Niestetey mojego kompa pierwszy raz dopadł wirus.
zainstalowałm OTL
raport
Extras
http://wklej.to/Nc91t
OTL
http://wklej.to/lE6gR
Z góry dzieki
Aktualizacje na programosy.pl:
Audacity Portable • Audacity • Advanced Renamer Portable • Advanced Renamer • 1Password • Kopia zapasowa i synchronizacja (Google Drive) • PhpStorm • YT Downloader • Ashampoo UnInstaller
-
- Ogłoszenie:
Ukash poproszę o pomoc !
6 posty(ów) • Strona 1 z 1
Ukash poproszę o pomoc !
przez Lucek80 30 Lip 2012, 14:57
Niestetey mojego kompa pierwszy raz dopadł wirus.
zainstalowałm OTL
raport
Extras
http://wklej.to/Nc91t
OTL
http://wklej.to/lE6gR
Z góry dzieki
Ukash poproszę o pomoc !
przez defacto19 30 Lip 2012, 15:37
Odinstaluj:
SpeedyPC Pro
Google Toolbar for Internet Explorer
TVersitybar Toolbar
Zastosuj AdwCleaner z opcji Delete.
http://general-changelog-team.fr/en/tools/15-adwcleaner
Uruchom OTL i w sekcji (Własne opcje skanowania/Skrypt) wklej:
Kliknij wykonaj skrypt. Zatwierdź restart komputera. Zapisz raport, który powstanie po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).
Pokaż nowy log OTL.txt oraz raport z usuwania.
SpeedyPC Pro
Google Toolbar for Internet Explorer
TVersitybar Toolbar
Zastosuj AdwCleaner z opcji Delete.
http://general-changelog-team.fr/en/tools/15-adwcleaner
Uruchom OTL i w sekcji (Własne opcje skanowania/Skrypt) wklej:
:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Kuba\USTAWI~1\Temp\__Samsung_Update\ADDMEM.SYS -- (ADDMEM)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=10
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}
IE - HKU\S-1-5-21-4289377953-1970212417-366036058-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=10
IE - HKU\S-1-5-21-4289377953-1970212417-366036058-1005\..\URLSearchHook: {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files\TVersitybar\prxtbTVe0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4289377953-1970212417-366036058-1005\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2548838
IE - HKU\S-1-5-21-4289377953-1970212417-366036058-1005\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}
IE - HKU\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
O4 - HKLM..\Run: [rsevnrzylssedzj] C:\Documents and Settings\All Users\Dane aplikacji\rsevnrzy.exe ()
O4 - HKU\S-1-5-21-4289377953-1970212417-366036058-1005..\Run: [rsevnrzylssedzj] C:\Documents and Settings\All Users\Dane aplikacji\rsevnrzy.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKU\S-1-5-21-4289377953-1970212417-366036058-1005..\Run: [] File not found
O4 - HKU\S-1-5-21-4289377953-1970212417-366036058-1005..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" File not found
O4 - Startup: C:\Documents and Settings\Kuba\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
[2012-07-29 23:00:25 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4289377953-1970212417-366036058-1005.job
[2012-07-29 23:00:23 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-07-27 22:45:48 | 000,000,051 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\txuuonjldeuejwq
[2012-07-27 22:45:33 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\rsevnrzy.exe
[2012-07-27 22:45:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\qfydvihglnldkvi
[2012-07-13 18:32:34 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Kuba.job
[2012-07-07 22:20:04 | 000,308,621 | ---- | C] () -- C:\WINDOWS\System32\autorun.inf
:Commands
[emptytemp]
Kliknij wykonaj skrypt. Zatwierdź restart komputera. Zapisz raport, który powstanie po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).
Pokaż nowy log OTL.txt oraz raport z usuwania.
- defacto19
- ~user
- Posty: 205
- Dołączenie: 23 Cze 2012, 11:51
- Pochwały: 42
Ukash poproszę o pomoc !
przez Lucek80 30 Lip 2012, 16:26
raport po restarcie
http://wklej.to/DxSRH
OTL
http://wklej.to/8H5GR
Po zabiegach jest ok.
Wielkie dzięki
http://wklej.to/DxSRH
OTL
http://wklej.to/8H5GR
Po zabiegach jest ok.
Wielkie dzięki
Ukash poproszę o pomoc !
przez defacto19 30 Lip 2012, 16:56
Uruchom OTL i w sekcji (Własne opcje skanowania/Skrypt) wklej:
Kliknij wykonaj skrypt. Zatwierdź restart komputera. Zapisz raport, który powstanie po restarcie, i przedstaw go na forum.
:OTL
IE - HKU\S-1-5-21-4289377953-1970212417-366036058-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=10
IE - HKU\S-1-5-21-4289377953-1970212417-366036058-1005\..\URLSearchHook: {66bd2442-241b-44cd-8c7a-b51037053cdb} - No CLSID value found
IE - HKU\S-1-5-21-4289377953-1970212417-366036058-1005\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2548838
IE - HKU\S-1-5-21-4289377953-1970212417-366036058-1005\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "TVersitybar Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com/?crg=3.1010000&st=10"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:15.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: fe_3.6@nokia.com:1.7.110.333
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: {66bd2442-241b-44cd-8c7a-b51037053cdb}:3.2.1.3
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2548838&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2548838&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "TVersitybar Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2548838&SearchSource=13"
[2012-07-20 14:30:20 | 000,000,000 | ---D | M] (TVersitybar Community Toolbar) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}
[2010-10-14 20:05:16 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\searchplugins\conduit.xml
[2012-07-12 10:24:25 | 000,003,948 | ---- | M] () -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\searchplugins\sweetim.xml
O3 - HKU\S-1-5-21-4289377953-1970212417-366036058-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-4289377953-1970212417-366036058-1005\..\Toolbar\WebBrowser: (no name) - {66BD2442-241B-44CD-8C7A-B51037053CDB} - No CLSID value found.
O4 - HKU\S-1-5-21-4289377953-1970212417-366036058-1005..\Run: [] File not found
O4 - HKU\S-1-5-21-4289377953-1970212417-366036058-1005..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" File not found
O4 - HKU\S-1-5-21-4289377953-1970212417-366036058-1005..\Run: [rsevnrzylssedzj] C:\Documents and Settings\All Users\Dane aplikacji\rsevnrzy.exe File not found
O4 - HKU\S-1-5-21-4289377953-1970212417-366036058-1005..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" File not found
O33 - MountPoints2\{a9b8c9a0-67a2-11e0-9778-002163aa97ed}\Shell - "" = AutoRun
O33 - MountPoints2\{a9b8c9a0-67a2-11e0-9778-002163aa97ed}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{bc683d04-b9cb-11e0-979e-001377d195e6}\Shell - "" = AutoRun
O33 - MountPoints2\{bc683d04-b9cb-11e0-979e-001377d195e6}\Shell\AutoRun\command - "" = E:\iStudio.exe
[2012-07-27 22:45:33 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\Kuba\ms.exe
[2012-07-29 21:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\SpeedyPC Software
[2012-07-29 21:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\DriverCure
[2012-07-29 21:16:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Menu Start\Programy\SpeedyPC Software
[2012-07-29 21:16:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedyPC Software
[2012-07-29 21:02:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HitmanPro
:Commands
[emptytemp]
Kliknij wykonaj skrypt. Zatwierdź restart komputera. Zapisz raport, który powstanie po restarcie, i przedstaw go na forum.
- defacto19
- ~user
- Posty: 205
- Dołączenie: 23 Cze 2012, 11:51
- Pochwały: 42
-
Ukash poproszę o pomoc !
przez Lucek80 30 Lip 2012, 17:41
All processes killed
========== OTL ==========
HKU\S-1-5-21-4289377953-1970212417-366036058-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66bd2442-241b-44cd-8c7a-b51037053cdb}\ not found.
Registry key HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Prefs.js: "SweetIM Search" removed from browser.search.defaultenginename
Prefs.js: "TVersitybar Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "" removed from browser.search.defaulturl
Prefs.js: "SweetIM Search" removed from browser.search.selectedEngine
Prefs.js: "http://home.sweetim.com/?crg=3.1010000&st=10" removed from browser.startup.homepage
Prefs.js: jqs@sun.com:1.0 removed from extensions.enabledItems
Prefs.js: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:15.0.1 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 removed from extensions.enabledItems
Prefs.js: fe_3.6@nokia.com:1.7.110.333 removed from extensions.enabledItems
Prefs.js: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145 removed from extensions.enabledItems
Prefs.js: {66bd2442-241b-44cd-8c7a-b51037053cdb}:3.2.1.3 removed from extensions.enabledItems
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2548838&q=" removed from keyword.URL
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2548838&SearchSource=3&q={searchTerms}" removed from sweetim.toolbar.previous.browser.search.defaulturl
Prefs.js: "TVersitybar Customized Web Search" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "http://search.conduit.com/?ctid=CT2548838&SearchSource=13" removed from browser.startup.homepage
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\searchplugin folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\Plugins folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\modules folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\META-INF folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\defaults folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\components folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\chrome folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb} folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\searchplugins\sweetim.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{66BD2442-241B-44CD-8C7A-B51037053CDB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66BD2442-241B-44CD-8C7A-B51037053CDB}\ not found.
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Windows\CurrentVersion\Run\\ALLUpdate deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Windows\CurrentVersion\Run\\rsevnrzylssedzj deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9b8c9a0-67a2-11e0-9778-002163aa97ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9b8c9a0-67a2-11e0-9778-002163aa97ed}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9b8c9a0-67a2-11e0-9778-002163aa97ed}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9b8c9a0-67a2-11e0-9778-002163aa97ed}\ not found.
File E:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bc683d04-b9cb-11e0-979e-001377d195e6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bc683d04-b9cb-11e0-979e-001377d195e6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bc683d04-b9cb-11e0-979e-001377d195e6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bc683d04-b9cb-11e0-979e-001377d195e6}\ not found.
File E:\iStudio.exe not found.
C:\Documents and Settings\Kuba\ms.exe moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\SpeedyPC Software\SpeedyPC Pro folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\SpeedyPC Software folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\DriverCure folder moved successfully.
C:\Documents and Settings\Kuba\Menu Start\Programy\SpeedyPC Software\SpeedyPC Pro folder moved successfully.
C:\Documents and Settings\Kuba\Menu Start\Programy\SpeedyPC Software folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\SpeedyPC Software\SpeedyPC Pro folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\SpeedyPC Software folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\HitmanPro folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Kuba
->Temp folder emptied: 1766926 bytes
->Temporary Internet Files folder emptied: 2734747 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 17943310 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67762 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 21,00 mb
OTL by OldTimer - Version 3.2.55.0 log created on 07302012_173627
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF25E1.tmp not found!
File\Folder C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF25ED.tmp not found!
File\Folder C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF264B.tmp not found!
File\Folder C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF2657.tmp not found!
File\Folder C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF268A.tmp not found!
File\Folder C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF2696.tmp not found!
C:\Documents and Settings\Kuba\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I1WHFKRB\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Kuba\Ustawienia lokalne\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
PendingFileRenameOperations files...
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF25E1.tmp not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF25ED.tmp not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF264B.tmp not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF2657.tmp not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF268A.tmp not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF2696.tmp not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I1WHFKRB\viewtopic[1].htm not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat not found!
Registry entries deleted on Reboot...
========== OTL ==========
HKU\S-1-5-21-4289377953-1970212417-366036058-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66bd2442-241b-44cd-8c7a-b51037053cdb}\ not found.
Registry key HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Prefs.js: "SweetIM Search" removed from browser.search.defaultenginename
Prefs.js: "TVersitybar Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "" removed from browser.search.defaulturl
Prefs.js: "SweetIM Search" removed from browser.search.selectedEngine
Prefs.js: "http://home.sweetim.com/?crg=3.1010000&st=10" removed from browser.startup.homepage
Prefs.js: jqs@sun.com:1.0 removed from extensions.enabledItems
Prefs.js: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:15.0.1 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 removed from extensions.enabledItems
Prefs.js: fe_3.6@nokia.com:1.7.110.333 removed from extensions.enabledItems
Prefs.js: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145 removed from extensions.enabledItems
Prefs.js: {66bd2442-241b-44cd-8c7a-b51037053cdb}:3.2.1.3 removed from extensions.enabledItems
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2548838&q=" removed from keyword.URL
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2548838&SearchSource=3&q={searchTerms}" removed from sweetim.toolbar.previous.browser.search.defaulturl
Prefs.js: "TVersitybar Customized Web Search" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "http://search.conduit.com/?ctid=CT2548838&SearchSource=13" removed from browser.startup.homepage
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\searchplugin folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\Plugins folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\modules folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\META-INF folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\defaults folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\components folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\chrome folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb} folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\9s4qdtsg.default\searchplugins\sweetim.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{66BD2442-241B-44CD-8C7A-B51037053CDB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66BD2442-241B-44CD-8C7A-B51037053CDB}\ not found.
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Windows\CurrentVersion\Run\\ALLUpdate deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Windows\CurrentVersion\Run\\rsevnrzylssedzj deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4289377953-1970212417-366036058-1005\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9b8c9a0-67a2-11e0-9778-002163aa97ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9b8c9a0-67a2-11e0-9778-002163aa97ed}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9b8c9a0-67a2-11e0-9778-002163aa97ed}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9b8c9a0-67a2-11e0-9778-002163aa97ed}\ not found.
File E:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bc683d04-b9cb-11e0-979e-001377d195e6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bc683d04-b9cb-11e0-979e-001377d195e6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bc683d04-b9cb-11e0-979e-001377d195e6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bc683d04-b9cb-11e0-979e-001377d195e6}\ not found.
File E:\iStudio.exe not found.
C:\Documents and Settings\Kuba\ms.exe moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\SpeedyPC Software\SpeedyPC Pro folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\SpeedyPC Software folder moved successfully.
C:\Documents and Settings\Kuba\Dane aplikacji\DriverCure folder moved successfully.
C:\Documents and Settings\Kuba\Menu Start\Programy\SpeedyPC Software\SpeedyPC Pro folder moved successfully.
C:\Documents and Settings\Kuba\Menu Start\Programy\SpeedyPC Software folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\SpeedyPC Software\SpeedyPC Pro folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\SpeedyPC Software folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\HitmanPro folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Kuba
->Temp folder emptied: 1766926 bytes
->Temporary Internet Files folder emptied: 2734747 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 17943310 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67762 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 21,00 mb
OTL by OldTimer - Version 3.2.55.0 log created on 07302012_173627
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF25E1.tmp not found!
File\Folder C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF25ED.tmp not found!
File\Folder C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF264B.tmp not found!
File\Folder C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF2657.tmp not found!
File\Folder C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF268A.tmp not found!
File\Folder C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF2696.tmp not found!
C:\Documents and Settings\Kuba\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I1WHFKRB\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Kuba\Ustawienia lokalne\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
PendingFileRenameOperations files...
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF25E1.tmp not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF25ED.tmp not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF264B.tmp not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF2657.tmp not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF268A.tmp not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temp\~DF2696.tmp not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temporary Internet Files\Content.IE5\I1WHFKRB\viewtopic[1].htm not found!
File C:\Documents and Settings\Kuba\Ustawienia lokalne\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat not found!
Registry entries deleted on Reboot...
Ukash poproszę o pomoc !
przez defacto19 30 Lip 2012, 21:25
Wszystko jest dobrze. Uruchom OTL i użyj opcji sprzątanie.
Wykonaj tylko pare aktualizacji:
Java(TM) 6 Update 25 -> http://www.oracle.com/technetwork/java/javase/downloads/index.html
Adobe Reader 8 - Polish -> http://get.adobe.com/reader/
Mozilla Firefox 12.0 (x86 pl) -> http://www.mozilla.org/pl/firefox/new/
Adobe Flash Player 10 Plugin -> http://get.adobe.com/pl/flashplayer/
Wykonaj tylko pare aktualizacji:
Java(TM) 6 Update 25 -> http://www.oracle.com/technetwork/java/javase/downloads/index.html
Adobe Reader 8 - Polish -> http://get.adobe.com/reader/
Mozilla Firefox 12.0 (x86 pl) -> http://www.mozilla.org/pl/firefox/new/
Adobe Flash Player 10 Plugin -> http://get.adobe.com/pl/flashplayer/
- defacto19
- ~user
- Posty: 205
- Dołączenie: 23 Cze 2012, 11:51
- Pochwały: 42
-
6 posty(ów) • Strona 1 z 1
Kto jest na forum
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 5 gości