_Dani
4 Listopad 2010 13:59
#1
Przeskanowałem system nortonem, wykrył mi kilkanaście niebezpiecznych wirusów. Prosze o sprawdzenie log z HiJack http://www.wklejto.pl/80777
(nie moge wykonac skanu otl, gdyż zawiesza mi się on przy skanowaniu ustawień firefox- którego wcześniej odinstalowałem)
Monczkin
4 Listopad 2010 14:02
#2
!Dani , nazwij proszę temat konkretnie, bez zbędnych problemów i logów w tytule. Inaczej wyciągnę konsekwencje. Przeczytaj proszę ten temat. viewtopic.php?f=16&t=394978
Leon1
4 Listopad 2010 14:57
#3
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts: div#headerblock div{font-family:arial;}
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
Help
O1 - Hosts:
Get Yahoo! Toolbar
O1 - Hosts:
O1 - Hosts: if(window.yzq_d==null)window.yzq_d=new Object();
O1 - Hosts: window.yzq_d[‘0Qw4Atj8a20-’]=’&U=13hn349r9%2fN%3d0Qw4Atj8a20-%2fC%3d650008.13445975.13532322.12832737%2fD%3dHPRM2%2fB%3d5706923%2fV%3d1’;
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
Sorry, the GeoCities web site you were trying to reach is no longer available.
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
GeoCities has closed, but there’s a lot more to explore on Yahoo!
O1 - Hosts:
Visit one of these popular Yahoo! sites:
O1 - Hosts:
O1 - Hosts:
Yahoo! Mail
O1 - Hosts:
Web Hosting
O1 - Hosts:
News
O1 - Hosts:
Games
O1 - Hosts:
Sports
O1 - Hosts:
Movies
O1 - Hosts:
Finance
O1 - Hosts:
Maps
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
The GeoCities site you were looking for may have been preserved in the Internet Archive’s Wayback Machine. To find out, visit Archive.org and enter the site’s web address in the field provided.
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts: Copyright © 2009 Yahoo! Inc. All rights reserved.
O1 - Hosts:
O1 - Hosts:
Privacy Policy -
O1 - Hosts:
Copyright Policy -
O1 - Hosts:
Guidelines
O1 - Hosts:
O1 - Hosts:
Terms of Service
O1 - Hosts:
O1 - Hosts:
Help
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
O1 - Hosts:
_Dani
5 Listopad 2010 10:47
#4
log Extras.txt http://wklej.to/Gp8B
log OTL.txt http://wklej.to/2l4s
Dziękuje za pomoc
Leon1
6 Listopad 2010 10:56
#5
OTL w oknie Custom Scans-Fixes wklej następujący skrypt:
:OTL O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - Reg Error: Key error. File not found O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - Reg Error: Key error. File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Oprogramowanie Kodak EasyShare.lnk - C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE - File not found MsConfig - StartUpFolder: C:^Documents and Settings^Domiczek210^Menu Start^Programy^Autostart^Empty.pif - C:\Documents and Settings\Domiczek210\Menu Start\Programy\Autostart\Empty.pif - File not found MsConfig - StartUpFolder: C:^Documents and Settings^Domiczek210^Menu Start^Programy^Autostart^OpenOffice.ux.pl 3.1.lnk - C:\PROGRA~1\OPENOF~1.PL3\program\QUICKS~1.EXE - File not found MsConfig - StartUpReg: api32 - hkey= - key= - C:\DOCUME~1\DOMICZ~1\USTAWI~1\Temp\apiqq.exe File not found MsConfig - StartUpReg: cdoosoft - hkey= - key= - C:\DOCUME~1\DOMICZ~1\USTAWI~1\Temp\herss.exe File not found MsConfig - StartUpReg: IMMON - hkey= - key= - C:\Program Files\IM Magician\Vicamon.exe File not found MsConfig - StartUpReg: IPLA! - hkey= - key= - C:\Documents and Settings\Domiczek210\Moje dokumenty\ipla\ipla.exe File not found MsConfig - StartUpReg: king_mg - hkey= - key= - C:\Documents and Settings\Domiczek210\Ustawienia lokalne\Temp\mgking.exe () MsConfig - StartUpReg: Nowe Gadu-Gadu - hkey= - key= - C:\Program Files\Nowe Gadu-Gadu\gg.exe File not found MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found MsConfig - StartUpReg: nwiz - hkey= - key= - File not found MsConfig - StartUpReg: PCSuiteTrayApplication - hkey= - key= - C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE File not found MsConfig - StartUpReg: PcSync - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe File not found MsConfig - StartUpReg: RGSC - hkey= - key= - D:\Gry\Rockstar Games Social Club\RGSCLauncher.exe File not found MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found MsConfig - StartUpReg: Tok-Cirrhatus - hkey= - key= - C:\Documents and Settings\Domiczek210\Ustawienia lokalne\Dane aplikacji\smss.exe File not found SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error. [2010-11-02 19:42:57 | 000,153,088 | RHS- | M] () – C:\9keibj.exe [2010-10-30 17:28:25 | 000,175,616 | RHS- | M] () – C:\apqpm.exe [2010-10-28 17:33:36 | 000,175,616 | RHS- | M] () – C:\b9v.exe :Files C:\Documents and Settings\Domiczek210\Ustawienia lokalne\Temp\mgking.exe D:\9keibj.exe E:\9keibj.exe D:\apqpm.exe E:\apqpm.exe D:\b9v.exe E:\b9v.exe :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] “D:\Muserver\RankingServer\RankingServer.EXE”=- “D:\Muserver\ExDB\ExDB.exe”=- “D:\Muserver\ChatServer\ChatServer.exe”=- “D:\Muserver\GameServer\GameServer.exe”=- “D:\Muserver\GameServerCS\GameServerCS.exe”=- “C:\Program Files\Electronic Arts\EADM\Core.exe”=- “D:\Muserver\DataServer\DataServer.exe”=- “D:\Muserver\ConnectServer\Cs.exe”=- “D:\Muserver\JoinServer\JoinServer.exe”=- “D:\Muserver\EventServer\EventServer.exe”=- “C:\Program Files\GameSpy Arcade\Aphex.exe”=- “E:\Azureus Downloads\Worms 4 Mayhem\CRACK\WORMS 4 MAYHEM.EXE”=- “D:\Gry\WORMS 4 MAYHEM.EXE”=- “C:\Program Files\Nowe Gadu-Gadu\gg.exe”=- “C:\Program Files\Puzzle Quest\Puzzle Quest.exe”=- “C:\Program Files\EA Games\Ultima Online 2D Client\client.exe”=- “C:\Documents and Settings\Domiczek210\Pulpit\uoam\uoam\uoam.exe”=- “C:\Dzony-Loker\mirc.exe”=- “C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe”=- :Commands [emptytemp] [resethosts] [start explorer] [Reboot]
Kliknij w Run Fix. Zatwierdź restart komputera.
potem nowy log OTL robiony opcją Run Scan
Leon1
6 Listopad 2010 12:48
#7
powtórz usuwanie OTL >> nie wykonało się (nie zapomnij w scrypcie wkleić
z dwukropkiem
Leon1
6 Listopad 2010 14:24
#9
Log wygląda na czysty
Pobierz CCleaner http://www.filehippo.com/download_ccleaner/
przeskanuj nim i wyczyść rejestr.
W OTL kilknij CleanUp
Wyłącz i włącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl
przeskanuj
Dr.WEB CureIt! http://www.dobreprogramy.pl/DrWEB-CureI … 12976.html
