OTL LOG , problem z wirusem .

Wszystko co dotyczy bezpieczeństwa systemów oraz walki z malware, w szczególności analiza logów
widwa

Użytkownik
Posty: 17
Rejestracja: 04 lip 2010, 12:58

OTL LOG , problem z wirusem .

Post04 lip 2010, 13:05

Witam, podłączyłem od kolegi pendrive i NOD znalazł mi wirusa w pliku autorun.inf:
odmiana wirusa Win32/AutoRun.PSW.OnlineGames.BE robak
następnym razem gdy dał mi pendrive to był w tym samym pliku taki wirus:
Win32/PSW.OnlineGames.OUM koń trojański

i moje pytanie jak to zwalczyć- jak to naprawić żeby pendrive nie miał wirusów, i komputer był czysty


wstawiam loga z OTL :

Dostępne tylko dla zarejestrowanych użytkowników

Awatar użytkownika
djkamil09061991

Globalny Moderator
Posty: 8250
Rejestracja: 18 lut 2009, 11:54
Lokalizacja: Wrocław
Kontaktowanie:

OTL LOG , problem z wirusem .

Post04 lip 2010, 14:07

Wklej w OTL i naciśnij wykonaj skrypt:
:OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o=15161&l=dis"
FF - prefs.js..extensions.enabledItems: {8b86149f-01fb-4842-9dd8-4d7eb02fd055}:0.20.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: redshift_V2@shift-themes.com:3.0
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:64bit: - HKU\S-1-5-21-941445737-1290884527-3409090037-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-941445737-1290884527-3409090037-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-21-941445737-1290884527-3409090037-1000..\Run: [Start WingMan Profiler] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{ab546bc4-dc6d-11de-a4be-00241d77019f}\Shell\AutoRun\command - "" = H:\Autorun.exe -- File not found
O33 - MountPoints2\{b33f8b98-dc64-11de-9c78-00241d77019f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
[2010-07-04 12:30:24 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemprJ2264.html
[2010-07-04 12:30:24 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempdV2264.html
[2010-07-04 12:06:01 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-07-04 09:46:23 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-07-03 22:35:32 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempUZ2592.html
[2010-07-03 20:39:10 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemppN3144.html
[2010-07-03 18:52:58 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempCXF648.html
[2010-07-03 16:23:36 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempHa2604.html
[2010-07-03 15:59:05 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempVo2672.html
[2010-07-03 10:07:53 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempLx2720.html
[2010-07-03 00:27:11 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempzy3212.html
[2010-07-03 00:27:11 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempDR3212.html
[2010-07-02 21:29:16 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempWp2552.html
[2010-07-02 18:23:10 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempLo4704.html
[2010-07-02 16:35:43 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempuU1680.html
[2010-07-02 10:24:37 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempDa2688.html
[2010-07-01 23:38:27 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempfT4808.html
[2010-07-01 23:38:27 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempik4808.html
[2010-07-01 20:21:23 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempNy2716.html
[2010-07-01 09:38:31 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempoO2736.html
[2010-07-01 09:38:31 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Temppo2736.html
[2010-06-30 23:01:25 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempUA1524.html
[2010-06-30 23:01:25 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempao1524.html
[2010-06-30 22:21:26 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempRg3244.html
[2010-06-30 22:15:33 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemppE4724.html
[2010-06-30 21:43:50 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempmC2100.html
[2010-06-30 21:40:26 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempri4488.html
[2010-06-30 20:26:51 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempON4532.html
[2010-06-30 11:36:56 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempXv2588.html
[2010-06-30 11:36:56 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempfI2588.html
[2010-06-29 23:50:10 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempyw2260.html
[2010-06-29 23:50:10 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempUn2260.html
[2010-06-29 16:41:07 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempGv2688.html
[2010-06-27 23:22:03 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempPh2640.html
[2010-06-27 23:22:03 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempUx2640.html
[2010-06-27 16:41:38 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemphD2596.html
[2010-06-27 15:48:37 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempwd5864.html
[2010-06-27 15:48:37 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempNe5864.html
[2010-06-27 13:06:45 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempbp4820.html
[2010-06-26 18:36:39 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempBb2672.html
[2010-06-26 14:32:23 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempey1564.html
[2010-06-26 14:32:23 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempsc1564.html
[2010-06-26 00:11:24 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempUq5308.html
[2010-06-26 00:11:24 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempVr5308.html
[2010-06-25 22:52:36 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempSS2660.html
[2010-06-25 22:52:36 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Temprn2660.html
[2010-06-25 08:45:28 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempqx2692.html
[2010-06-25 08:45:28 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempLd2692.html
[2010-06-24 23:33:19 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempLW2724.html
[2010-06-24 23:33:19 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempdp2724.html
[2010-06-24 19:33:57 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempKh2660.html
[2010-06-24 12:08:07 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempMZ2688.html
[2010-06-23 23:13:16 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempXx4996.html
[2010-06-23 23:13:16 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempOs4996.html
[2010-06-23 22:20:14 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Temphf4672.html
[2010-06-22 17:26:39 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemplT2664.html
[2010-06-22 11:47:14 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempdh2700.html
[2010-06-20 18:19:27 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempxr2712.html
[2010-06-20 11:48:42 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempFA2760.html
[2010-06-20 07:29:13 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemptJ2664.html
[2010-06-19 16:32:19 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempOW2696.html
[2010-06-19 07:21:43 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempDO2780.html
[2010-06-18 14:32:55 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempIE2624.html
[2010-06-18 00:04:03 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempbe2700.html
[2010-06-18 00:04:03 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempRG2700.html
[2010-06-17 16:07:34 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempwX2676.html
[2010-06-16 22:24:57 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempZI1772.html
[2010-06-16 21:59:13 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempBU1848.html
[2010-06-16 20:43:57 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempGZ4840.html
[2010-06-16 17:01:24 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempOu2672.html
[2010-06-16 15:26:01 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempVS2712.html
[2010-06-16 15:26:01 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempdI2712.html
[2010-06-15 23:22:14 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempsH3008.html
[2010-06-15 23:22:14 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TemprP3008.html
[2010-06-15 22:03:04 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempRl2716.html
[2010-06-15 21:43:42 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempFg2648.html
[2010-06-15 21:43:42 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Temptw2648.html
[2010-06-15 16:23:17 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempPX3588.html
[2010-06-15 15:16:22 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempFUc116.html
[2010-06-15 13:58:43 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempFU2844.html
[2010-06-15 07:44:20 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempod2684.html
[2010-06-14 22:24:31 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempmG2656.html
[2010-06-14 18:43:47 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempdT2680.html
[2010-06-14 18:43:47 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempde2680.html
[2010-06-14 15:39:48 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempZd2708.html
[2010-06-14 15:39:48 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempTn2708.html
[2010-06-14 14:40:49 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempAP2756.html
[2010-06-14 14:17:22 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempSC2820.html
[2010-06-14 14:17:22 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempDS2820.html
[2010-06-14 07:37:53 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempHo2604.html
[2010-06-13 21:36:14 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempSh5024.html
[2010-06-13 21:15:20 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempRW2680.html
[2010-06-13 21:15:20 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempYg2680.html
[2010-06-13 15:22:58 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempdb2700.html
[2010-06-13 13:47:07 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempOn2716.html
[2010-06-13 13:21:15 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempTK3096.html
[2010-06-13 13:21:15 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempCy3096.html
[2010-06-13 09:43:47 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempay2728.html
[2010-06-12 21:44:14 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempQh2704.html
[2010-06-12 21:44:14 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempjw2704.html
[2010-06-12 16:42:51 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempFd2624.html
[2010-06-10 17:29:15 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempZO4924.html
[2010-06-10 16:36:06 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempdf3060.html
[2010-06-10 16:36:06 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\TempkO3060.html
[2010-06-10 15:39:47 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TemphS2640.html
[2010-06-10 15:39:47 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempji2640.html
[2010-06-09 07:37:36 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempBC2568.html
[2010-06-08 19:17:13 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempce5516.html
[2010-06-08 19:17:13 | 000,002,089 | ---- | M] () -- C:\Users\user\AppData\Local\Tempaw5516.html
[2010-06-08 14:05:12 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempeA2612.html
[2010-06-07 22:39:24 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempJP1252.html
[2010-06-07 21:08:38 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempGb2644.html
[2010-06-06 23:01:05 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempLiZ588.html
[2010-06-06 17:20:04 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\Tempmw2596.html
[2010-06-06 14:31:51 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempOS4944.html
[2010-06-06 13:08:00 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempzB2592.html
[2010-06-06 00:35:59 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempsO5012.html
[2010-06-05 22:41:56 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempcR2596.html
[2010-06-05 17:15:26 | 000,002,432 | ---- | M] () -- C:\Users\user\AppData\Local\TempAe2532.html
[2010-07-04 12:30:24 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TemprJ2264.html
[2010-07-04 12:30:24 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempdV2264.html
[2010-07-03 22:16:39 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempUZ2592.html
[2010-07-03 20:38:48 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TemppN3144.html
[2010-07-03 18:43:30 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempCXF648.html
[2010-07-03 16:23:14 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempHa2604.html
[2010-07-03 15:55:40 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempVo2672.html
[2010-07-03 10:03:11 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempLx2720.html
[2010-07-03 00:06:49 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempzy3212.html
[2010-07-03 00:06:49 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempDR3212.html
[2010-07-02 21:06:39 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempWp2552.html
[2010-07-02 18:16:43 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempLo4704.html
[2010-07-02 16:33:16 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempuU1680.html
[2010-07-02 09:40:02 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempDa2688.html
[2010-07-01 22:27:36 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempfT4808.html
[2010-07-01 22:27:36 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempik4808.html
[2010-07-01 20:04:38 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempNy2716.html
[2010-07-01 09:38:31 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempoO2736.html
[2010-07-01 09:38:31 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Temppo2736.html
[2010-06-30 22:24:51 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempUA1524.html
[2010-06-30 22:24:51 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempao1524.html
[2010-06-30 22:18:14 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempRg3244.html
[2010-06-30 22:09:47 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TemppE4724.html
[2010-06-30 21:42:12 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempmC2100.html
[2010-06-30 21:37:50 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempri4488.html
[2010-06-30 20:14:16 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempON4532.html
[2010-06-30 11:30:48 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempXv2588.html
[2010-06-30 11:30:48 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempfI2588.html
[2010-06-29 23:40:24 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempyw2260.html
[2010-06-29 23:40:24 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempUn2260.html
[2010-06-29 16:15:40 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempGv2688.html
[2010-06-27 21:39:53 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempPh2640.html
[2010-06-27 21:39:53 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempUx2640.html
[2010-06-27 16:07:01 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TemphD2596.html
[2010-06-27 13:40:27 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempwd5864.html
[2010-06-27 13:40:27 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempNe5864.html
[2010-06-27 12:50:54 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempbp4820.html
[2010-06-26 15:49:38 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempBb2672.html
[2010-06-26 14:11:14 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempey1564.html
[2010-06-26 14:11:14 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempsc1564.html
[2010-06-26 00:08:02 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempUq5308.html
[2010-06-26 00:08:02 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempVr5308.html
[2010-06-25 22:52:36 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempSS2660.html
[2010-06-25 22:52:36 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Temprn2660.html
[2010-06-25 08:39:19 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempqx2692.html
[2010-06-25 08:39:19 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempLd2692.html
[2010-06-24 21:49:44 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempLW2724.html
[2010-06-24 21:49:44 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempdp2724.html
[2010-06-24 19:29:43 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempKh2660.html
[2010-06-24 11:35:04 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempMZ2688.html
[2010-06-23 22:21:51 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempXx4996.html
[2010-06-23 22:21:51 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempOs4996.html
[2010-06-23 18:59:19 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Temphf4672.html
[2010-06-22 16:57:44 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TemplT2664.html
[2010-06-22 11:36:32 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempdh2700.html
[2010-06-20 17:44:59 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempxr2712.html
[2010-06-20 11:23:46 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempFA2760.html
[2010-06-19 21:19:29 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TemptJ2664.html
[2010-06-19 14:52:00 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempOW2696.html
[2010-06-19 07:14:00 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempDO2780.html
[2010-06-18 14:20:51 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempIE2624.html
[2010-06-17 23:24:45 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempbe2700.html
[2010-06-17 23:24:45 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempRG2700.html
[2010-06-17 15:08:41 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempwX2676.html
[2010-06-16 22:02:40 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempZI1772.html
[2010-06-16 21:56:07 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempBU1848.html
[2010-06-16 20:05:49 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempGZ4840.html
[2010-06-16 16:44:42 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempOu2672.html
[2010-06-16 15:20:02 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempVS2712.html
[2010-06-16 15:20:02 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempdI2712.html
[2010-06-15 22:31:04 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempsH3008.html
[2010-06-15 22:31:04 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TemprP3008.html
[2010-06-15 21:51:35 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempRl2716.html
[2010-06-15 21:43:42 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempFg2648.html
[2010-06-15 21:43:42 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Temptw2648.html
[2010-06-15 15:26:56 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempPX3588.html
[2010-06-15 15:15:46 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempFUc116.html
[2010-06-15 13:56:08 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempFU2844.html
[2010-06-15 07:35:04 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempod2684.html
[2010-06-14 20:21:53 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempmG2656.html
[2010-06-14 18:43:47 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempdT2680.html
[2010-06-14 18:43:47 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempde2680.html
[2010-06-14 15:39:48 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempZd2708.html
[2010-06-14 15:39:48 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempTn2708.html
[2010-06-14 14:23:29 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempAP2756.html
[2010-06-14 14:17:22 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempSC2820.html
[2010-06-14 14:17:22 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempDS2820.html
[2010-06-14 07:37:01 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempHo2604.html
[2010-06-13 21:15:32 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempSh5024.html
[2010-06-13 20:42:18 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempRW2680.html
[2010-06-13 20:42:18 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempYg2680.html
[2010-06-13 14:40:58 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempdb2700.html
[2010-06-13 13:26:54 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempOn2716.html
[2010-06-13 13:21:15 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempTK3096.html
[2010-06-13 13:21:15 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempCy3096.html
[2010-06-13 09:37:43 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempay2728.html
[2010-06-12 21:44:14 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempQh2704.html
[2010-06-12 21:44:14 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempjw2704.html
[2010-06-12 16:35:25 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempFd2624.html
[2010-06-10 16:38:36 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempZO4924.html
[2010-06-10 15:42:30 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempdf3060.html
[2010-06-10 15:42:30 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempkO3060.html
[2010-06-10 15:14:31 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TemphS2640.html
[2010-06-10 15:14:31 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempji2640.html
[2010-06-08 22:36:26 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempBC2568.html
[2010-06-08 19:17:13 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempce5516.html
[2010-06-08 19:17:13 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempaw5516.html
[2010-06-08 13:43:21 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempeA2612.html
[2010-06-07 22:24:25 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempJP1252.html
[2010-06-07 19:48:53 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempGb2644.html
[2010-06-06 22:09:43 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempLiZ588.html
[2010-06-06 16:06:18 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempmw2596.html
[2010-06-06 14:27:35 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempOS4944.html
[2010-06-06 12:50:39 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempzB2592.html
[2010-06-05 23:32:00 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempsO5012.html
[2010-06-05 21:20:01 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempcR2596.html
[2010-06-05 17:06:57 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempAe2532.html
[2010-06-03 11:59:25 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempcq1820.html
[2010-05-31 07:21:19 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempHp3812.html
[2010-05-30 21:24:00 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempHW4348.html
[2010-05-30 19:33:21 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempEW1788.html
[2010-05-30 18:41:03 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TemphI4504.html
[2010-05-30 15:35:40 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempOJ1832.html
[2010-05-30 12:57:29 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempBNf304.html
[2010-05-30 12:17:21 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempFO2592.html
[2010-05-30 12:17:21 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempCW2592.html
[2010-05-30 10:11:54 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempTw6296.html
[2010-05-30 10:11:54 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TemphF6296.html
[2010-05-29 19:42:50 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempxO3060.html
[2010-05-29 17:28:41 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempyE1036.html
[2010-05-29 15:02:46 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempxM2476.html
[2010-05-29 12:04:42 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempNq2508.html
[2010-05-29 11:05:13 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempuQ2552.html
[2010-05-29 10:30:58 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempjO2564.html
[2010-05-28 18:05:50 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempbA5008.html
[2010-05-28 14:39:43 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempej1712.html
[2010-05-27 21:39:16 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempGG3868.html
[2010-05-27 21:25:10 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempHl2512.html
[2010-05-27 20:59:54 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempxl2512.html
[2010-05-27 20:05:43 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempcV2512.html
[2010-05-26 22:44:21 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempQm2548.html
[2010-05-26 16:39:14 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempyw2580.html
[2010-05-25 14:35:10 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempCF2720.html
[2010-05-24 19:25:47 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempeu1900.html
[2010-05-24 18:21:44 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempKX5656.html
[2010-05-24 14:07:56 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempkk2640.html
[2010-05-23 16:37:08 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\Tempre3628.html
[2010-05-23 16:34:15 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempAQ1020.html
[2010-05-23 16:30:50 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempVQ2200.html
[2010-05-22 17:40:15 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempbP2756.html
[2010-05-21 14:14:12 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempQw2684.html
[2010-05-21 13:38:49 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempBh2684.html
[2010-05-19 23:27:21 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempzK3048.html
[2010-05-19 22:14:07 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempAOv228.html
[2010-05-19 20:52:52 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempuT4900.html
[2010-05-19 15:05:49 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempYJ2720.html
[2010-05-18 23:43:24 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempEz4268.html
[2010-05-18 20:56:58 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TemphA4904.html
[2010-05-18 19:53:13 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempQK4304.html
[2010-05-18 19:37:10 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempFjK700.html
[2010-02-26 11:15:06 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempXF3000.html
[2010-02-26 11:15:06 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\TempEM3000.html
[2010-02-26 10:42:30 | 000,002,432 | ---- | C] () -- C:\Users\user\AppData\Local\TempJd4776.html
[2010-02-26 10:42:30 | 000,002,089 | ---- | C] () -- C:\Users\user\AppData\Local\Tempba4776.html
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:671329E4

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:Commands
[emptytemp]
[start explorer]
[Reboot]


Podepnij wszystkie pamięci przenośne jakie posiadasz i użyj FlashDisInfector.
Gdzie log extras z OTL? po wykonaniu skryptu dajesz log z usuwania i nowy log

widwa

Użytkownik
Posty: 17
Rejestracja: 04 lip 2010, 12:58

OTL LOG , problem z wirusem .

Post04 lip 2010, 17:16

tylko OTL.txt mam, extras.txt się nie zrobił
a jak to uzyje Flash Disinfector to już mi nie bd wyskakiwalo jak podlącze tego pendrive że niby wirus itd?

Awatar użytkownika
djkamil09061991

Globalny Moderator
Posty: 8250
Rejestracja: 18 lut 2009, 11:54
Lokalizacja: Wrocław
Kontaktowanie:

OTL LOG , problem z wirusem .

Post04 lip 2010, 17:28

pokaż nowy log. Tak wtedy już nie powinno nic wyskakiwać

widwa

Użytkownik
Posty: 17
Rejestracja: 04 lip 2010, 12:58

OTL LOG , problem z wirusem .

Post04 lip 2010, 18:51

Raport z usuwania : Dostępne tylko dla zarejestrowanych użytkowników
Raport ze skanowania : Dostępne tylko dla zarejestrowanych użytkowników


ten Flash Disinfector nie działa mi na windows 7 , nie uruchamia się

Awatar użytkownika
djarta

Globalny Moderator
Posty: 5854
Rejestracja: 26 gru 2008, 17:15
Lokalizacja: Białystok
Kontaktowanie:

OTL LOG , problem z wirusem .

Post04 lip 2010, 19:08

Logi są oki.

Kiedyś używałem Flash'a na Windows 7 i wszystko dobrze działało.
Pokombinuj z nim (uruchom jako Admin / ze zgodnością XP).

Odpal OTL i wciśnij CleanUp.

Awatar użytkownika
djkamil09061991

Globalny Moderator
Posty: 8250
Rejestracja: 18 lut 2009, 11:54
Lokalizacja: Wrocław
Kontaktowanie:

OTL LOG , problem z wirusem .

Post04 lip 2010, 19:11

ewentualnie podobnym programem jest bodajże Panda USB Vaccine tylko nie wiem czy działa na win7

widwa

Użytkownik
Posty: 17
Rejestracja: 04 lip 2010, 12:58

OTL LOG , problem z wirusem .

Post05 lip 2010, 18:29

Zadziałalo to Panda Vaccine na windows 7 ale gdy podlączam mój dysk przenośny z tym "wirusem" to ten program wykrywa go j:\ (NTFS) jest napisane .a poniżej : NTFS support is disabled.

-- 05 lip 2010, 13:40 --

Pomyliłem się , wirus jest na moim dysku 160 GB a nie na pendrive .

-- 05 lip 2010, 18:29 --

To jak tego pozbyć się z dysku przenośnego?

Awatar użytkownika
Luk@sz_root

Ekspert
Posty: 350
Rejestracja: 05 lip 2010, 15:51
Kontaktowanie:

OTL LOG , problem z wirusem .

Post05 lip 2010, 22:43

To jak tego pozbyć się z dysku przenośnego?

Z podłączonym Pendrive daj ponownie logi z OTL
Dostępne tylko dla zarejestrowanych użytkowników
We are Anonymous. We are Legion. We do not forgive. We do not forget.
Obrazek

widwa

Użytkownik
Posty: 17
Rejestracja: 04 lip 2010, 12:58

OTL LOG , problem z wirusem .

Post05 lip 2010, 23:09

w OTL wykonać jaką opcje? skanuj?

Awatar użytkownika
Luk@sz_root

Ekspert
Posty: 350
Rejestracja: 05 lip 2010, 15:51
Kontaktowanie:

OTL LOG , problem z wirusem .

Post05 lip 2010, 23:15

w OTL wykonać jaką opcje? skanuj?

Tak
We are Anonymous. We are Legion. We do not forgive. We do not forget.
Obrazek

widwa

Użytkownik
Posty: 17
Rejestracja: 04 lip 2010, 12:58

OTL LOG , problem z wirusem .

Post05 lip 2010, 23:20


Awatar użytkownika
Luk@sz_root

Ekspert
Posty: 350
Rejestracja: 05 lip 2010, 15:51
Kontaktowanie:

OTL LOG , problem z wirusem .

Post05 lip 2010, 23:32

Tutaj nie ma żadnych infekcji, do usunięcia jedynie zbędny Google Toolbar

W OTL kliknij na przycisk ,, CleanUp " Sprzątanie - to usunie OTL i wszystkie resztki po nim.

Zdefragmentuj dysk

Kliknij ,, Start " > wszystkie programy > Akcesoria > Narzędzia systemowe > Defragmentator dysków .
We are Anonymous. We are Legion. We do not forgive. We do not forget.
Obrazek

widwa

Użytkownik
Posty: 17
Rejestracja: 04 lip 2010, 12:58

OTL LOG , problem z wirusem .

Post05 lip 2010, 23:38

ale jak wyleczyc too coś na dysku , że jak go podłaczam to wyskakuje mi ze odmiana wirusa Win32/AutoRun.PSW.OnlineGames.BE robak.=- pierwszy post

Awatar użytkownika
Luk@sz_root

Ekspert
Posty: 350
Rejestracja: 05 lip 2010, 15:51
Kontaktowanie:

OTL LOG , problem z wirusem .

Post05 lip 2010, 23:50

ale jak wyleczyc too coś na dysku , że jak go podłaczam to wyskakuje mi ze odmiana wirusa Win32/AutoRun.PSW.OnlineGames.BE robak.

W jakim pliku antywirus wykrywa tego Robaka ?
We are Anonymous. We are Legion. We do not forgive. We do not forget.
Obrazek



  • Reklama

Wróć do „Bezpieczeństwo”



Kto jest online

Użytkownicy przeglądający to forum: Google [Bot] i 3 gości