Crime
(Crime)
25 Grudzień 2006 15:14
#1
Siemka mam ostatnio kłopoty z kompem,zapora się jakoś sama wyłącza, chyba coś się do niego dostało jakiś wirus czy coś, dzisaj aktualizowałem avasta, ad-aware i spybota i pare wirusów i szpiegów usunołem, ale jak włącze kompa, to i chcem coś robić to obciążenie 100% jest … wklejam log z Hijackthis - jak możecie to bardzo proszę pomóżcie. Pozdrawiam.
LOG:
Logfile of HijackThis v1.99.1 Scan saved at 15:33:54, on 2006-12-25 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\syspools.exe C:\Program Files\BitComet\BitComet.exe C:\Documents and Settings\Łukasz\l5M2A1g.exe C:\WINDOWS\system32\dwwin.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\taskdir.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\UKASZ~1\USTAWI~1\Temp\Rar$EX00.937\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [system spool] C:\WINDOWS\system32\syspools.exe O4 - HKLM…\Run: [DiskeeperSystray] “C:\Program Files\Executive Software\Diskeeper\DkIcon.exe” O4 - HKLM…\Run: [Hidder] C:\PROGRA~1\GDATAS~1\SEKRET~1\Hidder.exe /start O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [bitComet] “C:\Program Files\BitComet\BitComet.exe” O4 - HKCU…\Run: [system spool] C:\WINDOWS\system32\syspools.exe O4 - HKCU…\Run: [taskdir] C:\WINDOWS\system32\taskdir.exe O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://*.mks.com.pl O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
adam9870
(adam9870)
25 Grudzień 2006 15:45
#2
Nie trzymaj hijacka w TEMPie bądź innym katalogu tymczasowym - umieść go np. na pulpicie.
Ściągasz program KillBox , zaznaczasz Delete on reboot , w polu full path of file wklej ścieżki:
C:\WINDOWS\system32\syspools.exe
C:\WINDOWS\system32\taskdir.exe
po wklejeniu każdej ścieżki z osobna klikasz na czerwonego iksa, a dopiero po wklejeniu ostatniej zgadzasz się na restart.
To Twoje?
jeśli nie to także wklej tą ścieżkę.
Usuń w hjt.
Po wykonaniu proszę pokazać nowy log z HijackThis plus z SilentRunners .
squeet
(squeet)
25 Grudzień 2006 15:47
#3
Proszę zmienić tytuł swojego tematu na konkretny, mówiący o problemie.
W tym celu proszę użyć przycisku
Wspaniała porada. Takie posty nie mają sensu.
Pomagamy na Forum, nie na kanałach prywatnych.
Kosz.
Crime
(Crime)
25 Grudzień 2006 16:16
#4
dzieki adam9870 juz tak mi nie obciaza kompa po zmianach, a co do loga z Silent Runners’a nie moge zrobic bo jakis błąd wyskakuje znalazłem na forum jak go naprawic i robie wszystko tak i nadal wszystko tak mam wyskakuje bląd Host skryptów systemu Windows
LOG:
Logfile of HijackThis v1.99.1 Scan saved at 17:20:23, on 2006-12-25 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe D:\Programy\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [DiskeeperSystray] “C:\Program Files\Executive Software\Diskeeper\DkIcon.exe” O4 - HKLM…\Run: [Hidder] C:\PROGRA~1\GDATAS~1\SEKRET~1\Hidder.exe /start O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [bitComet] “C:\Program Files\BitComet\BitComet.exe” O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://*.mks.com.pl O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
adam9870
(adam9870)
25 Grudzień 2006 16:21
#5
Log jest ok.
O problemach z Silentem poczytaj tutaj .
Crime
(Crime)
25 Grudzień 2006 18:12
#6
kurna robie tak samo jak jest tam co na tym linku podales i dalej mi to wyskakuje:
PS: Jaki polecisz mi antyvirus i jakies antyszpiegowskie ?
Bieniol
(Bbieniol)
25 Grudzień 2006 18:14
#7
Mój komputer -> Narzędzia -> Opcje folderów -> Typy plików
Zaznacz tam rozszerzenie VBS i kliknij Usuń . Następnie kliknij Nowy -> rozszerzenie pliku: VBS , Skojarzone typy plików: VBSscript Script File i ok
Następnie podświetl dodane rozszerzenie VBS i kliknij na dole Zaawansowane -> w oknie Akcje podświetl Otwórz i kliknij edytuj -> i ustaw tak:
Aplikacja używana do wykonania akcji: C:\WINDOWS\system32\wscript.exe “%1” %*
Zaznacz: Użyj DDE
Komunikat DDE: zostawiasz puste
Aplikacja: WScript
Nieuruchomiona aplikacja DDE: zostawiasz puste
Temat: System
Klikasz OK -> OK -> Zastosuj -> Zamknij
squeet
(squeet)
25 Grudzień 2006 18:18
#8
Crime prosiłem o zmianę tytułu tematu na konkretny .
Zrób to.
Crime
(Crime)
25 Grudzień 2006 18:28
#9
squeet może juz byc temat ?? bo niewiem jak nazwac Bieniol robię to samo dokładnie i mam ten sam problem nadal.
Crime
(Crime)
25 Grudzień 2006 18:39
#11
o z tym poszedł
ťukasz - 06-12-25 19:41:27,71 Dodatek Service Pack 2 ComboFix 06.11.27 - Running from: “D:\Programy” ((((((((((((((((((((((((((((((( Files Created from 2006-11-25 to 2006-12-25 )))))))))))))))))))))))))))))))))) 2006-12-25 16:53 2006-12-25 16:46 2006-12-25 15:34 46,592 --a------ C:\WINDOWS\system32\zlbw.dll 2006-12-25 15:33 2006-12-25 15:17 31,776 --a------ C:\WINDOWS\system32\drivers\AFPAnsi.sys 2006-12-25 15:17 2006-12-25 13:56 6,239 --a------ C:\Documents and Settings\Lukasz\bCVn3hW.exe 2006-12-25 12:13 6,239 --a------ C:\Documents and Settings\Lukasz\DAS04A5.exe 2006-12-25 11:06 6,239 --a------ C:\Documents and Settings\Lukasz\jljiiS8.exe 2006-12-25 11:06 4,608 --a------ C:\WINDOWS\system32\adir.dll 2006-12-24 18:43 6,239 --a------ C:\Documents and Settings\Lukasz\BxrTlP0.exe 2006-12-24 17:42 6,239 --a------ C:\Documents and Settings\Lukasz\bqG8VaX.exe 2006-12-24 16:45 6,239 --a------ C:\Documents and Settings\Lukasz\tXK0512.exe 2006-12-24 16:39 6,239 --a------ C:\Documents and Settings\Lukasz\Q5B23QL.exe 2006-12-24 14:30 6,239 --a------ C:\WINDOWS\system32\qW003Xq.exe 2006-12-24 14:29 6,239 --a------ C:\Documents and Settings\Lukasz\St3W85F.exe 2006-12-24 13:46 2006-12-24 13:41 2006-12-24 13:41 2006-12-24 13:02 6,239 --a------ C:\WINDOWS\system32\se.exe 2006-12-24 13:02 6,239 --a------ C:\WINDOWS\system32\d1LLDsA.exe 2006-12-24 13:02 18,015 --a------ C:\WINDOWS\system32\w.exe 2006-12-24 13:02 128,607 --a------ C:\WINDOWS\system32\ss.exe 2006-12-24 13:01 54,367 --a------ C:\WINDOWS\system32\google.png.exe 2006-12-24 12:54 2006-12-24 12:52 2006-12-24 12:52 2006-12-24 12:35 720,896 --a------ C:\WINDOWS\iun6002.exe 2006-12-24 11:19 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2006-12-24 10:55 2006-12-23 10:13 2006-12-23 09:32 2006-12-23 09:05 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2006-12-23 09:05 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2006-12-23 09:05 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2006-12-23 09:04 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr 2006-12-23 09:04 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2006-12-23 09:04 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2006-12-23 09:04 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe 2006-12-22 20:23 25,992 --a------ C:\WINDOWS\system32\pgdfgsvc.exe 2006-12-22 20:07 2006-12-22 20:06 2006-12-22 19:30 2006-12-22 19:27 2006-12-22 19:27 2006-12-15 20:06 2006-12-14 18:35 2006-12-13 13:24 715,048 --a------ C:\WINDOWS\system32\SkanerOnline.dll 2006-12-09 20:46 2006-12-09 20:46 2006-12-05 16:23 2006-12-05 16:23 2006-12-01 21:23 2006-12-01 16:49 2006-11-27 14:00 69,952 --a------ C:\WINDOWS\system32\SkanerOnlineUninstall.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-25 19:40 -------- d-------- C:\Program Files\Mozilla Firefox 2006-12-25 16:13 -------- d-------- C:\Program Files\Winamp 2006-12-25 10:16 -------- d-------- C:\Program Files\SkanerOnline 2006-12-24 12:52 -------- d-------- C:\Program Files\Common Files 2006-12-24 12:48 -------- d-------- C:\Program Files\Ahead 2006-12-24 11:27 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys 2006-12-24 09:57 -------- d-------- C:\Program Files\foobar2000 2006-12-23 20:41 -------- d-------- C:\Program Files\Common Files\InstallShield 2006-12-23 14:53 -------- d-------- C:\Program Files\Gadu-Gadu 2006-12-23 10:14 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll 2006-12-23 09:26 96256 --a------ C:\WINDOWS\system32\drivers\sptd8061.sys 2006-12-18 19:37 -------- d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Skype 2006-12-15 18:07 -------- d-------- C:\Program Files\DAEMON Tools 2006-12-15 18:03 -------- d-------- C:\Program Files\Internet Explorer 2006-12-10 17:29 -------- d-------- C:\Program Files\Common Files\System 2006-12-10 17:29 -------- d-------- C:\Program Files\Common Files\Microsoft Shared 2006-12-05 16:23 -------- d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Mozilla 2006-11-23 15:54 -------- d-------- C:\Program Files\XviD 2006-11-23 15:50 -------- d-------- C:\Program Files\AC3Filter 2006-11-21 19:06 -------- d-------- C:\Program Files\Lavasoft 2006-11-21 19:06 -------- d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Lavasoft 2006-11-19 19:13 -------- d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\OpenOffice.org2 2006-11-11 14:56 -------- d-------- C:\Program Files\Common Files\InterVideo 2006-11-11 13:19 -------- d-------- C:\Program Files\Creative 2006-11-03 14:48 -------- d-------- C:\Program Files\DivX 2006-11-03 08:32 73216 --a------ C:\WINDOWS\ST6UNST.EXE 2006-11-03 08:32 249856 --a------ C:\WINDOWS\Setup1.exe 2006-10-28 10:36 -------- d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\AdobeUM 2006-10-28 10:36 -------- d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Adobe 2006-10-28 10:34 -------- d-------- C:\Program Files\Common Files\Adobe 2006-10-28 10:32 -------- d-------- C:\Program Files\Adobe 2006-09-30 08:36 62 --ahs---- C:\Documents and Settings\Lukasz\Dane aplikacji\desktop.ini 2006-09-30 07:53 0 -rahs---- C:\MSDOS.SYS 2006-09-30 07:53 0 -rahs---- C:\IO.SYS 2006-09-30 07:53 0 --a------ C:\CONFIG.SYS 2006-09-30 07:53 0 --a------ C:\AUTOEXEC.BAT (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] “Gadu-Gadu”="“C:\Program Files\Gadu-Gadu\gg.exe” /tray" “BitComet”="“C:\Program Files\BitComet\BitComet.exe”" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] “NvCplDaemon”=“RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup” “NWEReboot”="" “DiskeeperSystray”="“C:\Program Files\Executive Software\Diskeeper\DkIcon.exe”" “Hidder”=“C:\PROGRA~1\GDATAS~1\SEKRET~1\Hidder.exe /start” “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] “DeskHtmlVersion”=dword:00000110 “DeskHtmlMinorVersion”=dword:00000005 “Settings”=dword:00000001 “GeneralFlags”=dword:00000000 [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “CTFMON.EXE”=“C:\WINDOWS\System32\CTFMON.EXE” [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] “CTFMON.EXE”=“C:\WINDOWS\System32\CTFMON.EXE” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] “{438755C2-A8BA-11D1-B96B-00A0C90312E1}”=“Moduł wstępnego ładowania interfejsu Browseui” “{8C7461EF-2B13-11d2-BE35-3078302C2030}”=“Demon buforu kategorii składników” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] “{AEB6717E-7E19-11d0-97EE-00C04FD91972}”="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] “NoDriveTypeAutoRun”=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “dontdisplaylastusername”=dword:00000000 “legalnoticecaption”="" “legalnoticetext”="" “shutdownwithoutlogon”=dword:00000001 “undockwithoutlogon”=dword:00000001 [HKEY_USERS.default\software\microsoft\windows\currentversion\policies\explorer] “NoDriveTypeAutoRun”=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] “NoDriveTypeAutoRun”=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] “PostBootReminder”="{7849596a-48ea-486e-8937-a2a3009f31a9}" “CDBurn”="{fbeb8a05-beee-4442-804e-409d6c4515e9}" “WebCheck”="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" “SysTray”="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] “path”=“C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk” “backup”=“C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup” “location”=“Common Startup” “command”=“C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE " “item”=“Adobe Reader Speed Launch” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“ashDisp” “hkey”=“HKLM” “command”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“BearShare” “hkey”=“HKLM” “command”=”“C:\Program Files\BearShare\BearShare.exe” /pause" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“ctfmon” “hkey”=“HKCU” “command”=“C:\WINDOWS\system32\ctfmon.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“daemon” “hkey”=“HKLM” “command”="“C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“gg” “hkey”=“HKCU” “command”="“C:\Program Files\Gadu-Gadu\gg.exe” /tray" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KAVPersonal50] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“kav” “hkey”=“HKLM” “command”=“C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“msmsgs” “hkey”=“HKCU” “command”="“C:\Program Files\Messenger\msmsgs.exe” /background" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“NeroCheck” “hkey”=“HKLM” “command”=“C:\WINDOWS\system32\NeroCheck.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“NvCpl” “hkey”=“HKLM” “command”=“RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“NvMcTray” “hkey”=“HKLM” “command”=“RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”="" “hkey”=“HKLM” “command”="" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“nwiz” “hkey”=“HKLM” “command”=“nwiz.exe /install” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“Skype” “hkey”=“HKCU” “command”="“C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“jusched” “hkey”=“HKLM” “command”=“C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“winampa” “hkey”=“HKLM” “command”=“C:\Program Files\Winamp\winampa.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] “SecurityProviders”=“msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll” ~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ backup-20061225-170359-781 O4 - HKCU…\Run: [system spool] C:\WINDOWS\system32\syspools.exe Completion time: 06-12-25 19:42:03.46 C:\ComboFix.txt … 06-12-25 19:42
PS: Bieniol jakiego antyvira polecisz i przeciwko szpiegom ?
Bieniol
(Bbieniol)
25 Grudzień 2006 18:47
#12
Użyj Windows Worms Doors Cleanera zmień znaczki z disable na enable (jeżeli jakieś znaczki są żółte, to niech takie zostaną). Po użyciu tego narzędzia wymagany jest reset sysa.
Zrób skan AVG AntySpyware 7.5 po update i usuń wszystko co znajdzie.
Przeskanuj system tymi skanerami:
http://www.kaspersky.pl/virusscanner.html
http://www.pandasoftware.com/activescan … ncipal.htm
Przeskanuj komputer programami Ad-aware SE Personal 1.06 oraz Spybot Search & Destroy 1.4
Po zabiegach nowy log z ComboFixa
Crime
(Crime)
25 Grudzień 2006 19:00
#13
ok tylko mam problem otworzenia kasperskiego online w IE ;/ jak klikam zeby skanowal nic sie nie dzieje
Bieniol
(Bbieniol)
25 Grudzień 2006 19:01
#14
Przeskanuj w takim razie wszystkimi innymi skanerami
Crime
(Crime)
25 Grudzień 2006 19:06
#15
mks online lukne - niedlugo będzie LOG
Złączono Posta : 25.12.2006 (Pon) 21:49
ok all zrobione
ťukasz - 06-12-25 21:52:07,01 Dodatek Service Pack 2 ComboFix 06.11.27 - Running from: “D:\Programy” ((((((((((((((((((((((((((((((( Files Created from 2006-11-25 to 2006-12-25 )))))))))))))))))))))))))))))))))) 2006-12-25 20:20 3,968 --a------C:\WINDOWS\system32\drivers\AvgAsCln.sys 2006-12-25 20:20 2006-12-25 16:53 2006-12-25 16:46 2006-12-25 15:33 2006-12-25 15:17 31,776 --a------ C:\WINDOWS\system32\drivers\AFPAnsi.sys 2006-12-25 15:17 2006-12-24 13:46 2006-12-24 13:41 2006-12-24 13:41 2006-12-24 13:02 6,239 --a------ C:\WINDOWS\system32\se.exe 2006-12-24 13:02 18,015 --a------ C:\WINDOWS\system32\w.exe 2006-12-24 13:02 128,607 --a------ C:\WINDOWS\system32\ss.exe 2006-12-24 13:01 54,367 --a------ C:\WINDOWS\system32\google.png.exe 2006-12-24 12:54 2006-12-24 12:52 2006-12-24 12:52 2006-12-24 12:35 720,896 --a------ C:\WINDOWS\iun6002.exe 2006-12-24 11:19 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2006-12-24 10:55 2006-12-23 10:13 2006-12-23 09:32 2006-12-23 09:05 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2006-12-23 09:05 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2006-12-23 09:05 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2006-12-23 09:04 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr 2006-12-23 09:04 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2006-12-23 09:04 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2006-12-23 09:04 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe 2006-12-22 20:23 25,992 --a------ C:\WINDOWS\system32\pgdfgsvc.exe 2006-12-22 20:07 2006-12-22 20:06 2006-12-22 19:30 2006-12-22 19:27 2006-12-22 19:27 2006-12-15 20:06 2006-12-14 18:35 2006-12-13 13:24 715,048 --a------ C:\WINDOWS\system32\SkanerOnline.dll 2006-12-09 20:46 2006-12-09 20:46 2006-12-05 16:23 2006-12-05 16:23 2006-12-01 21:23 2006-12-01 16:49 2006-11-27 14:00 69,952 --a------ C:\WINDOWS\system32\SkanerOnlineUninstall.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-25 21:36 -------- d-------- C:\Program Files\Mozilla Firefox 2006-12-25 21:20 -------- d-------- C:\Program Files\SkanerOnline 2006-12-25 21:02 -------- d-------- C:\Program Files\DAEMON Tools 2006-12-25 16:13 -------- d-------- C:\Program Files\Winamp 2006-12-24 12:52 -------- d-------- C:\Program Files\Common Files 2006-12-24 12:48 -------- d-------- C:\Program Files\Ahead 2006-12-24 11:27 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys 2006-12-24 09:57 -------- d-------- C:\Program Files\foobar2000 2006-12-23 20:41 -------- d-------- C:\Program Files\Common Files\InstallShield 2006-12-23 14:53 -------- d-------- C:\Program Files\Gadu-Gadu 2006-12-23 10:14 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll 2006-12-23 09:26 96256 --a------ C:\WINDOWS\system32\drivers\sptd8061.sys 2006-12-18 19:37 -------- d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Skype 2006-12-15 18:03 -------- d-------- C:\Program Files\Internet Explorer 2006-12-10 17:29 -------- d-------- C:\Program Files\Common Files\System 2006-12-10 17:29 -------- d-------- C:\Program Files\Common Files\Microsoft Shared 2006-12-05 16:23 -------- d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Mozilla 2006-11-23 15:54 -------- d-------- C:\Program Files\XviD 2006-11-23 15:50 -------- d-------- C:\Program Files\AC3Filter 2006-11-21 19:06 -------- d-------- C:\Program Files\Lavasoft 2006-11-21 19:06 -------- d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Lavasoft 2006-11-19 19:13 -------- d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\OpenOffice.org2 2006-11-11 14:56 -------- d-------- C:\Program Files\Common Files\InterVideo 2006-11-11 13:19 -------- d-------- C:\Program Files\Creative 2006-11-03 14:48 -------- d-------- C:\Program Files\DivX 2006-11-03 08:32 73216 --a------ C:\WINDOWS\ST6UNST.EXE 2006-11-03 08:32 249856 --a------ C:\WINDOWS\Setup1.exe 2006-10-28 10:36 -------- d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\AdobeUM 2006-10-28 10:36 -------- d-------- C:\Documents and Settings\Lukasz\Dane aplikacji\Adobe 2006-10-28 10:34 -------- d-------- C:\Program Files\Common Files\Adobe 2006-10-28 10:32 -------- d-------- C:\Program Files\Adobe 2006-09-30 08:36 62 --ahs---- C:\Documents and Settings\Lukasz\Dane aplikacji\desktop.ini 2006-09-30 07:53 0 -rahs---- C:\MSDOS.SYS 2006-09-30 07:53 0 -rahs---- C:\IO.SYS 2006-09-30 07:53 0 --a------ C:\CONFIG.SYS 2006-09-30 07:53 0 --a------ C:\AUTOEXEC.BAT (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] “BitComet”="“C:\Program Files\BitComet\BitComet.exe”" “Gadu-Gadu”="“C:\Program Files\Gadu-Gadu\gg.exe” /tray" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] “!AVG Anti-Spyware”="“C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized" “NvCplDaemon”=“RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup” [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] “DeskHtmlVersion”=dword:00000110 “DeskHtmlMinorVersion”=dword:00000005 “Settings”=dword:00000001 “GeneralFlags”=dword:00000000 [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “CTFMON.EXE”=“C:\WINDOWS\System32\CTFMON.EXE” [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] “CTFMON.EXE”=“C:\WINDOWS\System32\CTFMON.EXE” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] “{438755C2-A8BA-11D1-B96B-00A0C90312E1}”=“Moduł wstępnego ładowania interfejsu Browseui” “{8C7461EF-2B13-11d2-BE35-3078302C2030}”=“Demon buforu kategorii składników” [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] “{AEB6717E-7E19-11d0-97EE-00C04FD91972}”="" “{57B86673-276A-48B2-BAE7-C6DBB3020EB8}”=“AVG Anti-Spyware 7.5” [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] “NoDriveTypeAutoRun”=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “dontdisplaylastusername”=dword:00000000 “legalnoticecaption”="" “legalnoticetext”="" “shutdownwithoutlogon”=dword:00000001 “undockwithoutlogon”=dword:00000001 [HKEY_USERS.default\software\microsoft\windows\currentversion\policies\explorer] “NoDriveTypeAutoRun”=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] “NoDriveTypeAutoRun”=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] “PostBootReminder”="{7849596a-48ea-486e-8937-a2a3009f31a9}" “CDBurn”="{fbeb8a05-beee-4442-804e-409d6c4515e9}" “WebCheck”="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" “SysTray”="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] “path”=“C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk” “backup”=“C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup” “location”=“Common Startup” “command”=“C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE " “item”=“Adobe Reader Speed Launch” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“ashDisp” “hkey”=“HKLM” “command”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“BearShare” “hkey”=“HKLM” “command”=”“C:\Program Files\BearShare\BearShare.exe” /pause" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“ctfmon” “hkey”=“HKCU” “command”=“C:\WINDOWS\system32\ctfmon.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“daemon” “hkey”=“HKLM” “command”="“C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“gg” “hkey”=“HKCU” “command”="“C:\Program Files\Gadu-Gadu\gg.exe” /tray" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KAVPersonal50] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“kav” “hkey”=“HKLM” “command”=“C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“msmsgs” “hkey”=“HKCU” “command”="“C:\Program Files\Messenger\msmsgs.exe” /background" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“NeroCheck” “hkey”=“HKLM” “command”=“C:\WINDOWS\system32\NeroCheck.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“NvCpl” “hkey”=“HKLM” “command”=“RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“NvMcTray” “hkey”=“HKLM” “command”=“RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”="" “hkey”=“HKLM” “command”="" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“nwiz” “hkey”=“HKLM” “command”=“nwiz.exe /install” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“Skype” “hkey”=“HKCU” “command”="“C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized" “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“jusched” “hkey”=“HKLM” “command”=“C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] “key”=“SOFTWARE\Microsoft\Windows\CurrentVersion\Run” “item”=“winampa” “hkey”=“HKLM” “command”=“C:\Program Files\Winamp\winampa.exe” “inimapping”=“0” [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] “SecurityProviders”=“msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll” Completion time: 06-12-25 21:52:41.48 C:\ComboFix.txt … 06-12-25 21:52 C:\ComboFix2.txt … 06-12-25 19:42
Złączono Posta : 26.12.2006 (Wto) 8:35
i jak ?? dobre logi ?
Bieniol
(Bbieniol)
26 Grudzień 2006 07:56
#16
Usuń ręcznie z dysku te pliki/foldery:
C:\ !KillBox
C:\WINDOWS\system32\ se.exe
C:\WINDOWS\system32\ w.exe
C:\WINDOWS\system32\ ss.exe
Jak wygląda sytuacja z kompem?
Crime
(Crime)
26 Grudzień 2006 08:03
#17
ok usuniete, dla mnie komp teraz lux chodzi nie ma problemów i to wszystko co do usuwania ??
Bieniol
(Bbieniol)
26 Grudzień 2006 08:07
#18
Dla pewności możesz dać nowy log z ComboFixa