Fejstroll wirus.

[pincszesc]

Mam taki problem jak wiekszosc.

logi :
Dostępne tylko dla zarejestrowanych użytkowników
Dostępne tylko dla zarejestrowanych użytkowników

[filutka78]

Nie masz infekcji z Facebooka.

Uruchom OTL i w dolne białe pole wklej to:

Kod: Zaznacz cały

:OTL
O4 - HKLM..\Run: [RoxioAudioCentral]  File not found
O4 - HKLM..\Run: [RoxioDragToDisc]  File not found
[2010-05-27 18:59:17 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe76A.dll
[2011-08-24 23:38:43 | 000,935,936 | ---- | M] () -- C:\Documents and Settings\Jacek\Application Data\mservice32.exe
[2011-08-20 01:12:32 | 000,951,808 | ---- | M] () -- C:\Documents and Settings\Jacek\Application Data\mservice32_t.exe

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:Commands
[emptyflash]
[emptytemp]
[resethosts]



Kliknij w Wykonaj Script. Zapisz raport, który się pokaże.
Pokaż nowy log OTL.txt oraz raport z usuwania.

F.

[pincszesc]

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RoxioAudioCentral deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RoxioDragToDisc deleted successfully.
C:\Documents and Settings\All Users\Application Data\hpe76A.dll moved successfully.
C:\Documents and Settings\Jacek\Application Data\mservice32.exe moved successfully.
C:\Documents and Settings\Jacek\Application Data\mservice32_t.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default User

User: Jacek
->Flash cache emptied: 3129703 bytes

User: LocalService

User: NetworkService

User: Owner

Total Flash Files Cleaned = 3,00 mb


[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 163974 bytes

User: Jacek
->Temp folder emptied: 1606857625 bytes
->Temporary Internet Files folder emptied: 89684155 bytes
->Java cache emptied: 2348466 bytes
->FireFox cache emptied: 63408075 bytes
->Google Chrome cache emptied: 16661318 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Owner

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 39097 bytes
%systemroot%\System32 .tmp files removed: 2832913 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 57743826 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 172860482 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 1119971 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 921,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.26.6 log created on 08282011_134302

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Problem rozwiązany.Dzieki za pomoc!

[filutka78]

W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.

Temat zostanie zamknięty.

F.