Zmieniona strona startowa
#1
Objawy zainfekowania:
W ie/firefox zmieniona strona startowa na [malware]

[Aby zobaczyć linki, zarejestruj się tutaj]

[/malware]
Wykonywane działania:
MBAM, Emsi Emergency kit, mse, Kaspersky Virus Removal Tool - nic.

Logi:
RISIT:

[Aby zobaczyć linki, zarejestruj się tutaj]

[Aby zobaczyć linki, zarejestruj się tutaj]


OTL:

[Aby zobaczyć linki, zarejestruj się tutaj]

[Aby zobaczyć linki, zarejestruj się tutaj]


Netbook tesciowej ;]
Odpowiedz
#2
Proponuje wziac adres tej stronki w znacznik malware, bo właściwie nie wiadomo co tam można spotkać
"Jak to mówi premier Pawlak - uszczknąć sobie"
Norton ConnectSafe®
Odpowiedz
#3
Dodane logi otl.
Odpowiedz
#4
Odinstaluj:
Java 7 Update 25

Zainstaluj

[Aby zobaczyć linki, zarejestruj się tutaj]

do najnowszej wersji.

Do OTL w okienko własne opcje skanowania skrypt wklej i wykonaj:

Kod:
:OTL
DRV - File not found [Kernel | Disabled | Stopped] ---- (ViaIde)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | Disabled | Stopped] ---- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] ---- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] ---- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] ---- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] ---- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] ---- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] ---- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] ---- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] ---- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] ---- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] ---- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] ---- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] ---- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] ---- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] ---- (perc2)
DRV - File not found [Kernel | Disabled | Stopped] ---- (mraid35x)
DRV - File not found [Kernel | Disabled | Stopped] ---- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] ---- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] ---- (i2omp)
DRV - File not found [Kernel | Disabled | Stopped] ---- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] ---- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] ---- (dac960nt)
DRV - File not found [Kernel | Disabled | Unknown] ---- (dac2w2k)
DRV - File not found [Kernel | Disabled | Stopped] ---- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] ---- (CmdIde)
DRV - File not found [Kernel | Disabled | Stopped] ---- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] ---- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] ---- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] ---- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] ---- (asc)
DRV - File not found [Kernel | Disabled | Stopped] ---- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] ---- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] ---- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] ---- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] ---- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] ---- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] ---- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] ---- (Abiosdsk)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uri.pl/?i=YZhb
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.uri.pl/search.php?i=YZhb&q={searchTerms}
IE - HKCU\..\SearchScopes\{decabc4f-3db2-4891-8ea8-481dd7f8a09c}: "URL" = http://search.uri.pl/search.php?i=YZhb&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =[binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O8 - Extra context menu item: Wyślij do interfejsu Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra ''Tools'' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
[2013-04-08 16:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\188F1432-103A-4ffb-80F1-36B633C5C9E1

:Commands
[EMPTYTEMP]


Pokaż raport z wykonania.
Odpowiedz
#5

[Aby zobaczyć linki, zarejestruj się tutaj]

[Aby zobaczyć linki, zarejestruj się tutaj]

[Aby zobaczyć linki, zarejestruj się tutaj]

Odpowiedz
#6
Przejdź do sprzątania w OTL.
Odpowiedz


Skocz do:


Użytkownicy przeglądający ten wątek: 1 gości