Ukryte pliki i foldery-Nie mogę włączyć


(Db68db) #1

Witam

mam problem jak w temacie. Proszę o pomoc .poniżej log z combofixa

ComboFix 08-07-26.1 - User 2008-07-26 21:00:16.1 - FAT32 x86

Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.59 [GMT 2:00]

Running from: C:\Documents and Settings\User\Pulpit\ComboFix.exe

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED!!

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\User\Dane aplikacji.#

C:\Program Files\myglobalsearch

C:\Program Files\myglobalsearch\bar\3.bin\MGSBAR.DLL

C:\Program Files\outlook

C:\WINDOWS\system32_000005_.tmp.dll

C:\WINDOWS\system32\bszip.dll

C:\WINDOWS\system32\cmd.com

C:\WINDOWS\system32\netstat.com

C:\WINDOWS\system32\ping.com

C:\WINDOWS\system32\regedit.com

C:\WINDOWS\system32\taskkill.com

C:\WINDOWS\system32\tasklist.com

C:\WINDOWS\system32\tracert.com

.

((((((((((((((((((((((((( Files Created from 2008-06-26 to 2008-07-26 )))))))))))))))))))))))))))))))

.

2008-07-26 20:52 . 2008-07-26 20:52

2008-07-26 20:52 . 2008-07-26 20:52 17,408 --a------ C:\WINDOWS\system32\drivers\pxark.sys

2008-07-26 20:50 . 2008-07-26 20:50

2008-07-26 20:36 . 2008-07-26 20:36

2008-07-26 20:07 . 2008-07-26 20:07

2008-07-16 16:55 . 2008-07-16 16:55

2008-07-06 22:54 . 2008-07-06 22:54

2008-07-06 11:42 . 2008-07-06 11:42

2008-07-05 19:40 . 2008-07-05 19:40

2008-07-05 15:23 . 2008-07-05 15:23

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-07-04 17:42 76,040 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys

2008-07-04 17:41 96,520 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys

2008-07-04 17:41 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll

2008-06-22 16:39 --------- d-----w C:\Documents and Settings\Pudzianek\Dane aplikacji\AVGTOOLBAR

2008-06-22 14:23 47,104 ----a-w C:\WINDOWS\system32\KMVIDC32.DLL

2008-06-22 12:14 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\ScanSoft

2008-06-22 09:33 --------- d-----w C:\Program Files\AVG

2008-06-22 09:33 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\AVGTOOLBAR

2008-06-22 09:33 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\avg8

2008-06-20 17:42 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll

2008-06-20 17:42 246,784 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll

2008-06-20 17:42 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll

2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys

2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys

2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys

2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys

2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys

2008-06-14 18:01 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys

2008-06-14 18:01 273,024 ------w C:\WINDOWS\system32\dllcache\bthport.sys

2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys

2008-05-07 05:16 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll

2008-05-07 05:16 1,291,264 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll

2007-08-29 18:32 92,064 ----a-w C:\Documents and Settings\User\mqdmmdm.sys

2007-08-29 18:32 9,232 ----a-w C:\Documents and Settings\User\mqdmmdfl.sys

2007-08-29 18:32 79,328 ----a-w C:\Documents and Settings\User\mqdmserd.sys

2007-08-29 18:32 66,656 ----a-w C:\Documents and Settings\User\mqdmbus.sys

2007-08-29 18:32 6,208 ----a-w C:\Documents and Settings\User\mqdmcmnt.sys

2007-08-29 18:32 5,936 ----a-w C:\Documents and Settings\User\mqdmwhnt.sys

2007-08-29 18:32 4,048 ----a-w C:\Documents and Settings\User\mqdmcr.sys

2007-08-29 18:32 25,600 ----a-w C:\Documents and Settings\User\usbsermptxp.sys

2007-08-29 18:32 22,768 ----a-w C:\Documents and Settings\User\usbsermpt.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 12:00 15360]

"FreeRAM XP"="C:\FreeRAM XP Pro\FreeRAM XP Pro 1.40.exe" [2003-11-30 23:13 1354240]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-07-02 17:10 23237416]

"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 09:39 2119104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AudioDeck"="C:\Program Files\VIAudioi\SBADeck\ADeck.exe" [2004-04-19 10:44 7916032]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2006-12-22 12:27 497176]

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006-12-22 12:28 756248]

"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-04 19:42 1232152]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 12:00 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\

Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-08-30 15:13:16 67128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.ffds"= C:\Program Files\ffdshow\ffdshow.ax

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe"=

"C:\Program Files\Gadu-Gadu\gg.exe"=

"C:\WINDOWS\System32\dpnsvr.exe"=

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"=

"C:\Program Files\Messenger\msmsgs.exe"=

"D:\Program Files\BearShare\BearShare.exe"=

"%windir%\Network Diagnostic\xpnetdiag.exe"=

"D:\Program Files\Gadu-Gadu\gg.exe"=

"D:\Program Files\Worms\frontend.exe"=

"C:\Program Files\AVG\AVG8\avgupd.exe"=

"C:\Program Files\AVG\AVG8\avgemc.exe"=

"C:\Program Files\Skype\Phone\Skype.exe"=

R0 pxark;pxark;C:\WINDOWS\system32\drivers\pxark.sys [2008-07-26 20:52]

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-07-04 19:41]

R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-07-04 19:42]

R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-04 19:42]

R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-07-04 19:42]

R2 CSIScanner;CSIScanner;C:\Program Files\PrevxCSI\prevxcsi.exe [2008-07-26 20:52]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]

\Shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{0727c29e-b93e-11db-8085-0004615367ed}]

\Shell\AutoRun\command - F:\oufddh.exe

\Shell\explore\Command - F:\oufddh.exe

\Shell\open\Command - F:\oufddh.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{a2bdec1b-48cc-11dc-822a-0004615367ed}]

\Shell\AutoRun\command - oq.cmd

\Shell\explore\Command - oq.cmd

\Shell\open\Command - oq.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{af605368-d684-11dc-8313-0004615367ed}]

\Shell\AutoRun\command - oq.cmd

\Shell\explore\Command - oq.cmd

\Shell\open\Command - oq.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{f1986222-4a91-11dc-8234-0004615367ed}]

\Shell\AutoRun\command - oq.cmd

\Shell\explore\Command - oq.cmd

\Shell\open\Command - oq.cmd

*Newly Created Service* - CATCHME

*Newly Created Service* - CSISCANNER

*Newly Created Service* - PROCEXP90

*Newly Created Service* - PXARK

.

.

------- Supplementary Scan -------

.

R0 -: HKCU-Main,Start Page = hxxp://www.google.pl/

R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}sourceid=ie7rls=com.microsoft:en-USie=utf8oe=utf8

R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore

R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s

O8 -: Search - ?p=ZRxdm427YYPL

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-07-26 21:03:34

Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-07-26 21:04:50

ComboFix-quarantined-files.txt 2008-07-26 19:04:46

Pre-Run: 2,798,870,528 bajtów wolnych

Post-Run: 3,048,636,416 bajtów wolnych

160 --- E O F --- 2008-07-09 17:24:40


(Leon$) #2

Wylecz pendriva lub kartę pamięci http://www.softpedia.com/get/Security/S ... Tool.shtml

Flash Disinfector http://www.searchengines.pl/index.php?s ... ntry369724

lub format

Otwórz notatnik i wklej

zapisz jako CFScript.txt (zapisz by ikonka CFScript.txt była obok ikonki ComboFix.exe) >> Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe

http://img.wklej.org/images/88953CFScri ... iemoes.gif

Powinno rozpocząć się usuwanie

Potem log z usuwania Combofix

:slight_smile:


(Db68db) #3

Dziękuję kol Leon$ za szybką odpowiedź. Myślę,że nic nie zepsułem. Poniżej Log po czyszczeniu

ComboFix 08-07-26.1 - User 2008-07-26 23:38:19.2 - FAT32 x86

Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.56 [GMT 2:00]

Running from: C:\Documents and Settings\User\Pulpit\ComboFix.exe

Command switches used :: C:\Documents and Settings\User\Pulpit\CFScript.txt

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED!!

FILE ::

F:\oufddh.exe

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\FOUND.001

C:\FOUND.001\FILE0000.CHK

C:\FOUND.001\FILE0001.CHK

C:\FOUND.001\FILE0002.CHK

C:\FOUND.002

C:\FOUND.002\FILE0000.CHK

C:\FOUND.002\FILE0001.CHK

C:\FOUND.002\FILE0002.CHK

C:\FOUND.002\FILE0003.CHK

C:\FOUND.002\FILE0004.CHK

C:\FOUND.002\FILE0005.CHK

C:\FOUND.002\FILE0006.CHK

C:\FOUND.002\FILE0007.CHK

C:\FOUND.002\FILE0008.CHK

C:\FOUND.002\FILE0009.CHK

C:\FOUND.002\FILE0010.CHK

C:\FOUND.002\FILE0011.CHK

C:\FOUND.002\FILE0012.CHK

C:\FOUND.002\FILE0013.CHK

C:\FOUND.002\FILE0014.CHK

C:\FOUND.002\FILE0015.CHK

C:\FOUND.002\FILE0016.CHK

C:\FOUND.002\FILE0017.CHK

C:\FOUND.002\FILE0018.CHK

C:\FOUND.002\FILE0019.CHK

C:\FOUND.002\FILE0020.CHK

C:\FOUND.003

C:\FOUND.003\FILE0000.CHK

C:\FOUND.003\FILE0001.CHK

C:\FOUND.003\FILE0002.CHK

C:\FOUND.004

C:\FOUND.004\FILE0000.CHK

C:\FOUND.004\FILE0001.CHK

C:\FOUND.005

C:\FOUND.005\FILE0000.CHK

C:\FOUND.005\FILE0001.CHK

C:\FOUND.005\FILE0002.CHK

C:\FOUND.006

C:\FOUND.006\FILE0000.CHK

.

((((((((((((((((((((((((( Files Created from 2008-06-26 to 2008-07-26 )))))))))))))))))))))))))))))))

.

2008-07-26 22:09 . 2008-07-26 22:09

2008-07-26 20:52 . 2008-07-26 20:52

2008-07-26 20:52 . 2008-07-26 20:52 17,408 --a------ C:\WINDOWS\system32\drivers\pxark.sys

2008-07-26 20:50 . 2008-07-26 20:50

2008-07-26 20:07 . 2008-07-26 20:07

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-07-04 17:42 76,040 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys

2008-07-04 17:41 96,520 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys

2008-07-04 17:41 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll

2008-06-22 16:39 --------- d-----w C:\Documents and Settings\Pudzianek\Dane aplikacji\AVGTOOLBAR

2008-06-22 14:23 47,104 ----a-w C:\WINDOWS\system32\KMVIDC32.DLL

2008-06-22 12:14 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\ScanSoft

2008-06-22 09:33 --------- d-----w C:\Program Files\AVG

2008-06-22 09:33 --------- d-----w C:\Documents and Settings\User\Dane aplikacji\AVGTOOLBAR

2008-06-22 09:33 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\avg8

2008-06-20 17:42 246,784 ----a-w C:\WINDOWS\system32\mswsock.dll

2008-06-20 17:42 246,784 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll

2008-06-20 17:42 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll

2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys

2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys

2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys

2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys

2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys

2008-06-14 18:01 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys

2008-06-14 18:01 273,024 ------w C:\WINDOWS\system32\dllcache\bthport.sys

2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys

2008-05-07 05:16 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll

2008-05-07 05:16 1,291,264 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll

2007-08-29 18:32 92,064 ----a-w C:\Documents and Settings\User\mqdmmdm.sys

2007-08-29 18:32 9,232 ----a-w C:\Documents and Settings\User\mqdmmdfl.sys

2007-08-29 18:32 79,328 ----a-w C:\Documents and Settings\User\mqdmserd.sys

2007-08-29 18:32 66,656 ----a-w C:\Documents and Settings\User\mqdmbus.sys

2007-08-29 18:32 6,208 ----a-w C:\Documents and Settings\User\mqdmcmnt.sys

2007-08-29 18:32 5,936 ----a-w C:\Documents and Settings\User\mqdmwhnt.sys

2007-08-29 18:32 4,048 ----a-w C:\Documents and Settings\User\mqdmcr.sys

2007-08-29 18:32 25,600 ----a-w C:\Documents and Settings\User\usbsermptxp.sys

2007-08-29 18:32 22,768 ----a-w C:\Documents and Settings\User\usbsermpt.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 12:00 15360]

"FreeRAM XP"="C:\FreeRAM XP Pro\FreeRAM XP Pro 1.40.exe" [2003-11-30 23:13 1354240]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-07-02 17:10 23237416]

"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 09:39 2119104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AudioDeck"="C:\Program Files\VIAudioi\SBADeck\ADeck.exe" [2004-04-19 10:44 7916032]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2006-12-22 12:27 497176]

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006-12-22 12:28 756248]

"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-04 19:42 1232152]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 12:00 15360]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\

Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-08-30 15:13:16 67128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.ffds"= C:\Program Files\ffdshow\ffdshow.ax

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe"=

"C:\Program Files\Gadu-Gadu\gg.exe"=

"C:\WINDOWS\System32\dpnsvr.exe"=

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"=

"C:\Program Files\Messenger\msmsgs.exe"=

"D:\Program Files\BearShare\BearShare.exe"=

"%windir%\Network Diagnostic\xpnetdiag.exe"=

"D:\Program Files\Gadu-Gadu\gg.exe"=

"D:\Program Files\Worms\frontend.exe"=

"C:\Program Files\AVG\AVG8\avgupd.exe"=

"C:\Program Files\AVG\AVG8\avgemc.exe"=

"C:\Program Files\Skype\Phone\Skype.exe"=

R0 pxark;pxark;C:\WINDOWS\system32\drivers\pxark.sys [2008-07-26 20:52]

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-07-04 19:41]

R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-07-04 19:42]

R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-04 19:42]

R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-07-04 19:42]

R2 CSIScanner;CSIScanner;C:\Program Files\PrevxCSI\prevxcsi.exe [2008-07-26 20:52]

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-07-26 23:41:36

Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-07-26 23:42:53

ComboFix-quarantined-files.txt 2008-07-26 21:42:48

ComboFix2.txt 2008-07-26 19:04:54

Pre-Run: 2,914,844,672 bajtów wolnych

Post-Run: 2,988,310,528 bajtów wolnych

155 --- E O F --- 2008-07-09 17:24:40


(huber2t) #4

Pobierz ComboFix, ale nie uruchamiaj

Otwórz notatnik i wklej do niego:

Folder::

C:\FOUND.007

Plik -> zapisz jako -> CFScript.txt.

Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu ->

02f8f1e3c410a4cc.gif

Rozpocznie się usuwanie i powstanie log, który dasz na forum.

Logi dajesz na http://wklejto.pl lub na http://wklej.org a w poście dajesz tylko link


(Db68db) #5

Faktycznie tak jest lepiej. Przepraszam za wklejanie logów ,a nie linków do nich. Poprawiam się:

http://wklej.org/id/04d20821ee


(huber2t) #6

Log wyglada na czysty

usuń ręcznie folder C: \Qoobox , usuń instalkę Combofix z dysku.

Przeczyść komputer Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

lub

Dr.WEB CureIt!


(Db68db) #7

Dr.WEB CureIt! Nic nie znajduje, ale nie wiem jak wrzucić z niego raport. Komputer ożył. Dziękuję wszystkim za pomoc. I jeszcze pytanie o to :

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED

Coś mam nie zainstalowane ?


(huber2t) #8

Nie, wszystko jest ok

:slight_smile:

W dniu 27.07.2008 , o godzinie 17:27 został dopisany post przez huber2t

Nie, wszystko jest ok

:slight_smile:


(Db68db) #9

Jeszcze raz wielkie dzięki