Sformatuj pendriva swojego albo dysk przenośny bo tam masz wirusa...
Uruchom OTL i w oknie Custom Scans/Fixes wklej :
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O4 - HKCU..\Run: [cdoosoft] C:\Documents and Settings\Adus\Ustawienia lokalne\Temp\herss.exe ()
O4 - Startup: C:\Documents and Settings\Adus\Menu Start\Programy\Autostart\79F279.lnk = C:\WINDOWS\system32\ADF53F\79F279.EXE ()
O32 - AutoRun File - [2010-01-06 16:46:17 | 00,000,057 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-01-06 16:46:17 | 00,000,057 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{10550560-e71a-11dd-acf5-806d6172696f}\Shell\AutoRun\command - "" = D:\e9naq.exe -- [2010-01-06 13:09:49 | 00,118,272 | RHS- | M] ()
O33 - MountPoints2\{10550560-e71a-11dd-acf5-806d6172696f}\Shell\open\Command - "" = D:\e9naq.exe -- [2010-01-06 13:09:49 | 00,118,272 | RHS- | M] ()
O33 - MountPoints2\{10550562-e71a-11dd-acf5-806d6172696f}\Shell\AutoRun\command - "" = C:\e9naq.exe -- [2010-01-06 13:09:49 | 00,118,272 | RHS- | M] ()
O33 - MountPoints2\{10550562-e71a-11dd-acf5-806d6172696f}\Shell\open\Command - "" = C:\e9naq.exe -- [2010-01-06 13:09:49 | 00,118,272 | RHS- | M] ()
O33 - MountPoints2\{1d55bcf8-05bb-11de-b3f3-000e8e0236d5}\Shell - "" = AutoRun
O33 - MountPoints2\{3c199066-ba78-11de-b6f8-001a4dfe230a}\Shell\AutoRun\command - "" = J:\nds0q.exe -- File not found
O33 - MountPoints2\{3c199066-ba78-11de-b6f8-001a4dfe230a}\Shell\open\Command - "" = J:\nds0q.exe -- File not found
O33 - MountPoints2\{6c260448-8048-11de-b617-001a4dfe230a}\Shell\AutoRun\command - "" = J:\2nuk.com -- File not found
O33 - MountPoints2\{6c260448-8048-11de-b617-001a4dfe230a}\Shell\open\Command - "" = J:\2nuk.com -- File not found
O33 - MountPoints2\{9ac47781-60a9-11de-b57d-001a4dfe230a}\Shell\AutoRun\command - "" = J:\k8jc.exe -- File not found
O33 - MountPoints2\{9ac47781-60a9-11de-b57d-001a4dfe230a}\Shell\open\Command - "" = J:\k8jc.exe -- File not found
O33 - MountPoints2\{b687f6c3-bca2-11de-b6fd-001a4dfe230a}\Shell\AutoRun\command - "" = J:\mwfubaob.exe -- File not found
O33 - MountPoints2\{b687f6c3-bca2-11de-b6fd-001a4dfe230a}\Shell\open\Command - "" = J:\
O33 - MountPoints2\{bd9d1fc2-a830-11de-b6aa-001a4dfe230a}\Shell - "" = AutoRun
O33 - MountPoints2\{bd9d1fc2-a830-11de-b6aa-001a4dfe230a}\Shell\1\Command - "" = J:\Recycle.exe -- File not found
O33 - MountPoints2\{bd9d1fc2-a830-11de-b6aa-001a4dfe230a}\Shell\2\Command - "" = J:\Recycle.exe -- File not found
O33 - MountPoints2\{ee0a5154-3033-11de-b4b0-000e8e0236d5}\Shell - "" = AutoRun
O33 - MountPoints2\{f85c0e48-16db-11de-b444-000e8e0236d5}\Shell - "" = AutoRun
O33 - MountPoints2\C\Shell\AutoRun\command - "" = C:\e9naq.exe -- [2010-01-06 13:09:49 | 00,118,272 | RHS- | M] ()
O33 - MountPoints2\C\Shell\open\Command - "" = C:\e9naq.exe -- [2010-01-06 13:09:49 | 00,118,272 | RHS- | M] ()
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\e9naq.exe -- [2010-01-06 13:09:49 | 00,118,272 | RHS- | M] ()
O33 - MountPoints2\D\Shell\open\Command - "" = D:\e9naq.exe -- [2010-01-06 13:09:49 | 00,118,272 | RHS- | M] ()
:Files
C:\Documents and Settings\Adus\Dane aplikacji\Mozilla\Firefox\Profiles\0hs5ff9h.default\extensions\toolbar@ask.com
C:\Documents and Settings\Adus\Dane aplikacji\Mozilla\Firefox\Profiles\0hs5ff9h.default\searchplugins\winampsearch.xml
C:\WINDOWS\system32\ADF53F
C:\Program Files\Winamp Toolbar
C:\Program Files\Ask.com
C:\Documents and Settings\Adus\Ustawienia lokalne\Temp\herss.exe
C:\e9naq.exe
D:\e9naq.exe
C:\autorun.inf
D:\autorun.inf
C:\anoataly.exe
D:\anoataly.exe
C:\3exi.exe
D:\3exi.exe
C:\wisf1.exe
D:\wisf1.exe
C:\imghyva6.exe
D:\imghyva6.exe
C:\u16sqrqn.exe
D:\u16sqrqn.exe
C:\nx.exe
D:\nx.exe
C:\yu3.exe
C:\t8g.exe
C:\k0maw.exe
d:\yu3.exe
d:\t8g.exe
d:\k0maw.exe
C:\nqdymj.exe
D:\nqdymj.exe
C:\xmor.exe
D:\xmor.exe
:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""
:Commands
[emptytemp]
Kliknij w Run Fix. I potwierdz reset kompa .
Następnie uruchamiasz OTL z opcją Run Scan. Pokazujesz nowy log OTL.txt
oraz raport z czyszczenia komputera