Skocz do zawartości

SzamanMorski

Użytkownicy
 Pokaż profil  Zobacz aktywność

  • Postów

    7

  • Dołączył

  • Ostatnia wizyta

 Typ zawartości 

Treść opublikowana przez SzamanMorski

  1. SzamanMorski
    Przeprowadziłem aktualizacje programów Użytkowanie GG10 nie stanowi dla mnie problemu. Hasła na szczęście mam w zwyczaju co jakiś czas zmieniać, więc też bez problemowo. Jeszcze raz wielkie dzięki za pomoc Pozdrawiam, Szaman Morski
  2. SzamanMorski
    Dzięki wielkie! Wszystko jest jak powinno, pełne skanowanie MBAM wykonane pomyślnie, nie wykryto żadnych zagrożeń. Jeszcze raz dziękuję za pomoc i poświęcony czas. Pozdrawiam, Szaman Morski
  3. SzamanMorski
    Polecenia wykonane, wklejam logi All processes killed ========== OTL ========== 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Cezar ->Temp folder emptied: 594464 bytes ->Temporary Internet Files folder emptied: 1479563 bytes ->Java cache emptied: 456078 bytes ->FireFox cache emptied: 616555372 bytes ->Flash cache emptied: 44395 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 41620 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 119060179 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68032 bytes RecycleBin emptied: 69706 bytes Total Files Cleaned = 704,00 mb OTL by OldTimer - Version 3.2.53.1 log created on 07032012_212702 Files\Folders moved on Reboot... C:\Users\Cezar\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... File C:\Users\Cezar\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot... FSS.txt
  4. SzamanMorski
    Zresetowałem, dodaję nowe logi z SystemLook i OTL'a. Przy okazji, czy programy których używam (Avira oraz SuperAntispyware) są dobrymi programami, czy lepiej używać innych do ochrony komputera? SystemLook.txt OTL.Txt
  5. SzamanMorski
    Dodaję nowe logi. Czy jest możliwe że to ten trojan spowodował infekcję wheelsof'em? Wklejam zawartość Blitzblank: BlitzBlank 1.0.0.32 File/Registry Modification Engine native application MoveDirectoryOnReboot: sourceDirectory = "\??\c:\windows\installer\{f51c0d38-e0b8-2588-2017-024284637aeb}", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\windows\installer\{f51c0d38-e0b8-2588-2017-024284637aeb}\@", destinationFile = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\windows\installer\{f51c0d38-e0b8-2588-2017-024284637aeb}\L", destinationDirectory = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\windows\installer\{f51c0d38-e0b8-2588-2017-024284637aeb}\U", destinationDirectory = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\cezar\appdata\local\{f51c0d38-e0b8-2588-2017-024284637aeb}", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\users\cezar\appdata\local\{f51c0d38-e0b8-2588-2017-024284637aeb}\@", destinationFile = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\cezar\appdata\local\{f51c0d38-e0b8-2588-2017-024284637aeb}\L", destinationDirectory = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\cezar\appdata\local\{f51c0d38-e0b8-2588-2017-024284637aeb}\U", destinationDirectory = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\cezar\appdata\local\microsoft\windows\1175", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\users\cezar\appdata\local\microsoft\windows\1175\3a26dfbf", destinationFile = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\users\cezar\appdata\local\microsoft\windows\1175\sqlncli.exe", destinationFile = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\cezar\appdata\roaming\hellomoto", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\users\cezar\appdata\roaming\hellomoto\BukF.dat", destinationFile = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\users\cezar\appdata\roaming\hellomoto\TujP.dat", destinationFile = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\cezar\appdata\roaming\zayka", destinationDirectory = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\cezar\appdata\roaming\yhca", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\users\cezar\appdata\roaming\yhca\owivg.exe", destinationFile = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\cezar\appdata\roaming\quhyag", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\users\cezar\appdata\roaming\quhyag\ivdik.agi", destinationFile = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\programdata\b7e8586b00015381005d8034b4eb2367", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\programdata\b7e8586b00015381005d8034b4eb2367\B7E8586B00015381005D8034B4EB2367", destinationFile = "(null)", replaceWithDummy = 0 LaunchOnReboot: launchName = "\fix.bat", commandLine = "c:\fix.bat" OpenDriver: ZwLoadDriver(\Registry\Machine\System\CurrentControlSet\Services\blzblk) failed: status = c0000428 LaunchOnReboot: OpenDriver failed: status = c0000428 FSS.txt SystemLook.txt OTL.Txt
  6. SzamanMorski
    Dodaję raport z SystemLook SystemLook.txt
  7. SzamanMorski
    Witam, Mój komputer został zainfekowany przez wirusa weelsof. Czy mógłbym prosić o pomoc? Posiadam system Win7 64-bitowy. Do postu załączam logi z OTL Pozdrawiam. Extras.Txt OTL.Txt
×
×
  • Dodaj nową pozycję...