Stillborn
26 Styczeń 2010 12:59
#1
Witam.
Ostatnio zauważyłem, że komputer troszkę spowolnił a także wyskakują błędy czy anomalie (nie widzę ukrytych plików, dyski mogę otworzyć tylko porprzez “exploruj”)
Dodaje log z OTL, proszę o pomoc :).
Log : http://www.wklej.org/id/269011/
Leon1
26 Styczeń 2010 15:27
#2
Stillborn:
Witam. Ostatnio zauważyłem, że komputer troszkę spowolnił a także wyskakują błędy czy anomalie (nie widzę ukrytych plików, dyski mogę otworzyć tylko porprzez “exploruj”) Dodaje log z OTL, proszę o pomoc :). Log : http://www.wklej.org/id/269011/
Wyłącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl
OTL w oknie Custom Scans-Fixes wklej następujący skrypt:
:Processes explorer.exe :OTL IE - HKU\S-1-5-21-606747145-343818398-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15003&l=dis O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask.com ) O3 - HKLM…\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask.com ) O3 - HKU\S-1-5-21-606747145-343818398-682003330-1003…\Toolbar\ShellBrowser: (no name) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - No CLSID value found. O3 - HKU\S-1-5-21-606747145-343818398-682003330-1003…\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com \GenericAskToolbar.dll (Ask.com ) O4 - HKLM…\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe File not found O4 - HKU\S-1-5-21-606747145-343818398-682003330-1003…\Run: [cdoosoft] C:\DOCUME~1\WACICI~1\USTAWI~1\Temp\herss.exe File not found O16 - DPF: {00000161-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/msaud.cab (Reg Error: Key error.) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ … vc1dmo.cab (Reg Error: Key error.) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ … mv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ … mv9dmo.cab (Reg Error: Key error.) O32 - AutoRun File - [2010-01-20 19:53:37 | 00,000,063 | RHS- | M] () - C:\autorun.inf – [NTFS] O32 - AutoRun File - [2010-01-20 19:53:37 | 00,000,063 | RHS- | M] () - D:\autorun.inf – [NTFS] O32 - AutoRun File - [2010-01-20 19:53:37 | 00,000,063 | RHS- | M] () - E:\autorun.inf – [NTFS] O33 - MountPoints2{3fa75ef5-46b2-11de-9d3d-001485c8ab71}\Shell\AutoRun\command - “” = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe O33 - MountPoints2{3fa75ef5-46b2-11de-9d3d-001485c8ab71}\Shell\open\command - “” = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe O33 - MountPoints2{d9250547-b2fa-11de-9e17-001485c8ab71}\Shell\AutoRun\command - “” = L:\kmj.exe – File not found O33 - MountPoints2{d9250547-b2fa-11de-9e17-001485c8ab71}\Shell\open\Command - “” = L:\kmj.exe – File not found O33 - MountPoints2{e7166d93-3095-11dd-be73-806d6172696f}\Shell\AutoRun\command - “” = D:\9fo3ar0j.exe – [2010-01-20 07:39:10 | 00,118,272 | RHS- | M] () O33 - MountPoints2{e7166d93-3095-11dd-be73-806d6172696f}\Shell\open\Command - “” = D:\9fo3ar0j.exe – File not found O33 - MountPoints2{e7166d94-3095-11dd-be73-806d6172696f}\Shell\AutoRun\command - “” = 9fo3ar0j.exe O33 - MountPoints2{e7166d94-3095-11dd-be73-806d6172696f}\Shell\open\Command - “” = 9fo3ar0j.exe O33 - MountPoints2{e7166d96-3095-11dd-be73-806d6172696f}\Shell\AutoRun\command - “” = 9fo3ar0j.exe O33 - MountPoints2{e7166d96-3095-11dd-be73-806d6172696f}\Shell\open\Command - “” = 9fo3ar0j.exe [2010-01-20 19:53:37 | 00,000,063 | RHS- | M] () – C:\autorun.inf [2010-01-19 09:02:28 | 00,123,392 | RHS- | C] () – C:\sywyrl0q.exe [2010-01-18 07:25:21 | 00,115,712 | RHS- | C] () – C:\9xf8.exe [2010-01-14 08:59:56 | 00,120,320 | RHS- | C] () – C:\kmj.exe [2010-01-26 13:01:00 | 00,000,244 | ---- | M] () – C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job :Files D:\autorun.inf E:\autorun.inf D:\sywyrl0q.exe E:\sywyrl0q.exe D:\9xf8.exe E:\9xf8.exe D:\kmj.exe E:\kmj.exe :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] “SuperHidden”=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] “Hidden”=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] “ShowSuperHidden”=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] “CheckedValue”=dword:00000001 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden] @="" :Commands [emptytemp] [start explorer] [Reboot]
Kliknij w Run Fix. Zatwierdź restart komputera.
potem nowy log OTL
Wylecz pendriva lub kartę pamięci http://www.softpedia.com/get/Security/S … Tool.shtml
Flash Disinfector http://www.searchengines.pl/index.php?s … ntry369724
lub format
