Komputer mi bardzo wolno chodzi

detoxeed · 6 Grudzień 2008 19:21

Witam,

mój komputer chodzi bardzo wolno, muli internet i wogole… Przy wlączonym GG i Neostradzie az strach wogole coś na nim robić, ponieważ zaraz się wiesza, wlacza się ponad 4minuty… Mam Winodwsa XP. Gdy mam Napis ZAPRASZAMY, slysze dzwięk jak komputer się wlączyl… A napis nadal jest. Dopiero po 3-4min znika i widzę swoj wlasny pulpit.

Proszę:

ComboFix 08-12-06.01 - UP 2008-12-06 20:03:29.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.234 [GMT 1:00]

Uruchomiony z: c:\documents and settings\UP\Pulpit\ComboFix.exe

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\abk.bat

C:\autorun.inf

C:\copy.exe

c:\documents and settings\UP\Menu Start\Programy\Autostart\lsass.exe

C:\host.exe

C:\ij.bat

C:\m2nl.bat

c:\program files\Mozilla Firefox\plugins\NPMyGlSh.dll

c:\program files\myglobalsearch

c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR

c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST

c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR

c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST

c:\program files\myglobalsearch\bar\1.bin\M9PLUGIN.DLL

c:\program files\myglobalsearch\bar\1.bin\MGSBAR.DLL

c:\program files\myglobalsearch\bar\1.bin\NPMYGLSH.DLL

c:\program files\myglobalsearch\bar\Cache\000293F9.bin

c:\program files\myglobalsearch\bar\Cache\00029725.bin

c:\program files\myglobalsearch\bar\Cache\0002A4D1.bin

c:\program files\myglobalsearch\bar\Cache\0009B857.bin

c:\program files\myglobalsearch\bar\Cache\0009BC10.bin

c:\program files\myglobalsearch\bar\Cache\0009BE33.bin

c:\program files\myglobalsearch\bar\Cache\0009C1AE

c:\program files\myglobalsearch\bar\Cache\00EC2771

c:\program files\myglobalsearch\bar\Cache\00EC2FAF.bin

c:\program files\myglobalsearch\bar\Cache\00EC32AC.bin

c:\program files\myglobalsearch\bar\Cache\00EC3471.bin

c:\program files\myglobalsearch\bar\Cache\038930F1

c:\program files\myglobalsearch\bar\Cache\files.ini

c:\program files\myglobalsearch\bar\History\search

c:\program files\myglobalsearch\bar\Settings\prevcfg.htm

c:\windows\autorun.inf

c:\windows\services.exe

c:\windows\svchost.exe

c:\windows\system32\ckvo.exe

c:\windows\system32\ckvo0.dll

c:\windows\system32\gasretyw0.dll

c:\windows\system32\gasretyw1.dll

c:\windows\system32\kamsoft.exe

c:\windows\system32\setup.ini

c:\windows\system32\temp1.exe

c:\windows\system32\temp2.exe

c:\windows\xcopy.exe

C:\xih9.cmd

D:\abk.bat

D:\Autorun.inf

D:\copy.exe

D:\host.exe

D:\ij.bat

D:\m2nl.bat

D:\xih9.cmd

.

((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_BNDMSS

-------\Service_BNDMSS

((((((((((((((((((((((((( Pliki utworzone od 2008-11-06 do 2008-12-06 )))))))))))))))))))))))))))))))

.

2008-12-06 19:32 . 2008-12-06 19:32

2008-12-06 18:49 . 2008-12-06 18:49

2008-12-06 17:36 . 2008-12-06 17:36

2008-12-06 17:28 . 2008-12-06 17:28 10,344 --a------ c:\windows\system32\drivers\symlcbrd.sys

2008-12-06 17:26 . 2008-12-06 19:58

2008-12-06 17:26 . 2008-12-06 18:43

2008-12-06 17:26 . 2008-12-06 17:35

2008-12-06 17:26 . 2005-09-17 07:20 108,168 --a------ c:\windows\system32\drivers\SYMEVENT.SYS

2008-12-06 17:26 . 2005-09-17 07:20 87,768 --a------ c:\windows\system32\S32EVNT1.DLL

2008-12-06 16:59 . 2008-12-06 17:10

2008-12-04 01:19 . 2008-12-06 20:00 30,720 --a------ c:\documents and settings\UP\skp66.exe

2008-12-03 19:51 . 2008-12-03 19:51 30,720 --------- c:\windows\system32\bndmss.exe

2008-11-30 19:32 . 2008-11-30 19:32 171 --a------ c:\windows\icecast2.ini

2008-11-30 19:14 . 2008-11-30 19:33

2008-11-29 07:34 . 2008-11-29 07:27 764,955 --a------ C:\temp34.tmp

2008-11-28 15:18 . 2008-11-28 15:17 105,411 -r-hs---- C:\o1.com

2008-11-24 18:43 . 2008-11-25 22:41

2008-11-23 21:14 . 2008-11-23 21:14

2008-11-23 21:14 . 2004-08-23 13:49 40,960 --a------ c:\windows\system32\FTRTSVC.exe

2008-11-23 21:14 . 2005-10-06 14:55 36,864 --a------ c:\windows\system32\IfHelper.dll

2008-11-22 11:50 . 2008-11-22 11:50

2008-11-15 22:13 . 2008-12-06 16:59 25 --a------ c:\windows\SIERRA.INI

2008-11-13 21:36 . 2001-05-16 17:54 309,616 --a------ c:\windows\system32\wmv8dmod.dll

2008-11-13 21:36 . 2001-03-26 04:41 245,760 --a------ c:\windows\system32\mp4sds32.ax

2008-11-13 21:35 . 2001-05-11 13:18 420,240 --a------ c:\windows\system32\mpg4c32.dll

2008-11-12 22:45 . 2008-12-06 17:00

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-06 18:59 --------- d-----w c:\program files\neostrada tp

2008-12-06 16:35 --------- d-----w c:\program files\Spybot - Search & Destroy

2008-12-06 15:57 --------- d–h--w c:\program files\InstallShield Installation Information

2008-12-06 12:03 --------- d-----w c:\documents and settings\UP\Dane aplikacji\Tibia

2008-12-02 15:17 --------- d-----w c:\documents and settings\UP\Dane aplikacji\Azureus

2008-11-29 06:34 630,784 ----a-w c:\windows\Help\TIBICAM.EXE

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe

2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Gadu-Gadu”=“d:\gadu-gadu\gg.exe” [2007-04-19 2101248]

“ctfmon.exe”=“c:\windows\system32\ctfmon.exe” [2004-08-03 15360]

“MSMSGS”=“c:\program files\Messenger\msmsgs.exe” [2004-08-04 1667584]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2004-08-03 15360]

“Nokia.PCSync”=“c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe” [2007-03-27 1744896]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\

Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]

–a------ 2006-01-02 15:41 45056 c:\program files\ATI Technologies\ATI.ACE\CLI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

–a------ 2003-08-12 20:10 335872 c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]

–a------ 2006-08-01 17:04 3313664 c:\program files\BearShare\BearShare.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

–a------ 2005-09-17 07:27 52848 c:\program files\Common Files\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

–a------ 2007-03-23 13:20 227328 c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

–a------ 2008-01-15 23:54 37376 c:\program files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]

--------- 2004-10-14 15:55 32768 c:\progra~1\NEOSTR~1\GestMAJ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]

--------- 2004-08-23 13:49 20480 c:\progra~1\NEOSTR~1\Watch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdslTaskBar]

-ra------ 2006-06-02 12:01 151552 c:\windows\system32\stmctrl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

“AntiVirusDisableNotify”=dword:00000001

“UpdatesDisableNotify”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

“DisableMonitoring”=dword:00000001

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

“EnableFirewall”= 0 (0x0)

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe”=

“d:\Gadu-Gadu\gg.exe”=

“d:\Azureus\Azureus.exe”=

“c:\Program Files\BearShare\BearShare.exe”=

“c:\Documents and Settings\UP\Pulpit\YurOts 0.3 (Versao 8.0)0\Yurots 0.3 Versao 0.8.exe”=

“d:\Return to Castle Wolfenstein\WolfMP.exe”=

“d:\Program Files\Gadu-Gadu2\gg.exe”=

“d:\NFS Most Wanted\speed.exe”=

“c:\WINDOWS\system32\bndmss.exe”=

“c:\Documents and Settings\UP\skp66.exe”=skp66.exe

“skp66.exe”= skp66.exe:BNDMSS

R3 SiS7012;Service for AC’97 Sample Driver (WDM);c:\windows\system32\drivers\sis7012.sys [2008-03-20 267136]

R3 Stmatm;ATM/ADSL miniport;c:\windows\system32\DRIVERS\stmatm.sys [2008-11-22 60255]

R3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\DRIVERS\torususb.sys [2008-11-22 684265]

S2 Icecast;Icecast Media Server;“c:\program files\Icecast2 Win32\icecastService.exe” “c:\program files\Icecast2 Win32” []

S3 AVPsys;AVPsys;??\c:\windows\system32\drivers\cdaudio.sys [2001-08-17 18688]

S3 bfastfao;bfastfao;??\c:\docume~1\UP\USTAWI~1\Temp\bfastfao.sys []

S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{d994b56f-50ca-11dd-bfd1-000b6a83a2d8}]

\Shell\AutoRun\command - G:\o1.com

\Shell\explore\Command - G:\o1.com

\Shell\open\Command - G:\o1.com

*Newly Created Service* - COMHOST

.

- - - USUNIĘTO PUSTE WPISY - - - -

MSConfigStartUp-Windows - c:\windows\services.exe

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.neostrada.pl

IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: { - c:\program files\Messenger\msmsgs.exe

IE: {c:\program files\Messenger\msmsgs.exe - -

FireFox -: Profile - c:\documents and settings\UP\Dane aplikacji\Mozilla\Firefox\Profiles\dv2e7zgx.default\

FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-06 20:09:09

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów …

skanowanie ukrytych wpisów autostartu …

skanowanie ukrytych plików …

skanowanie pomyślnie ukończone

ukryte pliki: 0

**************************************************************************

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - > ‘winlogon.exe’(624)

c:\windows\system32\Ati2evxx.dll

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\windows\system32\ati2evxx.exe

c:\program files\Common Files\Symantec Shared\ccSetMgr.exe

c:\windows\system32\ati2evxx.exe

c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe

c:\program files\Common Files\Symantec Shared\ccProxy.exe

c:\program files\Common Files\Symantec Shared\SNDSrvc.exe

c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

c:\windows\system32\FTRTSVC.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

d:\norton internet security\Norton AntiVirus\navapsvc.exe

c:\windows\system32\wdfmgr.exe

.

**************************************************************************

.

Czas ukończenia: 2008-12-06 20:12:03 - komputer został uruchomiony ponownie [uP]

ComboFix-quarantined-files.txt 2008-12-06 19:11:55

Przed: 15,000,408,064 bajtów wolnych

Po: 15,272,763,392 bajtów wolnych

WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Professional” /noexecute=optin /fastdetect

229

TO JEST Z PLIKU “ComboFix-quarantined-files”:

2008-03-21 01:11:33 A------- 140 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\1.bin\M9FFXTBR.MANIFEST.vir

2008-03-21 01:11:33 A------- 140 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\1.bin\M9NTSTBR.MANIFEST.vir

2008-03-21 01:11:33 A------- 4,829 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\1.bin\M9FFXTBR.JAR.vir

2008-03-21 01:11:33 A------- 6,493 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\1.bin\M9NTSTBR.JAR.vir

2008-03-21 01:11:33 A------- 45,056 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\1.bin\M9PLUGIN.DLL.vir

2008-03-21 01:11:33 A------- 225,280 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL.vir

2008-03-21 01:11:34 A------- 24,576 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\1.bin\NPMYGLSH.DLL.vir

2008-03-21 01:11:35 A------- 24,576 C:\Qoobox\Quarantine\C\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll.vir

2008-03-21 02:33:42 A------- 532 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\files.ini.vir

2008-03-21 02:33:42 A------- 1,024 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\History\search.vir

2008-03-21 02:33:59 A------- 7,611 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\00EC2771.vir

2008-03-21 02:34:00 A------- 7,611 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Settings\prevcfg.htm.vir

2008-03-21 02:34:01 A------- 1,320 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\00EC32AC.bin.vir

2008-03-21 02:34:01 A------- 4,504 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\00EC2FAF.bin.vir

2008-03-21 02:34:02 A------- 1,092 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\00EC3471.bin.vir

2008-03-30 11:57:34 A------- 4,504 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\0009B857.bin.vir

2008-03-30 11:57:35 A------- 1,092 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\0009BE33.bin.vir

2008-03-30 11:57:35 A------- 1,320 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\0009BC10.bin.vir

2008-03-30 11:57:36 A------- 79 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\0009C1AE.vir

2008-04-07 23:24:08 A------- 4,504 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\000293F9.bin.vir

2008-04-07 23:24:09 A------- 1,320 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\00029725.bin.vir

2008-04-07 23:24:12 A------- 1,092 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\0002A4D1.bin.vir

2008-04-23 19:38:54 A------- 34 C:\Qoobox\Quarantine\C\WINDOWS\autorun.inf.vir

2008-04-23 19:38:54 A------- 1,211 C:\Qoobox\Quarantine\C\WINDOWS\xcopy.exe.vir

2008-04-23 19:38:54 A------- 70,207 C:\Qoobox\Quarantine\C\WINDOWS\svchost.exe.vir

2008-04-23 19:38:55 A------- 2,085 C:\Qoobox\Quarantine\C\WINDOWS\system32\temp2.exe.vir

2008-04-23 19:38:55 A------- 35,346 C:\Qoobox\Quarantine\C\WINDOWS\system32\temp1.exe.vir

2008-04-23 19:38:56 A------- 561 C:\Qoobox\Quarantine\C\autorun.inf.vir

2008-04-23 19:38:56 A------- 1,211 C:\Qoobox\Quarantine\C\copy.exe.vir

2008-04-23 19:38:56 A------- 70,207 C:\Qoobox\Quarantine\C\host.exe.vir

2008-11-21 15:32:37 A------- 85,504 C:\Qoobox\Quarantine\C\WINDOWS\system32\ckvo0.dll.vir

2008-11-21 15:32:37 A------- 105,839 C:\Qoobox\Quarantine\C\WINDOWS\system32\ckvo.exe.vir

2008-11-21 15:33:04 A------- 105,839 C:\Qoobox\Quarantine\C\xih9.cmd.vir

2008-11-22 11:50:45 A------- 902 C:\Qoobox\Quarantine\C\WINDOWS\system32\setup.ini.vir

2008-11-24 14:38:27 A------- 85,504 C:\Qoobox\Quarantine\C\WINDOWS\system32\gasretyw0.dll.vir

2008-11-24 14:38:27 A------- 105,411 C:\Qoobox\Quarantine\C\WINDOWS\system32\kamsoft.exe.vir

2008-11-24 14:38:53 A------- 108,888 C:\Qoobox\Quarantine\C\abk.bat.vir

2008-11-25 14:14:07 A------- 85,504 C:\Qoobox\Quarantine\C\WINDOWS\system32\gasretyw1.dll.vir

2008-11-25 14:14:33 A------- 104,480 C:\Qoobox\Quarantine\C\ij.bat.vir

2008-11-25 15:56:18 A------- 562,528 C:\Qoobox\Quarantine\C\WINDOWS\services.exe.vir

2008-11-27 07:40:50 A------- 108,477 C:\Qoobox\Quarantine\C\m2nl.bat.vir

2008-11-29 07:28:02 A------- 764,955 C:\Qoobox\Quarantine\C\Documents and Settings\UP\Menu Start\Programy\Autostart\lsass.exe.vir

2008-12-02 14:28:43 A------- 79 C:\Qoobox\Quarantine\C\Program Files\MyGlobalSearch\bar\Cache\038930F1.vir

2008-12-06 19:54:44 A------- 108 C:\Qoobox\Quarantine\catchme.log

2008-12-06 20:05:31 A------- 7,623 C:\Qoobox\Quarantine\Registry_backups\tcpip.reg

2008-12-06 20:05:45 A------- 1,094 C:\Qoobox\Quarantine\Registry_backups\Legacy_BNDMSS.reg.dat

2008-12-06 20:05:45 A------- 2,466 C:\Qoobox\Quarantine\Registry_backups\Service_BNDMSS.reg.dat

2008-12-06 20:10:50 A------- 0 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-CFSServ.exe.reg.dat

2008-12-06 20:10:50 A------- 0 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-NDSTray.exe.reg.dat

2008-12-06 20:10:50 A------- 0 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-TFncKy.reg.dat

2008-12-06 20:11:14 A------- 550 C:\Qoobox\Quarantine\Registry_backups\MSConfigStartUp-Windows.reg.dat

PROSZĘ O POMOC…

Z góry dziękuję.

PatrykM

apdjs · 6 Grudzień 2008 20:05

Wylecz pendriva lub kartę pamięci

Perlovga Removal Tool

Flash Disinfector

lub format

Zaznacz, wklej do notatnika, i zapisz plik jako CFScript.txt najlepiej aby ikonka tego pliku znajdowała się obok ikonki ComboFix.exe

File::

c:\documents and settings\UP\skp66.exe

c:\windows\system32\bndmss.exe

C:\temp34.tmp

C:\o1.com

c:\windows\system32\FTRTSVC.exe

c:\windows\system32\IfHelper.dll

G:\o1.com

Folder::

c:\windows\system32\AlertModule

C:\Qoobox

Na czas skanowania proszę wyłączyć wszelkie zapory i antyvirusy

Przeciągnij i upuść plik CFScript.txt na ikonkę ComboFix.exe powinno rozpocząć się usuwanie po tym daj log na forum

Loga wklejasz na WKLEJ TO lub WKLEJ a w poście daj linka