Wirus blokuje manager zadań i dostęp do dysku

Dinamo · 26 Styczeń 2010 21:02

Nagle wyłączył mi się komputer, kiedy go uruchomiłem nie mogłem się zalogować - użytkownik mam Windowsa XP.

Chciałem włączyć menagera zadań, ale pokazał się “manager zadań został wyłączony przez administratora”. Uruchomiłem komputer na koncie Administratora w trybie awaryjnym. Nie włączył się explorer i włączyłem manager zadań (tutaj działał) i wpisałem w nowym zadaniu “explorer.exe”. W HJ sprawdziłem system i nie podobały mi się niektóre wpisy, usunąłem je i mogę

korzystać z mojego konta, tylko w dalszym ciągu nie działa manager zadań i dodatkowo mój dysk D nie jest dostępny przez mój komputer - jego nazwa to “Ńúĺěíűé äčńę” i nie mogę wejść nań. Jedynie przez eksplorator. Co zrobić ?

Gutek · 26 Styczeń 2010 21:23

Pokaż log z: OTL

Przestawiasz w nim Processes i Modules na All oraz wklejasz w dolne białe okienko Custom Scans/Fixes :

Klikasz Run Scan. - otl-gmer-rsit-dds-inne-instrukcje-t370405.html

Dinamo · 26 Styczeń 2010 21:36

color=#E56717]========== Processes (All) ========== PRC - [2010-01-26 22:26:23 | 03,969,344 | ---- | M] (Emsi Software GmbH) – C:\Program Files\a-squared Free\a2free.exe PRC - [2010-01-26 22:26:09 | 00,548,352 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Galaktyczny\Moje dokumenty\Downloads\OTL.exe PRC - [2010-01-26 20:31:54 | 00,396,288 | ---- | M] (Trend Micro Inc.) – C:\Program Files\Trend Micro\HijackThis\HijackThis.exe PRC - [2009-12-10 00:22:33 | 00,921,072 | ---- | M] (Google Inc.) – C:\Documents and Settings\Galaktyczny\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2009-03-02 12:08:47 | 00,209,153 | ---- | M] (Avira GmbH) – C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2009-01-17 15:48:08 | 05,853,672 | ---- | M] (o2.pl Sp. z o.o.) – C:\Program Files\Tlen.pl\tlen.exe PRC - [2006-03-02 13:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe PRC - [2006-03-02 13:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\rundll32.exe PRC - [2006-03-02 13:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ctfmon.exe PRC - [2006-03-02 13:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wscntfy.exe PRC - [2004-12-21 20:05:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) – C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe PRC - [2004-12-21 14:30:00 | 00,425,984 | ---- | M] (ATI Technologies Inc.) – C:\WINDOWS\system32\ati2evxx.exe PRC - [2004-12-01 15:54:22 | 00,077,824 | ---- | M] (Realtek Semiconductor Corp.) – C:\WINDOWS\SOUNDMAN.EXE PRC - [2004-11-23 15:01:28 | 00,073,728 | ---- | M] () – C:\Program Files\Launch Manager\WButton.exe PRC - [2004-11-11 14:13:44 | 00,049,152 | ---- | M] (Wistron) – C:\Program Files\Launch Manager\HotkeyApp.exe PRC - [2004-10-05 16:25:10 | 00,098,394 | ---- | M] (Synaptics, Inc.) – C:\Program Files\Synaptics\SynTP\SynTPLpr.exe PRC - [2004-10-05 16:24:28 | 00,688,218 | ---- | M] (Synaptics, Inc.) – C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2004-08-06 13:04:10 | 00,032,768 | ---- | M] () – C:\Program Files\Launch Manager\LaunchAp.exe PRC - [2004-07-26 13:52:34 | 00,204,800 | ---- | M] (Wistron) – C:\Program Files\Launch Manager\OSD.exe ========== Modules (All) ========== MOD - [2010-01-26 22:26:09 | 00,548,352 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Galaktyczny\Moje dokumenty\Downloads\OTL.exe MOD - [2008-06-19 13:20:08 | 00,017,408 | ---- | M] () – C:\Program Files\Tlen.pl\hook.dll MOD - [2006-03-02 13:00:00 | 08,412,672 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shell32.dll MOD - [2006-03-02 13:00:00 | 01,281,024 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ole32.dll MOD - [2006-03-02 13:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2006-03-02 13:00:00 | 01,012,224 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\kernel32.dll MOD - [2006-03-02 13:00:00 | 00,996,352 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\setupapi.dll MOD - [2006-03-02 13:00:00 | 00,729,088 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\userenv.dll MOD - [2006-03-02 13:00:00 | 00,716,288 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntdll.dll MOD - [2006-03-02 13:00:00 | 00,686,080 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\advapi32.dll MOD - [2006-03-02 13:00:00 | 00,581,120 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\rpcrt4.dll MOD - [2006-03-02 13:00:00 | 00,578,560 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\user32.dll MOD - [2006-03-02 13:00:00 | 00,553,472 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\oleaut32.dll MOD - [2006-03-02 13:00:00 | 00,474,112 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shlwapi.dll MOD - [2006-03-02 13:00:00 | 00,343,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msvcrt.dll MOD - [2006-03-02 13:00:00 | 00,294,400 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\MSCTF.dll MOD - [2006-03-02 13:00:00 | 00,279,552 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\comdlg32.dll MOD - [2006-03-02 13:00:00 | 00,278,016 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\gdi32.dll MOD - [2006-03-02 13:00:00 | 00,219,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\uxtheme.dll MOD - [2006-03-02 13:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2006-03-02 13:00:00 | 00,172,544 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wldap32.dll MOD - [2006-03-02 13:00:00 | 00,146,432 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winspool.drv MOD - [2006-03-02 13:00:00 | 00,119,808 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntmarta.dll MOD - [2006-03-02 13:00:00 | 00,083,456 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\olepro32.dll MOD - [2006-03-02 13:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\srclient.dll MOD - [2006-03-02 13:00:00 | 00,064,000 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\samlib.dll MOD - [2006-03-02 13:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\secur32.dll MOD - [2006-03-02 13:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\psapi.dll MOD - [2006-03-02 13:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\version.dll MOD - [2004-10-01 10:44:30 | 00,069,722 | ---- | M] (Synaptics, Inc.) – C:\WINDOWS\system32\SynTPFcs.dll ========== Win32 Services (SafeList) ========== ========== Driver Services (SafeList) ========== ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0 O1 HOSTS File: ([2006-03-02 13:00:00 | 00,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O4 - HKLM…\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM…\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM…\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe (Wistron) O4 - HKLM…\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron) O4 - HKLM…\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe () O4 - HKLM…\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron) O4 - HKLM…\Run: [soundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM…\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM…\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM…\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe () O4 - HKCU…\Run: [Google Update] C:\Documents and Settings\Galaktyczny\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O15 - HKLM…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_16) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Galaktyczny\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Galaktyczny\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-10-11 09:41:16 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS] O32 - AutoRun File - [2010-01-26 20:09:55 | 00,000,352 | -H-- | M] () - D:\autorun.inf – [NTFS] O33 - MountPoints2{527b28b2-b64e-11de-8b23-806d6172696f}\Shell - “” = AutoRun O33 - MountPoints2{527b28b2-b64e-11de-8b23-806d6172696f}\Shell\open\command - “” = md.exe O33 - MountPoints2{660224aa-d843-11de-b50c-000e354da3be}\Shell\AutoRun\command - “” = opdux.exe O33 - MountPoints2{660224aa-d843-11de-b50c-000e354da3be}\Shell\open\Command - “” = opdux.exe O33 - MountPoints2{b19ab324-b98f-11de-b4b9-000e354da3be}\Shell\AutoRun\command - “” = ph.exe O33 - MountPoints2{b19ab324-b98f-11de-b4b9-000e354da3be}\Shell\open\Command - “” = ph.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] – “%1” %* O35 - exefile [open] – “%1” %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-10-11 09:40:35 | 00,000,000 | —D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation) NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated) MsConfig - StartUpReg: ALLUpdate - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: AQQ - hkey= - key= - C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe File not found MsConfig - StartUpReg: I&F Viewer toolbar - hkey= - key= - C:\Program Files\Photo Toolkit\ivbar\phototoolkitmem.exe (VicMan Software) SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ========== Files/Folders - Created Within 30 Days ========== [2010-01-26 20:31:54 | 00,000,000 | —D | C] – C:\Program Files\Trend Micro [2010-01-14 17:27:29 | 00,000,000 | —D | C] – C:\Documents and Settings\Galaktyczny\Ustawienia lokalne\Dane aplikacji\DC++ [2010-01-14 17:27:29 | 00,000,000 | —D | C] – C:\Documents and Settings\Galaktyczny\Dane aplikacji\DC++ [2010-01-14 17:25:41 | 00,000,000 | —D | C] – C:\Program Files\DC++ [2010-01-13 12:50:42 | 00,000,000 | —D | C] – C:\WINDOWS\RegisteredPackages [2010-01-10 21:31:28 | 05,447,321 | ---- | C] (Allok Soft Inc ) – C:\Documents and Settings\Galaktyczny\Pulpit\Setup.exe [2010-01-10 21:19:37 | 00,000,000 | —D | C] – C:\video_output [2010-01-10 21:18:28 | 00,258,048 | ---- | C] (Peter Wimmer, Gabest) – C:\WINDOWS\System32\GplMpgDec.ax [2010-01-10 21:18:24 | 00,000,000 | —D | C] – C:\Program Files\Allok 3GP PSP MP4 iPod Video Converter [2010-01-10 21:16:00 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Keronsoft [2010-01-10 21:15:44 | 00,000,000 | —D | C] – C:\Program Files\Keronsoft [2010-01-10 20:49:29 | 00,000,000 | —D | C] – C:\MediaCell [2010-01-10 20:48:46 | 00,000,000 | —D | C] – C:\Program Files\MediaCell Converter [2010-01-10 20:25:47 | 00,000,000 | —D | C] – C:\Documents and Settings\Galaktyczny\Pulpit\SmartMovie converted files [2010-01-10 20:25:38 | 00,000,000 | —D | C] – C:\Program Files\Lonely Cat Games [2010-01-10 20:25:18 | 00,000,000 | —D | C] – C:\Documents and Settings\Galaktyczny\Pulpit\SmartMovie.Converter.v4.00 [2010-01-01 16:00:20 | 00,005,632 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\ptpusb.dll [2010-01-01 16:00:19 | 00,159,232 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\ptpusd.dll [2009-12-30 00:04:43 | 00,000,000 | —D | C] – C:\Program Files\Ask.com [2009-12-30 00:04:32 | 00,000,000 | —D | C] – C:\Documents and Settings\Galaktyczny\Moje dokumenty\The KMPlayer [2009-12-30 00:03:42 | 00,000,000 | —D | C] – C:\Program Files\The KMPlayer [2009-12-29 12:36:45 | 00,000,000 | —D | C] – C:\Documents and Settings\Galaktyczny\Dane aplikacji\BESTplayer [2009-12-28 22:01:50 | 00,000,000 | —D | C] – C:\Program Files\SubEdit-Player [2009-12-27 22:51:36 | 00,000,000 | —D | C] – C:\WINDOWS\Sun [4 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->] [2 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->] ========== Files - Modified Within 30 Days ========== [2010-01-26 22:23:51 | 00,019,182 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\wwwwwwwww2.JPG [2010-01-26 22:11:32 | 00,027,243 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\ggggggggg1.JPG [2010-01-26 22:10:10 | 00,007,924 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\bbbbbbbbbbb.JPG [2010-01-26 22:01:01 | 00,000,246 | ---- | M] () – C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2010-01-26 21:45:06 | 00,001,156 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1993962763-854245398-1004UA.job [2010-01-26 21:35:53 | 00,000,095 | ---- | M] () – C:\WINDOWS\winamp.ini [2010-01-26 21:34:18 | 00,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT [2010-01-26 21:34:16 | 00,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat [2010-01-26 21:33:26 | 05,242,880 | -H-- | M] () – C:\Documents and Settings\Galaktyczny\NTUSER.DAT [2010-01-26 21:33:26 | 00,000,188 | -HS- | M] () – C:\Documents and Settings\Galaktyczny\ntuser.ini [2010-01-26 21:30:32 | 02,359,350 | ---- | M] () – C:\g1.bmp [2010-01-26 21:28:45 | 02,955,318 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Moje dokumenty\G.bmp [2010-01-26 18:56:44 | 00,219,648 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-01-25 22:45:04 | 00,001,104 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1993962763-854245398-1004Core.job [2010-01-25 19:08:03 | 00,022,016 | ---- | M] () – C:\WINDOWS\System32\ovjp.fbo [2010-01-23 00:58:24 | 00,000,069 | ---- | M] () – C:\WINDOWS\NeroDigital.ini [2010-01-22 23:44:56 | 00,036,670 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\tbp.jpeg [2010-01-22 23:44:45 | 00,026,080 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\ln.jpeg [2010-01-22 23:43:37 | 00,062,233 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\p1.jpeg [2010-01-22 23:36:25 | 00,046,429 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\seven2.jpeg [2010-01-22 23:36:21 | 00,043,217 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\seven1.jpeg [2010-01-22 23:18:02 | 00,057,612 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\aa3.jpeg [2010-01-22 23:17:54 | 00,054,567 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\aa2.jpeg [2010-01-22 23:17:48 | 00,029,829 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\aa1.jpeg [2010-01-22 23:13:25 | 00,065,418 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\m1.jpeg [2010-01-19 18:21:22 | 00,052,003 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\j3.jpeg [2010-01-19 18:13:09 | 00,087,623 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\gj2.jpeg [2010-01-19 18:07:28 | 00,041,135 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\j.jpeg [2010-01-19 18:05:11 | 00,047,962 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\jgim.jpeg [2010-01-18 18:13:32 | 00,013,646 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl [2010-01-18 16:01:09 | 00,083,136 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\i3.jpeg [2010-01-18 16:01:02 | 00,035,848 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\i2.jpeg [2010-01-18 16:00:58 | 00,041,129 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\i1.jpeg [2010-01-16 22:49:41 | 00,094,620 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\z2.jpeg [2010-01-16 22:49:31 | 00,064,129 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\z1.jpeg [2010-01-16 22:46:00 | 00,052,060 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\f.jpeg [2010-01-16 20:44:23 | 00,043,858 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\a2.jpeg [2010-01-16 20:44:13 | 00,046,573 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\a1.jpeg [2010-01-16 20:41:58 | 00,053,384 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\d3.jpeg [2010-01-16 20:41:52 | 00,020,520 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\d2.jpeg [2010-01-16 20:41:47 | 00,021,659 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\d1.jpeg [2010-01-15 20:00:11 | 00,081,770 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\Fw.JPG [2010-01-15 19:42:51 | 00,045,649 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\GL.JPG [2010-01-13 12:55:07 | 00,023,392 | ---- | M] () – C:\WINDOWS\System32\nscompat.tlb [2010-01-13 12:55:07 | 00,016,832 | ---- | M] () – C:\WINDOWS\System32\amcompat.tlb [2010-01-13 12:51:18 | 00,316,640 | ---- | M] () – C:\WINDOWS\WMSysPr9.prx [2010-01-13 11:04:11 | 00,017,644 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\Kontakty_11064 964.xml [2010-01-13 08:38:25 | 00,108,439 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\br.jpg [2010-01-10 21:31:20 | 05,435,237 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\AVC620603.rar [2010-01-10 21:18:29 | 00,000,930 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Allok 3GP PSP MP4 iPod Video Converter.lnk [2010-01-10 21:15:53 | 00,000,786 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\MobileVideo For 3GP.lnk [2010-01-10 20:48:56 | 00,000,809 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\MediaCellConverter.lnk [2010-01-10 20:25:39 | 00,000,899 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\SmartMovie Converter.lnk [2010-01-04 14:57:54 | 00,051,447 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Moje dokumenty\f796752c08ef.png [2010-01-03 20:51:55 | 00,430,598 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Moje dokumenty\sp.bmp [2009-12-30 19:57:10 | 00,270,677 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Moje dokumenty\091809161844.jpg [2009-12-30 00:03:58 | 00,000,710 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\KMPlayer.lnk [2009-12-28 22:30:57 | 01,932,825 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\Nowy Archiwum WinRAR-a.rar [2009-12-28 22:29:19 | 00,403,664 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\sample.mkv3.jpg [2009-12-28 22:28:20 | 00,473,258 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\sample.mkv2.jpg [2009-12-28 22:28:08 | 00,373,079 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\sample.mkv1.jpg [2009-12-28 22:24:19 | 00,284,853 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\tx.jpg [2009-12-28 22:23:39 | 00,292,148 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\h.jpg [2009-12-28 22:07:51 | 00,049,711 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\t2.JPG [2009-12-28 22:05:00 | 00,056,863 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\t1.JPG [2009-12-28 22:01:53 | 00,000,797 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\SubEdit-Player.lnk [2009-12-28 00:02:21 | 00,014,413 | ---- | M] () – C:\Documents and Settings\Galaktyczny\Pulpit\p.JPG [4 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->] [2 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->] ========== Files Created - No Company Name ========== [2010-01-26 22:23:51 | 00,019,182 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\wwwwwwwww2.JPG [2010-01-26 22:11:31 | 00,027,243 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\ggggggggg1.JPG [2010-01-26 22:10:10 | 00,007,924 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\bbbbbbbbbbb.JPG [2010-01-26 21:30:32 | 02,359,350 | ---- | C] () – C:\g1.bmp [2010-01-26 21:28:45 | 02,955,318 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Moje dokumenty\G.bmp [2010-01-25 19:08:10 | 00,022,016 | ---- | C] () – C:\WINDOWS\System32\ovjp.fbo [2010-01-23 01:03:14 | 00,000,004 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Dane aplikacji\wiaserva.log [2010-01-22 23:44:56 | 00,036,670 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\tbp.jpeg [2010-01-22 23:44:45 | 00,026,080 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\ln.jpeg [2010-01-22 23:43:37 | 00,062,233 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\p1.jpeg [2010-01-22 23:36:25 | 00,046,429 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\seven2.jpeg [2010-01-22 23:36:21 | 00,043,217 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\seven1.jpeg [2010-01-22 23:18:02 | 00,057,612 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\aa3.jpeg [2010-01-22 23:17:54 | 00,054,567 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\aa2.jpeg [2010-01-22 23:17:48 | 00,029,829 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\aa1.jpeg [2010-01-22 23:13:24 | 00,065,418 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\m1.jpeg [2010-01-19 18:21:21 | 00,052,003 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\j3.jpeg [2010-01-19 18:13:05 | 00,087,623 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\gj2.jpeg [2010-01-19 18:07:27 | 00,041,135 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\j.jpeg [2010-01-19 18:05:09 | 00,047,962 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\jgim.jpeg [2010-01-18 16:01:08 | 00,083,136 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\i3.jpeg [2010-01-18 16:01:02 | 00,035,848 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\i2.jpeg [2010-01-18 16:00:58 | 00,041,129 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\i1.jpeg [2010-01-16 22:49:41 | 00,094,620 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\z2.jpeg [2010-01-16 22:49:30 | 00,064,129 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\z1.jpeg [2010-01-16 22:45:59 | 00,052,060 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\f.jpeg [2010-01-16 20:44:23 | 00,043,858 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\a2.jpeg [2010-01-16 20:44:13 | 00,046,573 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\a1.jpeg [2010-01-16 20:41:58 | 00,053,384 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\d3.jpeg [2010-01-16 20:41:52 | 00,020,520 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\d2.jpeg [2010-01-16 20:41:47 | 00,021,659 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\d1.jpeg [2010-01-15 19:57:38 | 00,081,770 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\Fw.JPG [2010-01-15 19:42:51 | 00,045,649 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\GL.JPG [2010-01-13 08:38:25 | 00,108,439 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\br.jpg [2010-01-12 15:48:10 | 00,017,644 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\Kontakty_11064979.xml [2010-01-10 21:27:46 | 05,435,237 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\AVC620603.rar [2010-01-10 21:18:29 | 00,000,930 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Allok 3GP PSP MP4 iPod Video Converter.lnk [2010-01-10 21:18:28 | 00,129,024 | ---- | C] () – C:\WINDOWS\System32\AVERM.dll [2010-01-10 21:18:28 | 00,028,672 | ---- | C] () – C:\WINDOWS\System32\AVEQT.dll [2010-01-10 21:15:52 | 00,000,786 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\MobileVideo For 3GP.lnk [2010-01-10 20:48:55 | 00,000,809 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\MediaCellConverter.lnk [2010-01-10 20:25:39 | 00,000,899 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\SmartMovie Converter.lnk [2010-01-04 14:57:54 | 00,051,447 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Moje dokumenty\f796752c08ef.png [2010-01-03 20:51:00 | 00,430,598 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Moje dokumenty\sp.bmp [2009-12-30 19:56:32 | 00,270,677 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Moje dokumenty\091809161844.jpg [2009-12-30 00:04:57 | 00,000,246 | ---- | C] () – C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2009-12-30 00:03:58 | 00,000,710 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\KMPlayer.lnk [2009-12-28 22:30:51 | 01,932,825 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\Nowy Archiwum WinRAR-a.rar [2009-12-28 22:29:19 | 00,403,664 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\sample.mkv3.jpg [2009-12-28 22:28:20 | 00,473,258 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\sample.mkv2.jpg [2009-12-28 22:28:08 | 00,373,079 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\sample.mkv1.jpg [2009-12-28 22:24:19 | 00,284,853 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\tx.jpg [2009-12-28 22:23:39 | 00,292,148 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\h.jpg [2009-12-28 22:07:51 | 00,049,711 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\t2.JPG [2009-12-28 22:05:00 | 00,056,863 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\t1.JPG [2009-12-28 22:01:53 | 00,000,797 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\SubEdit-Player.lnk [2009-12-28 00:02:21 | 00,014,413 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Pulpit\p.JPG [2009-12-20 14:57:49 | 00,000,421 | ---- | C] () – C:\WINDOWS\ODBC.INI [2009-12-13 14:19:35 | 00,881,664 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll [2009-10-11 13:11:29 | 00,130,048 | ---- | C] () – C:\WINDOWS\System32\xvidvfw.dll [2009-10-11 13:11:26 | 00,207,360 | ---- | C] () – C:\WINDOWS\System32\evrprop.dll [2009-10-11 13:11:22 | 00,258,048 | ---- | C] () – C:\WINDOWS\System32\libFLAC.dll [2009-10-11 13:10:48 | 00,079,360 | ---- | C] () – C:\WINDOWS\System32\mkzlib.dll [2009-10-11 13:08:36 | 00,023,552 | ---- | C] () – C:\WINDOWS\System32\mkunicode.dll [2009-10-11 13:07:46 | 00,219,648 | ---- | C] () – C:\Documents and Settings\Galaktyczny\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-11 10:29:02 | 00,000,069 | ---- | C] () – C:\WINDOWS\NeroDigital.ini [2009-10-11 10:07:24 | 00,000,095 | ---- | C] () – C:\WINDOWS\winamp.ini [2009-10-11 10:00:18 | 00,085,504 | ---- | C] () – C:\WINDOWS\System32\ff_vfw.dll [2009-10-11 10:00:18 | 00,000,547 | ---- | C] () – C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-10-11 09:51:53 | 00,009,867 | ---- | C] () – C:\WINDOWS\System32\drivers\HOTKEY.sys [2009-10-11 09:50:06 | 00,156,672 | ---- | C] () – C:\WINDOWS\System32\RTLCPAPI.dll [2008-12-22 05:59:26 | 00,025,312 | ---- | C] () – C:\WINDOWS\System32\DivXVfWCodec.dll [2008-12-22 05:59:24 | 00,025,312 | ---- | C] () – C:\WINDOWS\System32\SamsungVfWCodec.dll [2008-12-22 05:59:08 | 00,447,200 | ---- | C] () – C:\WINDOWS\System32\OpenQuicktimeLib.dll [2008-12-22 05:52:02 | 00,066,272 | ---- | C] () – C:\WINDOWS\System32\libfaac.dll [2008-08-28 12:19:18 | 00,032,768 | ---- | C] () – C:\WINDOWS\System32\IsDRM.dll [2008-08-28 12:16:00 | 00,544,768 | ---- | C] () – C:\WINDOWS\System32\AudioConverter.dll [2006-03-02 13:00:00 | 00,081,920 | ---- | C] () – C:\WINDOWS\System32\ieencode.dll [2006-03-02 13:00:00 | 00,027,440 | ---- | C] () – C:\WINDOWS\System32\drivers\secdrv.sys ========== Custom Scans ========== < %systemdrive%*.* > [2009-10-11 09:41:16 | 00,000,000 | ---- | M] () – C:\AUTOEXEC.BAT [2009-10-11 09:31:09 | 00,000,211 | -HS- | M] () – C:\boot.ini [2006-03-02 13:00:00 | 00,004,952 | RHS- | M] () – C:\Bootfont.bin [2009-10-11 09:41:16 | 00,000,000 | ---- | M] () – C:\CONFIG.SYS [2010-01-26 21:30:32 | 02,359,350 | ---- | M] () – C:\g1.bmp [2010-01-26 21:30:02 | 00,003,933 | ---- | M] () – C:\hijackthis.log [2009-10-11 09:41:16 | 00,000,000 | RHS- | M] () – C:\IO.SYS [2009-10-11 09:41:16 | 00,000,000 | RHS- | M] () – C:\MSDOS.SYS [2006-03-02 13:00:00 | 00,047,564 | RHS- | M] () – C:\NTDETECT.COM [2006-03-02 13:00:00 | 00,250,624 | RHS- | M] () – C:\ntldr [2010-01-26 21:34:12 | 80,530,6368 | -HS- | M] () – C:\pagefile.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6900017D < End of report >

Gutek · 26 Styczeń 2010 21:42

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052

Uruchom OTL i w oknie Custom Scans/Fixes wklej to:

:Processes Explorer.EXE :OTL O32 - AutoRun File - [2010-01-26 20:09:55 | 00,000,352 | -H-- | M] () - D:\autorun.inf – [NTFS] O33 - MountPoints2{527b28b2-b64e-11de-8b23-806d6172696f}\Shell - “” = AutoRun O33 - MountPoints2{527b28b2-b64e-11de-8b23-806d6172696f}\Shell\open\command - “” = md.exe O33 - MountPoints2{660224aa-d843-11de-b50c-000e354da3be}\Shell\AutoRun\command - “” = opdux.exe O33 - MountPoints2{660224aa-d843-11de-b50c-000e354da3be}\Shell\open\Command - “” = opdux.exe O33 - MountPoints2{b19ab324-b98f-11de-b4b9-000e354da3be}\Shell\AutoRun\command - “” = ph.exe O33 - MountPoints2{b19ab324-b98f-11de-b4b9-000e354da3be}\Shell\open\Command - “” = ph.exe [2009-12-30 00:04:43 | 00,000,000 | —D | C] – C:\Program Files\Ask.com [2010-01-26 22:01:01 | 00,000,246 | ---- | M] () – C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2010-01-26 21:45:06 | 00,001,156 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1993962763-854245398-1004UA.job [2010-01-25 22:45:04 | 00,001,104 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1993962763-854245398-1004Core.job :Files C:\Program Files\Ask.com C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] “SuperHidden”=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] “Hidden”=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] “ShowSuperHidden”=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] “CheckedValue”=dword:00000001 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden] @="" :Commands [emptytemp] [Reboot]

Kliknij w Run Fix. Zatwierdź restart komputera.

Następnie uruchom OTL ponownie, tym razem wywołaj opcję Run Scan.

Pokaż nowy log OTL.txt oraz log z czyszczenia.

Dinamo · 27 Styczeń 2010 17:06

http://www.wklej.org/id/269747/

http://www.wklej.org/hash/a90ab8f1c22/

Dalej mam manager zadań wyłączony - błąd, że został on wyłączony przez Administratora.

Leon1 · 27 Styczeń 2010 17:33

Dla czego obcinasz logi są niekompletne

Log wygląda na czysty

Pobierz CCleaner http://www.filehippo.com/download_ccleaner/

przeskanuj nim i wyczyść rejestr.

zrób optymalizacje uruchamiania

http://cybertrash.netarteria.pl/cyber/i … 378.0.html

W OTL kilknij CleanUp

Wyłącz I włącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl

przeskanuj

Dr.WEB CureIt! http://www.dobreprogramy.pl/DrWEB-CureI … 12976.html

Otwórz notatnik i wklej do niego:

zapisz jako plik.reg >> wszystkie pliki

powstanie plik o takiej ikonie

w który dwa razy klikniesz potwierdzisz chęć dodania do rejestru potem restart

Dinamo · 27 Styczeń 2010 18:39

Zrobiłem i dalej mam zablokowany manager zadań.

Jane_Vicodin · 27 Styczeń 2010 20:43

5. Zablokowany Menadżer urządzeń

otwórz notatnik i wklej

Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID{74246bfc-4c96-11d0-abef-0020af6b0b7a}] @=“Menedżer urządzeń” [HKEY_CLASSES_ROOT\CLSID{74246bfc-4c96-11d0-abef-0020af6b0b7a}\InprocServer32] @=“C:\WINDOWS\system32\devmgr.dll” “ThreadingModel”=“Apartment” [HKEY_CLASSES_ROOT\CLSID{74246bfc-4c96-11d0-abef-0020af6b0b7a}\ProgId] @=“DevMgrSnapin.DevMgrSnapin.1” [HKEY_CLASSES_ROOT\CLSID{74246bfc-4c96-11d0-abef-0020af6b0b7a}\VersionIndependentProgId] @=“DevMgrSnapin.DevMgrSnapin.1” [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{74246bfc-4c96-11d0-abef-0020af6b0b7a}] @=“Menedżer urządzeń” [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{74246bfc-4c96-11d0-abef-0020af6b0b7a}\InprocServer32] @=“C:\WINDOWS\system32\devmgr.dll” “ThreadingModel”=“Apartment” [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{74246bfc-4c96-11d0-abef-0020af6b0b7a}\ProgId] @=“DevMgrSnapin.DevMgrSnapin.1” [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{74246bfc-4c96-11d0-abef-0020af6b0b7a}\VersionIndependentProgId] @=“DevMgrSnapin.DevMgrSnapin.1” [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns{74246bfc-4c96-11d0-abef-0020af6b0b7a}] “NameStringIndirect”="@C:\WINDOWS\System32\devmgr.dll,-5" “NameString”=“Menedżer urządzeń” “Provider”=“Microsoft Corporation” “Version”=“1.0” “About”="{94abaf2a-892a-11d1-bbc4-00a0c90640bf}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns{74246bfc-4c96-11d0-abef-0020af6b0b7a}\StandAlone]

Z menu Notatnika -> Plik -> Zapisz jako -> Zmień rozszerzenie z .txt na wszystkie pliki -> zapisz pod nazwą Fix.reg

Uruchom ten plik, uruchom ponownie komputer

Dinamo · 30 Styczeń 2010 16:25

Zrobiłem wszystko i manager zadań jak był tak jest blokowany.

Leon1 · 30 Styczeń 2010 16:33

Pobierz Silent Runners http://www.searchengines.pl/index.php?s … 5989&st=15 przeskanuj daj log

Dinamo · 7 Luty 2010 11:59

Start -> Uruchom -> regedit

HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Policies/System

klik prawym mychy, tu utwórz nową wartość DWORD o nazwie

DisableTaskMgr o wartości 0.

To zrobiłem i działa

Leon1 · 8 Luty 2010 16:44