Prośba o sprawdzenie loga

INSTALKI.pl - programy, gry, sterowniki

Logi, zabezpieczenie komputera, danych. Programy antywirusowe antyspyware, firewall itp.

Regulamin forum

1. Każdy temat powinien odzwierciedlać treść wątku.
2. W przypadku wklejania logów; należy je wykonać od razu przynajmniej z dwóch narzędzi: FRST oraz z GMER
3. Wszelkie logi proszę publikować na przeznaczonych do tego stronach a w poście wklejać tylko link.
4. Nie wskazane jest skracanie logów, należy wkleić cały - od początku, do końca.
5. Nie wskazane jest podczepianie się do tematów innych użytkowników - proszę założyć nowy temat w dziale Bezpieczeństwo, ułatwi to pomoc sprawdzającemu.
6. Osoby nie posiadające odpowiedniej wiedzy, nie powinny sprawdzać logów, ponieważ grozi to poważnym uszkodzeniem systemu lub aplikacji zainstalowanych na komputerze.
7. Należy dokładnie opisać problem, występujące objawy oraz wszelkie podjęte działania.
8. Każdy skrypt jest unikatowy, napisany dla każdego przypadku z osobna, więc nie może być stosowany przez innych.
9. W przypadku zamieszczenia zrzutu ekranu (screenshot'a) proszę korzystać z zewnętrznego serwisu oferującego hosting zdjęć.
Wyślij odpowiedź
 
MANY
  • MANY
  • Posty: 30
  • Dołączenie: 04 Lis 2007, 04:05
  • Miejscowość: inowrocław

Prośba o sprawdzenie loga

20 Kwi 2008, 13:18

Prosze o sprawdzenie plisss wazne
ComboFix 08-04-18.3 - BOCHAT 2008-04-20 11:53:38.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.96 [GMT 2:00]
Running from: C:\Documents and Settings\BOCHAT\Pulpit\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
The following files were disabled during the run:
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\.protected
C:\Documents and Settings\BOCHAT\Ulubione\Error Cleaner.url
C:\Documents and Settings\BOCHAT\Ulubione\Privacy Protector.url
C:\Documents and Settings\BOCHAT\Ulubione\Spyware&Malware Protection.url
C:\WINDOWS\.protected
C:\WINDOWS\privacy_danger
C:\WINDOWS\privacy_danger\images\capt.gif
C:\WINDOWS\privacy_danger\images\danger.jpg
C:\WINDOWS\privacy_danger\images\down.gif
C:\WINDOWS\privacy_danger\images\spacer.gif
C:\WINDOWS\privacy_danger\index.htm
C:\WINDOWS\rs.txt
C:\WINDOWS\system32\drivers\etc\.protected
C:\WINDOWS\system32\enlctrip.dll
C:\WINDOWS\system32\fccawwtS.dll
C:\WINDOWS\system32\iifgGaxX.dll
C:\WINDOWS\system32\pirtclne.ini
C:\WINDOWS\system32\Stwwaccf.ini
C:\WINDOWS\system32\Stwwaccf.ini2

.
((((((((((((((((((((((((( Files Created from 2008-03-20 to 2008-04-20 )))))))))))))))))))))))))))))))
.

2008-04-20 00:11 . 2008-04-20 00:11 <DIR> d-------- C:\Program Files\Enigma Software Group
2008-04-19 23:59 . 2008-04-19 23:59 <DIR> d-------- C:\Program Files\MalwareBell
2008-04-19 22:41 . 2008-04-19 22:41 <DIR> d-------- C:\Program Files\Alwil Software
2008-04-19 22:38 . 2008-04-19 22:38 <DIR> d-------- C:\Program Files\Lavasoft
2008-04-19 22:38 . 2008-04-19 23:08 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2008-04-19 22:37 . 2008-04-19 22:37 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-19 21:44 . 2008-04-19 22:05 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\F-Secure
2008-04-19 21:37 . 2008-04-19 21:43 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\fssg
2008-04-19 20:51 . 2008-04-19 20:51 <DIR> d-------- C:\Documents and Settings\BOCHAT\Dane aplikacji\ispnews
2008-04-19 19:46 . 2008-04-19 19:46 <DIR> d-------- C:\Documents and Settings\BOCHAT\Dane aplikacji\TmpRecentIcons
2008-04-19 19:09 . 2008-04-19 19:09 <DIR> d-------- C:\Program Files\VirusIsolator
2008-04-19 18:28 . 2008-04-19 12:39 188,416 --a------ C:\WINDOWS\vadokmxt.dll
2008-04-19 18:28 . 2008-04-19 12:39 155,648 --a------ C:\WINDOWS\dpevflbg.dll
2008-04-19 18:28 . 2008-04-19 12:39 98,304 --a------ C:\WINDOWS\wxvgsdbq.exe
2008-04-19 18:28 . 2008-04-19 12:39 94,208 --a------ C:\WINDOWS\olgdqarf.exe
2008-04-08 23:11 . 1998-10-07 12:54 327,168 --a------ C:\WINDOWS\IsUn0415.exe
2008-04-03 15:38 . 2008-04-03 15:39 <DIR> d-------- C:\cs
2008-04-03 15:35 . 2008-04-03 15:36 <DIR> d-------- C:\cstrike
2008-03-30 23:47 . 2008-03-30 23:47 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-03-30 23:40 . 2008-03-30 23:40 <DIR> d-------- C:\Documents and Settings\BOCHAT\Dane aplikacji\DAEMON Tools
2008-03-30 23:40 . 2008-03-30 23:40 716,272 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-03-30 23:27 . 2006-04-29 14:25 40,960 --a------ C:\WINDOWS\system32\psfind.dll
2008-03-29 15:40 . 2008-02-22 03:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-29 15:39 . 2008-03-29 15:40 <DIR> d-------- C:\Program Files\Java
2008-03-29 15:38 . 2008-03-29 15:38 <DIR> d-------- C:\Program Files\Common Files\Java
2008-03-24 17:24 . 2008-03-24 17:24 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-03-24 17:24 . 2008-04-18 22:04 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-03-24 17:24 . 2008-03-24 17:24 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-03-24 17:24 . 2008-04-18 22:04 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-03-24 15:14 . 2008-03-24 15:14 <DIR> d-------- C:\WINDOWS\Server CFG Creator
2008-03-24 15:14 . 2008-03-24 15:14 <DIR> d-------- C:\Program Files\mnProjects
2008-03-20 01:00 . 2008-04-03 15:23 <DIR> d-------- C:\Program Files\Counter-Strike 1.6

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-19 20:11 --------- d-----w C:\Program Files\F-Secure Internet Security
2008-04-19 16:59 --------- d-----w C:\Program Files\AskTBar
2008-04-19 15:05 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-03 20:27 --------- d-----w C:\Documents and Settings\BOCHAT\Dane aplikacji\teamspeak2
2008-03-26 18:56 --------- d-----w C:\Documents and Settings\BOCHAT\Dane aplikacji\Skype
2008-03-26 16:28 --------- d-----w C:\Documents and Settings\BOCHAT\Dane aplikacji\skypePM
2008-03-19 19:15 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Logishrd
2008-03-19 19:10 --------- d-----w C:\Program Files\Common Files\LogiShrd
2008-03-19 19:07 --------- d-----w C:\Program Files\Logitech
2008-03-09 21:01 --------- d-----w C:\Documents and Settings\BOCHAT\Dane aplikacji\InstallShield
2008-03-08 20:34 32 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
2008-03-08 20:33 --------- d-----w C:\Program Files\Skype
2008-03-08 20:33 --------- d-----w C:\Program Files\Common Files\Skype
2008-03-08 20:33 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Skype
2008-03-08 20:05 24,264 ----a-w C:\WINDOWS\antyvirk.exe
2008-03-01 19:46 --------- d-----w C:\Program Files\ATI Technologies
2008-03-01 19:01 --------- d-----w C:\Program Files\ToniArts
2008-02-29 16:42 2,829 ----a-w C:\WINDOWS\DIIUnin.pif
2008-02-29 16:42 106,496 ----a-w C:\WINDOWS\DIIUnin.exe
2008-02-29 15:06 --------- d-----w C:\Program Files\ATITool
2008-02-25 20:41 --------- d-----w C:\Program Files\LOTR - Return of the King
2008-02-25 15:13 --------- d-----w C:\Documents and Settings\BOCHAT\Dane aplikacji\ATI
2008-02-23 23:55 --------- d-----w C:\Program Files\MediaCoder
2008-02-23 22:11 --------- d-----w C:\Program Files\Cucusoft
2008-02-07 21:09 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2008-02-07 21:09 286,720 ------w C:\WINDOWS\Setup1.exe
2008-02-06 03:42 127,034 ------r C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2008-02-06 02:45 729,088 ----a-w C:\WINDOWS\iun6002.exe
2004-10-01 14:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{87F195A2-E583-4FE1-9649-3333E6FE1A61}"= "C:\WINDOWS\dpevflbg.dll" [2008-04-19 12:39 155648]

[HKEY_CLASSES_ROOT\clsid\{87f195a2-e583-4fe1-9649-3333e6fe1a61}]
[HKEY_CLASSES_ROOT\dpevflbg.1]
[HKEY_CLASSES_ROOT\TypeLib\{6D1E583A-D2AA-4ACA-ACE8-451F73C609F1}]
[HKEY_CLASSES_ROOT\dpevflbg]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 14:00 15360]
"LogitechSetup"="F:\Setup\Setup.exe" [ ]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 09:39 2119104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-09-16 14:39 69632 C:\WINDOWS\SOUNDMAN.EXE]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-09-29 08:15 344064]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2004-09-29 11:37 28672]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2002-12-31 14:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 18:35 1294336]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2004-09-29 11:37 28672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2002-12-31 14:00 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= file:///C:\WINDOWS\privacy_danger\index.htm
FriendlyName= Privacy Protection

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"vadokmxt"= {53B3DFE1-FED8-4FFA-A23E-C9940A9267EE} - C:\WINDOWS\vadokmxt.dll [2008-04-19 12:39 188416]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifgGaxX]
iifgGaxX.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^.protected]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\.protected
backup=C:\WINDOWS\pss\.protectedCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^CoreCenter.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\CoreCenter.lnk
backup=C:\WINDOWS\pss\CoreCenter.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^F-Secure Anti-Virus 2006.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\F-Secure Anti-Virus 2006.lnk
backup=C:\WINDOWS\pss\F-Secure Anti-Virus 2006.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^VIA RAID TOOL.lnk]
path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\VIA RAID TOOL.lnk
backup=C:\WINDOWS\pss\VIA RAID TOOL.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^BOCHAT^Menu Start^Programy^Autostart^.protected]
path=C:\Documents and Settings\BOCHAT\Menu Start\Programy\Autostart\.protected
backup=C:\WINDOWS\pss\.protectedStartup

[HKLM\~\startupfolder\C:^Documents and Settings^BOCHAT^Menu Start^Programy^Autostart^Xfire.lnk]
path=C:\Documents and Settings\BOCHAT\Menu Start\Programy\Autostart\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-Blaxx Manager]
--a------ 2005-05-18 17:08 208896 C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-02-14 01:09 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure Manager]
C:\Program Files\F-Secure Internet Security\Common\FSM32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure Startup Wizard]
C:\Program Files\F-Secure Internet Security\FSGUI\FSSW.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure TNB]
C:\Program Files\F-Secure Internet Security\TNB\TNBUtil.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
--a------ 2007-07-09 09:39 2119104 C:\Program Files\Gadu-Gadu\gg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
--------- 2005-07-08 16:25 1397760 C:\Program Files\Ahead\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
--a------ 2007-10-25 17:33 563984 C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-08-04 01:55 1667584 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 12:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
--a------ 2008-01-07 22:02 495616 C:\Program Files\Winamp Remote\bin\OrbTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
--a------ 2007-12-10 11:12 695808 C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-12-08 18:35 32768 C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-02-01 18:22 21898024 C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-02-22 05:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemDefender]
C:\Program Files\SystemDefender\SystemDefender.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FSMA"=2 (0x2)
"FSDFWD"=3 (0x3)
"FSAUA"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"E:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"E:\\Program Files\\Sierra\\FEAR\\FEAR.exe"=
"E:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"E:\\Program Files\\Sierra\\FEARCombat\\FEARMP.exe"=
"C:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-09-22 12:14]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a987f2b-d66b-11dc-8034-806d6172696f}]
\Shell\AutoRun\command - F:\Launch.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9c80af93-d45c-11dc-be50-806d6172696f}]
\Shell\AutoRun\command - F:\Install.exe

.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-20 13:02:42
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Completion time: 2008-04-20 13:05:10 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-20 11:05:04

Pre-Run: 1,559,240,704 bajtów wolnych
Post-Run: 4,501,295,104 bajt˘w wolnych

251

Logów nie wkleja sie w poradnikach!
Edit by Bozz
 
huber2t
  • huber2t
  • Posty: 2798
  • Dołączenie: 21 Mar 2008, 10:07

20 Kwi 2008, 17:07

Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:
Kod:
File::
C:\WINDOWS\vadokmxt.dll
C:\WINDOWS\dpevflbg.dll
C:\WINDOWS\wxvgsdbq.exe
C:\WINDOWS\olgdqarf.exe
C:\WINDOWS\IsUn0415.exe

Folder::
C:\Program Files\AskTBar

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

Plik -> zapisz jako -> CFScript.txt (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe)
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu ->
Image
Powinno się rozpocząć usuwanie i powstanie log, daj ten log na forum.
Wyślij odpowiedź
Switch to full style

Powered by phpBB © phpBB Group.

phpBB Mobile / SEO by Artodia.

Strona główna