Skocz do zawartości

  2. Przeglądanie profilu: Posty: karolkuich

karolkuich

Rejestracja: 23 mar 2008
OFFLINE Ostatnio: 14 06 2009 23:36
*****

Moje posty

W temacie: [wirus]Podejrzenia o wirusa

29 05 2009 - 00:26

Jakie prawa ? To jest folder systemowy i on musi być na dysku ! Jego się nie kasuje , tylko opróżnia z zawartości.
Folder System Volume Information opróżniamy poprzez wyłączenie przywracania systemu : http://www.bezpieczenstwosystemow.pl/index.php?topic=39.0
Ilośc punktów przywracania można także kontrolować przy pomocy programu CCleaner : http://www.bezpieczenstwosystemow.pl/index.php?topic=5016.0

W temacie: Logi - Brak antywirusa, prośba o oczyszczenie

06 05 2009 - 23:20

Usuniemy Kaspra :

Wklej do notatnika :
File::
c:\windows\system32\drivers\klin.dat
c:\windows\system32\drivers\klick.dat
c:\windows\system32\drivers\fidbox.dat
c:\windows\system32\drivers\fidbox2.dat
c:\windows\system32\drivers\fidbox2.idx
c:\windows\system32\drivers\fidbox.idx

Folder::
c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab Setup

Driver::
klbg
klfltdev
klim5
Plik zapisz jako CFScript.txt , przeciągnij i upuść na ikonkę ComboFixa. Wklej loga, który powstanie po usuwaniu.

W temacie: Logi - Brak antywirusa, prośba o oczyszczenie

06 05 2009 - 16:59

Wklej do notatnika :
Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
Plik >>> Zapisz jako >>> Zmień rozszerzenie z TXT na Wszystkie pliki >>> Zapisz pod nazwą FIX.REG i uruchom z dwukliku.

Przeskanuj system MBAM: http://www.bezpieczenstwosystemow.pl/index.php?topic=4536.0

zainstalowałem kasperskiego ale nie chce mi sie uruchomić

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys - to wskazuje, że jednak usługa kaspra działa.

Start → Uruchom , wpisz :
sc delete ekrn
OK.

W temacie: Logi - Brak antywirusa, prośba o oczyszczenie

04 05 2009 - 00:38

Wklej do notatnika :
File::
c:\windows\system32\drivers\56d5edd4.sys
c:\windows\system32\drivers\c02adadd.sys
c:\windows\system32\1041g.dll
c:\windows\system32\2155703669.dat

Dirlook::
c:\documents and settings\liczkowscy\Dane aplikacji\ijjigame

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\a2service.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ArcaCheck.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\arcavir.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashDisp.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashEnhcd.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashServ.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashUpd.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aswUpdSv.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avcls.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avz.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avz4.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avz_se.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdinit.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\caav.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\caavguiscan.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\casecuritycenter.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ccupdate.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfp.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cfpupdat.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cmdagent.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DRWEB32.EXE]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FAMEH32.EXE]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FPAVServer.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fpscan.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FPWin.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsav32.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fsgk32st.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSMA32.EXE]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guardxservice.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guardxup.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navigator.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NAVSTUB.EXE]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Nvcc.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\outpost.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\preupd.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pskdr.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SfFnUp.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32arkit.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vba32ldr.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Zanda.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\zapro.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Zlh.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\zoneband.dll]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"=-
Plik zapisz jako CFScript.txt , przeciągnij i upuść na ikonkę ComboFixa. Wklej loga, który powstanie po usuwaniu.

Nie miałem AV chyba od grudnia

Ja myślę, że gdy skończymy usuwanie syfu, to jednak zainstalujesz... :D

  1. Forum Komputerowe Tweaks.pl
  2. Przeglądanie profilu: Posty: karolkuich
  3. Polityka prywatności
  4. Szukaj
  5. Regulamin Forum ·