Proszę o sprawdzenie loga


(Bad Newz) #1

Prevx Csi, wykrył u mnie generic.malware...rzekomo jest to mgsbar.dll...Mam się zacząć przejmować? (jestem laikiem w kwestiach informatycznych)

P.s. Proszę o sprawdzenie loga.

Logfile of HijackThis v1.99.1

Scan saved at 19:21:42, on 2008-04-06

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\ASWLSVC.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\ATK0100\HControl.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\ASUS\Wireless Console 2\wcourier.exe

C:\Program Files\ASUS\WLAN Card Utilities\Center.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\PROGRA~1\NEOSTR~1\TaskBarIcon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\ATK0100\ATKOSD.exe

C:\gry\cs\anatology\Steam.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Documents and Settings\Rychu\Pulpit\muza\eMule0.47c\eMule\emule.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\PrevxCSI\PrevxCSI.exe

C:\Program Files\PrevxCSI\PrevxCSI.exe

C:\DOCUME~1\Rychu\USTAWI~1\Temp\Katalog tymczasowy 1 dla hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = neostrada tp

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\2.bin\MGSBAR.DLL

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\2.bin\MGSBAR.DLL

O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe

O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM..\Run: [skrót do strony właściwości High Definition Audio] HDAShCut.exe

O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\ASUS\Wireless Console 2\wcourier.exe

O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe

O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe

O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe

O4 - HKLM..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM..\Run: [spik] C:\Program Files\Spik\Spik.exe -autostart

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

O4 - HKCU..\Run: [Gadu-Gadu] "C:\gadu\Gadu-Gadu\gg.exe" /tray

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O11 - Options group: [iNTERNATIONAL] International*

O17 - HKLM\System\CCS\Services\Tcpip..{6E46603A-64A8-4198-86B1-E52884717C27}: NameServer = 194.204.159.1 217.98.63.164

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.194 85.255.112.177

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.194 85.255.112.177

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.194 85.255.112.177

O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program Files\Spik\url_wpmsg.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: CSIScanner - Unknown owner - C:\Program Files\PrevxCSI\PrevxCSI.exe" /service (file missing)

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe


(Dmirecki) #2

skowron6

Załóż swój własny temat

Pokaz log z ComboFix

I użyj FixwareOut. Link masz w moim podpisie. Nowy log z HijackThis. Logi dajesz na http://www.wklej.org


(Rafpietrzak) #3

P.s. Proszę o sprawdzenie loga.

ComboFix 08-04-04.1 - Rafal 2008-04-06 19:59:41.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1546 [GMT 2:00]

Running from: C:\Documents and Settings\Rafal\Pulpit\ComboFix.exe

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED!!

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Autorun.inf

.

((((((((((((((((((((((((( Files Created from 2008-03-06 to 2008-04-06 )))))))))))))))))))))))))))))))

.

2008-04-06 19:52 . 2008-04-06 19:52

2008-04-06 19:52 . 2008-04-06 19:53

2008-04-06 19:52 . 2008-04-06 19:52 10,880 --a------ C:\WINDOWS\system32\drivers\pxark.sys

2008-04-06 18:54 . 2008-04-06 18:54

2008-04-06 17:43 . 2008-04-06 17:43

2008-04-06 17:43 . 2008-04-06 17:44

2008-04-06 17:18 . 2008-04-06 19:00

2008-04-06 17:18 . 2008-04-06 17:18

2008-04-06 16:53 . 2008-04-06 17:33

2008-04-06 10:08 . 2008-04-06 10:08

2008-04-06 09:48 . 2008-04-06 09:48 40,496 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT

2008-04-05 20:52 . 2008-04-05 20:52

2008-04-05 18:16 . 2008-04-05 18:23

2008-03-21 08:45 . 2008-03-25 18:43

2008-03-21 08:44 . 2008-03-21 08:44

2008-03-21 08:44 . 2008-03-25 20:47

2008-03-21 08:20 . 2008-03-21 08:44

2008-03-20 03:35 . 2008-03-20 03:35 32 --a------ C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat

2008-03-20 03:34 . 2008-03-21 08:44

2008-03-20 00:40 . 2008-03-20 00:40

2008-03-20 00:40 . 2008-03-20 00:40

2008-03-18 08:39 . 2008-03-18 08:39 0 --a------ C:\WINDOWS\nsreg.dat

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-04-06 16:53 --------- d-----w C:\Program Files\Winamp

2008-04-06 16:52 --------- d-----w C:\Documents and Settings\Rafal\Dane aplikacji\Winamp

2008-04-06 15:43 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard

2008-04-06 14:15 --------- d-----w C:\Documents and Settings\Rafal\Dane aplikacji\AVG7

2008-04-05 19:43 --------- d-----w C:\Documents and Settings\Rafal\Dane aplikacji\Azureus

2008-03-20 21:49 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\avg7

2008-02-25 13:05 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer

2008-02-18 19:44 --------- d-----w C:\Documents and Settings\Rafal\Dane aplikacji\ArcSoft

2008-02-18 18:21 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-02-18 18:21 --------- d-----w C:\Program Files\Common Files\ArcSoft

2008-02-18 18:20 --------- d-----w C:\Program Files\Philips

2008-02-10 07:47 --------- d-----w C:\Program Files\TOSHIBA

2008-02-10 07:28 --------- d-----w C:\Documents and Settings\Rafal\Dane aplikacji\Protector Suite

2008-02-10 07:18 --------- d-----w C:\Documents and Settings\Rafal\Dane aplikacji\Apple Computer

2008-02-10 07:17 --------- d-----w C:\Program Files\QuickTime

2008-02-10 07:16 --------- d-----w C:\Program Files\Apple Software Update

2008-02-10 07:16 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Apple

2008-02-10 07:07 --------- d-----w C:\Program Files\Common Files\Adobe

2008-02-06 16:37 --------- d-----w C:\Documents and Settings\Rafal\Dane aplikacji\dvdcss

2008-01-09 00:11 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll

2008-01-08 22:36 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll

2008-01-08 22:36 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll

.

------- Sigcheck -------

2001-10-30 14:00 432640 306530c12f412868e2e85431250e68a1 C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

2004-08-04 08:44 544256 87d414eba254e42649f4d0a00bb653c6 C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

2004-08-04 08:44 544256 87d414eba254e42649f4d0a00bb653c6 C:\WINDOWS\system32\winlogon.exe

2004-08-04 08:44 504832 0344407089b08548d4feba62bb0f32d0 C:\WINDOWS\VistaMizer\old\winlogon.exe

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:44 25088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TCtryIOHook"="TCtrlIOHook.exe" [2005-12-05 22:50 28672 C:\WINDOWS\system32\TCtrlIOHook.exe]

"TFncKy"="TFncKy.exe" []

"TDispVol"="TDispVol.exe" [2005-12-27 21:22 73728 C:\WINDOWS\system32\TDispVol.exe]

"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 22:43 45056]

"RTHDCPL"="RTHDCPL.EXE" [2005-12-09 16:49 15691264 C:\WINDOWS\RTHDCPL.exe]

"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-09 00:46 579072]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 09:11 132496]

"HWSetup"="C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-05-01 21:45 28672]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 06:16 39792]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-01 07:13 385024]

"phc710"="C:\WINDOWS\vphc700.exe" [2005-07-21 03:56 339968]

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49 36352]

"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 08:44 184320]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 08:44 25088]

"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-09 00:36 219136]

C:\Documents and Settings\Rafal\Menu Start\Programy\Autostart\

Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2008-03-20 00:40:49 3450608]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\

TrayMin710.exe.lnk - C:\Program Files\Philips\Philips SPC710NC Webcam\TrayMin710.exe [2008-02-18 20:20:47 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"MSVideo8"= VfWWDM32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amva]

C:\WINDOWS\system32\amvo.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe"=

"C:\Program Files\Grisoft\AVG7\avginet.exe"=

"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"=

"C:\Program Files\Grisoft\AVG7\avgcc.exe"=

"C:\Program Files\Grisoft\AVG7\avgemc.exe"=

"%windir%\Network Diagnostic\xpnetdiag.exe"=

"C:\Program Files\Azureus\Azureus.exe"=

"C:\Program Files\Skype\Phone\Skype.exe"=

"C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"49152:TCP"= 49152:TCP:BitTorrent

R0 pxark;pxark;C:\WINDOWS\system32\drivers\pxark.sys [2008-04-06 19:52]

R2 CSIScanner;CSIScanner;"C:\Program Files\PrevxCSI\PrevxCSI.exe" /service []

R3 TcUsb;TC USB Kernel Driver;C:\WINDOWS\system32\Drivers\tcusb.sys [2005-12-16 23:40]

R3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 22:47]

S2 FdRedir;FdRedir;C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys []

S2 FileDisk2;FileDisk Protector Kernel Driver;C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys []

S2 smihlp;SMI helper driver;C:\Program Files\Protector Suite QL\smihlp.sys []

S3 phc700;USB PC Camera (phc710);C:\WINDOWS\system32\DRIVERS\phc700.sys [2005-06-07 22:21]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]

\Shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{37f67892-f6c9-11dc-a3c8-0013020aa2f5}]

\Shell\AutoRun\command - E:\cfdflx.com

\Shell\explore\Command - E:\cfdflx.com

\Shell\open\Command - E:\cfdflx.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{fb38d641-f4b5-11dc-a3c7-0013020aa2f5}]

\Shell\AutoRun\command - cfdflx.com

\Shell\explore\Command - cfdflx.com

\Shell\open\Command - cfdflx.com

*Newly Created Service* - CSISCANNER

*Newly Created Service* - PXARK

.

Contents of the 'Scheduled Tasks' folder

"2008-04-01 15:19:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

  • C:\Program Files\Apple Software Update\SoftwareUpdate.exe

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-06 20:00:26

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-04-06 20:00:53

ComboFix-quarantined-files.txt 2008-04-06 18:00:45

Pre-Run: 34,313,445,376 bajtów wolnych

Post-Run: 34,302,173,184 bajtów wolnych

.

2008-03-12 16:44:41 --- E O F ---


(Leon$) #4

Tak to odpowiedź dla rafa tak w ogóle to po co przyklejasz się do cudzego tematu i robisz bałagan

Wyłącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl

Wylecz pendriva lub kartę pamięci http://www.softpedia.com/get/Security/Security-Related/PRT-Perlovga-Removal-Tool.shtml lub format

Otwórz notatnik i wklej

zapisz jako CFScript.txt (zapisz by ikonka CFScript.txt była obok ikonki ComboFix.exe) >> Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe

http://img.wklej.org/images/88953CFScri ... iemoes.gif

Powinno rozpocząć się usuwanie

Potem log z usuwania Combofix

:slight_smile:


(Kaka') #5

skowron6 i raf711 , proszę nie podczepiać się pod tematy innych userów. Jak macie problem, należy założyć własny topik.

Wydzielam posty do kosza. Żaden z Was nie dostosował się do tematów przyklejonych w dziale bezpieczeństwo, nawet po wcześniejszej uwadze moderatora. Każdy następny topik niezgodny z tutejszymi zasadami będzie wyrzucany do kosza oraz mogą zostać wstawione ostrzeżenia.