Proszę o sprawdzenie logów.
Komputer wyłącza się sam po 4,5 h.
Zanika wtedy dzwiek w przegladarkach itp
OTL.txt
http://wklej.to/YyxB5
Extras.txt
http://wklej.to/SHE50
Z góry dzięki.
Acorus
(Acorus)
4 Lipiec 2011 16:00
#2
Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:
:OTL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi … t=&gc=1&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 IE - HKLM…\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-343818398-838170752-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddr IE - HKU\S-1-5-21-343818398-838170752-725345543-1003…\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-343818398-838170752-725345543-1003…\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-343818398-838170752-725345543-1003…\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll (Conduit Ltd.) IE - HKU\S-1-5-21-343818398-838170752-725345543-1003…\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.) FF - prefs.js…browser.search.defaultengine: “Ask.com ” FF - prefs.js…browser.search.defaultenginename: “Ask.com ” FF - prefs.js…browser.search.order.1: “Ask.com ” FF - prefs.js…browser.startup.homepage: “http://start.facemoods.com/?a=ddr ” FF - prefs.js…extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js…extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js…keyword.URL: “http://start.facemoods.com/results.php?f=5&a=ddr&q= ” [2010-12-14 16:51:24 | 000,000,000 | —D | M] (Winamp Toolbar) – C:\Documents and Settings\CuBoNee\Dane aplikacji\Mozilla\Firefox\Profiles\mtwa6knr.default\extensions{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2011-06-18 21:31:05 | 000,000,000 | —D | M] (uTorrentBar Community Toolbar) – C:\Documents and Settings\CuBoNee\Dane aplikacji\Mozilla\Firefox\Profiles\mtwa6knr.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2011-06-18 21:31:17 | 000,000,000 | —D | M] (Conduit Engine) – C:\Documents and Settings\CuBoNee\Dane aplikacji\Mozilla\Firefox\Profiles\mtwa6knr.default\extensions\engine@conduit.com [2011-02-01 09:08:26 | 000,000,000 | —D | M] (Facemoods) – C:\Documents and Settings\CuBoNee\Dane aplikacji\Mozilla\Firefox\Profiles\mtwa6knr.default\extensions\ffxtlbr@Facemoods.com [2010-11-17 03:01:41 | 000,000,000 | —D | M] (Sopcast Ask Toolbar) – C:\Documents and Settings\CuBoNee\Dane aplikacji\Mozilla\Firefox\Profiles\mtwa6knr.default\extensions\toolbar@ask.com [2010-12-13 21:58:44 | 000,000,000 | —D | M] (vShare) – C:\Documents and Settings\CuBoNee\Dane aplikacji\Mozilla\Firefox\Profiles\mtwa6knr.default\extensions\vshare@toolbar [2010-08-24 16:58:11 | 000,002,556 | ---- | M] () – C:\Documents and Settings\CuBoNee\Dane aplikacji\Mozilla\Firefox\Profiles\mtwa6knr.default\searchplugins\askcom.xml [2011-03-01 16:08:20 | 000,000,863 | ---- | M] () – C:\Documents and Settings\CuBoNee\Dane aplikacji\Mozilla\Firefox\Profiles\mtwa6knr.default\searchplugins\conduit.xml [2009-10-03 18:04:07 | 000,001,189 | ---- | M] () – C:\Documents and Settings\CuBoNee\Dane aplikacji\Mozilla\Firefox\Profiles\mtwa6knr.default\searchplugins\winamp-search.xml [2010-12-13 14:36:54 | 000,002,035 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - No CLSID value found. O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll (Conduit Ltd.) O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com \facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.) O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask) O3 - HKLM…\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.) O3 - HKLM…\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask) O3 - HKLM…\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com \facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com ) O3 - HKLM…\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-343818398-838170752-725345543-1003…\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\prxtbXfi2.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-343818398-838170752-725345543-1003…\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-343818398-838170752-725345543-1003…\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask) O3 - HKU\S-1-5-21-343818398-838170752-725345543-1003…\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM…\Run: [facemoods] C:\Program Files\facemoods.com \facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com ) O20 - Winlogon\Notify\LogonInit: DllName - logonInit.dll - File not found NetSvcs: SSHNAS - File not found MsConfig - StartUpReg: ATICCC - hkey= - key= - File not found MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found [2011-07-04 17:01:00 | 000,000,238 | ---- | M] () – C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2011-07-04 16:36:00 | 000,000,286 | -H-- | M] () – C:\WINDOWS\tasks{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job [2011-07-03 17:17:00 | 000,000,476 | ---- | M] () – C:\WINDOWS\tasks\At3.job [2011-07-02 21:18:14 | 000,000,486 | ---- | M] () – C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-06-29 00:26:57 | 000,000,399 | ---- | M] () – C:\Program Files\Common Files\userInit.dll [2011-06-20 14:00:00 | 000,000,476 | ---- | M] () – C:\WINDOWS\tasks\At4.job [2011-06-09 10:10:03 | 000,000,476 | ---- | M] () – C:\WINDOWS\tasks\At1.job [2010-09-12 10:52:56 | 000,000,000 | -HSD | M] – C:\Documents and Settings\CuBoNee\Dane aplikacji.# [2011-01-07 18:10:42 | 000,000,000 | —D | M] – C:\Documents and Settings\CuBoNee\Dane aplikacji\OpenCandy [2011-06-17 23:00:54 | 000,000,000 | —D | M] – C:\Documents and Settings\CuBoNee\Dane aplikacji\PriceGong [2011-07-03 20:40:00 | 000,000,476 | ---- | M] () – C:\WINDOWS\Tasks\At2.job :Commands [emptytemp]
Kliknij Wykonaj skrypt…Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).
Pokaż nowy log OTL.txt oraz raport z usuwania.
Odinstaluj Akamai NetSession Interface,uTorrentBar Toolbar,XfireXO Toolbar.
Acorus
(Acorus)
4 Lipiec 2011 17:40
#4
W OTL użyj opcji Sprzątanie.Wyłącz i włącz przywracanie systemu na wszystkich dyskach:http://support.microsoft.com/kb/310405/pl
Przeskanuj progr.Malwarebytes Anti-Malware
http://www.dobreprogramy.pl/Malwarebyte … 13117.html
Przed skanowaniem wykonaj RĘCZNĄ AKTUALIZACJĘ BAZY WIRUSÓW
Zainstaluj aktualizacje do programow wskazanych przez: http://screen317.spywareinfoforum.org/SecurityCheck.exe
Instalacja Service Pack3.