x-kom hosting

lsass.exe lub Isass.exe

dawgot
utworzono
utworzono (edytowane)

Mam problem, od rana wyskakuje mi od avasta taki komunikat: [img]http://images45.fotosik.pl/297/75f9338fc6ce2a55.jpg[/img] Musze dodać że od kilku dni mam wolniejszy internet. Używam Windowsa 7

[color="#ff0000"]//przenoszę do subforum Logi do sprawdzenia
//raaz
//dan[/color]

Sohei
komentarz
komentarz

zestaw logow OTL, RSIT oraz GMER

dawgot
komentarz
komentarz

Czyli? Nie za bardzo się znam.

Musze dodać że słysze z głośników jakieś głosy o.o. Przed chwila ktos mnie zapytal po angielsku jak mam na imie... Zadnych filmow nie mam wlaczonych ani gier itp

Zalaczam log z OTL

Sohei
komentarz
komentarz (edytowane)

Jest tutaj bardzo poważna infekcja.
Zobaczymy czy OTL sobie poradzi

Do OTL w Białe okienko wklej
[code]:Processes
Explorer.exe

:OTL

PRC - [2010-05-22 14:00:10 | 000,292,352 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Temp\svchosty.exe
PRC - [2010-05-22 08:13:47 | 000,169,472 | ---- | M] (Ryddcf) -- C:\Users\dawgot\AppData\Local\Temp\xgoawwy.exe
PRC - [2010-05-22 08:13:34 | 000,294,912 | ---- | M] () -- C:\Windows\svc.exe
PRC - [2010-05-18 19:08:37 | 000,186,880 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Temp\Opt.exe
PRC - [2010-05-18 19:08:23 | 000,185,344 | ---- | M] () -- C:\Windows\Ohoxuk.exe

O4 - HKLM..\Run: [C:\Users\dawgot\AppData\Local\Temp\opeC8F3.exe ] C:\Users\dawgot\AppData\Local\Temp\opeC8F3.exe ()
O4 - HKLM..\Run: [lsass] C:\Windows\lsass.exe File not found
O4 - HKLM..\Run: [netc] C:\Windows\svc.exe ()
O4 - HKLM..\Run: [Regedit32] C:\Users\dawgot\AppData\Local\Temp\xgoawwy.exe (Ryddcf)
[2010-05-22 14:21:23 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempCj3880.html
[2010-05-22 14:21:23 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempUV3880.html
[2010-05-22 14:20:35 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempNj1484.html
[2010-05-22 14:20:35 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempsd1484.html
[2010-05-22 08:13:34 | 000,294,912 | ---- | M] () -- C:\Windows\svc.exe
[2010-05-22 07:42:37 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempOw1468.html
[2010-05-21 20:30:59 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempIk1480.html
[2010-05-21 15:56:25 | 000,000,627 | ---- | M] () -- C:\Users\dawgot\Desktop\World Of Warcraft.lnk
[2010-05-21 14:46:20 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempRs1476.html
[2010-05-21 14:46:20 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempQY1476.html
[2010-05-21 10:19:02 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempVO1476.html
[2010-05-21 10:19:02 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempBc1476.html
[2010-05-20 14:50:16 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempsl1456.html
[2010-05-19 20:05:55 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempvf1468.html
[2010-05-19 19:55:46 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\NeoKwinto.lnk
[2010-05-19 17:21:08 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempex1472.html
[2010-05-19 17:21:08 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempKD1472.html
[2010-05-19 16:56:30 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempIh1460.html
[2010-05-19 16:56:30 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempRm1460.html
[2010-05-19 16:10:48 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempGr1620.html
[2010-05-19 16:10:48 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempuS1620.html
[2010-05-19 14:55:13 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempuV1496.html
[2010-05-18 19:13:36 | 000,185,344 | ---- | M] () -- C:\Windows\Ohoxuc.exe
[2010-05-18 19:08:23 | 000,185,344 | ---- | M] () -- C:\Windows\Ohoxuk.exe
[2010-05-18 19:08:23 | 000,185,344 | ---- | M] () -- C:\Windows\Ohoxuj.exe
[2010-05-18 19:08:23 | 000,185,344 | ---- | M] () -- C:\Windows\Ohoxui.exe
[2010-05-18 19:08:23 | 000,185,344 | ---- | M] () -- C:\Windows\Ohoxuh.exe
[2010-05-18 19:08:23 | 000,185,344 | ---- | M] () -- C:\Windows\Ohoxug.exe
[2010-05-18 19:08:23 | 000,185,344 | ---- | M] () -- C:\Windows\Ohoxuf.exe
[2010-05-18 19:08:23 | 000,185,344 | ---- | M] () -- C:\Windows\Ohoxue.exe
[2010-05-18 19:08:23 | 000,185,344 | ---- | M] () -- C:\Windows\Ohoxud.exe
[2010-05-18 19:08:23 | 000,185,344 | ---- | M] () -- C:\Windows\Ohoxub.exe
[2010-05-18 19:08:23 | 000,185,344 | ---- | M] () -- C:\Windows\Ohoxua.exe
[2010-05-18 19:07:18 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Temprz1260.html
[2010-05-18 19:07:18 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempLw1260.html
[2010-05-18 19:06:30 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempCM1468.html
[2010-05-18 19:06:30 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempPg1468.html
[2010-05-18 19:08:11 | 000,218,112 | ---- | M] () -- C:\Windows\SysWow64\sshnas21.dll
[2010-05-18 19:06:30 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempCM1468.html
[2010-05-18 19:06:30 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempPg1468.html
[2010-05-17 15:35:27 | 000,000,478 | ---- | M] () -- C:\Users\Public\Desktop\Just Cause.lnk
[2010-05-17 15:02:27 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempox4428.html
[2010-05-17 15:02:27 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempZE4428.html
[2010-05-17 08:43:13 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempeE1468.html
[2010-05-17 08:43:13 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempIR1468.html
[2010-05-16 18:57:05 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempJS1688.html
[2010-05-16 18:57:05 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempwF1688.html
[2010-05-16 12:00:04 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempOP1424.html
[2010-05-16 12:00:04 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempNL1424.html
[2010-05-16 10:50:03 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempVM4660.html
[2010-05-16 10:50:03 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempLG4660.html
[2010-05-16 07:07:09 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempDh1440.html
[2010-05-16 07:07:09 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempme1440.html
[2010-05-15 15:12:31 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempad1468.html
[2010-05-15 15:12:31 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TemplS1468.html
[2010-05-14 19:30:33 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempTa1468.html
[2010-05-14 19:30:33 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempqT1468.html
[2010-05-14 19:19:18 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Temphw1468.html
[2010-05-14 19:19:18 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempyY1468.html
[2010-05-14 16:29:48 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempUM1460.html
[2010-05-14 16:29:48 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempKa1460.html
[2010-05-14 09:19:07 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempDY1432.html
[2010-05-14 09:19:07 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TemphQ1432.html
[2010-05-13 20:54:33 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempFK2576.html
[2010-05-13 20:54:33 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempZk2576.html
[2010-05-13 20:39:43 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TemppE1512.html
[2010-05-13 20:39:43 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempTE1512.html
[2010-05-13 20:05:42 | 000,002,008 | ---- | M] () -- C:\Users\dawgot\Documents\fffffffffffffff.sfk

[2010-05-13 19:24:56 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempRr4484.html
[2010-05-13 19:24:56 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempBx4484.html
[2010-05-13 19:19:05 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempBi1464.html
[2010-05-13 19:19:05 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempop1464.html
[2010-05-12 18:24:59 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempEq1432.html
[2010-05-12 18:24:59 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempyf1432.html
[2010-05-10 21:31:31 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempwl3276.html
[2010-05-10 21:31:31 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Templj3276.html
[2010-05-10 09:30:41 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempmY1468.html
[2010-05-10 09:30:41 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempyU1468.html
[2010-05-09 08:11:25 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempuB1456.html
[2010-05-09 08:11:25 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempOw1456.html
[2010-05-08 11:58:01 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempWh1452.html
[2010-05-08 11:58:01 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempky1452.html
[2010-05-07 19:26:30 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempau1468.html
[2010-05-07 19:26:30 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempfE1468.html
[2010-05-07 18:57:16 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempqn1464.html
[2010-05-07 18:57:16 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempFn1464.html
[2010-05-07 15:18:37 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempQr1444.html
[2010-05-07 15:18:37 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempGQ1444.html
[2010-05-06 14:36:03 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempny1476.html
[2010-05-06 14:36:03 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempSV1476.html
[2010-05-05 13:59:49 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempzc1464.html
[2010-05-05 13:59:49 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempxh1464.html
[2010-05-05 13:00:00 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempfr1476.html
[2010-05-05 13:00:00 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempio1476.html
[2010-05-05 09:30:11 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempOI1472.html
[2010-05-05 09:30:11 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempft1472.html
[2010-05-04 18:08:17 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempBr1488.html
[2010-05-04 18:08:17 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempkz1488.html
[2010-05-04 18:05:28 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempZF1464.html
[2010-05-04 18:05:28 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempqt1464.html
[2010-05-04 15:40:12 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempsJ1532.html
[2010-05-04 15:40:12 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempTo1532.html
[2010-05-04 15:37:02 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempsX1556.html
[2010-05-04 15:37:02 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempof1556.html
[2010-05-03 18:30:50 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempzy1544.html
[2010-05-03 18:30:50 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempqt1544.html
[2010-05-03 18:00:23 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempsR1548.html
[2010-05-03 18:00:23 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempJT1548.html
[2010-05-03 17:26:52 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TemptU1536.html
[2010-05-03 17:26:52 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempzE1536.html
[2010-05-03 11:00:56 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempQi1548.html
[2010-05-03 11:00:56 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempOD1548.html
[2010-05-03 07:15:55 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempDm1544.html
[2010-05-03 07:15:55 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempum1544.html
[2010-05-02 20:43:58 | 000,011,448 | ---- | M] () -- C:\Users\dawgot\Desktop\test.htm
[2010-05-02 12:55:52 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempwS1536.html
[2010-05-02 12:55:52 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Templf1536.html
[2010-05-02 12:41:29 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempAn1532.html
[2010-05-02 12:41:29 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempNN1532.html
[2010-05-02 09:19:33 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempuk1556.html
[2010-05-02 09:19:33 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempGw1556.html
[2010-05-01 19:31:57 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempGD1556.html
[2010-05-01 19:31:57 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempxO1556.html
[2010-05-01 10:48:56 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempLD1568.html
[2010-05-01 10:48:56 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempfj1568.html
[2010-05-01 10:30:03 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempgD1572.html
[2010-05-01 10:30:03 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempBd1572.html
[2010-05-01 09:39:10 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempQa1552.html
[2010-05-01 09:39:10 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Temppk1552.html
[2010-05-01 07:42:53 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempDK3984.html
[2010-05-01 07:42:53 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempWB3984.html
[2010-04-30 21:14:58 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempHhA284.html
[2010-04-30 21:14:58 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempoqp284.html
[2010-04-30 17:20:10 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempVO1564.html
[2010-04-30 17:20:10 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempBe1564.html
[2010-04-30 16:54:48 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempVP1552.html
[2010-04-30 16:54:48 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempeo1552.html
[2010-04-30 16:12:17 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Temppe1556.html
[2010-04-30 16:12:17 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempNB1556.html
[2010-04-29 14:19:59 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempUp1528.html
[2010-04-29 14:19:59 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempcF1528.html
[2010-04-29 12:03:58 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Temppd1548.html
[2010-04-29 12:03:58 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempRR1548.html
[2010-04-28 19:02:36 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempdz1536.html
[2010-04-28 19:02:36 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TemptK1536.html
[2010-04-28 18:13:26 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempWY1556.html
[2010-04-28 18:13:26 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempfX1556.html
[2010-04-28 08:42:30 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempmu1484.html
[2010-04-28 08:42:30 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempOx1484.html
[2010-04-27 20:23:03 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempRH1464.html
[2010-04-27 20:23:03 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempsy1464.html
[2010-04-27 20:01:29 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempcX2804.html
[2010-04-27 20:01:29 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempIS2804.html
[2010-04-27 19:07:19 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempfh1456.html
[2010-04-27 19:07:19 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempzT1456.html
[2010-04-27 18:04:18 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempKa3056.html
[2010-04-27 18:04:18 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempgT3056.html
[2010-04-27 17:30:16 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempYa1728.html
[2010-04-27 17:30:16 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TemphX1728.html
[2010-04-27 16:38:46 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempmV2220.html
[2010-04-27 16:38:46 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempYR2220.html
[2010-04-27 16:06:14 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempFT2092.html
[2010-04-27 16:06:14 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempoA2092.html
[2010-04-27 15:24:43 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempnzc604.html
[2010-04-27 15:24:43 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TemplOJ604.html
[2010-04-27 15:17:49 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Temprgy352.html
[2010-04-27 15:17:49 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempozy352.html
[2010-04-27 14:06:23 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Temphy2644.html
[2010-04-27 14:06:23 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempxN2644.html
[2010-04-27 11:59:47 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempUGF376.html
[2010-04-27 11:59:47 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempHUp376.html
[2010-04-27 09:09:31 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempSp2856.html
[2010-04-27 09:09:31 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempLM2856.html
[2010-04-26 18:54:02 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempat2852.html
[2010-04-26 18:54:02 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempuW2852.html
[2010-04-26 17:46:47 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempSj2916.html
[2010-04-26 17:46:47 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempQl2916.html
[2010-04-26 17:34:15 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempkf2900.html
[2010-04-26 17:34:15 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempad2900.html
[2010-04-26 16:28:20 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempCx3256.html
[2010-04-26 16:28:20 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempDi3256.html
[2010-04-26 14:37:36 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempRw1116.html
[2010-04-26 14:37:36 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempdt1116.html
[2010-04-26 08:54:44 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempbn3020.html
[2010-04-26 08:54:44 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempIV3020.html
[2010-04-25 19:26:41 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempfi3008.html
[2010-04-25 19:26:41 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempmJ3008.html
[2010-04-25 19:15:29 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempRy3960.html
[2010-04-25 19:15:29 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempbp3960.html
[2010-04-25 07:44:59 | 000,000,000 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Temppf2924.html
[2010-04-25 07:44:59 | 000,000,000 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempIH2924.html
[2010-04-24 19:52:46 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempBu2764.html
[2010-04-24 19:52:46 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempwB2764.html
[2010-04-24 19:21:54 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempTL2808.html
[2010-04-24 19:21:54 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempRR2808.html
[2010-04-24 18:59:43 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempzP2876.html
[2010-04-24 18:59:43 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempBQ2876.html
[2010-04-24 18:30:53 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempYG3000.html
[2010-04-24 18:30:53 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempKS3000.html
[2010-04-24 14:02:59 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempPa1236.html
[2010-04-24 14:02:59 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempfr1236.html
[2010-04-24 12:04:23 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TemphF2748.html
[2010-04-24 12:04:23 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempqg2748.html
[2010-04-24 11:44:44 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempxh1912.html
[2010-04-24 11:44:44 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempkF1912.html
[2010-04-24 11:26:36 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempSB2984.html
[2010-04-24 11:26:36 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempuE2984.html
[2010-04-24 10:58:47 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempnl2900.html
[2010-04-24 10:58:47 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempFb2900.html
[2010-04-24 10:40:36 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempnL3436.html
[2010-04-24 10:40:36 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempfL3436.html
[2010-04-24 10:01:53 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempCs2820.html
[2010-04-24 10:01:53 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempjC2820.html
[2010-04-24 09:13:45 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempBQ2700.html
[2010-04-24 09:13:45 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempQs2700.html
[2010-04-24 09:07:28 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempkV2908.html
[2010-04-24 09:07:28 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempCV2908.html
[2010-04-24 08:56:54 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempdO2676.html
[2010-04-24 08:56:54 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempWw2676.html
[2010-04-24 06:57:01 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempxc2820.html
[2010-04-24 06:57:01 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempJQ2820.html
[2010-04-23 20:34:25 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempaN2980.html
[2010-04-23 20:34:25 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempuR2980.html
[2010-04-23 19:46:12 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempUg2488.html
[2010-04-23 19:46:12 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempWE2488.html
[2010-04-23 19:40:51 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempIK2788.html
[2010-04-23 19:40:51 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempky2788.html
[2010-04-23 17:06:47 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempsg2620.html
[2010-04-23 17:06:47 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempBn2620.html
[2010-04-23 17:02:15 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempTW2724.html
[2010-04-23 17:02:15 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempOX2724.html
[2010-04-23 16:15:36 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempts1908.html
[2010-04-23 16:15:36 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempTj1908.html
[2010-04-23 15:44:49 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempVj3048.html
[2010-04-23 15:44:49 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempII3048.html
[2010-04-23 14:12:44 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempyy1196.html
[2010-04-23 14:12:44 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\TempJh1196.html
[2010-04-22 21:29:41 | 000,002,432 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempol1376.html
[2010-04-22 21:29:41 | 000,002,089 | ---- | M] () -- C:\Users\dawgot\AppData\Local\Tempjg1376.html
[2010-05-13 20:05:26 | 000,028,056 | ---- | M] () -- C:\Users\dawgot\Documents\eeeeeeeeeeeee.sfk
[2010-05-13 20:05:26 | 000,009,000 | ---- | M] () -- C:\Users\dawgot\Documents\vfgnrh.sfk
[2010-05-13 20:01:49 | 000,011,912 | ---- | M] () -- C:\Users\dawgot\Documents\dddddddddd.sfk

:files
C:\Windows\lsass.exe
C:\Users\dawgot\AppData\Local\Temp\opeC8F3.exe
C:\Windows\svc.exe
C:\Users\dawgot\AppData\Local\Temp\xgoawwy.exe
C:\Users\dawgot\AppData\Local\Temp\svchosty.exe

:Commands
[emptytemp]
[reboot]
[/code]

I kliknij run fix. Rozpocznie sie usuwanie i komputer sie uruchomi ponownie. Potem wyswietli sie log z usuwania wklej go na forum + nowy log z OTL

Do tego Wciąż czekam na logi z RSIT oraz GMER. W GMER zakladka rootki/malware wciskasz skan potem kopiujesz zawartosc i wklejasz mi na forum!!

dawgot
komentarz
komentarz

Nie mogę w gmer zeskanowac, mam tylko Szukaj a jak to klikam to pisze ze jest to uzywanie przez inny proces. W RSIT wyskakuje błąd

Sohei
komentarz
komentarz

WYkonaj polecnia z poprzedzniego psota wklej to do OTL i kliknij run fix.!

dawgot
komentarz
komentarz (edytowane)

Jak klikam run fix to pisze ze program przestal dzialac a potem restartuje komputer ;/

EDIT

Już działa, zaraz dodam plik

Sohei
komentarz
komentarz

jak dziala otl prosze nie wykonowywac zadynch operacji na komputerze

dawgot
komentarz
komentarz

Dodaje to co mi wyskoczylo po restarcie
[code]All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
No active process named svchosty.exe was found!
No active process named xgoawwy.exe was found!
No active process named svc.exe was found!
No active process named Opt.exe was found!
No active process named Ohoxuk.exe was found!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\C:\Users\dawgot\AppData\Local\Temp\opeC8F3.exe not found.
File C:\Users\dawgot\AppData\Local\Temp\opeC8F3.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\lsass not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\netc not found.
File C:\Windows\svc.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 not found.
File C:\Users\dawgot\AppData\Local\Temp\xgoawwy.exe not found.
File C:\Users\dawgot\AppData\Local\TempCj3880.html not found.
File C:\Users\dawgot\AppData\Local\TempUV3880.html not found.
File C:\Users\dawgot\AppData\Local\TempNj1484.html not found.
File C:\Users\dawgot\AppData\Local\Tempsd1484.html not found.
File C:\Windows\svc.exe not found.
File C:\Users\dawgot\AppData\Local\TempOw1468.html not found.
File C:\Users\dawgot\AppData\Local\TempIk1480.html not found.
C:\Users\dawgot\Desktop\World Of Warcraft.lnk moved successfully.
C:\Users\dawgot\AppData\Local\TempRs1476.html moved successfully.
C:\Users\dawgot\AppData\Local\TempQY1476.html moved successfully.
C:\Users\dawgot\AppData\Local\TempVO1476.html moved successfully.
C:\Users\dawgot\AppData\Local\TempBc1476.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempsl1456.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempvf1468.html moved successfully.
C:\Users\Public\Desktop\NeoKwinto.lnk moved successfully.
C:\Users\dawgot\AppData\Local\Tempex1472.html moved successfully.
C:\Users\dawgot\AppData\Local\TempKD1472.html moved successfully.
C:\Users\dawgot\AppData\Local\TempIh1460.html moved successfully.
C:\Users\dawgot\AppData\Local\TempRm1460.html moved successfully.
C:\Users\dawgot\AppData\Local\TempGr1620.html moved successfully.
C:\Users\dawgot\AppData\Local\TempuS1620.html moved successfully.
C:\Users\dawgot\AppData\Local\TempuV1496.html moved successfully.
C:\Windows\Ohoxuc.exe moved successfully.
C:\Windows\Ohoxuk.exe moved successfully.
C:\Windows\Ohoxuj.exe moved successfully.
C:\Windows\Ohoxui.exe moved successfully.
C:\Windows\Ohoxuh.exe moved successfully.
C:\Windows\Ohoxug.exe moved successfully.
C:\Windows\Ohoxuf.exe moved successfully.
C:\Windows\Ohoxue.exe moved successfully.
C:\Windows\Ohoxud.exe moved successfully.
C:\Windows\Ohoxub.exe moved successfully.
C:\Windows\Ohoxua.exe moved successfully.
C:\Users\dawgot\AppData\Local\Temprz1260.html moved successfully.
C:\Users\dawgot\AppData\Local\TempLw1260.html moved successfully.
C:\Users\dawgot\AppData\Local\TempCM1468.html moved successfully.
C:\Users\dawgot\AppData\Local\TempPg1468.html moved successfully.
C:\Windows\SysWOW64\sshnas21.dll moved successfully.
File C:\Users\dawgot\AppData\Local\TempCM1468.html not found.
File C:\Users\dawgot\AppData\Local\TempPg1468.html not found.
C:\Users\Public\Desktop\Just Cause.lnk moved successfully.
C:\Users\dawgot\AppData\Local\Tempox4428.html moved successfully.
C:\Users\dawgot\AppData\Local\TempZE4428.html moved successfully.
C:\Users\dawgot\AppData\Local\TempeE1468.html moved successfully.
C:\Users\dawgot\AppData\Local\TempIR1468.html moved successfully.
C:\Users\dawgot\AppData\Local\TempJS1688.html moved successfully.
C:\Users\dawgot\AppData\Local\TempwF1688.html moved successfully.
C:\Users\dawgot\AppData\Local\TempOP1424.html moved successfully.
C:\Users\dawgot\AppData\Local\TempNL1424.html moved successfully.
C:\Users\dawgot\AppData\Local\TempVM4660.html moved successfully.
C:\Users\dawgot\AppData\Local\TempLG4660.html moved successfully.
C:\Users\dawgot\AppData\Local\TempDh1440.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempme1440.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempad1468.html moved successfully.
C:\Users\dawgot\AppData\Local\TemplS1468.html moved successfully.
C:\Users\dawgot\AppData\Local\TempTa1468.html moved successfully.
C:\Users\dawgot\AppData\Local\TempqT1468.html moved successfully.
C:\Users\dawgot\AppData\Local\Temphw1468.html moved successfully.
C:\Users\dawgot\AppData\Local\TempyY1468.html moved successfully.
C:\Users\dawgot\AppData\Local\TempUM1460.html moved successfully.
C:\Users\dawgot\AppData\Local\TempKa1460.html moved successfully.
C:\Users\dawgot\AppData\Local\TempDY1432.html moved successfully.
C:\Users\dawgot\AppData\Local\TemphQ1432.html moved successfully.
C:\Users\dawgot\AppData\Local\TempFK2576.html moved successfully.
C:\Users\dawgot\AppData\Local\TempZk2576.html moved successfully.
C:\Users\dawgot\AppData\Local\TemppE1512.html moved successfully.
C:\Users\dawgot\AppData\Local\TempTE1512.html moved successfully.
C:\Users\dawgot\Documents\fffffffffffffff.sfk moved successfully.
C:\Users\dawgot\AppData\Local\TempRr4484.html moved successfully.
C:\Users\dawgot\AppData\Local\TempBx4484.html moved successfully.
C:\Users\dawgot\AppData\Local\TempBi1464.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempop1464.html moved successfully.
C:\Users\dawgot\AppData\Local\TempEq1432.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempyf1432.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempwl3276.html moved successfully.
C:\Users\dawgot\AppData\Local\Templj3276.html moved successfully.
C:\Users\dawgot\AppData\Local\TempmY1468.html moved successfully.
C:\Users\dawgot\AppData\Local\TempyU1468.html moved successfully.
C:\Users\dawgot\AppData\Local\TempuB1456.html moved successfully.
C:\Users\dawgot\AppData\Local\TempOw1456.html moved successfully.
C:\Users\dawgot\AppData\Local\TempWh1452.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempky1452.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempau1468.html moved successfully.
C:\Users\dawgot\AppData\Local\TempfE1468.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempqn1464.html moved successfully.
C:\Users\dawgot\AppData\Local\TempFn1464.html moved successfully.
C:\Users\dawgot\AppData\Local\TempQr1444.html moved successfully.
C:\Users\dawgot\AppData\Local\TempGQ1444.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempny1476.html moved successfully.
C:\Users\dawgot\AppData\Local\TempSV1476.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempzc1464.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempxh1464.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempfr1476.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempio1476.html moved successfully.
C:\Users\dawgot\AppData\Local\TempOI1472.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempft1472.html moved successfully.
C:\Users\dawgot\AppData\Local\TempBr1488.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempkz1488.html moved successfully.
C:\Users\dawgot\AppData\Local\TempZF1464.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempqt1464.html moved successfully.
C:\Users\dawgot\AppData\Local\TempsJ1532.html moved successfully.
C:\Users\dawgot\AppData\Local\TempTo1532.html moved successfully.
C:\Users\dawgot\AppData\Local\TempsX1556.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempof1556.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempzy1544.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempqt1544.html moved successfully.
C:\Users\dawgot\AppData\Local\TempsR1548.html moved successfully.
C:\Users\dawgot\AppData\Local\TempJT1548.html moved successfully.
C:\Users\dawgot\AppData\Local\TemptU1536.html moved successfully.
C:\Users\dawgot\AppData\Local\TempzE1536.html moved successfully.
C:\Users\dawgot\AppData\Local\TempQi1548.html moved successfully.
C:\Users\dawgot\AppData\Local\TempOD1548.html moved successfully.
C:\Users\dawgot\AppData\Local\TempDm1544.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempum1544.html moved successfully.
C:\Users\dawgot\Desktop\test.htm moved successfully.
C:\Users\dawgot\AppData\Local\TempwS1536.html moved successfully.
C:\Users\dawgot\AppData\Local\Templf1536.html moved successfully.
C:\Users\dawgot\AppData\Local\TempAn1532.html moved successfully.
C:\Users\dawgot\AppData\Local\TempNN1532.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempuk1556.html moved successfully.
C:\Users\dawgot\AppData\Local\TempGw1556.html moved successfully.
C:\Users\dawgot\AppData\Local\TempGD1556.html moved successfully.
C:\Users\dawgot\AppData\Local\TempxO1556.html moved successfully.
C:\Users\dawgot\AppData\Local\TempLD1568.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempfj1568.html moved successfully.
C:\Users\dawgot\AppData\Local\TempgD1572.html moved successfully.
C:\Users\dawgot\AppData\Local\TempBd1572.html moved successfully.
C:\Users\dawgot\AppData\Local\TempQa1552.html moved successfully.
C:\Users\dawgot\AppData\Local\Temppk1552.html moved successfully.
C:\Users\dawgot\AppData\Local\TempDK3984.html moved successfully.
C:\Users\dawgot\AppData\Local\TempWB3984.html moved successfully.
C:\Users\dawgot\AppData\Local\TempHhA284.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempoqp284.html moved successfully.
C:\Users\dawgot\AppData\Local\TempVO1564.html moved successfully.
C:\Users\dawgot\AppData\Local\TempBe1564.html moved successfully.
C:\Users\dawgot\AppData\Local\TempVP1552.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempeo1552.html moved successfully.
C:\Users\dawgot\AppData\Local\Temppe1556.html moved successfully.
C:\Users\dawgot\AppData\Local\TempNB1556.html moved successfully.
C:\Users\dawgot\AppData\Local\TempUp1528.html moved successfully.
C:\Users\dawgot\AppData\Local\TempcF1528.html moved successfully.
C:\Users\dawgot\AppData\Local\Temppd1548.html moved successfully.
C:\Users\dawgot\AppData\Local\TempRR1548.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempdz1536.html moved successfully.
C:\Users\dawgot\AppData\Local\TemptK1536.html moved successfully.
C:\Users\dawgot\AppData\Local\TempWY1556.html moved successfully.
C:\Users\dawgot\AppData\Local\TempfX1556.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempmu1484.html moved successfully.
C:\Users\dawgot\AppData\Local\TempOx1484.html moved successfully.
C:\Users\dawgot\AppData\Local\TempRH1464.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempsy1464.html moved successfully.
C:\Users\dawgot\AppData\Local\TempcX2804.html moved successfully.
C:\Users\dawgot\AppData\Local\TempIS2804.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempfh1456.html moved successfully.
C:\Users\dawgot\AppData\Local\TempzT1456.html moved successfully.
C:\Users\dawgot\AppData\Local\TempKa3056.html moved successfully.
C:\Users\dawgot\AppData\Local\TempgT3056.html moved successfully.
C:\Users\dawgot\AppData\Local\TempYa1728.html moved successfully.
C:\Users\dawgot\AppData\Local\TemphX1728.html moved successfully.
C:\Users\dawgot\AppData\Local\TempmV2220.html moved successfully.
C:\Users\dawgot\AppData\Local\TempYR2220.html moved successfully.
C:\Users\dawgot\AppData\Local\TempFT2092.html moved successfully.
C:\Users\dawgot\AppData\Local\TempoA2092.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempnzc604.html moved successfully.
C:\Users\dawgot\AppData\Local\TemplOJ604.html moved successfully.
C:\Users\dawgot\AppData\Local\Temprgy352.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempozy352.html moved successfully.
C:\Users\dawgot\AppData\Local\Temphy2644.html moved successfully.
C:\Users\dawgot\AppData\Local\TempxN2644.html moved successfully.
C:\Users\dawgot\AppData\Local\TempUGF376.html moved successfully.
C:\Users\dawgot\AppData\Local\TempHUp376.html moved successfully.
C:\Users\dawgot\AppData\Local\TempSp2856.html moved successfully.
C:\Users\dawgot\AppData\Local\TempLM2856.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempat2852.html moved successfully.
C:\Users\dawgot\AppData\Local\TempuW2852.html moved successfully.
C:\Users\dawgot\AppData\Local\TempSj2916.html moved successfully.
C:\Users\dawgot\AppData\Local\TempQl2916.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempkf2900.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempad2900.html moved successfully.
C:\Users\dawgot\AppData\Local\TempCx3256.html moved successfully.
C:\Users\dawgot\AppData\Local\TempDi3256.html moved successfully.
C:\Users\dawgot\AppData\Local\TempRw1116.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempdt1116.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempbn3020.html moved successfully.
C:\Users\dawgot\AppData\Local\TempIV3020.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempfi3008.html moved successfully.
C:\Users\dawgot\AppData\Local\TempmJ3008.html moved successfully.
C:\Users\dawgot\AppData\Local\TempRy3960.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempbp3960.html moved successfully.
C:\Users\dawgot\AppData\Local\Temppf2924.html moved successfully.
C:\Users\dawgot\AppData\Local\TempIH2924.html moved successfully.
C:\Users\dawgot\AppData\Local\TempBu2764.html moved successfully.
C:\Users\dawgot\AppData\Local\TempwB2764.html moved successfully.
C:\Users\dawgot\AppData\Local\TempTL2808.html moved successfully.
C:\Users\dawgot\AppData\Local\TempRR2808.html moved successfully.
C:\Users\dawgot\AppData\Local\TempzP2876.html moved successfully.
C:\Users\dawgot\AppData\Local\TempBQ2876.html moved successfully.
C:\Users\dawgot\AppData\Local\TempYG3000.html moved successfully.
C:\Users\dawgot\AppData\Local\TempKS3000.html moved successfully.
C:\Users\dawgot\AppData\Local\TempPa1236.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempfr1236.html moved successfully.
C:\Users\dawgot\AppData\Local\TemphF2748.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempqg2748.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempxh1912.html moved successfully.
C:\Users\dawgot\AppData\Local\TempkF1912.html moved successfully.
C:\Users\dawgot\AppData\Local\TempSB2984.html moved successfully.
C:\Users\dawgot\AppData\Local\TempuE2984.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempnl2900.html moved successfully.
C:\Users\dawgot\AppData\Local\TempFb2900.html moved successfully.
C:\Users\dawgot\AppData\Local\TempnL3436.html moved successfully.
C:\Users\dawgot\AppData\Local\TempfL3436.html moved successfully.
C:\Users\dawgot\AppData\Local\TempCs2820.html moved successfully.
C:\Users\dawgot\AppData\Local\TempjC2820.html moved successfully.
C:\Users\dawgot\AppData\Local\TempBQ2700.html moved successfully.
C:\Users\dawgot\AppData\Local\TempQs2700.html moved successfully.
C:\Users\dawgot\AppData\Local\TempkV2908.html moved successfully.
C:\Users\dawgot\AppData\Local\TempCV2908.html moved successfully.
C:\Users\dawgot\AppData\Local\TempdO2676.html moved successfully.
C:\Users\dawgot\AppData\Local\TempWw2676.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempxc2820.html moved successfully.
C:\Users\dawgot\AppData\Local\TempJQ2820.html moved successfully.
C:\Users\dawgot\AppData\Local\TempaN2980.html moved successfully.
C:\Users\dawgot\AppData\Local\TempuR2980.html moved successfully.
C:\Users\dawgot\AppData\Local\TempUg2488.html moved successfully.
C:\Users\dawgot\AppData\Local\TempWE2488.html moved successfully.
C:\Users\dawgot\AppData\Local\TempIK2788.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempky2788.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempsg2620.html moved successfully.
C:\Users\dawgot\AppData\Local\TempBn2620.html moved successfully.
C:\Users\dawgot\AppData\Local\TempTW2724.html moved successfully.
C:\Users\dawgot\AppData\Local\TempOX2724.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempts1908.html moved successfully.
C:\Users\dawgot\AppData\Local\TempTj1908.html moved successfully.
C:\Users\dawgot\AppData\Local\TempVj3048.html moved successfully.
C:\Users\dawgot\AppData\Local\TempII3048.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempyy1196.html moved successfully.
C:\Users\dawgot\AppData\Local\TempJh1196.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempol1376.html moved successfully.
C:\Users\dawgot\AppData\Local\Tempjg1376.html moved successfully.
C:\Users\dawgot\Documents\eeeeeeeeeeeee.sfk moved successfully.
C:\Users\dawgot\Documents\vfgnrh.sfk moved successfully.
C:\Users\dawgot\Documents\dddddddddd.sfk moved successfully.
========== FILES ==========
File\Folder C:\Windows\lsass.exe not found.
File\Folder C:\Users\dawgot\AppData\Local\Temp\opeC8F3.exe not found.
File\Folder C:\Windows\svc.exe not found.
File\Folder C:\Users\dawgot\AppData\Local\Temp\xgoawwy.exe not found.
C:\Users\dawgot\AppData\Local\Temp\svchosty.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: dawgot
->Temp folder emptied: 5364820059 bytes
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\System not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\GinaDLL not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\TaskMan not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\System not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\GinaDLL not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\TaskMan not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\System not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\GinaDLL not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\TaskMan not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet not found.
->Temporary Internet Files folder emptied: 100086245 bytes
->Java cache emptied: 4677648 bytes
->FireFox cache emptied: 88309382 bytes
->Google Chrome cache emptied: 74940723 bytes
->Flash cache emptied: 87524 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 91520278 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50534 bytes
RecycleBin emptied: 1178441148 bytes

Total Files Cleaned = 6 583,00 mb


OTL by OldTimer - Version 3.2.5.0 log created on 05222010_164705

Files\Folders moved on Reboot...
File\Folder C:\Users\dawgot\AppData\Local\Temp\etilqs_gZXa3ccJauakMc9chlCO not found!
C:\Users\dawgot\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\dawgot\AppData\Local\Temp\~DF07BB8C4ADFB4A6D9.TMP not found!
File\Folder C:\Users\dawgot\AppData\Local\Temp\~DF3A736823A13810B3.TMP not found!
File\Folder C:\Users\dawgot\AppData\Local\Temp\~DF498A1A6DD70C3614.TMP not found!
File\Folder C:\Users\dawgot\AppData\Local\Temp\~DF9720401E4DF36D8E.TMP not found!
File\Folder C:\Users\dawgot\AppData\Local\Temp\~DFA915D3AD5CBDD871.TMP not found!
File\Folder C:\Users\dawgot\AppData\Local\Temp\~DFF899EBF562245058.TMP not found!
C:\Users\dawgot\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\dawgot\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\dawgot\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\dawgot\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\dawgot\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
[/code]

Sohei
komentarz
komentarz

Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url]
Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url]
Co znajda usun po czym daj logi z usuwania + nowy log OTL

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.