Kod: Zaznacz cały
############################## | UsbFix V 7.078 | [Deletion]
User: Andrzej (Administrator) # DOMSAHARADESERT
Updated 06/01/2012 by El Desaparecido
Started at 21:43:42 | 17/01/2013
Website: http://eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com
PC: NVIDIA (AWRDACPI) (X86-based PC) # Desktop Computer
CPU: AMD Athlon(tm) XP 2200+ (1804)
RAM -> [ Total : 1535 | Free : 963 ]
BIOS: Phoenix - AwardBIOS v6.00PG
BOOT: Normal boot
OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702
SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
FW: Windows FireWall Service [ Enabled ]
C:\ -> Fixed drive # 10 Gb (191 Mb free - 2%) [SYSTEM] # FAT32
D:\ (%systemdrive%) -> Fixed drive # 24 Gb (3 Mb free - 11%) [WINXP] # FAT32
E:\ -> Fixed drive # 59 Gb (1 Mb free - 2%) [] # FAT32
F:\ -> Fixed drive # 20 Gb (91 Mb free - 0%) [] # FAT32
G:\ -> CD-ROM
H:\ -> CD-ROM
I:\ -> CD-ROM
J:\ -> Removable drive # 15 Gb (320 Mb free - 2%) [KINGSTON] # FAT32
K:\ -> Removable drive # 4 Gb (66 Mb free - 2%) [] # FAT32
L:\ -> Removable drive # 4 Gb (500 Mb free - 13%) [KINGSTON] # FAT32
################## | Active Processes |
D:\WINDOWS\System32\smss.exe (920)
D:\WINDOWS\system32\winlogon.exe (1048)
D:\WINDOWS\system32\services.exe (1092)
D:\WINDOWS\system32\lsass.exe (1104)
D:\WINDOWS\system32\svchost.exe (1264)
D:\WINDOWS\System32\svchost.exe (1472)
D:\WINDOWS\system32\spoolsv.exe (2044)
D:\WINDOWS\Explorer.EXE (244)
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (496)
D:\WINDOWS\system32\ctfmon.exe (512)
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (772)
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (828)
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (964)
D:\WINDOWS\system32\svchost.exe (1288)
D:\WINDOWS\system32\wscntfy.exe (2524)
D:\WINDOWS\system32\oodag.exe (928)
D:\UsbFix\Go.exe (3096)
################## | Stopped processes |
Stopped! D:\WINDOWS\system32\spoolsv.exe (2044)
Stopped! D:\WINDOWS\Explorer.EXE (244)
Stopped! D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (496)
Stopped! D:\WINDOWS\system32\ctfmon.exe (512)
Stopped! D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (772)
Stopped! D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (828)
Stopped! D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (964)
Stopped! D:\WINDOWS\system32\wscntfy.exe (2524)
Stopped! D:\WINDOWS\system32\oodag.exe (928)
################## | Files # Infected Folders |
Deleted ! E:\MUZYKA
Deleted ! F:\MUZYKA
(!) Temporary files deleted.
################## | Registry |
################## | Mountpoints2 |
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{59deb85e-dc34-11dd-97d6-4d6564696130}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{a6c14674-312f-11df-99c0-000c76e8a66a}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{c1b82841-fff4-11e1-accb-000c76e8a66a}
################## | Listing |
[14/09/2004 - 15:59:08 | D ] C:\WIN98SE
[04/07/2005 - 12:50:36 | N | 64628] C:\BOOTLOG.PRV
[05/05/1999 - 22:22:00 | N | 95874] C:\COMMAND.COM
[14/09/2004 - 16:11:48 | N | 133] C:\AUTOEXEC.BAT
[14/09/2004 - 15:59:08 | D ] C:\Program Files
[14/09/2004 - 16:08:36 | N | 123594] C:\SETUPLOG.TXT
[21/09/2012 - 15:31:10 | D ] C:\cmdcons
[04/07/2005 - 12:30:16 | N | 7137] C:\NETLOG.TXT
[04/07/2005 - 12:11:24 | N | 100] C:\CONFIG.SYS
[14/09/2004 - 16:15:20 | D ] C:\NVIDIA
[14/09/2004 - 16:01:54 | N | 8501] C:\SUHDLOG.DAT
[14/09/2004 - 16:06:52 | N | 1676] C:\MSDOS.SYS
[04/07/2005 - 12:29:54 | N | 78176] C:\DETLOG.TXT
[10/07/2005 - 17:20:36 | N | 64628] C:\BOOTLOG.TXT
[14/09/2004 - 16:01:54 | N | 528416] C:\SYSTEM.1ST
[05/05/1999 - 22:22:00 | N | 222390] C:\IO.SYS
[03/08/2004 - 23:00:14 | N | 262400] C:\cmldr
[14/09/2004 - 16:09:54 | D ] C:\Moje dokumenty
[07/03/2005 - 13:18:48 | D ] C:\Config.Msi
[14/09/2004 - 16:47:16 | N | 512] C:\BOOTSECT.DOS
[13/05/2005 - 20:19:08 | N | 120586240] C:\pagefile.sys
[22/07/2001 - 00:13:54 | N | 4952] C:\Bootfont.bin
[11/10/2012 - 22:00:20 | N | 251152] C:\ntldr
[03/08/2004 - 22:38:34 | N | 47564] C:\ntdetect.com
[24/09/2012 - 23:09:34 | N | 233] C:\boot.ini
[14/09/2004 - 17:04:14 | SHD ] C:\System Volume Information
[14/09/2004 - 18:35:12 | SHD ] C:\RECYCLED
[26/10/2004 - 18:00:36 | D ] C:\INCINERATE
[08/10/2004 - 16:05:14 | D ] D:\FOUND.000
[21/10/2004 - 20:51:40 | D ] D:\FOUND.001
[27/10/2004 - 15:18:22 | D ] D:\FOUND.002
[14/09/2004 - 16:48:56 | D ] D:\WINDOWS
[14/09/2004 - 16:51:10 | D ] D:\Documents and Settings
[13/05/2005 - 21:27:54 | D ] D:\Program Files
[01/11/2004 - 09:06:24 | D ] D:\FOUND.004
[14/09/2004 - 17:03:30 | SHD ] D:\System Volume Information
[29/10/2004 - 14:26:00 | D ] D:\FOUND.003
[02/11/2004 - 20:22:42 | D ] D:\FOUND.005
[02/11/2004 - 19:45:02 | D ] D:\FOUND.006
[03/11/2004 - 15:59:42 | D ] D:\FOUND.007
[28/01/2005 - 17:36:46 | D ] D:\FOUND.008
[17/01/2013 - 08:52:28 | ASH | 805306368] D:\pagefile.sys
[16/02/2005 - 22:25:32 | D ] D:\FOUND.009
[24/02/2005 - 14:22:32 | D ] D:\FOUND.010
[06/03/2005 - 17:05:56 | D ] D:\Config.Msi
[26/07/2012 - 22:35:18 | D ] D:\NVIDIA
[14/04/2005 - 22:57:00 | D ] D:\FOUND.011
[17/01/2013 - 08:52:28 | ASH | 1610141696] D:\hiberfil.sys
[22/09/2012 - 21:36:58 | D ] D:\FOUND.075
[25/05/2005 - 14:19:32 | D ] D:\FOUND.012
[07/07/2005 - 17:08:18 | D ] D:\FOUND.014
[08/06/2005 - 23:04:12 | D ] D:\FOUND.013
[13/08/2005 - 19:27:00 | D ] D:\FOUND.015
[03/09/2005 - 21:43:34 | D ] D:\FOUND.016
[19/01/2010 - 02:48:48 | D ] D:\FOUND.037
[10/02/2010 - 14:30:04 | D ] D:\FOUND.038
[03/05/2006 - 19:33:36 | D ] D:\FOUND.017
[24/06/2006 - 12:21:38 | D ] D:\FOUND.018
[02/10/2009 - 14:21:04 | D ] D:\FOUND.033
[28/10/2009 - 12:23:54 | D ] D:\FOUND.034
[01/02/2007 - 18:02:48 | D ] D:\FOUND.019
[07/02/2007 - 15:03:32 | D ] D:\FOUND.020
[22/03/2007 - 16:46:20 | D ] D:\FOUND.021
[13/04/2007 - 11:43:48 | D ] D:\FOUND.022
[11/07/2007 - 00:05:24 | D ] D:\FOUND.023
[06/11/2007 - 18:11:36 | D ] D:\FOUND.024
[11/01/2012 - 23:58:02 | D ] D:\FOUND.049
[13/01/2012 - 19:24:40 | D ] D:\FOUND.050
[14/01/2012 - 15:42:42 | D ] D:\FOUND.051
[10/12/2007 - 00:18:00 | D ] D:\FOUND.025
[20/01/2008 - 19:28:06 | D ] D:\FOUND.026
[08/02/2008 - 17:10:28 | D ] D:\FOUND.027
[30/06/2008 - 22:03:28 | D ] D:\FOUND.028
[09/10/2008 - 16:59:38 | D ] D:\FOUND.029
[22/11/2008 - 16:20:18 | D ] D:\FOUND.030
[28/12/2008 - 15:59:00 | D ] D:\FOUND.031
[31/12/2008 - 18:25:08 | D ] D:\FOUND.032
[06/09/2010 - 21:08:20 | D ] D:\FOUND.039
[12/12/2010 - 15:40:22 | D ] D:\FOUND.040
[22/11/2009 - 10:43:44 | D ] D:\FOUND.035
[27/11/2009 - 00:32:00 | D ] D:\FOUND.036
[22/05/2011 - 23:11:14 | D ] D:\FOUND.041
[03/07/2011 - 14:41:10 | D ] D:\FOUND.042
[06/07/2011 - 20:15:10 | D ] D:\FOUND.043
[07/08/2011 - 02:26:58 | D ] D:\FOUND.044
[02/09/2011 - 19:11:52 | D ] D:\FOUND.045
[16/12/2011 - 07:54:56 | D ] D:\FOUND.047
[04/01/2012 - 11:56:50 | D ] D:\FOUND.048
[27/11/2011 - 20:21:24 | D ] D:\FOUND.046
[25/01/2012 - 12:10:40 | D ] D:\FOUND.052
[03/02/2012 - 06:39:44 | D ] D:\FOUND.053
[09/02/2012 - 21:39:02 | D ] D:\FOUND.054
[15/02/2012 - 00:32:16 | D ] D:\FOUND.055
[16/02/2012 - 18:15:58 | D ] D:\FOUND.056
[17/02/2012 - 17:37:20 | D ] D:\FOUND.057
[27/02/2012 - 15:45:34 | D ] D:\FOUND.058
[20/03/2012 - 21:38:46 | D ] D:\FOUND.065
[25/03/2012 - 21:42:02 | D ] D:\FOUND.066
[29/04/2012 - 02:59:08 | D ] D:\FOUND.067
[02/05/2012 - 20:54:30 | D ] D:\FOUND.068
[03/05/2012 - 20:05:30 | D ] D:\FOUND.069
[08/08/2012 - 00:41:22 | D ] D:\FOUND.071
[20/08/2012 - 13:13:10 | D ] D:\FOUND.072
[03/05/2012 - 22:37:42 | D ] D:\FOUND.070
[09/03/2012 - 21:54:26 | D ] D:\FOUND.059
[11/03/2012 - 03:06:54 | D ] D:\FOUND.060
[14/03/2012 - 07:48:48 | D ] D:\FOUND.061
[18/03/2012 - 01:34:08 | D ] D:\FOUND.062
[18/03/2012 - 21:07:24 | D ] D:\FOUND.063
[19/03/2012 - 19:49:44 | D ] D:\FOUND.064
[17/01/2013 - 18:41:26 | D ] D:\UsbFix
[21/09/2012 - 02:12:10 | D ] D:\FOUND.073
[21/09/2012 - 03:49:16 | D ] D:\FOUND.074
[22/09/2012 - 02:20:40 | SHD ] D:\Recycled
[07/01/2013 - 20:37:44 | N | 725340160] D:\Portugalia - Polska .avi
[17/01/2013 - 21:43:32 | N | 2864] D:\UsbFix.txt
[26/10/2004 - 18:00:36 | D ] D:\INCINERATE
[09/03/2005 - 19:55:04 | D ] E:\Config.Msi
[14/09/2004 - 17:04:14 | SHD ] E:\System Volume Information
[16/02/2010 - 23:35:40 | D ] E:\Filmy
[28/01/2012 - 23:57:36 | D ] E:\msdownld.tmp
[12/10/2012 - 14:10:10 | D ] E:\Mitsubishi Lancer
[08/04/2007 - 20:13:44 | D ] E:\C&C Yuri's Revenge
[14/09/2004 - 18:35:12 | SHD ] E:\RECYCLED
[14/09/2004 - 18:59:54 | D ] E:\Program Files
[26/10/2004 - 18:00:36 | D ] E:\INCINERATE
[04/02/2005 - 17:58:58 | D ] F:\FOUND.000
[10/02/2005 - 19:35:16 | D ] F:\FOUND.001
[10/02/2005 - 21:47:34 | D ] F:\FOUND.002
[18/11/2011 - 02:48:36 | D ] F:\FOUND.009
[14/09/2004 - 15:52:38 | SHD ] F:\System Volume Information
[19/06/2009 - 18:16:40 | D ] F:\The Punisher
[14/01/2012 - 15:43:16 | D ] F:\FOUND.010
[20/01/2012 - 17:54:36 | D ] F:\XML
[21/12/2008 - 13:19:40 | D ] F:\FOUND.008
[12/01/2013 - 16:07:18 | D ] F:\_OTL
[16/03/2005 - 12:31:26 | D ] F:\FOUND.007
[25/06/2009 - 23:11:46 | D ] F:\video2smv
[16/07/2009 - 15:08:26 | D ] F:\DJMixStation2
[19/02/2005 - 13:33:50 | D ] F:\FOUND.003
[23/02/2005 - 14:35:42 | D ] F:\FOUND.004
[19/05/2012 - 18:50:12 | D ] F:\Teledyski
[01/09/2012 - 18:23:08 | D ] F:\czero_polish
[14/09/2004 - 18:24:54 | SHD ] F:\Recycled
[08/01/2011 - 23:56:42 | D ] F:\C&C Generals
[20/08/2011 - 16:20:48 | D ] F:\C&C Generals Zero Hour
[01/08/2012 - 17:54:18 | D ] F:\Kurs Adobe Photoshop
[19/02/2005 - 21:24:54 | D ] F:\Games
[21/06/2005 - 22:19:40 | D ] F:\C&C Red Alert 2
[03/03/2005 - 18:01:16 | D ] F:\FOUND.005
[09/03/2005 - 19:00:10 | D ] F:\FOUND.006
[21/06/2005 - 22:21:14 | D ] F:\C&C Yuri's Revenge
[16/02/2005 - 21:16:50 | D ] F:\GTA Vice City
[24/02/2005 - 13:57:40 | D ] F:\C&C Tiberian Sun
[19/03/2005 - 16:55:10 | D ] F:\Samochody
[10/06/2005 - 12:37:00 | D ] F:\GTA III
[18/07/2005 - 00:12:06 | D ] F:\GTA San Andreas
[23/11/2005 - 22:26:28 | D ] F:\Counter-Strike Condition Zero
[20/02/2006 - 00:07:12 | D ] F:\Programy
[04/04/2006 - 20:03:36 | D ] F:\Modern Talking
[18/10/2002 - 20:02:34 | D ] F:\Lego Racers
[26/10/2004 - 18:00:36 | D ] F:\INCINERATE
[03/10/2012 - 18:10:00 | D ] J:\Dokumenty
[11/12/2012 - 18:25:56 | D ] J:\Nowy folder
[24/12/2012 - 00:48:24 | D ] J:\Sandy
[24/11/2012 - 17:20:24 | D ] K:\Minidump
[24/11/2011 - 03:53:34 | N | 131847189] K:\PKHB.rar
[27/05/2012 - 20:31:08 | D ] K:\Arek
[30/08/2011 - 11:12:10 | D ] K:\Alcohol 120 2.0.1.2031
[14/08/2012 - 00:50:20 | N | 8838514] K:\Devon_02.rar
[30/11/2012 - 09:46:30 | D ] K:\Kooncert Thomasa Andersa w Krakowie (29.11.2012)
[14/08/2012 - 01:58:16 | N | 29357096] K:\all-alone-3-devon.rar
[24/11/2012 - 16:31:14 | D ] K:\Kaspersky Anti-Virus 2013
[20/05/2010 - 01:06:14 | N | 123073516] K:\phil collins - Hits Complete CD.zip
[29/12/2011 - 09:28:36 | N | 139312219] K:\Zemani_2011_09_12_Hannusya_Green_Grass.zip
[25/11/2012 - 18:45:04 | N | 4471708] K:\win78-10.0.0.75-whql.zip
[25/11/2012 - 18:46:12 | N | 142067] K:\win7-l1c-1.0.0.36-whql.zip
[02/07/2012 - 22:54:26 | N | 180224801] K:\1988_The_Best_Of_OMD_(320).rar
[25/05/2010 - 00:40:04 | N | 5435237] K:\Allok 3GP PSP MP4 iPod Video Converter 6.2.0603 + Serial.rar
[14/01/2012 - 20:48:22 | N | 16331291] K:\D3V0N-POOLSIDE.rar
[14/08/2012 - 01:59:44 | N | 23491511] K:\Devon_DS.rar
[14/08/2012 - 01:57:54 | N | 11244772] K:\Devonfurr-voxi.rar
[17/12/2011 - 12:52:56 | N | 76147712] K:\DevonSETS1.rar
[17/12/2011 - 12:54:06 | N | 76092825] K:\DevonSETS3.rar
[17/12/2011 - 12:54:04 | N | 63506763] K:\DevonSETS4.rar
[28/11/2011 - 11:25:10 | N | 49314805] K:\Genuine9 -The Unconventional Family.rar
[24/02/2011 - 14:32:50 | N | 9425559] K:\GoldSolution.Driver.Magician.v3.50.Multilingual.WinAll.Cracked-CRD.[sharethefiles.com].rar
[21/09/2012 - 14:53:42 | D ] L:\Moje dokumenty
[21/09/2012 - 15:00:12 | N | 15218] L:\ldlinux.sys
[21/09/2012 - 14:54:18 | D ] L:\Nowy folder
[21/09/2012 - 14:54:28 | D ] L:\XML
[01/10/2012 - 19:11:30 | D ] L:\Koszulka Polski EURO 2012
[08/10/2012 - 16:19:04 | D ] L:\Programy
[01/10/2012 - 19:10:48 | D ] L:\Dokumenty
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
J:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
K:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
L:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
Nowe logi OTL:
- OTL: Dostępne tylko dla zarejestrowanych użytkowników
- Extras: Dostępne tylko dla zarejestrowanych użytkowników
To dlaczego powiedziałeś, żebym skorzystał z tego programu wiedząc, że posiada skutki uboczne w postaci usuwania plików, które nie są wirusami...? Tak to bym sobie zrobił kopie wszystkich plików... Część plików udało mi się odzyskać głównie z folderu E:/Muzyka, ale z dysku F:/Muzyka już tylko ponad 500MB z ponad 7GB plików. Pewnie dlatego bo na dysku D miałem już mało miejsca. Da się jakimś innym sposobem odzyskać usunięte pliki przez ten program? Jak fachowcy potrafią odzyskać. Na pewno są do tego jakieś dobre programy. Czyż nie?
Poza tym kilka razy w tygodniu skanuję komputer KAV 2013 i Malwarebytes.
.
. To samo się tyczy dysku E.
.