Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek dla www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Win Xp, podejrzenie posiadania programów szpiegujących, logi OTL

01 Sie 2012 21:36 1125 2
  • Poziom 13  
    Witam. Podejrzewam, że mam na komputerze programy szpiegujące. Mam system Windows Xp Profesional. Wykonuje obecnie logi OTL i skanuje komputer Dr. Web-em

    Log z OTL :
    http://wklej.to/HIKee



    Skan Dr. Web zakończył sie wynikiem : 1 Adware
  • Pomocny post
    Spec od komputerów
    Odinstaluj uTorrentControl2 Toolbar,Wincore Mediabar.Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

    Cytat:
    :OTL
    MOD - [2012-08-01 20:41:44 | 002,779,480 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\E8DF277C-21867648-BC27A0E4-37B29700\7f38b_xp.exe
    MOD - [2012-08-01 20:41:41 | 000,128,824 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\E8DF277C-21867648-BC27A0E4-37B29700\ee7c93.exe
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=a8c75bf8-0648-11e1-9a82-001e68753dc7&q={searchTerms}
    IE - HKLM\..\SearchScopes\{FE972840-00D1-4A67-9922-8C0F4CBC279E}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
    IE - HKU\S-1-5-21-1757981266-1972579041-1177238915-500\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - No CLSID value found
    IE - HKU\S-1-5-21-1757981266-1972579041-1177238915-500\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-1757981266-1972579041-1177238915-500\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
    IE - HKU\S-1-5-21-1757981266-1972579041-1177238915-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
    IE - HKU\S-1-5-21-1757981266-1972579041-1177238915-500\..\SearchScopes\{56DE0D19-3B95-473F-AE54-706374D005DE}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3065462
    IE - HKU\S-1-5-21-1757981266-1972579041-1177238915-500\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=a8c75bf8-0648-11e1-9a82-001e68753dc7&q={searchTerms}
    IE - HKU\S-1-5-21-1757981266-1972579041-1177238915-500\..\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}: "URL" = http://search.kikin.com/search/?q={searchTerms}
    IE - HKU\S-1-5-21-1757981266-1972579041-1177238915-500\..\SearchScopes\{FE972840-00D1-4A67-9922-8C0F4CBC279E}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
    FF - prefs.js..browser.search.defaultengine: "Web Search"
    FF - prefs.js..browser.search.defaultenginename: "Web Search"
    FF - prefs.js..browser.search.order.1: "Search Results"
    FF - prefs.js..browser.search.selectedEngine: "Search Results"
    FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
    [2012-07-18 00:58:57 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\9j0e060y.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
    [2012-01-12 02:04:27 | 000,000,000 | ---D | M] (Wincore Mediabar) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\9j0e060y.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
    [2012-01-12 02:04:17 | 000,002,511 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\9j0e060y.default\searchplugins\Search_Results.xml
    [2012-02-14 22:53:27 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\9j0e060y.default\searchplugins\startsear.xml
    [2011-09-10 21:44:04 | 000,001,565 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\9j0e060y.default\searchplugins\web-search.xml
    O2 - BHO: (DataMngr) - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\BrowserConnection.dll (MusicLab, LLC)
    O2 - BHO: (Wincore Mediabar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll ()
    O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll ()
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe (MusicLab, LLC)
    O4 - HKLM..\Run: [ORAHSSSessionManager] "C:\Program Files\Livebox\SessionManager\SessionManager.exe" File not found
    O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
    O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
    [2012-04-25 11:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PriceGong

    :Commands
    [emptytemp]


    Kliknij Wykonaj skrypt.W OTL użyj opcji Sprzątanie.Użyj AdwCleaner http://general-changelog-team.fr/outils/289-adwcleaner z funkcji Delete.
  • Poziom 13  
    Dziękuje bardzo za pomoc. Pozdrawiam