Wirus z Facebok'a

hubi07 · 23 Sierpień 2011 14:32

Witam.

Mam problem,ponieważ nie mogę zalogować się na Facebook . Nie można polączyc się z serwerem. Przeskanowałem komputer rożnymi programami Malware,programem od Trojanów ale nadal nic.

Wklejam loga OTL.

http://www.wklej.org/id/582962/

Dziękuję za każdą pomoc.

Marco89 · 23 Sierpień 2011 14:53

Uruchom OTL i w okno (Własne opcje skanowania/Skrypt) wklej:

:OTL PRC - [2011-08-20 20:54:02 | 000,382,464 | ---- | M] () – C:\WINDOWS\update.7.1\svchostdriver.exe MOD - [2011-08-20 20:54:02 | 000,382,464 | ---- | M] () – C:\WINDOWS\update.7.1\svchostdriver.exe SRV - File not found [Disabled | Stopped] – -- (HidServ) SRV - File not found [On_Demand | Stopped] – -- (gusvc) SRV - File not found [On_Demand | Stopped] – -- (AppMgmt) FF - HKLM\Software\MozillaPlugins@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKCU\Software\MozillaPlugins@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\wahidek\Dane aplikacji\nprhapengine.dll File not found [2008-03-26 15:19:32 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\wahidek\Dane aplikacji\Mozilla\Firefox\Profiles\60sryjj9.default\extensions [2010-09-26 15:27:56 | 000,000,000 | —D | M] (Google Toolbar for Firefox) – C:\Documents and Settings\wahidek\Dane aplikacji\Mozilla\Firefox\Profiles\60sryjj9.default\extensions{3112ca9c-de6d-4884-a869-9855de68056c} [2011-04-27 20:50:32 | 000,000,000 | —D | M] (uTorrentBar Community Toolbar) – C:\Documents and Settings\wahidek\Dane aplikacji\Mozilla\Firefox\Profiles\60sryjj9.default\extensions{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2008-03-26 15:17:46 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\extensions O3 - HKU\S-1-5-21-1370083292-468236681-3655304337-1005…\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\S-1-5-21-1370083292-468236681-3655304337-1005…\Toolbar\WebBrowser: (vShare Toolbar) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKU\S-1-5-21-1370083292-468236681-3655304337-1005…\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll (Conduit Ltd.) O4 - HKLM…\Run: [avast!] File not found O4 - HKLM…\Run: [tray_ico] File not found O4 - HKLM…\Run: [tray_ico1] File not found O4 - HKLM…\Run: [tray_ico2] File not found O4 - HKLM…\Run: [tray_ico3] File not found O4 - HKLM…\Run: [tray_ico4] File not found O4 - HKLM…\Run: [Zshutdown] File not found O31 - SafeBoot: AlternateShell - services32.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found [2011-08-20 21:23:05 | 000,000,000 | —D | C] – C:\WINDOWS\ufa [2011-08-20 21:23:05 | 000,000,000 | —D | C] – C:\WINDOWS\phoenix [2011-08-20 21:14:29 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.5.0 [2011-08-20 21:12:32 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.2 [2011-08-20 20:54:02 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.7.1 [2011-08-20 20:32:15 | 000,000,000 | —D | C] – C:\WINDOWS\av_ico [2011-08-20 20:30:51 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.1 [2011-08-20 20:30:46 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-7-0-lnk [2011-08-20 20:30:46 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-7-0 [2011-08-20 21:24:00 | 000,000,178 | ---- | M] () – C:\WINDOWS\info1 [2011-08-20 21:23:06 | 000,246,272 | ---- | M] () – C:\WINDOWS\unrar.exe [2011-08-20 21:23:06 | 000,182,617 | ---- | M] () – C:\WINDOWS\ufa.rar [2011-08-20 21:23:04 | 005,589,370 | ---- | M] () – C:\WINDOWS\phoenix.rar [2011-08-20 21:23:02 | 001,075,284 | ---- | M] () – C:\WINDOWS\rpcminer.rar [2011-08-20 21:12:38 | 000,904,792 | ---- | M] () – C:\WINDOWS\geoiplist.rar [2011-08-20 20:48:28 | 000,000,000 | ---- | M] () – C:\WINDOWS\loader2.exe_ok [2011-08-20 21:23:04 | 000,182,617 | ---- | C] () – C:\WINDOWS\ufa.rar [2011-08-20 21:23:03 | 005,589,370 | ---- | C] () – C:\WINDOWS\phoenix.rar [2011-08-20 21:23:01 | 001,075,284 | ---- | C] () – C:\WINDOWS\rpcminer.rar [2011-08-20 21:12:38 | 004,636,907 | ---- | C] () – C:\WINDOWS\geoiplist [2011-08-20 21:12:37 | 000,904,792 | ---- | C] () – C:\WINDOWS\geoiplist.rar [2011-08-20 21:12:37 | 000,246,272 | ---- | C] () – C:\WINDOWS\unrar.exe [2011-08-20 20:54:01 | 000,000,178 | ---- | C] () – C:\WINDOWS\info1 [2011-08-20 20:48:26 | 000,000,000 | ---- | C] () – C:\WINDOWS\loader2.exe_ok :Reg [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] “AlternateShell”=“cmd.exe” :Commands [clearallrestorepoints] [resethosts] [emptytemp]

Kliknij w Wykonaj skrypt. Zatwierdź restart komputera.

Pokaż log z usuwania + nowy log OTL.

hubi07 · 23 Sierpień 2011 15:25

Log z usuwania: http://www.wklej.org/id/583008/

Log OTL: http://www.wklej.org/id/583015/

Marco89 · 23 Sierpień 2011 15:37

Uruchom OTL i w okno (Własne opcje skanowania/Skrypt) wklej:

:OTL File not found (No name found) – C:\DOCUMENTS AND SETTINGS\WAHIDEK\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\60SRYJJ9.DEFAULT\EXTENSIONS{3112CA9C-DE6D-4884-A869-9855DE68056C} File not found (No name found) – C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF File not found (No name found) – C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} File not found (No name found) – C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} File not found (No name found) – C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} File not found (No name found) – C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} File not found (No name found) – C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\REAL-NETWORKS@PARTNERS.MOZILLA.COM File not found (No name found) – C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\TALKBACK@MOZILLA.ORG O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found. O2 - BHO: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found. O3 - HKU\S-1-5-21-1370083292-468236681-3655304337-1005…\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKU\S-1-5-21-1370083292-468236681-3655304337-1005…\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKU\S-1-5-21-1370083292-468236681-3655304337-1005…\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\S-1-5-21-1370083292-468236681-3655304337-1005…\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found. O3 - HKU\S-1-5-21-1370083292-468236681-3655304337-1005…\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - File not found :Commands [emptytemp]

Kliknij w Wykonaj skrypt. W OTL użyj opcji Sprzątanie.

Możesz przeskanować jeszcze komputer Malwarebytes Anti-Malware.