Jakieś złośliwości prośba o sprawdzenie logow OTL

[kaza18]

OTL: http://wklej.to/bn2Z
Extras: http://wklej.to/30He
Prosze o pomoc

[mateo8898]

Uruchom OTL w oknie Custom Scans/Fixes wklej:

:OTL
MOD - [2010-02-21 20:02:54 | 000,092,672 | RHS- | M] () -- C:\WINDOWS\system32\nmdfgds0.dll
SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15161&l=dis
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
[2009-12-31 11:30:49 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\kaza\Dane aplikacji\Mozilla\Firefox\Profiles\ej1hheg8.default\searchplugins\askcom.xml
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found
O4 - HKCU..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe ()
O32 - AutoRun File - [2010-02-21 20:27:35 | 000,000,049 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-02-21 20:27:35 | 000,000,049 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{128c8364-e121-11de-b31a-001f3a8dea54}\Shell\AutoRun\command - "" = F:\j.cmd -- File not found
O33 - MountPoints2\{128c8364-e121-11de-b31a-001f3a8dea54}\Shell\open\Command - "" = F:\j.cmd -- File not found
O33 - MountPoints2\{571c0750-9b36-11de-a060-806d6172696f}\Shell\AutoRun\command - "" = C:\j.cmd -- [2009-05-14 18:17:32 | 000,105,213 | RHS- | M] ()
O33 - MountPoints2\{571c0750-9b36-11de-a060-806d6172696f}\Shell\open\Command - "" = C:\j.cmd -- [2009-05-14 18:17:32 | 000,105,213 | RHS- | M] ()
O33 - MountPoints2\{571c0751-9b36-11de-a060-806d6172696f}\Shell\AutoRun\command - "" = D:\j.cmd -- [2009-05-14 18:17:32 | 000,105,213 | RHS- | M] ()
O33 - MountPoints2\{571c0751-9b36-11de-a060-806d6172696f}\Shell\open\Command - "" = D:\j.cmd -- [2009-05-14 18:17:32 | 000,105,213 | RHS- | M] ()
O33 - MountPoints2\{b616adc4-9c99-11de-b1f9-001f3a8dea54}\Shell\AutoRun\command - "" = F:\j.cmd -- File not found
O33 - MountPoints2\{b616adc4-9c99-11de-b1f9-001f3a8dea54}\Shell\open\Command - "" = F:\j.cmd -- File not found

:Files
C:\j.cmd
D:\j.cmd

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Alcmtr"=-
"HotKeysCmds"=-
"IgfxTray"=-
"Persistence"=-
"RTHDCPL"=-
"SunJavaUpdateSched"=-

:Commands
[emptytemp]

Klikasz Run Fix. Dajesz log z usuwania + nowy log z OTL

Wylecz pamięci przenośne Flash Disinfector lub sformatuj

[kaza18]

z usuwania: http://wklej.to/eXkh
nowy log: http://wklej.to/1VtF

[mateo8898]

Uruchom OTL w oknie Custom Scans/Fixes wklej:

:OTL

:Files
C:\WINDOWS\System32\nmdfgds0.dll

Klikasz Run Fix. Następnie:

W OTL kliknij CleanUp

Przeczyść dysk oraz rejestr CCleaner

Wyłącz i włącz przywracanie systemu na wszystkich dyskach Instrukcja

Wykonaj pełne skanowanie Malwarebytes' Anti-Malware - jeśli coś znajdzie usuń i daj raport

Zainstaluj tą poprawkę http://download.microsoft.com/download/ ... 86-PLK.exe

[kaza18]

http://wklej.to/trT7

[mateo8898]

Ok, opróżnij jeszcze kwarantannę Malwarebytes.

[kaza18]

ok dziekuje bardzo pozdrawiam