talent17
23 Sierpień 2011 10:18
#1
Pobrałem wtyczkę z wirusem.Mój komputer zaczął się wyłączać po kilku minutach. Mam dziury w systemie. Mój antywirus avast zwariował i został uszkodzony i nie mogę zainstalować go ponownie. Komputer zawiesza się gdy oglądam filmy na youtube bądź w bestplayerze. proszę o jakąkolwiek pomoc. z góry serdecznie dziękuję.
log z extras http://www.wklejto.pl/103631
OTL log http://www.wklejto.pl/103632
HijackThis log http://www.wklejto.pl/103624
Leon1
24 Sierpień 2011 20:49
#2
OTL w oknie Custom Scans-Fixes (własne opcje skanowania/skrypt)wklej następujący skrypt:
:OTL FF - prefs.js…browser.search.order.1: “Ask.com ” FF - prefs.js…extensions.enabledItems: vshare@toolbar:1.0.0 [2010-12-12 22:31:16 | 000,000,000 | —D | M] (vShare) – C:\Documents and Settings\Yszty\Dane aplikacji\Mozilla\Firefox\Profiles\8j30lgkj.default\extensions\vshare@toolbar [2011-04-19 14:47:39 | 000,002,568 | ---- | M] () – C:\Documents and Settings\Yszty\Dane aplikacji\Mozilla\Firefox\Profiles\8j30lgkj.default\searchplugins\askcom.xml O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKLM…\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKLM…\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKU\S-1-5-21-117609710-2052111302-725345543-1003…\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll () O3 - HKU\S-1-5-21-117609710-2052111302-725345543-1003…\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O4 - HKLM…\Run: [tray_ico] File not found O4 - HKLM…\Run: [tray_ico1] File not found O4 - HKLM…\Run: [tray_ico2] File not found O4 - HKLM…\Run: [tray_ico3] File not found O4 - HKLM…\Run: [tray_ico4] File not found O4 - HKU\S-1-5-21-117609710-2052111302-725345543-1003…\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll () MsConfig - StartUpReg: 3179912.exe - hkey= - key= - File not found MsConfig - StartUpReg: 5554663.exe - hkey= - key= - File not found MsConfig - StartUpReg: 57336202-loader2.exe - hkey= - key= - File not found MsConfig - StartUpReg: 8065474.exe - hkey= - key= - File not found MsConfig - StartUpReg: 9291320.exe - hkey= - key= - File not found MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found MsConfig - StartUpReg: l1rezerv.exe - hkey= - key= - File not found MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found SafeBootMin: wxpdrivers - Service SafeBootNet: wxpdrivers - Service [2011-08-22 15:00:14 | 000,000,000 | —D | C] – C:\WINDOWS\ufa [2011-08-22 15:00:14 | 000,000,000 | —D | C] – C:\WINDOWS\rpcminer [2011-08-22 15:00:14 | 000,000,000 | —D | C] – C:\WINDOWS\phoenix [2011-08-22 14:59:47 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.7.1 [2011-08-22 14:58:57 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.2 [2011-08-22 14:58:01 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.5.0 [2011-08-22 14:55:46 | 000,000,000 | —D | C] – C:\WINDOWS\av_ico [2011-08-22 14:54:31 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.1 [2011-08-22 14:54:29 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-7-0-lnk [2011-08-22 14:54:29 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-7-0 [2011-08-17 23:37:16 | 000,000,000 | —D | C] – C:\Program Files\vShare.tv plugin [2011-08-22 15:28:28 | 000,000,734 | ---- | M] () – C:\WINDOWS\System32\drivers\etc\hîsts [2011-08-22 15:12:15 | 000,000,202 | ---- | M] () – C:\WINDOWS\info1 [2011-08-22 15:00:13 | 000,246,272 | ---- | M] () – C:\WINDOWS\unrar.exe [2011-08-22 15:00:12 | 005,589,370 | ---- | M] () – C:\WINDOWS\phoenix.rar [2011-08-22 15:00:12 | 001,075,284 | ---- | M] () – C:\WINDOWS\rpcminer.rar [2011-08-22 15:00:12 | 000,182,617 | ---- | M] () – C:\WINDOWS\ufa.rar [2011-08-22 14:57:50 | 000,904,792 | ---- | M] () – C:\WINDOWS\geoiplist.rar [2011-08-22 14:56:57 | 000,000,000 | ---- | M] () – C:\WINDOWS\loader2.exe_ok [2011-08-15 12:36:54 | 000,000,696 | ---- | M] () – C:\Program Files\Common Files\userInit.dll [2011-08-22 14:57:51 | 004,636,907 | ---- | C] () – C:\WINDOWS\geoiplist [2011-03-06 12:52:40 | 000,000,000 | —D | M] – C:\Documents and Settings\Yszty\Dane aplikacji\vShare :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] “AlternateShell”=“cmd.exe” [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] “C:\Documents and Settings\Yszty\Moje dokumenty\Pobieranie\Flash-Player.exe”=- “C:\WINDOWS\update.1\svchost.exe”=- “C:\WINDOWS\services32.exe”=- “C:\WINDOWS\update.tray-7-0\svchost.exe”=- “C:\WINDOWS\update.2\svchost.exe”=- :Commands [CLEARALLRESTOREPOINTS] [RESETHOSTS] [emptytemp]
Kliknij w Run Fix (Wykonaj scrypt). Zatwierdź restart komputera.
Pokaż log z usuwania.
potem nowy log OTL robiony opcją Run Scan (Skanuj)
talent17
24 Sierpień 2011 21:12
#3
Leon1
25 Sierpień 2011 12:38
#4
Log wygląda na czysty
Pobierz CCleaner http://www.filehippo.com/download_ccleaner/
przeskanuj nim i wyczyść rejestr.
W OTL kilknij CleanUp (Sprzątanie)
przeskanuj
Dr.WEB CureIt! http://www.dobreprogramy.pl/DrWEB-CureI … 12976.html
zainstaluj SP3 i Internet Explorer 8 http://www.microsoft.com/windows/intern … sites.aspx
talent17
25 Sierpień 2011 15:48
#5
Serdecznie dziękuję za pomoc
