x-kom hosting

Zawirusowane pliki

wojtasss
utworzono
utworzono

Witam, kupiłem sobie nowy dysk zewnętrzny i chciałbym na niego przegrać ważne dla mnie pliki, a resztę sformatować. Niestety pliki te są zawirusowane. Czym je przeskanować, żeby po przeniesieniu na nowy dysk były całkowicie czyste ?

MarekM25
komentarz
komentarz

Możesz powiedzieć konkretniej jakie to pliki??

wojtasss
komentarz
komentarz

Głównie zdjęcia

MarekM25
komentarz
komentarz

Może powiem tak jakie wirusy wykrywa i w jakich lokalizacjach?

wojtasss
komentarz
komentarz

Nie wiem jakie wirusy, ponieważ nie mam antywirusa, stąd też moje pytanie - Czym przeskanować pliki by uzyskać pewność, że będą absolutnie wolne od wszelkich wirusów.

jacmiszcz92
komentarz
komentarz
MarekM25
komentarz
komentarz

Jeżeli plików jest mało (znaczy kilka). To przeskanuj je pojedynczo na virustotal, jeżeli dużo to zrób to co mówił poprzednik. Poza tym daj loga z OTListIt2.

wojtasss
komentarz
komentarz

OTL logfile created on: 2009-09-13 11:40:13 - Run 1

OTL by OldTimer - Version 3.0.11.0 Folder = C:\Documents and Settings\Wojtek\Moje dokumenty\Pobieranie

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,38% Memory free

3,85 Gb Paging File | 3,50 Gb Available in Paging File | 90,87% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 29,30 Gb Total Space | 6,89 Gb Free Space | 23,53% Space Free | Partition Type: NTFS

Drive D: | 268,79 Gb Total Space | 78,81 Gb Free Space | 29,32% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: WOJTEK-33544FE6

Current User Name: Wojtek

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2009-05-01 00:30:18 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe

PRC - [2004-08-04 00:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE

PRC - [2006-12-18 15:34:36 | 00,868,352 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe

PRC - [2006-07-13 07:12:26 | 00,729,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

PRC - [2007-02-12 12:23:18 | 01,620,480 | ---- | M] (Nero AG) -- D:\Program Files\Nero 7\InCD\NBHGui.exe

PRC - [2007-02-12 12:19:46 | 01,050,112 | ---- | M] (Nero AG) -- D:\Program Files\Nero 7\InCD\InCD.exe

PRC - [2009-05-14 15:47:08 | 02,029,640 | ---- | M] (ESET) -- D:\Program Files\NOD\egui.exe

PRC - [2009-08-31 18:07:34 | 11,391,592 | ---- | M] (GG Network S.A.) -- D:\Program Files\Nowe Gadu-Gadu\gg.exe

PRC - [2007-09-06 15:08:02 | 00,136,136 | ---- | M] (DT Soft Ltd.) -- D:\Program Files\DAEMON Tools Pro\DTProAgent.exe

PRC - [2009-05-14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- D:\Program Files\NOD\ekrn.exe

PRC - [2007-02-12 12:18:50 | 00,924,160 | ---- | M] (Nero AG) -- D:\Program Files\Nero 7\InCD\InCDsrv.exe

PRC - [2004-08-11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe

PRC - [2009-08-31 16:56:26 | 00,077,824 | ---- | M] () -- D:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe

PRC - [2004-08-04 00:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe

PRC - [2009-09-11 16:37:37 | 00,908,280 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Firefox\firefox.exe

PRC - [2009-02-12 14:22:42 | 03,116,544 | ---- | M] () -- D:\Program Files\Strong DC++\sdc222\StrongDC.exe

PRC - [2009-09-13 11:39:19 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Wojtek\Moje dokumenty\Pobieranie\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

SRV - [2009-05-14 15:54:22 | 00,020,680 | ---- | M] (ESET) -- D:\Program Files\NOD\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])

SRV - [2009-05-14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- D:\Program Files\NOD\ekrn.exe -- (ekrn [Auto | Running])

SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

SRV - [2009-06-17 18:39:26 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9ef6a2faf1046 [Auto | Stopped])

SRV - [2009-06-17 18:38:33 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])

SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])

SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])

SRV - [2007-02-12 12:18:50 | 00,924,160 | ---- | M] (Nero AG) -- D:\Program Files\Nero 7\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])

SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])

SRV - [2007-01-05 13:41:10 | 00,774,144 | ---- | M] (Nero AG) -- D:\Program Files\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])

SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

SRV - [2006-12-23 17:54:04 | 00,262,144 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])

SRV - [2009-05-01 00:30:18 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (nvsvc [Auto | Running])

SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])

SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

SRV - [2004-08-11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2007-01-16 03:09:06 | 00,293,888 | R--- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running])

DRV - [2006-08-07 00:57:30 | 00,093,952 | R--- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\drivers\AEAudio.sys -- (AEAudio [On_Demand | Running])

DRV - [2009-05-14 15:41:10 | 00,114,472 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running])

DRV - [2009-05-14 15:47:14 | 00,107,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys -- (ehdrv [system | Running])

DRV - [2009-05-14 15:49:32 | 00,094,360 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\epfwtdir.sys -- (epfwtdir [system | Running])

DRV - [2009-08-06 22:48:40 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Running])

DRV - [2004-10-27 15:21:36 | 00,138,240 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])

DRV - [2007-02-12 12:14:42 | 00,112,384 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDFs.sys -- (InCDfs [Disabled | Running])

DRV - [2007-02-12 12:17:24 | 00,031,360 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\DRIVERS\InCDPass.sys -- (InCDPass [system | Running])

DRV - [2007-02-12 12:17:40 | 00,033,792 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDRm.sys -- (incdrm [system | Running])

DRV - [2006-02-07 13:52:58 | 00,006,912 | R--- | M] (JMicron ) -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO [boot | Running])

DRV - [2006-10-30 05:31:58 | 00,043,648 | R--- | M] (JMicron Technology Corp.) -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID [boot | Running])

DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])

DRV - [2009-04-30 22:02:00 | 08,055,584 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])

DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])

DRV - [2006-07-27 03:49:10 | 00,083,712 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])

DRV - [2004-07-17 11:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])

DRV - [2006-03-17 11:18:58 | 00,392,960 | R--- | M] (Sensaura) -- C:\WINDOWS\System32\drivers\Senfilt.sys -- (SenFiltService [On_Demand | Running])

DRV - [2009-05-31 19:53:33 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1060284298-879983540-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-21-1060284298-879983540-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\S-1-5-21-1060284298-879983540-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

IE - HKU\S-1-5-21-1060284298-879983540-839522115-1003\S-1-5-21-1060284298-879983540-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1060284298-879983540-839522115-1003\S-1-5-21-1060284298-879983540-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "chrome://fastdial/content/fastdial.html"

FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-03 16:16:53 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: D:\Program Files\Firefox\components [2009-09-11 16:37:40 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: D:\Program Files\Firefox\plugins [2009-09-11 16:37:40 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\NOD\Mozilla Thunderbird

[2009-05-31 19:23:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\mozilla\Extensions

[2009-05-31 19:23:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009-09-12 23:39:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\mozilla\Firefox\Profiles\drtlx5n9.default\extensions

[2009-09-03 21:05:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\mozilla\Firefox\Profiles\drtlx5n9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009-08-09 11:51:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\mozilla\Firefox\Profiles\drtlx5n9.default\extensions\fastdial@telega.phpnet.us

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)

O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Wojtek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Program Files\Adobe Reader\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [egui] D:\Program Files\NOD\egui.exe (ESET)

O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [inCD] D:\Program Files\Nero 7\InCD\InCD.exe (Nero AG)

O4 - HKLM..\Run: [JMB36X Configure] C:\WINDOWS\System32\JMRaidSetup.exe (JMicron Technology Corp.)

O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe ()

O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [securDisc] D:\Program Files\Nero 7\InCD\NBHGui.exe (Nero AG)

O4 - HKLM..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

O4 - HKU\S-1-5-21-1060284298-879983540-839522115-1003..\Run: [ALLUpdate] D:\Program Files\ALLPlayer\ALLUpdate.exe ()

O4 - HKU\S-1-5-21-1060284298-879983540-839522115-1003..\Run: [cdoosoft] C:\DOCUME~1\Wojtek\USTAWI~1\Temp\herss.exe File not found

O4 - HKU\S-1-5-21-1060284298-879983540-839522115-1003..\Run: [DAEMON Tools Pro Agent] D:\Program Files\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd.)

O4 - HKU\S-1-5-21-1060284298-879983540-839522115-1003..\Run: [Nowe Gadu-Gadu] D:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)

O4 - HKU\S-1-5-21-1060284298-879983540-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKU\S-1-5-21-1060284298-879983540-839522115-1003..\Run: [wsctf.exe] File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1060284298-879983540-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1060284298-879983540-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36

O7 - HKU\S-1-5-21-1060284298-879983540-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]

O7 - HKU\S-1-5-21-1060284298-879983540-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()

O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {BB4C402F-882A-4526-8C08-51278EA437C1} - C:\WINDOWS\System32\e8main1.dll File not found

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-05-31 17:12:52 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009-09-10 22:48:46 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2009-09-10 22:48:46 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]

O33 - MountPoints2\{11accfb4-7de2-11de-8ce2-001a92e127b0}\Shell\AutoRun\command - "" = G:\rx.exe -- File not found

O33 - MountPoints2\{11accfb4-7de2-11de-8ce2-001a92e127b0}\Shell\open\Command - "" = G:\rx.exe -- File not found

O33 - MountPoints2\{f8945542-4e04-11de-b664-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{f8945542-4e04-11de-b664-806d6172696f}\Shell\AutoRun\command - "" = E:\Bin\Assetup.exe -- File not found

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]

[2009-09-10 22:48:46 | 00,000,000 | RHSD | C] -- C:\autorun.inf

[2009-09-10 18:21:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Wojtek\Ustawienia lokalne\Dane aplikacji\cache

[2009-09-10 18:20:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel

[2009-08-30 23:12:29 | 05,508,880 | ---- | C] () -- C:\Documents and Settings\Wojtek\Pulpit\Coma - Ostrość na nieskończoność.mp3

[2009-08-29 20:03:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Wojtek\Pulpit\czlowiek legenda

[2009-08-18 18:36:59 | 07,486,154 | ---- | C] () -- C:\Documents and Settings\Wojtek\Pulpit\Audioslave - Be Yourself.mp3

[2009-08-17 00:19:09 | 08,883,798 | ---- | C] () -- C:\Documents and Settings\Wojtek\Pulpit\Marcel Woods - Inside Me (original mix).mp3

[2009-08-15 21:06:38 | 18,485,334 | ---- | C] () -- C:\Documents and Settings\Wojtek\Pulpit\Rank1 - L.E.D. There Be Light (Trance Energy 2009 Anthem).mp3

[2009-08-15 21:06:18 | 19,792,209 | ---- | C] () -- C:\Documents and Settings\Wojtek\Pulpit\Rank 1 - L.E.D. There Be Light (Marcel Woods Remix).mp3

[2009-06-02 17:47:37 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2009-05-31 22:23:39 | 00,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll

[2009-05-31 19:53:33 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2009-05-31 19:12:05 | 00,019,320 | ---- | C] () -- C:\WINDOWS\System32\spmsg.dll

[2009-05-31 18:47:17 | 00,014,682 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini

[2009-05-31 17:19:19 | 00,015,010 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini

[2009-05-31 17:18:56 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys

[2009-05-31 17:18:40 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

[2009-05-01 00:31:06 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2009-05-01 00:31:06 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2009-05-01 00:31:06 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2009-05-01 00:31:06 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2005-10-14 11:56:50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2005-10-14 11:56:50 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll

[2005-10-14 11:56:50 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2005-10-14 11:56:50 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll

[2005-10-14 11:56:50 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll

[2005-10-14 11:56:50 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll

[2005-10-14 11:56:50 | 00,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2005-10-14 11:56:50 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll

[2005-10-14 11:56:48 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll

[2004-07-17 11:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

[2001-07-22 00:16:20 | 00,000,552 | ---- | C] () -- C:\WINDOWS\win.ini

[2001-07-22 00:15:52 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[3 C:\WINDOWS\System32\*.tmp files]

[3 C:\WINDOWS\*.tmp files]

[2009-09-13 11:16:00 | 00,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2009-09-13 10:02:38 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job

[2009-09-13 10:02:28 | 00,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job

[2009-09-13 10:02:05 | 00,229,488 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml

[2009-09-13 10:02:04 | 00,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2009-09-13 10:02:03 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009-09-13 10:02:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009-09-13 03:03:32 | 05,334,094 | -H-- | M] () -- C:\Documents and Settings\Wojtek\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2009-09-13 01:56:17 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2009-09-12 21:48:52 | 00,098,304 | ---- | M] () -- C:\Documents and Settings\Wojtek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-09-12 10:20:05 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009-09-10 18:16:23 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2009-08-30 23:12:39 | 05,508,880 | ---- | M] () -- C:\Documents and Settings\Wojtek\Pulpit\Coma - Ostrość na nieskończoność.mp3

[2009-08-30 08:28:12 | 00,068,880 | ---- | M] () -- C:\Documents and Settings\Wojtek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[2009-08-28 23:38:20 | 24,689,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[2009-08-19 21:58:49 | 07,486,154 | ---- | M] () -- C:\Documents and Settings\Wojtek\Pulpit\Audioslave - Be Yourself.mp3

[2009-08-18 09:02:45 | 18,485,334 | ---- | M] () -- C:\Documents and Settings\Wojtek\Pulpit\Rank1 - L.E.D. There Be Light (Trance Energy 2009 Anthem).mp3

[2009-08-17 22:03:53 | 19,792,209 | ---- | M] () -- C:\Documents and Settings\Wojtek\Pulpit\Rank 1 - L.E.D. There Be Light (Marcel Woods Remix).mp3

[2009-08-17 08:26:11 | 08,883,798 | ---- | M] () -- C:\Documents and Settings\Wojtek\Pulpit\Marcel Woods - Inside Me (original mix).mp3

========== LOP Check ==========

[2009-08-04 21:51:15 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji

[2009-06-03 14:30:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters

[2009-05-31 19:57:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite

[2009-06-02 16:50:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Pro

[2009-07-27 20:29:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET

[2009-06-23 18:46:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM

[2009-05-31 19:04:24 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji

[2009-05-31 17:16:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji

[2009-05-31 17:15:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji

[2009-08-06 22:49:20 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji

[2009-06-02 17:46:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\Ahead

[2009-07-04 17:18:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\BESTplayer

[2009-06-01 09:31:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\DAEMON Tools

[2009-05-31 19:59:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\DAEMON Tools Lite

[2009-06-02 16:49:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\DAEMON Tools Pro

[2009-08-06 23:24:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\Hamachi

[2009-06-07 13:21:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\Nowe Gadu-Gadu

[2009-06-24 14:12:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\Offline Explorer

[2009-06-23 18:28:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Wojtek\Dane aplikacji\OpenFM

[2001-07-22 00:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini

[2009-09-13 10:02:28 | 00,000,972 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job

[2009-09-13 10:02:04 | 00,001,032 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

[2009-09-13 11:16:00 | 00,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

[2009-09-13 10:02:03 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[2009-09-13 10:02:38 | 00,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========

< End of report >

I co z tym log'iem ? W porządku ?

MarekM25
komentarz
komentarz

Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt:

:OTLPRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)O32 - AutoRun File - [2009-09-10 22:48:46 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-09-10 22:48:46 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]O33 - MountPoints2\{11accfb4-7de2-11de-8ce2-001a92e127b0}\Shell\AutoRun\command - "" = G:\rx.exe -- File not foundO33 - MountPoints2\{11accfb4-7de2-11de-8ce2-001a92e127b0}\Shell\open\Command - "" = G:\rx.exe -- File not foundO33 - MountPoints2\{f8945542-4e04-11de-b664-806d6172696f}\Shell - "" = AutoRunO33 - MountPoints2\{f8945542-4e04-11de-b664-806d6172696f}\Shell\AutoRun\command - "" = E:\Bin\Assetup.exe -- File not found:Commands[emptytemp][start explorer][Reboot]

Kliknij w Run Fix. Zatwierdź restart komputera.

+Przeskanuj komputer Dr web CureIT

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.