Wyslalem loga do sprawdzenia na wklejto.pl,i mam problem bo nie wiem jak usunac zarazone pliki
“-//W3C//DTD XHTML 1.0 Strict//EN” “[http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd](http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\)”>http://www.w3.org/1999/xhtml" dir=“ltr” lang=“pl” xml:lang=“pl”>
prosze o pomoc jakim programem je usunac.
Tu programy: viewtopic.php?f=16&t=36654
m.in. HijackThis.
A podaj linka do loga, jeśli piszesz, że wysłałeś…
link
http://wklejto.pl/index.php?d=szukaj
W dniu 29.06.2008 , o godzinie 23:50 został dopisany post przez kaza114
pod nikim kaza114
W dniu 30.06.2008 , o godzinie 0:01 został dopisany post przez kaza114
link
fix w hijackthis
Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:
File::
C:\Users\William\AppData\Local\Temp\qoMgghGa.dll
C:\Users\William\AppData\Local\Temp\opnkjGVn.dll
C:\Users\William\AppData\Local\Temp\eymfgaln.dll
Plik -> zapisz jako -> CFScript.txt (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe )
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu ->
Rozpocznie się usuwanie i powstanie log, daj ten log na forum.
Logi dajesz na http://wklejto.pl a w poście dajesz tylko link
Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:
Folder::
C:\Windows\AppPatch
Regiatry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AT-Watch"=-
Plik -> zapisz jako -> CFScript.txt (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe )
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu ->
Rozpocznie się usuwanie i powstanie log, daj ten log na forum.
Logi dajesz na http://wklejto.pl a w poście dajesz tylko link
powtórz moją wcześnijesza wskazówkę
Ok,powtorzone
W dniu 30.06.2008 , o godzinie 21:33 został dopisany post przez kaza114
a zobacz ten log
Log wygląda na czysty
zrób optymalizacje uruchamiania
http://cybertrash.netarteria.pl/cyber/i … 378.0.html
usuń ręcznie folder C: \Qoobox usuń instalkę Combofix z dysku.
Wyłącz I włącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl
przeskanuj obszar Mój komputer http://www.kaspersky.pl/virusscanner.html pokaż raport stronę uruchomić przez IE
raport
AntiVir PersonalEdition Classic
Report file date: 2008-06-30 22:02
Scanning for 835736 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: SYSTEM
Computer name: WILLIAM-PC
Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 2007-09-13 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 2007-09-13 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 2007-09-13 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 2007-09-17 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 2007-08-03 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:21
Configuration settings for the scan:
Jobname…: Complete system scan
Configuration file…: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging…: low
Primary action…: interactive
Secondary action…: ignore
Scan master boot sector…: off
Scan boot sector…: on
Boot sectors…: D:,
Scan memory…: on
Process scan…: on
Scan registry…: on
Search for rootkits…: off
Scan all files…: Intelligent file selection
Scan archives…: on
Recursion depth…: 20
Smart extensions…: on
Macro heuristic…: on
File heuristic…: medium
Start of the scan: 2008-06-30 22:02
The scan of running processes will be started
Scan process ‘avscan.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘avcenter.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘SearchFilterHost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘SearchProtocolHost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘avgnt.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘avguard.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘sched.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘VSSVC.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘CPSHelpRunner.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘WmiPrvSE.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘XAudio.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘SearchIndexer.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘stacsv.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘sprtsvc.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘BTStackServer.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘GoogleDesktop.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘dpupdchk.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘taskeng.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘quickset.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘DLG.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘BTTray.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘emule.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘sprtcmd.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘UnlockerAssistant.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘jusched.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘ashDisp.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘ipoint.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘PCMService.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘GoogleDesktop.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘RoxWatchTray9.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘issch.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘WLTRAY.EXE’ - ‘1’ Module(s) have been scanned
Scan process ‘sttray.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘wmdc.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘igfxpers.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘hkcmd.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘SynTPEnh.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘MSASCui.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘taskeng.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘spoolsv.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘explorer.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘dwm.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘ashServ.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘aswUpdSv.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘BCMWLTRY.EXE’ - ‘1’ Module(s) have been scanned
Scan process ‘WLTRYSVC.EXE’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘SLsvc.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘audiodg.exe’ - ‘0’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘winlogon.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘lsm.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘lsass.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘services.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘csrss.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘wininit.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘csrss.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘smss.exe’ - ‘1’ Module(s) have been scanned
69 processes with 69 modules were scanned
Start scanning boot sectors:
Boot sector ‘C:’
[NOTE] No virus was found!
Boot sector ‘D:’
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( ‘18’ files ).
Starting the file scan:
Begin scan in ‘C:’
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in ‘D:’
End of the scan: 2008-06-30 22:28
Used time: 25:58 min
The scan has been done completely.
14053 Scanning directories
143536 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
143536 Files not concerned
888 Archives were scanned
2 Warnings
22 Notes
niestety ale nie moge przeskanowac kampa tym programem bo gdy go uruchomilem to po chwili skanowania windows explorer zatrzymal sie i restart,tak jak bylo wczesniej,nawet nie moge przywrocic systemu,co sie dzieje pomocy.
Pobierz System Repair Engineer
http://www.cybertrash.pl/images/tata/Sy … ineer.html
przeskanuj daj log
tej strony nie ma
poprawiłem
nic nie moge zrobic bo co pare sekund windows explorer sie restartuje
W dniu 03.07.2008 , o godzinie 1:09 został dopisany post przez kaza114
nic nie moge zrobic bo co pare sekund windows explorer sie restartuje
W trybie awaryjnym spróbuj
chyba nic z tego nie bedzie bo ten program do naprawy systemu otwiera mi sie w adobe raider i sa tam same informacje,chyba ze cos przeoczylem,albo nie wim jak go uruchomic,normalnie to bym kompa naprawil z plyty ale cos jest nie tak z napendem bo nie moge otwozyc zadnej plyty.
W dniu 04.07.2008 , o godzinie 23:22 został dopisany post przez kaza114
widze ze dla mojego problemu nie ma rozwiazania no trudno bede musial kompa zaniesc do serwisu
ps.dziekuje wszystkim za pomoc.