Nie chce zakładać nowego tematu więc się dopisuję tutaj. Mam identyczny problem jak w topicu. Blokada Menadżera zadań oraz HijackThis. Dziwne procesy (flower/ctfmon) miałem nadzieje, że format pomoże jednak nic z tego. Komputer świeżo sformatowany dołączał logi z ComboFix i Silent Runners. Serdecznie proszę o pomoc

ComboFix http://wklej.org/id/18717/

Silent Runners http://wklej.org/id/18718/

Wklej do Notatnika:

Driver::

hpt3xx


Registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\360rpt.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\360Safe.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\360tray.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\adam.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AgentSvr.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AppSvc32.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\auto.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AutoRun.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autoruns.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgrssvc.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AvMonitor.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avp.com]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avp.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CCenter.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ccSvcHst.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cross.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FileDsty.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FTCleanerShell.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guangd.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\HijackThis.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\IceSword.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iparmo.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Iparmor.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\isPwdSvc.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kabaload.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KaScrScn.SCR]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KASMain.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KASTask.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KAV32.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KAVDX.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KAVPFW.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KAVSetup.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KAVStart.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KISLnchr.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KMailMon.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KMFilter.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KPFW32.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KPFW32X.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KPFWSvc.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KRegEx.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KRepair.COM]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KsLoader.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KVCenter.kxp]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KvDetect.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KvfwMcl.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KVMonXP.kxp]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KVMonXP_1.kxp]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kvol.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kvolself.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KvReport.kxp]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KVSrvXP.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KVStub.kxp]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kvupload.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kvwsc.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KvXP.kxp]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KWatch.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KWatch9x.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KWatchX.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\loaddll.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MagicSet.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcconsol.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mmqczj.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mmsk.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NAVSetup.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nod32krn.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\nod32kui.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PFW.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PFWLiveUpdate.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\QHSET.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Ras.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Rav.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RavMon.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RavMonD.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RavStub.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RavTask.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RegClean.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rfwcfg.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RfwMain.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rfwProxy.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rfwsrv.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RsAgent.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Rsaupd.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\runiep.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\safelive.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\scan32.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SDGames.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\shcfg32.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ShuiNiu.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SmartUp.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sos.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SREng.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\svch0st.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\symlcsvc.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SysSafe.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Systom.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\taskmgr.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TNT.Exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TrojanDetector.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Trojanwall.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TrojDie.kxp]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TxoMoU.Exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UFO.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UIHost.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UmxAgent.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UmxAttachment.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UmxCfg.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UmxFwHlp.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UmxPol.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UpLive.EXE]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WoptiClean.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\XP.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\zxsweep.exe]

>>Plik>>Zapisz jako… >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe )

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe )

– podobnie jak na tym obrazku –>

(jeśli pojawi się pytanie " 1 or 2" - to wpisz 1 i naciśnij ENTER) Ma się rozpocząć usuwanie. (i powstanie log)

Po restarcie usuń ręcznie folder C: ** Qoobox**.