radzio107
3 Kwiecień 2011 10:20
#1
Witam.
Sorki ze pisze tak przy niedzieli. Mam problem z kompem a najwiekszy z kopiowaniem plikow.Bardzom długo to sie robi i nie korzysta z 2 rdzeniow procka. Podejrzewam ze to wirusy bo do niektorych procesow nie mam dostempu.Załaczam logi>
Lo0g OTL-a.
http://wklej.org/id/505036/
extras:
http://wklej.org/id/505038/
Pozdr.
Wklej w OTL i naciśnij wykonaj skrypt:
:OTL O4 - HKLM…\Run: [bEWINTERNET-PL-IEWSessionManager] File not found O4 - HKCU…\Run: [GoD] File not found O33 - MountPoints2{14f87d02-d50e-11de-ba18-001d6043b75b}\Shell\AutoRun\command - “” = M:\a2g21.exe O33 - MountPoints2{14f87d02-d50e-11de-ba18-001d6043b75b}\Shell\open\Command - “” = M:\a2g21.exe O33 - MountPoints2{29164e98-3f06-11de-b82e-001d6043b75b}\Shell - “” = AutoRun O33 - MountPoints2{29164e98-3f06-11de-b82e-001d6043b75b}\Shell\AutoRun\command - “” = M:\AutoRun.exe – [2008-10-26 19:52:16 | 000,126,976 | R— | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2{29164e9b-3f06-11de-b82e-001d6043b75b}\Shell - “” = AutoRun O33 - MountPoints2{29164e9b-3f06-11de-b82e-001d6043b75b}\Shell\AutoRun\command - “” = M:\AutoRun.exe – [2008-10-26 19:52:16 | 000,126,976 | R— | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2{382b87ae-2679-11de-b7fb-001d6043b75b}\Shell\AutoRun\command - “” = M:\luk1ylq.com O33 - MountPoints2{382b87ae-2679-11de-b7fb-001d6043b75b}\Shell\open\Command - “” = M:\luk1ylq.com O33 - MountPoints2{429772ff-659c-11de-b8ae-001d6043b75b}\Shell\AutoRun\command - “” = O:\8xcrbho6.exe O33 - MountPoints2{429772ff-659c-11de-b8ae-001d6043b75b}\Shell\open\Command - “” = O:\8xcrbho6.exe O33 - MountPoints2{42977300-659c-11de-b8ae-001d6043b75b}\Shell\AutoRun\command - “” = P:\8xcrbho6.exe O33 - MountPoints2{42977300-659c-11de-b8ae-001d6043b75b}\Shell\open\Command - “” = P:\8xcrbho6.exe O33 - MountPoints2{4e1ebbae-7ea7-11de-b8f8-001d6043b75b}\Shell\AutoRun\command - “” = M:\luk1ylq.com O33 - MountPoints2{4e1ebbae-7ea7-11de-b8f8-001d6043b75b}\Shell\open\Command - “” = M:\luk1ylq.com O33 - MountPoints2{64912632-a90f-11de-b985-001d6043b75b}\Shell - “” = AutoRun O33 - MountPoints2{64912632-a90f-11de-b985-001d6043b75b}\Shell\AutoRun\command - “” = M:\AutoRun.exe – [2008-10-26 19:52:16 | 000,126,976 | R— | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2{64912635-a90f-11de-b985-001d6043b75b}\Shell - “” = AutoRun O33 - MountPoints2{64912635-a90f-11de-b985-001d6043b75b}\Shell\AutoRun\command - “” = M:\AutoRun.exe – [2008-10-26 19:52:16 | 000,126,976 | R— | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2{78056fa4-fc4b-11de-baa2-001d6043b75b}\Shell\AutoRun\command - “” = O:\f2kmj.exe O33 - MountPoints2{78056fa4-fc4b-11de-baa2-001d6043b75b}\Shell\open\Command - “” = O:\f2kmj.exe O33 - MountPoints2{8dda7dd4-e6b4-11df-be2c-001d6043b75b}\Shell\AutoRun\command - “” = O:\9keibj.exe O33 - MountPoints2{8dda7dd4-e6b4-11df-be2c-001d6043b75b}\Shell\open\Command - “” = O:\9keibj.exe O33 - MountPoints2{a0fc3c0e-9b41-11df-bd2f-001d6043b75b}\Shell\AutoRun\command - “” = O:\8xcrbho6.exe O33 - MountPoints2{a0fc3c0e-9b41-11df-bd2f-001d6043b75b}\Shell\open\Command - “” = O:\8xcrbho6.exe O33 - MountPoints2{b51fc27e-40c4-11de-b834-001d6043b75b}\Shell\AutoRun\command - “” = M:\dogyx90.exe O33 - MountPoints2{b51fc27e-40c4-11de-b834-001d6043b75b}\Shell\open\Command - “” = M:\dogyx90.exe O33 - MountPoints2{d0d8b512-0454-11df-babd-001d6043b75b}\Shell\AutoRun\command - “” = O:\qkm.exe O33 - MountPoints2{d0d8b512-0454-11df-babd-001d6043b75b}\Shell\open\Command - “” = O:\qkm.exe O33 - MountPoints2{d0d8b513-0454-11df-babd-001d6043b75b}\Shell - “” = AutoRun O33 - MountPoints2{d0d8b513-0454-11df-babd-001d6043b75b}\Shell\AutoRun\command - “” = M:\AutoRun.exe – [2008-10-26 19:52:16 | 000,126,976 | R— | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2{e1dedbe0-42a9-11e0-bf91-001d6043b75b}\Shell - “” = AutoRun O33 - MountPoints2{e1dedbe0-42a9-11e0-bf91-001d6043b75b}\Shell\AutoRun\command - “” = M:\MicroLauncher.exe O33 - MountPoints2\M\Shell - “” = AutoRun O33 - MountPoints2\M\Shell\AutoRun\command - “” = M:\AutoRun.exe – [2008-10-26 19:52:16 | 000,126,976 | R— | M] (Huawei Technologies Co., Ltd.) :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] :Commands [emptytemp]
Po wykonaniu skryptu dajesz log z usuwania oraz z podłączonymi urządzeniami przenośnymi zaprezentuj log z USBFix z opcji deletion:
http://www.teamxscript.org/usbfixTelechargement.html
radzio107
3 Kwiecień 2011 11:31
#3
USBFIxa miałeś użyć z opcji DELETION a nie Research, zrób to jeszcze raz. Dodatkowo:
zaaktualizuj system do SP3:
http://www.dobreprogramy.pl/Windows-XP- … 12243.html