Otwieranie za pomocą - dysk

[sab999]

Witam. Mam problem, a mianowicie, kiedy wchodzę na dysk przez Mój Komputer pokazuje się to:

Jak to naprawić?? Z góry dzięki...

[Andziorka]

Masz wirusa, daj loga z OTL: jak-generujemy-loga-z-rsita-i-otl-vt95026.html

[sab999]

Masz wirusa, daj loga z OTL: jak-generujemy-loga-z-rsita-i-otl-vt95026.html

A oto log
http://wklej.org/id/159367/

[Andziorka]

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

:Processes
explorer.exe

:OTL
O4 - HKLM..\Run: [GEST] File not found
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found
O32 - AutoRun File - [2009-08-03 19:38:37 | 00,000,063 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-08-03 19:38:37 | 00,000,063 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-08-03 19:38:37 | 00,000,063 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-08-03 19:38:37 | 00,000,063 | RHS- | M] () - F:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{2107ac54-8049-11de-9906-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{343c409a-8045-11de-a676-806d6172696f}\Shell\AutoRun\command - "" = ukfbi3aw.exe
O33 - MountPoints2\{343c409a-8045-11de-a676-806d6172696f}\Shell\open\Command - "" = ukfbi3aw.exe
O33 - MountPoints2\{343c409b-8045-11de-a676-806d6172696f}\Shell\AutoRun\command - "" = ukfbi3aw.exe
O33 - MountPoints2\{343c409b-8045-11de-a676-806d6172696f}\Shell\open\Command - "" = ukfbi3aw.exe
O33 - MountPoints2\{343c409c-8045-11de-a676-806d6172696f}\Shell\AutoRun\command - "" = ukfbi3aw.exe
O33 - MountPoints2\{343c409c-8045-11de-a676-806d6172696f}\Shell\open\Command - "" = ukfbi3aw.exe
O33 - MountPoints2\{61d95444-8052-11de-a0ba-806d6172696f}\Shell\AutoRun\command - "" = ukfbi3aw.exe
O33 - MountPoints2\{61d95444-8052-11de-a0ba-806d6172696f}\Shell\open\Command - "" = ukfbi3aw.exe

:Files
C:\WINDOWS\unins000.dat
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db1b3e60-05ac-11de-a5d3-00001cd72a97}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""

:Commands
[emptytemp]
[start explorer]
[Reboot]

Daj loga powstałego po usuwaniu.

Autor postu otrzymał pochwałę

[sab999]

Kod: Zaznacz wszystko

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GEST deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\\Flag deleted successfully.
C:\autorun.inf moved successfully.
D:\autorun.inf moved successfully.
E:\autorun.inf moved successfully.
F:\autorun.inf moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2107ac54-8049-11de-9906-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2107ac54-8049-11de-9906-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{343c409a-8045-11de-a676-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343c409a-8045-11de-a676-806d6172696f}\ not found.
File ukfbi3aw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{343c409a-8045-11de-a676-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343c409a-8045-11de-a676-806d6172696f}\ not found.
File ukfbi3aw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{343c409b-8045-11de-a676-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343c409b-8045-11de-a676-806d6172696f}\ not found.
File ukfbi3aw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{343c409b-8045-11de-a676-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343c409b-8045-11de-a676-806d6172696f}\ not found.
File ukfbi3aw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{343c409c-8045-11de-a676-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343c409c-8045-11de-a676-806d6172696f}\ not found.
File ukfbi3aw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{343c409c-8045-11de-a676-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{343c409c-8045-11de-a676-806d6172696f}\ not found.
File ukfbi3aw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61d95444-8052-11de-a0ba-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61d95444-8052-11de-a0ba-806d6172696f}\ not found.
File ukfbi3aw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61d95444-8052-11de-a0ba-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61d95444-8052-11de-a0ba-806d6172696f}\ not found.
File ukfbi3aw.exe not found.
========== FILES ==========
C:\WINDOWS\unins000.dat moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db1b3e60-05ac-11de-a5d3-00001cd72a97}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{db1b3e60-05ac-11de-a5d3-00001cd72a97}\ not found.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"SuperHidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"Hidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"ShowSuperHidden"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\\"CheckedValue"|dword:00000001 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\\@|"" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: ppp
->Temp folder emptied: 328044733 bytes
->Temporary Internet Files folder emptied: 59962287 bytes
->Java cache emptied: 14140924 bytes
->FireFox cache emptied: 103098893 bytes
->Google Chrome cache emptied: 304114339 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2352022 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
Windows Temp folder emptied: 41110781 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 813,41 mb


OTL by OldTimer - Version 3.0.14.0 log created on 09172009_150929

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


I wszystko działa...

[Andziorka]

Uruchom OTL i wciśnij CelanUp. Czysto.