Proszę o sprawdzenie loga-->nie moge usunąć wirusa z tray

Dla specjalistów Bezpieczeństwo
#1

ComboFix 07-12-09.1 - latitude 2007-12-10 8:43:31.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.54 [GMT 1:00]

Running from: C:\Documents and Settings\latitude\Pulpit\pasek\ComboFix.exe

* Created a new restore point

.

ADS - svchost.exe: deleted 68 bytes in 1 streams.

ADS - ntoskrnl.exe: deleted 228 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\do nagrania\Ulubione\Online Security Guide.lnk

C:\Documents and Settings\Administrator\Pulpit\Live Safety Center.lnk

C:\Documents and Settings\Administrator\Pulpit\Online Security Guide.lnk

C:\Documents and Settings\Administrator\Ulubione\Online Security Guide.lnk

C:\Documents and Settings\All Users\Menu Start\Live Safety Center.lnk

C:\Documents and Settings\All Users\Menu Start\Online Security Guide.lnk

C:\Documents and Settings\latitude\Pulpit\Live Safety Center.lnk

C:\Documents and Settings\latitude\Pulpit\Online Security Guide.lnk

C:\WINDOWS\hosts

C:\WINDOWS\system32\awtss.dll

C:\WINDOWS\system32\ceexeoyg.dll

C:\WINDOWS\system32\ceexeoyg.dllbox

C:\WINDOWS\system32\jkxbxyhb.dll

C:\WINDOWS\system32\lnaytdap.dll

C:\WINDOWS\system32\padtyanl.ini

C:\WINDOWS\system32\plugin1.dat

C:\WINDOWS\system32\pmnmjjj.dll

C:\WINDOWS\system32\sstwa.ini

C:\WINDOWS\system32\sstwa.ini2

C:\WINDOWS\system32\SysPr.prx

C:\WINDOWS\system32\winjyp32.dll

C:\WINDOWS\system32\xpdx.sys

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\xpdx

((((((((((((((((((((((((( Files Created from 2007-11-10 to 2007-12-10 )))))))))))))))))))))))))))))))

.

2007-12-10 00:21 . 2007-12-10 08:33

2007-12-09 23:37 . 2007-12-09 23:37

2007-12-09 23:36 . 2007-12-09 23:36

2007-12-09 23:36 . 2007-12-09 23:37

2007-12-09 23:26 . 2007-12-09 23:26

2007-12-09 22:35 . 2007-12-09 23:04

2007-12-09 21:01 . 2007-12-09 21:15

2007-12-07 20:57 . 2007-12-07 20:57 57,856 --a------ C:\pgdxf.exe

2007-12-07 20:57 . 2007-12-07 20:57 46,592 --a------ C:\WINDOWS\system32\e404d.dll

2007-12-07 20:57 . 2007-12-07 20:57 2 --a------ C:-1528075227

2007-12-06 01:43 . 2005-07-28 08:18 685,056 --a------ C:\WINDOWS\system32\drivers\hardlock.sys

2007-12-06 01:43 . 2007-12-06 01:43 191,488 --a------ C:\WINDOWS\system32\hlvdd.dll

2007-12-06 01:43 . 2007-12-10 09:04 0 --a------ C:\WINDOWS\TempFile

2007-12-06 01:31 . 2006-02-02 07:42 468,084 --a------ C:\WINDOWS\cluninst.exe

2007-12-06 01:31 . 2006-08-25 01:35 4,096 --a------ C:\WINDOWS\system\LEXHDL5.DLL

2007-12-06 01:28 . 2007-12-06 01:31

2007-12-06 01:28 . 2007-12-06 01:36 98 --a------ C:\WINDOWS\etkinst.ini

2007-12-04 12:37 . 2007-12-04 12:37

2007-11-29 21:36 . 2007-11-29 21:36 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll

2007-11-26 21:00 . 2007-12-06 23:27

2007-11-23 01:05 . 2007-11-23 01:05

2007-11-23 01:03 . 2007-12-03 13:00

2007-11-23 01:03 . 2007-11-23 01:03

2007-11-23 01:03 . 2007-11-23 01:03

2007-11-23 01:03 . 2007-12-03 13:00

2007-11-23 01:03 . 2003-01-27 16:32 831,600 --a------ C:\WINDOWS\system32\Ctaa1.dat

2007-11-23 01:03 . 2003-11-11 10:44 333,600 --a------ C:\WINDOWS\system32\drivers\ctdvda2k.sys

2007-11-23 01:03 . 2003-11-11 10:43 77,824 --a------ C:\WINDOWS\system32\ctdvda32.dll

2007-11-23 00:31 . 2007-11-23 00:31

2007-11-23 00:29 . 2007-11-23 00:31 48 —hs---- C:\WINDOWS\S2E1A37E3.tmp

2007-11-23 00:27 . 2007-12-03 12:55

2007-11-23 00:02 . 2007-11-23 00:02 249,856 --------- C:\WINDOWS\Setup1.exe

2007-11-23 00:02 . 2007-11-23 00:02 73,216 --a------ C:\WINDOWS\ST6UNST.EXE

2007-11-22 23:19 . 2007-11-22 23:21

2007-11-22 22:57 . 2007-11-22 22:57

2007-11-22 22:57 . 2007-11-22 22:57

2007-11-22 22:56 . 2007-11-22 22:56

2007-11-22 22:56 . 2007-11-22 22:56

2007-11-22 22:53 . 2007-11-22 22:53

2007-11-22 22:53 . 2007-11-22 22:53

2007-11-22 22:53 . 2007-02-21 21:00 10,752 --a------ C:\WINDOWS\system32\ff_vfw.dll

2007-11-22 22:53 . 2006-12-10 23:32 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest

2007-11-22 22:51 . 2007-11-22 22:51

2007-11-22 22:42 . 2007-11-22 22:53

2007-11-22 22:40 . 2007-11-22 22:40

2007-11-22 22:37 . 2007-12-03 13:09

2007-11-22 22:24 . 2007-11-22 22:28

2007-11-22 22:16 . 2007-11-22 22:16 0 --a------ C:\WINDOWS\PlayList.Fpl

2007-11-22 22:12 . 2007-11-22 23:26

2007-11-22 22:12 . 2007-11-22 22:12 389,120 --a------ C:\WINDOWS\system32\ACTSKN43.OCX

2007-11-17 13:02 . 2007-11-17 13:32

2007-11-17 12:49 . 2007-11-17 12:49

2007-11-17 12:47 . 2007-11-29 22:12

2007-11-15 17:06 . 2007-12-03 13:08 46 --a------ C:\WINDOWS\adiras.ini

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-12-10 08:03 --------- d-----w C:\Documents and Settings\latitude\Dane aplikacji\Avant Browser

2007-12-09 21:27 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard

2007-12-09 20:56 --------- d-----w C:\Program Files\FDF

2007-12-09 19:37 --------- d-----w C:\Program Files\Deutsch Translator 2

2007-12-09 18:46 --------- d-----w C:\Program Files\eMule

2007-12-03 12:08 --------- d–h--w C:\Program Files\InstallShield Installation Information

2007-12-03 12:07 --------- d-----w C:\Program Files\Common Files\Real

2007-12-03 12:03 --------- d-----w C:\Program Files\MagicISO

2007-12-03 12:01 --------- d-----w C:\Program Files\LimeWire

2007-12-03 11:58 --------- d-----w C:\Program Files\Common Files\BHPS

2007-12-01 16:39 --------- d-----w C:\Program Files\Gadu-Gadu

2007-11-30 20:08 --------- d-----w C:\Documents and Settings\latitude\Dane aplikacji\Skype

2007-11-30 08:22 --------- d-----w C:\Program Files\BitComet

2007-11-28 21:39 --------- d-----w C:\Documents and Settings\latitude\Dane aplikacji\OpenOffice.ux.pl2

2007-11-22 20:59 --------- d-----w C:\Program Files\Lendasoft

2007-11-05 18:11 --------- d-----w C:\Program Files\ICQ6

2007-10-25 16:53 --------- d-----w C:\Program Files\WinPcap

2007-10-17 10:54 --------- d-----w C:\Program Files\AZR

2007-10-17 09:59 --------- d—a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP

2007-10-11 20:11 --------- d-----w C:\Program Files\MSECache

2007-10-11 15:52 --------- d-----w C:\Documents and Settings\latitude\Dane aplikacji\LimeWire

2006-11-05 19:41 156,154 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\firstlsp.reg.dat

2006-08-07 21:03 0 ----a-w C:\Program Files\secure32.html

2006-08-07 21:03 0 ----a-w C:\Program Files\fudxgh.exe

2006-05-21 13:37 24 ----a-w C:\Documents and Settings\latitude\mylist.dat

2006-03-31 12:56 917,318 ----a-w C:\Program Files\Apr2006_MDX1_x86.cab

2006-03-31 12:56 87,989 ----a-w C:\Program Files\Apr2006_xinput_x64.cab

2006-03-31 12:56 46,898 ----a-w C:\Program Files\Apr2006_xinput_x86.cab

2006-03-31 12:56 41,890 ----a-w C:\Program Files\dxdllreg_x86.cab

2006-03-31 12:56 4,163,518 ----a-w C:\Program Files\Apr2006_MDX1_x86_Archive.cab

2006-03-31 12:56 180,021 ----a-w C:\Program Files\Apr2006_xact_x64.cab

2006-03-31 12:56 133,991 ----a-w C:\Program Files\Apr2006_xact_x86.cab

2006-03-31 12:56 1,398,718 ----a-w C:\Program Files\Apr2006_d3dx9_30_x64.cab

2006-03-31 12:56 1,116,109 ----a-w C:\Program Files\Apr2006_d3dx9_30_x86.cab

2006-03-31 12:41 81,733 ----a-w C:\Program Files\dxupdate.cab

2006-03-31 12:40 484,560 ----a-w C:\Program Files\DXSETUP.exe

2006-03-31 12:40 2,248,912 ----a-w C:\Program Files\dsetup32.dll

2006-03-31 12:39 74,448 ----a-w C:\Program Files\DSETUP.dll

2006-02-03 09:00 179,247 ------w C:\Program Files\Feb2006_xact_x64.cab

2006-02-03 09:00 133,297 ------w C:\Program Files\Feb2006_xact_x86.cab

2006-02-03 09:00 1,363,684 ------w C:\Program Files\Feb2006_d3dx9_29_x64.cab

2006-02-03 09:00 1,085,608 ------w C:\Program Files\Feb2006_d3dx9_29_x86.cab

2005-12-05 18:31 86,925 ------w C:\Program Files\Oct2005_xinput_x64.cab

2005-12-05 18:31 46,247 ------w C:\Program Files\Oct2005_xinput_x86.cab

2005-12-05 18:31 1,358,864 ------w C:\Program Files\Dec2005_d3dx9_28_x64.cab

2005-12-05 18:31 1,080,344 ------w C:\Program Files\Dec2005_d3dx9_28_x86.cab

2005-07-22 19:14 1,351,430 ------w C:\Program Files\Aug2005_d3dx9_27_x64.cab

2005-07-22 19:14 1,078,532 ------w C:\Program Files\Aug2005_d3dx9_27_x86.cab

2005-05-26 14:49 1,336,890 ------w C:\Program Files\Jun2005_d3dx9_26_x64.cab

2005-05-26 14:49 1,065,813 ------w C:\Program Files\Jun2005_d3dx9_26_x86.cab

2005-03-18 17:40 1,348,242 ------w C:\Program Files\Apr2005_d3dx9_25_x64.cab

2005-03-18 17:40 1,079,850 ------w C:\Program Files\Apr2005_d3dx9_25_x86.cab

2005-02-05 20:03 1,248,387 ------w C:\Program Files\Feb2005_d3dx9_24_x64.cab

2005-02-05 20:03 1,014,113 ------w C:\Program Files\Feb2005_d3dx9_24_x86.cab

2004-09-27 11:29 976,020 ------w C:\Program Files\BDAXP.cab

2004-09-27 11:29 703,080 ------w C:\Program Files\BDA.cab

2004-09-27 11:29 15,493,481 ------w C:\Program Files\DirectX.cab

2004-09-27 11:29 13,265,040 ------w C:\Program Files\dxnt.cab

2004-09-27 11:29 1,156,363 ------w C:\Program Files\BDANT.cab

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-03 23:44]

“msnmsgr”=“C:\Program Files\MSN Messenger\msnmsgr.exe” [2007-01-19 12:54]

“ICQ”=“C:\Program Files\ICQ6\ICQ.exe” [2007-08-08 16:03]

“Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-11-14 11:54]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“igfxtray”=“C:\WINDOWS\system32\igfxtray.exe” [2005-09-20 10:35]

“igfxhkcmd”=“C:\WINDOWS\system32\hkcmd.exe” [2005-09-20 09:32]

“igfxpers”=“C:\WINDOWS\system32\igfxpers.exe” [2005-09-20 09:36]

“QuickTime Task”=“C:\WINDOWS\system32\qttask.exe” [2006-05-20 14:06]

“snpstd”=“C:\WINDOWS\vsnpstd.exe” [2003-12-31 16:39]

“Tweak UI”=“RUNDLL32.exe” [2004-08-03 23:44 C:\WINDOWS\system32\rundll32.exe]

“PWRISOVM.EXE”=“C:\Program Files\PowerISO\PWRISOVM.EXE” [2007-08-07 01:05]

“a-squared”=“C:\Program Files\a-squared Anti-Malware\a2guard.exe” [2007-12-10 00:33]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE” [2004-08-03 23:44]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

“E404Helper”= {e6fd62be-a5d2-4aa1-817f-c30b50d7ebca} - e404d.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]

c:\WINDOWS\system32\LgNotify.dll 2004-01-13 14:17 110592 c:\WINDOWS\system32\LgNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk]

path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk

backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Photosmart Premier - Szybkie uruchomienie.lnk]

path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Photosmart Premier - Szybkie uruchomienie.lnk

backup=C:\WINDOWS\pss\HP Photosmart Premier - Szybkie uruchomienie.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk]

path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk

backup=C:\WINDOWS\pss\SAGEM Wi-Fi 11g USB adapter LAN Utility.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^latitude^Menu Start^Programy^Autostart^Adobe Gamma.lnk]

path=C:\Documents and Settings\latitude\Menu Start\Programy\Autostart\Adobe Gamma.lnk

backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^latitude^Menu Start^Programy^Autostart^OpenOffice.ux.pl 2.0.3.lnk]

path=C:\Documents and Settings\latitude\Menu Start\Programy\Autostart\OpenOffice.ux.pl 2.0.3.lnk

backup=C:\WINDOWS\pss\OpenOffice.ux.pl 2.0.3.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^latitude^Menu Start^Programy^Autostart^Yahoo! Widget Engine.lnk]

path=C:\Documents and Settings\latitude\Menu Start\Programy\Autostart\Yahoo! Widget Engine.lnk

backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoConnect]

2006-12-03 00:14 310784 --a------ C:\Program Files\AutoConnect\AutoConnect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2005-09-03 15:18 94208 --a------ C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]

rundll32.exe bthprops.cpl,BluetoothAuthenticationAgent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cFosSpeed]

C:\Program Files\cFosSpeed\cFosSpeed.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]

C:\Program Files\D-Tools\daemon.exe -lang 1033

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2005-09-24 00:08 49152 --a------ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]

2003-11-07 22:06 176128 --a------ C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]

C:\Program Files\ICQLite\ICQLite.exe -minimize

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Plus]

2002-12-04 05:32 11776 --a------ C:\Program Files\ICQPlus\vplus.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

C:\Program Files\Messenger\msmsgs.exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

C:\Program Files\MSN Messenger\MsnMsgr.Exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2001-07-09 11:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]

2006-01-30 17:00 98304 -ra------ C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhotoShow Deluxe Media Manager]

C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgr.exe]

2003-12-19 11:49 86016 --a------ c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\WINDOWS\system32\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2006-10-12 03:10 49263 --a------ C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

“wuauserv”=2 (0x2)

“SharedAccess”=2 (0x2)

“helpsvc”=2 (0x2)

“MSIServer”=3 (0x3)

R2 DLPortIO;DriverLINX Port I/O Driver;??\C:\WINDOWS\system32\DRIVERS\DLPortIO.SYS

S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys

S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys

S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver;??\C:\WINDOWS\system32\NSNDIS5.SYS

S3 S6U12Scanner;MUSTEK 1200 CU Still Image Device Service;C:\WINDOWS\system32\drivers\usbscan.sys

S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys

S3 ZDCndis5;ZDCndis5 Protocol Driver;??\C:\WINDOWS\system32\ZDCndis5.SYS

.

--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.2180]

-> C:\DOCUME~1\latitude\USTAWI~1\Temp\cdoaqjfo.dll

.

**************************************************************************

catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-12-10 09:05:02

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2007-12-10 9:08:48 - machine was rebooted

.

— E O F —

#2

mlodymlody przeczytaj te tematy i popraw tytuł oraz posta.

http://forum.dobreprogramy.pl/viewtopic.php?t=66889

http://forum.dobreprogramy.pl/viewtopic.php?t=36654

#3

Wklej do Notatnika:

>>Plik>>Zapisz jako… >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe )

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe )

– podobnie jak na tym obrazku –>88953CFScript-createdbyMiekiemoes.gif

(jeśli pojawi się pytanie " 1 or 2" - to wpisz 1 i naciśnij ENTER) Ma się rozpocząć usuwanie. (i powstanie log)

Po restarcie usuń ręcznie folder C: ** Qoobox**.

Po tym nowy log z Combo