Wirus?: Win32 wysotot-D ; Win32 rootkit-gen [rtk]

Dla specjalistów Bezpieczeństwo
#1

Po skanowaniu wyskoczyły mi 2 pliki zarażone…

Komp coś powolniej, inaczej “chodzi”…

czy to coś poważnego? co usunąć i jak;) 

 

 

 

OTL: http://www.wklej.org/id/1562174/

 

FRS: http://www.wklej.org/id/1562196/    http://wklej.org/hash/03d344e9d6f/ 

#2

W panelu sterowania odinstaluj V9 Homepage Uninstaller.

Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

#3

wykonałam wszystko… sporo tego usunęło…

i jak teraz… ??

 

FRST: http://www.wklej.org/id/1562783/ 

#4

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

IFEO\dotnet3.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnet3[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnet3[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx3.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx30SP1setup.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx30SP1setup[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx30SP1setup[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx35.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx35setup.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx35setup[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx35setup[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx35[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx35[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx3setup.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx3setup[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx3setup[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx3[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx3[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx3_ia64.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx3_ia64[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx3_ia64[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx3_x64.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx3_x64[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx3_x64[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\dotnetfx[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP1_ia64.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP1_ia64[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP1_ia64[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP1_x64.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP1_x64[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP1_x64[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP1_x86.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP1_x86[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP1_x86[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP2_ia64.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP2_ia64[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP2_ia64[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP2_x64.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP2_x64[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP2_x64[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP2_x86.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP2_x86[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx20SP2_x86[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx30SP1_x64.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx30SP1_x64[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx30SP1_x64[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx30SP1_x86.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx30SP1_x86[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx30SP1_x86[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx35_ia64.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx35_ia64[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx35_ia64[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx35_x64.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx35_x64[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx35_x64[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx35_x86.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx35_x86[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx35_x86[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx64.exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx64[1].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
IFEO\NetFx64[2].exe: [Debugger] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1708537768-884357618-839522115-1003 -> {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = 
CHR HomePage: Default -> hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=D04B0021702D29FD&affID=125839&tsp=5038
CHR StartupUrls: Default -> "hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=D04B0021702D29FD&affID=125839&tsp=5038"
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
C:\AdwCleaner
C:\Program Files\v9Soft
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

#5

Fixlog:   http://www.wklej.org/id/1565308/ 

 

FRST: http://www.wklej.org/id/1565309/

#6

Skasuj folder C:\FRST

Wyłącz i ponownie włącz przywracanie systemu: http://support.microsoft.com/kb/310405/pl

Dysk przeskanuj Malwarebytes Anti-Malware

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

http://wstaw.org/m/2014/03/25/2014-03-25_123039.png

Język PL > Settings > General Settings > Language > Polish

Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK

Odinstaluj:

Adobe Flash Player 11 ActiveX

Adobe Flash Player 12 Plugin

Adobe Reader XI (11.0.08)

Zainstaluj:

Flash Player 16.0.0.235 ActiveX

Flash Player 16.0.0.235 Plugin

Adobe Reader XI 11.0.10

#7

Malwarebytes Anti-Malware nic nie wykryło, więc chyba dobrze.

Antywirus też nic.

Poczytałam.

Zainstalowałam nowe.

Dzięki:)