przez roonnii 26 Mar 2008, 23:44
mam wielki problem gdy włączam komputer użycie pliku tron ładuje sie do 980mb na 994 możliwe nie wiem jak to usunąć probowałam dodatkowymi narzędziami podanymi na forum i nic załączam tutaj logi z tych programów
- Kod: Zaznacz wszystko
ComboFix 08-03-25.1 - Rafal 2008-03-26 21:46:49.3 - NTFSx86 NETWORK
Running from: D:\ComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((( Files Created from 2008-02-26 to 2008-03-26 )))))))))))))))))))))))))))))))
.
2008-03-26 21:35 . 2008-03-26 21:43 <DIR> d-------- C:\fixwareout
2008-03-26 21:30 . 2008-03-26 21:30 <DIR> d-------- C:\VundoFix Backups
2008-03-26 21:08 . 2008-03-26 21:08 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\Grisoft
2008-03-26 21:07 . 2008-03-26 21:07 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Grisoft
2008-03-26 21:07 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-03-26 21:02 . 2008-03-26 21:02 <DIR> d-------- C:\Deckard
2008-03-26 20:55 . 2005-01-20 13:47 175,616 --a------ C:\WINDOWS\system32\strings.exe
2008-03-26 20:55 . 2006-03-02 23:42 73,728 --a------ C:\WINDOWS\system32\pv.exe
2008-03-26 20:55 . 2005-01-13 21:41 39,184 --a------ C:\WINDOWS\system32\Ntrights.exe
2008-03-26 20:55 . 2005-10-19 18:50 16,384 --a------ C:\WINDOWS\system32\restart.exe
2008-03-26 20:55 . 2005-01-13 21:41 11,254 --a------ C:\WINDOWS\system32\locate.com
2008-03-26 20:53 . 2008-03-26 20:53 <DIR> d-------- C:\Documents and Settings\tt\Ustawienia lokalne
2008-03-26 20:50 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-03-26 20:50 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-03-26 20:50 . 2008-03-14 09:09 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-03-26 20:50 . 2008-03-15 17:16 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-03-26 20:50 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-03-26 20:50 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-03-26 20:50 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-03-26 20:50 . 2008-03-26 20:50 952 --a------ C:\WINDOWS\system32\tmp.reg
2008-03-23 06:29 . 2008-03-23 06:29 <DIR> d--hs---- C:\found.000
2008-03-19 20:55 . 2008-03-26 20:53 <DIR> d--h----- C:\Documents and Settings\Administrator\Ustawienia lokalne
2008-03-19 20:55 . 2008-02-25 20:38 <DIR> d-------- C:\Documents and Settings\Administrator\Ulubione
2008-03-19 20:55 . 2008-02-25 19:44 <DIR> d--h----- C:\Documents and Settings\Administrator\Szablony
2008-03-19 20:55 . 2008-02-25 20:38 <DIR> d-------- C:\Documents and Settings\Administrator\Pulpit
2008-03-19 20:55 . 2008-02-25 20:38 <DIR> d-------- C:\Documents and Settings\Administrator\Moje dokumenty
2008-03-19 20:55 . 2008-02-25 20:38 <DIR> dr------- C:\Documents and Settings\Administrator\Menu Start
2008-03-19 20:55 . 2008-02-25 20:38 <DIR> dr-h----- C:\Documents and Settings\Administrator\Dane aplikacji
2008-03-19 20:45 . 2008-03-19 20:45 21 --a------ C:\WINDOWS\kit.ini
2008-03-19 08:06 . 2008-03-19 08:06 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\backup
2008-03-16 10:53 . 2008-03-16 10:53 <DIR> d-------- C:\Program Files\Thomson
2008-03-16 10:02 . 2008-03-21 06:30 <DIR> d-------- C:\Program Files\Common Files\Panda Software
2008-03-16 09:47 . 2008-03-16 09:47 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-03-16 09:47 . 2008-03-16 09:47 <DIR> d-------- C:\WINDOWS\Profiles
2008-03-16 09:47 . 2008-03-16 09:47 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\InterTrust
2008-03-16 09:27 . 2008-03-16 11:25 1,799 --a------ C:\WINDOWS\Active Setup Log.BAK
2008-03-09 14:36 . 2008-03-09 14:36 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\dvdcss
2008-03-08 23:16 . 2008-03-11 23:03 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\Media Player Classic
2008-03-08 07:48 . 2008-03-08 07:48 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\ConvertTemp
2008-03-08 07:43 . 2008-03-08 07:43 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\Samsung
2008-03-08 07:40 . 2006-05-03 22:53 174,592 --a------ C:\WINDOWS\system32\framedyn.dll
2008-03-08 07:39 . 2008-03-08 07:39 <DIR> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2008-03-08 07:39 . 2005-12-22 12:24 137,884 --a------ C:\WINDOWS\system32\drivers\sscdmdm.sys
2008-03-08 07:39 . 2005-12-22 12:24 80,272 --a------ C:\WINDOWS\system32\drivers\sscdbus.sys
2008-03-08 07:39 . 2005-12-22 12:24 11,877 --a------ C:\WINDOWS\system32\drivers\sscdcmnt.sys
2008-03-08 07:39 . 2005-12-22 12:24 11,877 --a------ C:\WINDOWS\system32\drivers\sscdcm.sys
2008-03-08 07:39 . 2005-12-22 12:24 11,188 --a------ C:\WINDOWS\system32\drivers\sscdwhnt.sys
2008-03-08 07:39 . 2005-12-22 12:24 11,188 --a------ C:\WINDOWS\system32\drivers\sscdwh.sys
2008-03-08 07:39 . 2005-12-22 12:24 10,864 --a------ C:\WINDOWS\system32\drivers\sscdmdfl.sys
2008-03-08 07:39 . 2006-07-24 16:05 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
2008-03-08 07:39 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-03-08 07:38 . 2008-03-08 07:38 <DIR> d-------- C:\Program Files\Samsung
2008-03-08 07:22 . 2008-03-08 07:22 8,688 --ah----- C:\WINDOWS\system32\mlfcache.dat
2008-03-02 10:53 . 2008-03-02 10:53 135,530 --a------ C:\WINDOWS\system32\AdobeFnt.lst
2008-03-02 10:24 . 2008-03-02 10:24 <DIR> d-------- C:\Program Files\LightWork Design
2008-03-02 10:23 . 1999-11-19 15:03 210,944 --a------ C:\WINDOWS\system32\MSVCRT10.DLL
2008-03-01 23:25 . 2006-08-02 01:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-02-29 07:04 . 2008-02-29 07:04 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\AdobeUM
2008-02-29 06:42 . 2008-03-23 18:56 49 --a------ C:\WINDOWS\NeroDigital.ini
2008-02-28 14:32 . 2008-02-28 14:32 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\Thinstall
2008-02-28 14:31 . 2008-02-28 14:31 <DIR> d-------- C:\Program Files\BitComet Toolbar
2008-02-28 14:31 . 2008-02-28 14:31 254,146 --a------ C:\WINDOWS\BitComet_Toolbar_Uninstaller_125.exe
2008-02-26 14:11 . 2008-02-26 14:11 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\Ahead
2008-02-26 12:18 . 2008-02-26 12:18 <DIR> d-------- C:\WINDOWS\Sun
2008-02-26 12:13 . 2008-03-26 21:32 <DIR> d-------- C:\Program Files\Google
2008-02-26 12:13 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-26 12:11 . 2008-02-26 12:11 <DIR> d-------- C:\Program Files\Common Files\Java
2008-02-26 09:27 . 2008-02-26 09:27 <DIR> d-------- C:\Program Files\VideoLAN
2008-02-26 09:27 . 2008-02-26 09:27 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\vlc
2008-02-26 09:23 . 2008-02-26 09:23 <DIR> d-------- C:\Program Files\Dziobas Rar Player
2008-02-26 09:17 . 2008-02-26 09:17 <DIR> d-------- C:\Program Files\Canon
2008-02-26 09:13 . 1998-10-07 13:54 327,168 --a------ C:\WINDOWS\IsUn0415.exe
2008-02-26 09:13 . 2002-02-12 16:00 97,280 --a------ C:\WINDOWS\system32\CNMLM45.DLL
2008-02-26 09:13 . 2002-01-17 11:48 36,864 --a------ C:\WINDOWS\system32\CNMCP45.EXE
2008-02-26 09:13 . 2002-02-12 06:00 5,632 --a------ C:\WINDOWS\system32\CNMVS45.DLL
2008-02-26 09:12 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-02-26 09:12 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-02-26 09:09 . 2008-02-26 09:09 <DIR> d-------- C:\WINDOWS\InCD
2008-02-26 09:09 . 2004-03-03 15:40 1,769,472 --------- C:\WINDOWS\NuNinst.exe
2008-02-26 09:09 . 2004-03-09 19:29 99,568 --------- C:\WINDOWS\system32\drivers\incdfs.sys
2008-02-26 09:09 . 2004-03-19 18:57 47,283 --------- C:\WINDOWS\NuNinst.cfg
2008-02-26 09:09 . 2004-03-09 19:29 27,664 --------- C:\WINDOWS\system32\drivers\incdpass.sys
2008-02-26 09:09 . 2004-03-09 19:29 9,561 --------- C:\WINDOWS\system32\drivers\incdrec.sys
2008-02-26 09:06 . 2008-02-26 09:06 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-02-26 09:06 . 2008-02-26 09:09 <DIR> d-------- C:\Program Files\Ahead
2008-02-26 09:06 . 2001-07-06 14:41 569,344 -ra------ C:\WINDOWS\system32\imagr5.dll
2008-02-26 09:06 . 2001-07-06 12:44 544,768 -ra------ C:\WINDOWS\system32\imagx5.dll
2008-02-26 09:06 . 2001-07-06 18:24 283,920 -ra------ C:\WINDOWS\system32\ImagXpr5.dll
2008-02-26 09:06 . 2001-07-09 11:50 155,648 -ra------ C:\WINDOWS\system32\NeroCheck.exe
2008-02-26 09:06 . 2000-06-26 11:45 106,496 -ra------ C:\WINDOWS\system32\TwnLib20.dll
2008-02-26 09:06 . 2001-06-26 08:15 38,912 -ra------ C:\WINDOWS\system32\picn20.dll
2008-02-26 08:48 . 2008-03-26 20:25 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\skypePM
2008-02-26 08:48 . 2008-02-26 08:48 32 --a------ C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat
2008-02-26 08:46 . 2008-02-26 08:46 <DIR> d-------- C:\Program Files\Skype
2008-02-26 08:46 . 2008-02-26 08:46 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-02-26 08:46 . 2008-03-26 21:27 <DIR> d-------- C:\Documents and Settings\Rafal\Dane aplikacji\Skype
2008-02-26 08:46 . 2008-02-26 08:46 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-22 09:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-19 19:46 --------- d-----w C:\Program Files\Neostrada TP
2008-03-19 07:06 --------- d-----w C:\Program Files\Gadu-Gadu
2008-03-16 08:47 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-05 05:09 --------- d-----w C:\Program Files\Usługi online
2008-02-26 11:13 --------- d-----w C:\Program Files\Java
2008-02-25 19:39 --------- d-----w C:\Program Files\Winamp
2008-02-25 19:39 --------- d-----w C:\Documents and Settings\Rafal\Dane aplikacji\Winamp
2008-02-25 19:15 --------- d-----w C:\Documents and Settings\Rafal\Dane aplikacji\Gadu-Gadu
2008-02-25 19:11 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-02-25 19:11 --------- d-----w C:\Program Files\CyberLink
2008-02-25 19:11 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\CyberLink
2008-02-25 19:04 --------- d-----w C:\Program Files\VIA
2008-02-25 19:03 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-25 19:02 --------- d-----w C:\Program Files\C-Media 3D Audio
2008-02-25 18:58 --------- d-----w C:\Program Files\ATI Technologies
2008-02-25 18:48 --------- d-----w C:\Program Files\microsoft frontpage
2001-11-23 04:08 712,704 ----a-r C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-05-10 15:36 2111176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-02-28 21:00 315392]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"WOOKIT"="C:\Program Files\Neostrada TP\NeostradaTP.exe" [ ]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38 866816]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe [2008-02-25 20:04:26 565248]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Gadu-Gadu\\gg.exe"=
"D:\\PROGRAMY I ODTWARZACZE\\BitComet\\BitComet.exe"=
"C:\\Documents and Settings\\Rafal\\Pulpit\\eMule\\emule.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-26 21:51:08
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-03-26 21:53:21
ComboFix-quarantined-files.txt 2008-03-26 20:53:16
ComboFix2.txt 2008-03-26 19:53:48
ComboFix3.txt 2008-03-26 19:37:34
- Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:31, on 2008-03-26
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
D:\VundoFix.exe
D:\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOKIT] C:\Program Files\Neostrada TP\NeostradaTP.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-602162358-484061587-725345543-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-602162358-484061587-725345543-1003\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User '?')
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
--
End of file - 4167 bytes
- Kod: Zaznacz wszystko
SmitFraudFix v2.306
Scan done at 21:54:39.17, 2008-03-26
Run from D:\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Wersja 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» DNS
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
Gigabyte GA-K8NF-9/AMD Athlon 64 3200+/ x2 GoodRAM GR400D64L3/512 512 MB PC3200 DDR SDRAM /Xp sp3/GeForce 9600 GT MSI/SyncMaster BX2231/SAMSUNG HD154UI (1500 GB, 5400 RPM, SATA-II)/ST3160827AS (160 GB, 7200 RPM, SATA)/HL-DT-ST DVDRAM GSA-H12N/ numer wersji BIOS'u F12k
