najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Pokaż raport z niego C:\AdwCleaner\AdwCleaner.txt
2) Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:
:OTL
[2013-03-30 04:16:35 | 000,000,000 | ---D | M] -- C:\Users\Mati\AppData\Roaming\Funmoods
[2012-06-08 23:58:09 | 000,000,000 | ---D | M] -- C:\Users\Mati\AppData\Roaming\BabylonToolbar
[2013-06-14 20:39:46 | 000,000,000 | ---D | M] -- C:\Users\Mati\AppData\Roaming\0D1F1S1C1P0P1C1F1N1C1T1H2UtF1E1I
[2013-12-08 23:07:28 | 000,000,000 | ---D | C] -- C:\Users\Mati\AppData\Local\cache
[2013-12-08 23:07:26 | 000,000,000 | ---D | C] -- C:\Users\Mati\Documents\Mobogenie
[2013-12-08 23:07:26 | 000,000,000 | ---D | C] -- C:\Users\Mati\AppData\Local\Mobogenie
[2013-12-08 23:06:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-21-1569784292-657698034-429391089-1001\..\Toolbar\WebBrowser: (no name) - {6DFC55BB-BFFF-485A-9709-90C3FDF6DB58} - No CLSID value found.
O3 - HKU\S-1-5-21-1569784292-657698034-429391089-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1569784292-657698034-429391089-1001\..\Toolbar\WebBrowser: (no name) - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - No CLSID value found.
O3 - HKU\S-1-5-21-1569784292-657698034-429391089-1001\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
[2013-06-14 20:36:21 | 000,006,470 | ---- | M] () -- C:\Users\Mati\AppData\Roaming\mozilla\firefox\profiles\wehhh2f0.default\searchplugins\babylon.xml
[2013-06-14 20:36:21 | 000,006,470 | ---- | M] () -- C:\Users\Mati\AppData\Roaming\mozilla\firefox\profiles\wehhh2f0.default\searchplugins\BrowserProtect.xml
[2013-06-14 20:36:56 | 000,001,294 | ---- | M] () -- C:\Users\Mati\AppData\Roaming\mozilla\firefox\profiles\wehhh2f0.default\searchplugins\delta.xml
[2013-03-31 11:48:55 | 000,000,000 | ---D | M] (DealPly Shopping) -- C:\Users\Mati\AppData\Roaming\mozilla\Firefox\Profiles\wehhh2f0.default\extensions\amo@dealplyshopping.com
[2013-03-30 16:11:03 | 000,000,000 | ---D | M] (Breowse2savue) -- C:\Users\Mati\AppData\Roaming\mozilla\Firefox\Profiles\wehhh2f0.default\extensions\diudtlg@euyuohjsosp.edu
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
:Files
C:\Program Files (x86)\Common Files\AVG Secure Search
:Commands
[emptytemp]
Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.
C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
14:42:13.0336 2784 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
"sptd.sys" to plik używany np. przez Daemon Tools, a ten masz zainstalowany.
Pomyłka TDSSKiller'a.
F.
Sieci koputerowe,
