Elektroda.pl
Elektroda.pl
X

Wyszukiwarki naszych partnerów

Wyszukaj w ofercie 200 tys. produktów TME
Kategoria: Kamery IP / Alarmy / Automatyka Bram
Montersi
Proszę, dodaj wyjątek elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

wirusy na fb - wirus facebook wysyła linki

dreamerre 24 Kwi 2013 16:34 5574 5
  • #1 24 Kwi 2013 16:34
    dreamerre
    Poziom 2  

    Witam!
    Mam problem. Od dłuższego czasu na facebook'u samo wysyła mi do znajomych wiadomości z linkiem, a potem na ich tablicę. Nie mam pojęcia co mam robić, ponieważ się na tym nie znam. Proszę o pomoc.

  • #4 24 Kwi 2013 17:29
    Kolobos
    Spec od komputerów

    Czytaj to, co Ci się wyświetla podczas instalacji programów i nie instaluj szkodliwych dodatków!

    Odinstaluj:
    YTD Toolbar v7.0
    BrowserProtect
    Delta Chrome Toolbar
    Google Toolbar for Internet Explorer
    YouTube Downloader 2.6.5
    20Dollars2Surf 1.1
    Java(TM) 6 Update 21
    Qtrax Player
    Java(TM) 6 Update 3
    Ask Toolbar
    AVG Security Toolbar
    Babylon toolbar on IE
    MediaBar
    DAEMON Tools Toolbar
    Delta toolbar
    McAfee Security Scan Plus
    Mozilla Firefox 15.0.1 (x86 pl), jezeli uzywasz to aktualizuj do 20.
    Norton Security Scan
    QuestService 1.0 build 127
    Qtrax Player

    Zainstaluj Javę http://ninite.com/java

    Użyj AdwCleaner, opcja "Delete".

    Zrób skan przy pomocy MBAM oraz CureIt i daj nowy log z OTL, ze skanowania.

  • #5 24 Kwi 2013 20:33
    dreamerre
    Poziom 2  

    Mam nadzieję, że wszystko dobrze zrobiłam. ;)

    OTL Link

  • #6 24 Kwi 2013 20:54
    Kolobos
    Spec od komputerów

    Przecież pisałem, nie instaluj szkodliwych dodatków, a Ty ściągasz MBAM ze strony innej niż producenta, pobierasz instalatorem z tej strony i oczywiście instalujesz wszystko jak leci, widzisz tutaj jakiś sens usuwania infekcji, skoro za chwilę robisz to samo?

    Czy MBAM oraz CureIt coś wykryły? Usunęłaś to, co wykryły?

    Użyj ponownie AdwCleaner...

    Wykonaj skrypt w OTL:

    :OTL
    PRC - [2013-04-21 17:26:08 | 000,121,906 | ---- | M] () -- C:\Documents and Settings\dom\Ustawienia lokalne\Temp\is1890775716\QtraxInstaller.exe
    PRC - [2013-03-22 16:09:37 | 002,787,280 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
    PRC - [2012-05-25 15:42:26 | 000,008,705 | ---- | M] () -- C:\Documents and Settings\dom\Dane aplikacji\regsrv65.exe
    PRC - [2012-05-17 15:51:31 | 000,008,705 | ---- | M] () -- C:\Documents and Settings\dom\Dane aplikacji\regsrv69.exe
    PRC - [2006-12-15 04:59:12 | 000,217,088 | R--- | M] (TODO: <Company name>) -- C:\WINDOWS\system32\WinSys2.exe
    SRV - [2013-03-22 16:09:37 | 002,787,280 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
    IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=DC7A001D7D33FCFD
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=DC7A001D7D33FCFD
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://home.myquickfinder.com
    IE - HKCU\..\SearchScopes\{0B278C6F-EC6B-3477-311E-6342928C69FF}: "URL" = http://flvpx-ares.asksearch.com/s/?q={searchTerms}&iesrc={referrer:source?}&cfg=2-113-0-1Fhbb
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www2.delta-search.com/?q={searchTerms}&affID=121845&babsrc=SP_ss&mntrId=DC7A001D7D33FCFD
    IE - HKCU\..\SearchScopes\{219A9E2A-CA4E-4F96-B761-B20FB1E84CEF}: "URL" = http://search.yahoo.com/search?fr=chr-greentr...mp;ei=utf-8&ilc=12&type=937811&p={searchTerms}
    IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
    FF - prefs.js..browser.search.selectedEngine: "Yahoo"
    FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
    [2013-04-24 19:30:15 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Documents and Settings\dom\Dane aplikacji\Mozilla\Firefox\Profiles\wr85iyk5.default\extensions\ffxtlbr@delta.com
    [2013-04-24 19:30:16 | 000,001,294 | ---- | M] () -- C:\Documents and Settings\dom\Dane aplikacji\Mozilla\Firefox\Profiles\wr85iyk5.default\searchplugins\delta.xml
    File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\BROWSERPROTECT\2.6.1095.52\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FIREFOXEXTENSION
    File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\DOM\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\WR85IYK5.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM
    File not found (No name found) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
    File not found (No name found) -- C:\PROGRAM FILES\YTD TOOLBAR\FF
    O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
    O3 - HKLM\..\Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
    O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
    O4 - HKLM..\Run: [PService] C:\Documents and Settings\dom\Dane aplikacji\4.exe File not found
    O4 - HKLM..\Run: [QuestService Service] "C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice127.exe" "C:\Program Files\QuestService\questservice.dll" ijyxrfskt File not found
    O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\WinSys2.exe (TODO: <Company name>)
    O4 - HKCU..\Run: [{CD8F4E25-6F97-4655-A19B-96681FE39415}] C:\Documents and Settings\dom\Dane aplikacji\{CD8F4E25-6F97-4655-A19B-96681FE39415}\Winlogon.exe ()
    O4 - HKCU..\Run: [ares] "D:\Program Files\Ares\Ares.exe" -h File not found
    O4 - HKCU..\Run: [AutoStartNPSAgent] D:\NPSAgent.exe File not found
    O4 - HKCU..\Run: [dhfh22] C:\DOCUME~1\dom\USTAWI~1\Temp\sample.exe File not found
    O4 - HKCU..\Run: [Gesmss] C:\Documents and Settings\dom\Dane aplikacji\Gesmss.exe File not found
    O4 - HKCU..\Run: [jjijj] C:\DOCUME~1\dom\USTAWI~1\Temp\sample.exe File not found
    O4 - HKCU..\Run: [Micnosoft DLL Registnrtion] C:\Documents and Settings\dom\Dane aplikacji\regsrv65.exe ()
    O4 - HKCU..\Run: [Microsoft DXT Registration] C:\Documents and Settings\dom\Dane aplikacji\regsrv69.exe ()
    O4 - HKCU..\Run: [PService] C:\Documents and Settings\dom\Dane aplikacji\4.exe File not found
    O4 - HKCU..\Run: [Qfsmsc] C:\Documents and Settings\dom\Dane aplikacji\Qfsmsc.exe File not found
    O4 - HKCU..\Run: [Rfsmsd] C:\Documents and Settings\dom\Dane aplikacji\Rfsmsd.exe File not found
    O4 - HKCU..\Run: [ş™ŮpťdoĄĺçĂ]FřťâÂçt*PAÓ„_šAéODnE+ĂďťLĐTšb)…"«°˘Ä0Č˝P⍰6Çţď~%ŮÖqźÂ`,=bń±L«şŇÄ­ş±đŤíŃYLŹş
    ®küa†—ăŃKÍyjoľe†c_YCč z˛Ą—R‡
    žm¶+«p<ŕ c“x] File not found
    O4 - HKCU..\Run: [Tdsmsf] C:\Documents and Settings\dom\Dane aplikacji\Tdsmsf.exe File not found
    O4 - HKCU..\Run: [Winlogons] C:\DOCUME~1\dom\USTAWI~1\Temp\sample.exe File not found
    O4 - HKCU..\Run: [winlogs] C:\DOCUME~1\dom\USTAWI~1\Temp\sample.exe File not found
    O4 - HKCU..\RunOnce: [Qtrax] C:\Program Files\Microsoft Silverlight\sllauncher.exe 265426049.portal.qtrax.com File not found
    O20 - AppInit_DLLs: (c:\docume~1\alluse~1\daneap~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - c:\Documents and Settings\All Users\Dane aplikacji\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
    O29 - HKLM SecurityProviders - (mcenspc.dll) - File not found
    O33 - MountPoints2\{35123bf2-fd07-11dd-86eb-001d7d33fcfd}\Shell\AutoRun\command - "" = F:\i8ikdjwt.exe
    O33 - MountPoints2\{35123bf2-fd07-11dd-86eb-001d7d33fcfd}\Shell\open\Command - "" = F:\i8ikdjwt.exe
    O33 - MountPoints2\{37aa89b6-e92a-11dc-b953-001d7d33fcfd}\Shell - "" = AutoRun
    O33 - MountPoints2\{6b098f00-a7d7-11df-8bf1-001d7d33fcfd}\Shell\AutoRun\command - "" = F:\i8ikdjwt.exe
    O33 - MountPoints2\{6b098f00-a7d7-11df-8bf1-001d7d33fcfd}\Shell\open\Command - "" = F:\i8ikdjwt.exe
    O33 - MountPoints2\{86101066-0735-11dd-8296-001d7d33fcfd}\Shell\AutoRun\command - "" = F:\mi9al8rs.exe
    O33 - MountPoints2\{86101066-0735-11dd-8296-001d7d33fcfd}\Shell\open\Command - "" = F:\mi9al8rs.exe
    O33 - MountPoints2\{d2fd0069-eeb3-11dc-821e-001d7d33fcfd}\Shell\AutoRun\command - "" = F:\mi9al8rs.exe
    O33 - MountPoints2\{d2fd0069-eeb3-11dc-821e-001d7d33fcfd}\Shell\open\Command - "" = F:\mi9al8rs.exe
    [2013-04-24 19:30:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom\Menu Start\Programy\BrowserProtect
    [2013-04-24 19:30:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BrowserProtect
    [2013-04-24 19:30:14 | 000,000,000 | ---D | C] -- C:\Program Files\Delta
    [2013-04-24 19:30:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom\Dane aplikacji\Delta
    [2013-04-24 19:29:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dom\Dane aplikacji\Babylon
    [2013-04-24 19:29:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon
    [2013-03-20 17:20:06 | 000,000,000 | -HSD | C] -- C:\found.000
    [2012-09-30 14:40:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\AVG Secure Search
    [2012-07-28 16:15:33 | 000,223,744 | ---- | C] (YourCompany) -- C:\Documents and Settings\dom\do.exe
    [2012-04-26 16:28:56 | 000,333,312 | ---- | C] (YourCompany) -- C:\Documents and Settings\dom\cn.exe
    [2011-12-06 16:53:06 | 000,400,896 | ---- | C] (mira udivo) -- C:\Documents and Settings\dom\Dane aplikacji\49.exe
    [2011-11-07 21:21:24 | 000,400,896 | ---- | C] (mira udivo) -- C:\Documents and Settings\dom\Dane aplikacji\74.exe
    [2011-10-28 16:28:50 | 000,333,312 | ---- | C] (YourCompany) -- C:\Documents and Settings\dom\bm.exe
    [2011-10-17 11:58:58 | 000,400,896 | ---- | C] (mira udivo) -- C:\Documents and Settings\dom\Dane aplikacji\1B.exe
    [2010-08-10 20:00:53 | 002,166,784 | ---- | C] (Maxis, a division of Electronic Arts) -- C:\Documents and Settings\dom\Sims.exe
    [2012-06-30 22:53:52 | 000,096,857 | ---- | C] () -- C:\WINDOWS\System32\cmd.rar
    [2012-01-14 23:07:11 | 000,000,018 | ---- | C] () -- C:\Documents and Settings\dom\cc.bat
    [2011-10-17 18:57:41 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\dom\Dane aplikacji\E1EeftfiMlDE
    [2011-10-16 20:28:06 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\dom\Dane aplikacji\hy8KfJgK7eyf
    [2011-10-16 17:25:31 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\dom\Dane aplikacji\GEIG18j116lf
    [2011-10-16 17:24:47 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\dom\Dane aplikacji\lif76ttLkH0L
    [2011-10-16 17:23:20 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\dom\Dane aplikacji\EIg7ittkk81k
    [2008-08-29 10:11:06 | 000,002,045 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\whlb32g.dll
    @Alternate Data Stream - 88 bytes -> C:\Documents and Settings\dom\Pulpit\XD.xcf:SummaryInformation
    @Alternate Data Stream - 1950812 bytes -> C:\WINDOWS\Temp:temp

    :Files
    C:\Documents and Settings\dom\Dane aplikacji\*.exe

    :Commands
    [emptytemp]

    Po wykonaniu daj nowy log z OTL, ze skanowania oraz log z TDSSKiller (nic w nim nie usuwaj).

    Daj też screen z CrystalDiskInfo.

 
Promocja -20%
Zamknij 
Wyszukaj w ofercie 200 tys. produktów TME
tme