tbRada.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM…\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files (x86)\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com \GenericAskToolbar.dll (Ask) O3 - HKLM…\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com \incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD) O3 - HKLM…\Toolbar: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\tbFree.dll (Conduit Ltd.) O3:64bit: - HKU\S-1-5-21-2586750311-3424373701-2721840940-1000…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O3 - HKU\S-1-5-21-2586750311-3424373701-2721840940-1000…\Toolbar\WebBrowser: (RadarSync2 Toolbar) - {6EDC3889-B841-4127-A2BF-C5FC48F972C7} - C:\Program Files (x86)\RadarSync2\tbRada.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-2586750311-3424373701-2721840940-1000…\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-2586750311-3424373701-2721840940-1000…\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files (x86)\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-2586750311-3424373701-2721840940-1000…\Toolbar\WebBrowser: (FreeOnlineRadioPlayerRecorder Toolbar) - {F999A48B-1950-4D81-9971-79018F807B4B} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\tbFree.dll (Conduit Ltd.) O4:64bit: - HKLM…\Run: [Chew7Hale] C:\Windows\SysNative\hale.exe () O4 - HKLM…\Run: [] File not found O4 - HKLM…\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com \Updater\Updater.exe (Ask) O4 - HKU\S-1-5-21-2586750311-3424373701-2721840940-1000…\Run: [RGSC] D:\Gta 4 Instalacja\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found O4 - HKU\S-1-5-21-2586750311-3424373701-2721840940-1000…\Run: [sRS Audio Sandbox] “C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe” /hideme File not found O4 - HKU\S-1-5-19…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-2586750311-3424373701-2721840940-1003…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found [2012-12-11 15:09:50 | 095,023,320 | ---- | M] () – C:\ProgramData\dsgsdgdsgdsgw.pad [2012-12-10 12:43:47 | 000,001,049 | ---- | M] () – C:\Users\Tadek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk [2012-12-10 12:43:44 | 000,200,192 | ---- | M] () – C:\Users\Tadek\wgsdgsdgdsgsd.exe [2012-12-10 09:19:25 | 000,001,058 | ---- | M] () – C:\user.js [2012-12-10 09:19:13 | 001,261,936 | ---- | C] () – C:\Windows\SysNative\dmwu.exe :Commands [emptytemp]
Kliknij Wykonaj skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).
Pokaż nowy log OTL.txt oraz raport z usuwania.
fiku16
12 Grudzień 2012 19:09
#3
Ok jak tylko to wykonam wrzucę logi:)
– Dodane 13.12.2012 (Cz) 18:44 –
log OTL po usunięciu:
http://www.wklej.org/id/896260/
z góry dzięki za pomoc już mogę normalnie z kompa korzystać:)
i z góry bardzo dziękuje:0