Security shield

pks1984 · 25 Czerwiec 2012 11:24

Witam

Chyba jestem kolejną osobą mającą problem z tym ustrojstwem, w związku z czym proszę kogoś ogarniętego w temacie co z tym zrobić.

Dzięki i pozdrawiam.

http://www.wklej.org/id/779344/

http://www.wklej.org/id/779345/

Acorus · 25 Czerwiec 2012 11:43

Odinstaluj McAfee Security Scan Plus,Yahoo! Toolbar.Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

:OTL MOD - [2012-06-25 12:08:51 | 000,442,368 | ---- | M] () – C:\Users\AGUSIA\AppData\Local\htdxprbvw.exe DRV - File not found [Kernel | On_Demand | Stopped] – system32\DRIVERS\nwlnkfwd.sys – (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] – system32\DRIVERS\nwlnkflt.sys – (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] – system32\DRIVERS\ipinip.sys – (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] – C:\Windows\system32\drivers\blbdrive.sys – (blbdrive) IE - HKU\S-1-5-21-1198460361-3847377139-3535849511-1000…\SearchScopes{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: “URL” = http://websearch.ask.com/redirect?clien … src=crm&q={searchTerms}&locale=en_NL&apn_ptnrs=U3&apn_dtid=YYYYYYYYNL&apn_uid=DF9CA7C7-7467-4250-B1E4-5C9A2C45A169&apn_sauid=BFC350FF-0C98-4DCB-B810-26634E0BE5BD IE - HKU\S-1-5-21-1198460361-3847377139-3535849511-1000…\SearchScopes{1856740F-4878-4722-9D56-5A57B9F0E701}: “URL” = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKU\S-1-5-21-1198460361-3847377139-3535849511-1000…\SearchScopes{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: “URL” = http://slirsredirect.search.aol.com/red … 685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20110324202312460&tb_oid=24-03-2011&tb_mrud=24-03-2011 FF - prefs.js…browser.search.defaultengine: “Ask.com” FF - prefs.js…browser.search.defaultenginename: “Ask.com” FF - prefs.js…browser.search.defaulturl: “http://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20110324202312460&tb_oid=24-03-2011&tb_mrud=24-03-2011&query=” FF - prefs.js…browser.search.order.1: “Ask.com” FF - prefs.js…keyword.URL: “http://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000027&locale=en_NL&apn_uid=DF9CA7C7-7467-4250-B1E4-5C9A2C45A169&apn_ptnrs=U3&apn_sauid=BFC350FF-0C98-4DCB-B810-26634E0BE5BD&apn_dtid=YYYYYYYYNL&&q=” [2012-04-05 17:29:41 | 000,000,000 | —D | M] (“Ask Toolbar”) – C:\Users\AGUSIA\AppData\Roaming\mozilla\Firefox\Profiles\jopzyu6g.default\extensions\toolbar@ask.com [2011-03-24 22:33:43 | 000,002,354 | ---- | M] () – C:\Users\AGUSIA\AppData\Roaming\Mozilla\Firefox\Profiles\jopzyu6g.default\searchplugins\aol-web-search.xml [2012-04-05 17:29:52 | 000,002,408 | ---- | M] () – C:\Users\AGUSIA\AppData\Roaming\Mozilla\Firefox\Profiles\jopzyu6g.default\searchplugins\askcom.xml O3 - HKLM…\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM…\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-1198460361-3847377139-3535849511-1000…\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM…\Run: [] File not found O4 - HKLM…\Run: [Acer Tour] File not found O4 - HKLM…\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM…\Run: [bisonInst0402] C:\Windows\BR040286.exe (Bison Inc.) O4 - HKLM…\Run: [eRecoveryService] File not found O4 - HKLM…\Run: [setPanel] C:\Acer\APanel\APanel.cmd File not found [2012-06-25 12:08:51 | 000,442,368 | ---- | M] () – C:\Users\AGUSIA\AppData\Local\htdxprbvw.exe :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] :Commands [emptytemp]

Kliknij Wykonaj skrypt.Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).

Pokaż nowy log OTL.txt oraz raport z usuwania.