Nie moge dostac sie na niektóre portale internetowe...

[Spalek]

Witam, proszę o sprawdzenie loga, gdyż korzystanie z komputera a dosłownie przeglądanie stron WWW stwarza problemy... nie moge dostac sie na nie które portale internetowe...


ComboFix 08-06-20.4 - Spalek 2008-06-26 0:16:10.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.163 [GMT 2:00]
Running from: C:\Documents and Settings\Spalek\Pulpit\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BM2f2c97d8.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\cbXNFwUL.dll
C:\WINDOWS\system32\givtwnai.ini
C:\WINDOWS\system32\lnottudo.ini
C:\WINDOWS\system32\LUwFNXbc.ini
C:\WINDOWS\system32\LUwFNXbc.ini2
C:\WINDOWS\system32\odmkjobw.ini
C:\WINDOWS\system32\pabgpgix.ini
C:\WINDOWS\system32\tqmgsupf.ini

.
((((((((((((((((((((((((( Files Created from 2008-05-25 to 2008-06-25 )))))))))))))))))))))))))))))))
.

2008-06-26 00:24 . 2008-06-26 00:24 294 ---hs---- C:\WINDOWS\system32\tqmgsupf.ini
2008-06-25 14:01 . 2008-06-25 14:01 <DIR> d-------- C:\Program Files\uTorrent
2008-06-25 14:01 . 2008-06-25 14:24 <DIR> d-------- C:\Documents and Settings\Spalek\Dane aplikacji\uTorrent
2008-06-25 13:14 . 2008-06-25 13:14 <DIR> d-------- C:\Documents and Settings\Spalek\Dane aplikacji\Gadu-Gadu
2008-06-25 13:12 . 2008-06-25 13:12 <DIR> d-------- C:\Program Files\Gadu-Gadu
2008-06-25 13:12 . 2008-06-25 13:13 <DIR> d-------- C:\Documents and Settings\Spalek\Gadu-Gadu
2008-06-25 13:05 . 2008-06-25 13:05 91,136 --a------ C:\WINDOWS\system32\kupsdqkt.dll
2008-06-25 13:05 . 2008-06-25 13:05 81,920 --a------ C:\WINDOWS\system32\fpusgmqt.dll
2008-06-24 11:32 . 2008-06-24 11:32 <DIR> d-------- C:\Program Files\Usb to Serial Driver 1.12.28
2008-06-23 14:08 . 2008-06-23 14:08 81,408 --a------ C:\WINDOWS\system32\xigpgbap.dll
2008-06-23 14:05 . 2008-06-23 14:05 91,136 --a------ C:\WINDOWS\system32\yoagbcph.dll
2008-06-23 11:02 . 2005-02-08 14:12 2,670,592 --------- C:\WINDOWS\UNNMP.exe
2008-06-23 11:02 . 2005-06-07 11:40 49,655 --------- C:\WINDOWS\UNNMP.cfg
2008-06-23 10:59 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-06-23 10:58 . 2008-06-23 10:58 <DIR> d-------- C:\Program Files\Common Files\Nero
2008-06-23 10:49 . 2005-04-20 13:32 2,916,352 --------- C:\WINDOWS\UNNeroVision.exe
2008-06-23 10:49 . 2005-06-07 11:40 154,855 --------- C:\WINDOWS\UNNeroVision.cfg
2008-06-23 10:49 . 2001-03-08 19:30 24,064 --------- C:\WINDOWS\system32\msxml3a.dll
2008-06-23 10:48 . 2008-06-23 10:48 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Ahead
2008-06-23 10:48 . 2004-07-26 17:16 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2008-06-23 10:48 . 2004-07-26 17:16 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2008-06-23 10:48 . 2004-07-26 17:16 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2008-06-23 10:48 . 2004-07-09 09:43 364,544 --------- C:\WINDOWS\system32\TwnLib4.dll
2008-06-23 10:48 . 2004-07-26 17:16 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2008-06-23 10:48 . 2000-06-26 11:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2008-06-23 10:48 . 2001-06-26 08:15 38,912 --------- C:\WINDOWS\system32\picn20.dll
2008-06-23 10:47 . 2008-06-23 10:47 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-06-23 10:47 . 2008-06-23 11:01 <DIR> d-------- C:\Program Files\Ahead
2008-06-22 14:10 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-06-22 14:10 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-06-22 14:05 . 2008-06-22 14:05 80,384 --a------ C:\WINDOWS\system32\wbojkmdo.dll
2008-06-22 14:03 . 2008-06-22 14:03 90,624 --a------ C:\WINDOWS\system32\lilqcvoq.dll
2008-06-21 13:23 . 2008-04-23 09:20 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-21 13:23 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-21 13:23 . 2007-03-08 07:11 1,036,288 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-06-21 13:23 . 2008-04-23 09:20 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-21 13:23 . 2008-04-23 09:20 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-21 13:23 . 2008-04-23 09:20 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-21 13:23 . 2008-04-23 09:20 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-21 13:23 . 2008-04-23 09:20 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-21 13:23 . 2008-04-22 09:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-21 08:52 . 2004-08-04 00:44 2,804,224 --a------ C:\WINDOWS\system32\msi.dll
2008-06-21 08:52 . 2004-08-04 00:44 2,804,224 --a------ C:\WINDOWS\system32\dllcache\msi.dll
2008-06-21 08:52 . 2004-08-04 00:43 884,736 --a------ C:\WINDOWS\system32\msimsg.dll
2008-06-21 08:52 . 2004-08-04 00:43 884,736 --a------ C:\WINDOWS\system32\dllcache\msimsg.dll
2008-06-21 08:52 . 2004-08-04 00:44 331,264 --a------ C:\WINDOWS\system32\msihnd.dll
2008-06-21 08:52 . 2004-08-04 00:44 331,264 --a------ C:\WINDOWS\system32\dllcache\msihnd.dll
2008-06-21 08:52 . 2004-08-04 00:44 77,312 --a------ C:\WINDOWS\system32\msiexec.exe
2008-06-21 08:52 . 2004-08-04 00:44 77,312 --a------ C:\WINDOWS\system32\dllcache\msiexec.exe
2008-06-21 08:52 . 2004-08-04 00:44 44,032 --a------ C:\WINDOWS\system32\msisip.dll
2008-06-21 08:52 . 2004-08-04 00:44 44,032 --a------ C:\WINDOWS\system32\dllcache\msisip.dll
2008-06-20 19:54 . 2008-06-20 19:54 127 --a------ C:\WINDOWS\system32\MRT.INI
2008-06-20 19:46 . 2008-06-22 04:19 <DIR> d-------- C:\WINDOWS\system32\pl-pl
2008-06-20 19:36 . 2004-08-04 00:44 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-20 19:02 . 2008-06-14 20:01 273,024 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-20 19:02 . 2008-06-14 20:01 273,024 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-20 17:04 . 2008-06-20 17:04 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-06-20 16:58 . 2008-06-20 16:58 <DIR> d-------- C:\Program Files\MarBit
2008-06-20 15:21 . 2008-06-22 04:18 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-06-20 15:21 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-20 10:44 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-06-20 07:43 . 2008-06-20 10:39 749,568 --a------ C:\Documents and Settings\Spalek\token.dll
2008-06-20 07:43 . 2008-06-20 10:39 624,766 --a------ C:\Documents and Settings\Spalek\disktoken.dll
2008-06-20 07:42 . 2008-06-20 07:42 <DIR> d-------- C:\WINDOWS\Sun
2008-06-20 07:38 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-20 07:38 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-06-20 07:23 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-20 07:21 . 2008-06-20 07:23 <DIR> d-------- C:\Program Files\Java
2008-06-20 07:21 . 2008-06-20 07:21 <DIR> d-------- C:\Program Files\Common Files\Java
2008-06-19 20:43 . 2008-06-25 23:30 147 --a------ C:\WINDOWS\wcx_ftp.ini
2008-06-19 20:41 . 2008-06-19 20:42 <DIR> d-------- C:\totalcmd
2008-06-19 20:41 . 2008-06-26 00:11 1,943 --a------ C:\WINDOWS\wincmd.ini
2008-06-19 20:41 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\UC.PIF
2008-06-19 20:41 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\RAR.PIF
2008-06-19 20:41 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\PKZIP.PIF
2008-06-19 20:41 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2008-06-19 20:41 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2008-06-19 20:41 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\LHA.PIF
2008-06-19 20:41 . 2008-04-22 07:03 545 --a------ C:\WINDOWS\ARJ.PIF
2008-06-19 18:55 . 2008-06-24 10:47 <DIR> d-------- C:\Program Files\eMule
2008-06-19 18:03 . 2006-02-15 02:22 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2008-06-19 18:03 . 2001-08-18 00:00 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2008-06-19 18:03 . 2004-08-04 01:07 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2008-06-19 18:03 . 2006-06-14 10:47 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2008-06-19 18:03 . 2004-08-04 00:58 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2008-06-19 18:03 . 2004-08-04 01:07 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2008-06-19 18:02 . 2006-06-14 10:47 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2008-06-19 18:02 . 2006-06-14 11:00 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2008-06-19 18:02 . 2004-08-04 01:15 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2008-06-19 18:02 . 2004-08-04 00:58 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2008-06-19 18:02 . 2004-08-04 00:58 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2008-06-19 18:02 . 2001-08-17 23:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2008-06-19 18:01 . 2004-08-04 02:44 4,274,816 --a------ C:\WINDOWS\system32\nv4_disp.dll
2008-06-19 18:01 . 2004-08-04 00:29 1,897,408 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys
2008-06-19 18:01 . 2004-08-04 00:32 84,480 --a------ C:\WINDOWS\system32\drivers\ac97via.sys
2008-06-19 18:01 . 2001-08-17 22:11 66,591 --a------ C:\WINDOWS\system32\drivers\el90xbc5.sys
2008-06-19 18:01 . 2004-08-04 02:35 58,624 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2008-06-19 18:01 . 2004-08-04 01:07 42,240 --a------ C:\WINDOWS\system32\drivers\VIAAGP.SYS

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-25 21:51 --------- d-----w C:\Program Files\Neostrada TP
2008-06-24 09:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-24 09:30 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-23 07:20 --------- d-----w C:\Documents and Settings\Spalek\Dane aplikacji\skypePM
2008-06-23 07:20 --------- d-----w C:\Documents and Settings\Spalek\Dane aplikacji\Skype
2008-06-20 15:36 --------- d-----w C:\Documents and Settings\Spalek\Dane aplikacji\GanymedeNet
2008-06-19 15:45 --------- d-----w C:\Program Files\Ganymede
2008-06-19 14:44 --------- d-----w C:\Documents and Settings\Spalek\Dane aplikacji\Winamp
2008-06-19 14:43 --------- d-----w C:\Program Files\Winamp
2008-06-19 14:43 --------- d-----w C:\Program Files\Skype
2008-06-19 14:42 --------- d-----w C:\Program Files\Common Files\Skype
2008-06-19 14:42 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Skype
2008-06-19 14:37 --------- d-----w C:\Program Files\Opera
2008-06-19 14:32 --------- d-----w C:\Program Files\WapSter
2008-06-19 14:32 --------- d-----w C:\Program Files\PC Camera
2008-06-19 14:32 --------- d-----w C:\Program Files\Common Files\PAC207
2008-06-19 14:29 --------- d-----w C:\Program Files\ZTE Corporation
2008-06-19 14:15 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-19 14:11 --------- d-----w C:\Program Files\Usługi online
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44 15360]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 12:04 2127296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"2c1fa444"="C:\WINDOWS\system32\fpusgmqt.dll" [2008-06-25 13:05 81920]
"BM2f2c97d8"="C:\WINDOWS\system32\kupsdqkt.dll" [2008-06-25 13:05 91136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:44 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\byXQIYOe]
byXQIYOe.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= ctwdm32.dll
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\2c1fa444]
--a------ 2008-06-23 14:08 81408 C:\WINDOWS\system32\xigpgbap.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AQQ]
C:\PROGRA~1\WapSter\AQQ\AQQ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM2f2c97d8]
--a------ 2008-06-23 14:05 91136 C:\WINDOWS\system32\yoagbcph.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CnxDslTaskBar]
-ra------ 2005-07-21 22:52 278528 C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-04 00:44 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
--a------ 2006-11-03 11:01 319488 C:\WINDOWS\PixArt\PAC207\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MRT]
--a------ 2008-05-29 16:35 17486968 C:\WINDOWS\system32\MRT.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-03-25 04:28 144784 C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
--------- 2005-07-21 08:33 53248 C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2005-07-21 08:33 20480 C:\PROGRA~1\NEOSTR~1\Watch.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\totalcmd\\TOTALCMD.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=

R3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2005-05-20 20:27]
R3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2005-05-20 20:27]
R3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgNW.sys [2005-05-20 20:28]
S3 PAC207;PC Camera;C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-05-29 13:30]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28916740-3ea5-11dd-910b-00d0d084615c}]
\Shell\Auto\command - F:\wupdmgr.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wupdmgr.exe

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-26 00:23:29
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\WINDOWS\system32\tqmgsupf.ini 294 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\fpusgmqt.dll
C:\WINDOWS\system32\kupsdqkt.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\devldr32.exe
.
**************************************************************************
.
Completion time: 2008-06-26 0:27:35 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-25 22:27:12

Pre-Run: 5,959,880,704 bajtów wolnych
Post-Run: 5,938,302,976 bajt˘w wolnych

233 --- E O F --- 2008-06-23 07:19:41

[huber2t]

Do wyleczenia pendrive z wirusów użyj
Perlovga Removal Tool
Flash Disinfector
lub format

Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:

Kod: Zaznacz wszystko

File::
C:\WINDOWS\system32\tqmgsupf.ini
C:\WINDOWS\system32\kupsdqkt.dll
C:\WINDOWS\system32\fpusgmqt.dll
C:\WINDOWS\system32\xigpgbap.dll
C:\WINDOWS\system32\yoagbcph.dll

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"2c1fa444"=-
"BM2f2c97d8"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\byXQIYOe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\2c1fa444]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM2f2c97d8]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28916740-3ea5-11dd-910b-00d0d084615c}]


Plik zapisz jako CFScript.txt (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe)
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu

Rozpocznie się usuwanie i powstanie log, daj ten log na forum.

Logi dajesz na http://www.wklej.eu/ a w poście dajesz tylko link

[Spalek]

http://www.wklej.org/id/2193551f1f

[huber2t]

Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:

Kod: Zaznacz wszystko

File::
C:\WINDOWS\system32\tqmgsupf.tmp
C:\WINDOWS\BM2f2c97d8.xml
C:\WINDOWS\system32\wbojkmdo.dll
C:\WINDOWS\system32\lilqcvoq.dll


Plik zapisz jako CFScript.txt (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe)
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu

Rozpocznie się usuwanie i powstanie log, daj ten log na forum.

Logi dajesz na http://www.wklej.eu/ a w poście dajesz tylko link

[Spalek]

http://www.wklej.org/id/d5903f0b65

[huber2t]

Log wyglada na czysty

usuń ręcznie folder C: \Qoobox , usuń instalkę Combofix z dysku.

Przeczyść komputer Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

lub

Dr.WEB CureIt!

[Spalek]

Dr.WEB CureIt! nie wykrył żadnych wirusów, dziękuję ślicznie za pomoc. Teraz każda strona mi śmiga elegancko.