karon
(Forexman)
8 Maj 2006 18:12
#1
probowalem usunac go roznymi programamiAd-aware, Spybot) jak i roznymi skanerami online ale sie nie daje.Pokazuje mi komunikat ze nie moze usunac ,odmowa dostepu.Nie wiem co mam robic,jestem poczatkujacym userem tak ze prosze o pomoc i wyrozumialosc
oto moje logi
Logfile of HijackThis v1.99.1 Scan saved at 8:00:48 PM, on 5/8/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Yahoo!\Messenger\ypager.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\acs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\22s(Small Animated Browser Logo).exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\SYSTEM32\rundll32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\MetaTrader 4\terminal.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\andrzej\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/def … .yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def … earch.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def … .yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = F2 - REG:system.ini: UserInit=userinit.exe O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O4 - HKLM…\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe O4 - HKLM…\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM…\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM…\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM…\Run: [OWS Setup CmdLine] “C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe” /pkg “Office 2000 Server Extensions” O4 - HKLM…\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe” O4 - HKLM…\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://arcaonline.arcabit.com/ArcaOnline.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc … oscan8.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O18 - Filter: text/html - {994D478A-45D0-4DB4-AE77-738B1E346E99} - C:\Program Files\SDVita\SDVita.dll O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\f02mlaf11d2.dll O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Gutek
(Gutek)
8 Maj 2006 18:18
#2
uusń hijakciem a folder ręcznie w trybie awaryjnym
użyj Look2Me-Destroyer.exe
Nastepnie ściągnij l2mfix.exe i daj log nr 1 z narzędzia L2Mfix
karon
(Forexman)
8 Maj 2006 18:46
#3
Ok zrobilem wedlug Twojej instrukcji,narazie wszystko wyglada dobrze
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 5/8/2006 8:27:03 PM
Infected! C:\WINDOWS\system32\f02mlaf11d2.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP28\A0003671.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP28\A0003676.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0003740.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0003745.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0003757.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0003762.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006603.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006608.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006621.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006646.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006647.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006672.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006673.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006746.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006751.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006792.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006818.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006833.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006834.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006847.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006848.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006863.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006888.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006889.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006899.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006907.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006911.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006918.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006941.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006957.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006981.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006982.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006986.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007000.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007001.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007015.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007016.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007086.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007087.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007099.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007100.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007124.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007137.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007148.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007150.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007162.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007165.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0009254.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012252.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012253.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012260.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012261.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012265.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012266.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012269.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012270.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012271.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012272.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012276.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012277.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0013875.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0013883.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0013900.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0013910.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014059.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014067.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014074.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014075.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014076.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014077.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014078.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014079.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014080.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014081.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014082.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014083.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014084.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014085.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014087.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014088.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014090.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014091.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014093.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014099.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014105.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014128.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014141.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0017244.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0017262.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017753.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017768.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017778.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017794.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017805.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017806.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017817.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017818.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017829.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017830.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017845.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017846.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017847.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017848.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017849.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017850.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017856.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017857.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017871.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017889.dll
Infected! C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017890.dll
Infected! C:\WINDOWS\system32\e6200gfme62a0.dll
Infected! C:\WINDOWS\system32\f02mlaf11d2.dll
Infected! C:\WINDOWS\system32\mnxoci.dll
Infected! C:\WINDOWS\system32\guard.tmp
Attempting to delete infected files...
Attempting to delete: C:\WINDOWS\system32\f02mlaf11d2.dll
C:\WINDOWS\system32\f02mlaf11d2.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP28\A0003671.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP28\A0003671.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP28\A0003676.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP28\A0003676.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0003740.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0003740.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0003745.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0003745.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0003757.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0003757.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0003762.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0003762.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006603.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006603.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006608.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006608.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006621.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006621.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006646.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006646.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006647.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP29\A0006647.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006672.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006672.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006673.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006673.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006746.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006746.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006751.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006751.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006792.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006792.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006818.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006818.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006833.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006833.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006834.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006834.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006847.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006847.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006848.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006848.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006863.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006863.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006888.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006888.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006889.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006889.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006899.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006899.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006907.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006907.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006911.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006911.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006918.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006918.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006941.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006941.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006957.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006957.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006981.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006981.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006982.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006982.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006986.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0006986.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007000.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007000.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007001.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007001.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007015.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007015.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007016.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007016.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007086.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007086.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007087.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007087.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007099.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007099.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007100.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007100.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007124.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007124.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007137.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007137.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007148.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007148.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007150.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007150.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007162.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007162.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007165.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0007165.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0009254.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP30\A0009254.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012252.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012252.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012253.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012253.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012260.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012260.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012261.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012261.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012265.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012265.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012266.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012266.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012269.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012269.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012270.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012270.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012271.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012271.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012272.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012272.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012276.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012276.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012277.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0012277.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0013875.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0013875.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0013883.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0013883.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0013900.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0013900.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0013910.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0013910.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014059.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014059.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014067.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014067.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014074.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014074.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014075.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014075.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014076.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014076.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014077.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014077.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014078.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014078.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014079.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014079.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014080.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014080.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014081.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014081.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014082.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014082.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014083.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014083.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014084.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014084.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014085.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014085.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014087.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014087.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014088.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014088.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014090.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014090.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014091.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014091.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014093.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014093.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014099.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014099.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014105.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014105.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014128.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014128.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014141.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0014141.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0017244.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0017244.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0017262.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP31\A0017262.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017753.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017753.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017768.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017768.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017778.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017778.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017794.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017794.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017805.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017805.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017806.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017806.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017817.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017817.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017818.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017818.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017829.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017829.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017830.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017830.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017845.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017845.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017846.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017846.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017847.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017847.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017848.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017848.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017849.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017849.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017850.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017850.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017856.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017856.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017857.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017857.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017871.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017871.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017889.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017889.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017890.dll
C:\System Volume Information\_restore{A7CD7CE4-5F34-44D4-BA7B-F6F6FE2F9A0B}\RP34\A0017890.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\e6200gfme62a0.dll
C:\WINDOWS\system32\e6200gfme62a0.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\f02mlaf11d2.dll
C:\WINDOWS\system32\f02mlaf11d2.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\mnxoci.dll
C:\WINDOWS\system32\mnxoci.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\guard.tmp
C:\WINDOWS\system32\guard.tmp Deleted successfully!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ThemeManager
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{85215C0E-4F71-4977-A12B-E2E1E39D1771}"
HKCR\Clsid\{85215C0E-4F71-4977-A12B-E2E1E39D1771}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{FBF4D248-1728-4CD5-87B8-D5E67DFE00F1}"
HKCR\Clsid\{FBF4D248-1728-4CD5-87B8-D5E67DFE00F1}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{D56C7904-0F1E-4183-AF95-EB301E44414D}"
HKCR\Clsid\{D56C7904-0F1E-4183-AF95-EB301E44414D}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{09D56415-AD37-4F24-ADBC-2C81A3EC3977}"
HKCR\Clsid\{09D56415-AD37-4F24-ADBC-2C81A3EC3977}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{77FA56E9-328D-4A8F-96C3-AA80D318D74A}"
HKCR\Clsid\{77FA56E9-328D-4A8F-96C3-AA80D318D74A}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{566AAA98-7626-41D0-9962-C0267B7A9954}"
HKCR\Clsid\{566AAA98-7626-41D0-9962-C0267B7A9954}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administrators - Succeeded
karon
(Forexman)
8 Maj 2006 19:25
#5
Przeskanowalem Spybot-search ale wciaz mi wykrywa jakies wirusy i nie moze ich wywalic
ostatnie logi
Logfile of HijackThis v1.99.1
Scan saved at 9:23:03 PM, on 5/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MetaTrader 4\terminal_russian.exe
C:\Documents and Settings\andrzej\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [OWS Setup CmdLine] "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe" /pkg "Office 2000 Server Extensions"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://arcaonline.arcabit.com/ArcaOnline.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Bieniol
(Bbieniol)
8 Maj 2006 19:30
#7
Możesz usunąć jeszcze te wpisy (ale to kosmetyka):
Poza tym czysto
Podaj lokalizację tych zainfekowanych plików
Zrób jeszcze skan EWIDO po update
karon
(Forexman)
8 Maj 2006 22:41
#8
Zrobilem skan Ewido jak i Norton Antivir i obydwa podaja mniej wiecej to samo.Oto sciezkaC:\WINDOWS\SYSTEM32\guard.tmp C:\WINDOWS\Ahvtyxoo.dll
Cos mi sie wydaje ze ten wirus mnie polubil
karon
(Forexman)
8 Maj 2006 23:13
#10
To co mam teraz zrobic?Czy tylko format mi pozostal CZego szczerze chcial bym uniknac
logi z Spybot
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\cmdService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services|cmdService
Gutek
(Gutek)
9 Maj 2006 04:56
#11
Zobacz Usuwanie VX2.BetterInternet i daj log nr 1 z narzędzia L2Mfix spokojnie usuniemy, a ty się czegoś nauczysz
Start >>> Uruchom >>> services.msc >>> zatrzymaj i wyłącz cmdService
karon
(Forexman)
9 Maj 2006 08:16
#12
Ok cmdservice wogole nie moglem odnalezc :? Probowalem usunac automatami wedlug instrukcji z linku ktory zapodales ale rzeczywiscie sa do niczego wielkie dzieki wszystkim za pomoc bo okazuje sie ze nie tak latwo to sie tego przyjaciela pozbyc
oto logi
L2MFIX find log 032106
karon
(Forexman)
9 Maj 2006 11:55
#14
superek wielkie dzieki dla wszystkich,tylko pogratulowac wiedzy,no i przy okazji ja sie czegos nauczylem
pzdr
Złączono Posta : 10.05.2006 (Sro) 8:46
Za kazdym razem jak skanuje Spybotem to wyskakuja mi te loga ktorych nie moge usunac
Command Service: Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdService Command Service: Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\cmdService Command Service: Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\cmdService
Probowalem poprzez services odnalezc cmdservices i je wylaczyc ale niestety nic nie znajduje.Sorki za zamieszanie ale chce byc pewny do konca ze wszystko jest ok
Złączono Posta : 10.05.2006 (Sro) 10:37
kuz5:
Czysto
a ten cmdervice wyglada na to ze dostalem go w pakiecie z VX2