2 małe problemy :)
#21
A moglibyście mi napisać co się wtedy stanie? Nie to, że wam nie ufam, ale pewnie wiecie jak to jest jak ktoś wam pisze żebyście instalowali jakieś nieznane pliki.Smile
Odpowiedz
#22
Masz w logu małe herezje, które nalezy poprawić, a ten "plik" jest do tego pomocny Smile
Odpowiedz
#23
No już zainstalowałem. Musi ten plik być cały czas w miejscu skąd odbyła się instalacja czy można go przenieść?
Teraz pewnie mam wkleić log??Smile
Odpowiedz
#24
Możesz go przenieść. Log obowiązkowo Smile
Odpowiedz
#25
Hijack
Cytat:
Logfile of HijackThis v1.99.1
Scan saved at 13:36:09, on 2006-12-29
Platform: Windows XP(WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesSygateSPFsmc.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAntiVir PersonalEdition Classicsched.exe
C:Program FilesAntiVir PersonalEdition Classicavguard.exe
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSsystem32pctspk.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:PROGRA~1NEOSTR~1CnxMon.exe
C:PROGRA~1NEOSTR~1TaskbarIcon.exe
C:Program FilesThomsonSpeedTouch USBDragdiag.exe
C:WINDOWSSystem32RUNDLL32.EXE
C:Program FilesJavajre1.5.0_09binjusched.exe
C:WINDOWSSystem32ctfmon.exe
C:PROGRA~1NEOSTR~1NeostradaTP.exe
C:PROGRA~1NEOSTR~1ComComp.exe
C:PROGRA~1NEOSTR~1Watch.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesGadu-Gadugg.exe
C:Program FilesAntiVir PersonalEdition Classicavgnt.exe
C:Program FilesMicrosoft OfficeOfficeWINWORD.EXE
C:WINDOWSSystem32msiexec.exe
C:WINDOWSmsagentAgentSvr.exe
D:Nasze dokumentywojtASProgramyNarzędziahijackthis.com

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =

[Aby zobaczyć linki, zarejestruj się tutaj]

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =

[Aby zobaczyć linki, zarejestruj się tutaj]

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} -

C:PROGRA~1NEOSTR~1SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program

FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program

FilesJavajre1.5.0_09binssv.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} -

C:PROGRA~1TEXTwareQUICKF~1PlugInsIEHelp.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -

C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [WooCnxMon]C:PROGRA~1NEOSTR~1CnxMon.exe
O4 - HKLM..Run: [WOOWATCH]C:PROGRA~1NEOSTR~1Watch.exe
O4 - HKLM..Run: [WOOTASKBARICON]C:PROGRA~1NEOSTR~1TaskbarIcon.exe
O4 - HKLM..Run: [SpeedTouch USB Diagnostics]"C:Program FilesThomsonSpeedTouch

USBDragdiag.exe" /icon
O4 - HKLM..Run: [NvCplDaemon]RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NvMediaCenter]RUNDLL32.EXE

C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [avgnt]"C:Program FilesAntiVir PersonalEdition Classicavgnt.exe" /min
O4 - HKLM..Run: [CountrySelection]pctptt.exe
O4 - HKLM..Run: [SmcService]C:PROGRA~1SygateSPFsmc.exe -startgui
O4 - HKLM..Run: [SunJavaUpdateSched]"C:Program FilesJavajre1.5.0_09binjusched.exe"
O4 - HKCU..Run: [CTFMON.EXE]C:WINDOWSSystem32ctfmon.exe
O8 - Extra context menu item: Subskrybuj w RssSpeed -

[Aby zobaczyć linki, zarejestruj się tutaj]


FilesRssSpeedadd_feed.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program

FilesJavajre1.5.0_09binssv.dll
O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:Program FilesJavajre1.5.0_09binssv.dll
O9 - Extra button: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:Program

FilesFree SurferFS20.exe
O9 - Extra ''Tools'' menuitem: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} -

C:Program FilesFree SurferFS20.exe
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) -

[Aby zobaczyć linki, zarejestruj się tutaj]

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

[Aby zobaczyć linki, zarejestruj się tutaj]


63957602
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

[Aby zobaczyć linki, zarejestruj się tutaj]


63930894
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -

[Aby zobaczyć linki, zarejestruj się tutaj]

O17 - HKLMSystemCCSServicesTcpip..{89CF2CE1-B2A5-47E1-B9B5-A057EE89CDC5}: NameServer =

194.204.152.34 217.98.63.164
O18 - Protocol: textwareilluminatorbase - {CE5CD329-1650-414A-8DB0-4CBF72FAED87} -

C:WINDOWSSystem32textwareilluminatorbaseProtocol.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:Program FilesAntiVir

PersonalEdition Classicsched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH -

C:Program FilesAntiVir PersonalEdition Classicavguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program

FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: IomegaAccess - Unknown owner - C:Program

FilesIomegaTools_NTIOMEGAACCESS.EXE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -

C:WINDOWSSystem32nvsvc32.exe
O23 - Service: W2k PCtel speaker phone (Pctspk) - PCtel, Inc. -

C:WINDOWSsystem32pctspk.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. -

C:Program FilesSygateSPFsmc.exe
O23 - Service: ZipToA - Unknown owner - C:WINDOWSSystem32ZipToA.exe


Z silent dam później bo u mnie to trwa godzinę i komp wolno chodzi i nie chce mi się na razie siedzieć nad tym.
Odpowiedz
#26
Hijack czyściutki.
Odpowiedz
#27
i jeszcze stary dobry Silent Runners:
Cytat:
"Silent Runners.vbs", revision 49,

[Aby zobaczyć linki, zarejestruj się tutaj]

Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCUSoftwareMicrosoftWindowsCurrentVersionRun {++}
"CTFMON.EXE" = "C:WINDOWSSystem32ctfmon.exe" [MS]

HKLMSoftwareMicrosoftWindowsCurrentVersionRun {++}
"WooCnxMon" = "C:PROGRA~1NEOSTR~1CnxMon.exe" [empty string]
"WOOWATCH" = "C:PROGRA~1NEOSTR~1Watch.exe" ["France TĂŠlĂŠcom R&D"]
"WOOTASKBARICON" = "C:PROGRA~1NEOSTR~1TaskbarIcon.exe" ["France TĂŠlĂŠcom R&D"]
"SpeedTouch USB Diagnostics" = ""C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon" ["THOMSON Telecom Belgium"]
"NvCplDaemon" = "RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup" [MS]
"NvMediaCenter" = "RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit" [MS]
"avgnt" = ""C:Program FilesAntiVir PersonalEdition Classicavgnt.exe" /min" ["Avira GmbH"]
"CountrySelection" = "pctptt.exe" ["PCtel, Inc."]
"SmcService" = "C:PROGRA~1SygateSPFsmc.exe -startgui" ["Sygate Technologies, Inc."]
"SunJavaUpdateSched" = ""C:Program FilesJavajre1.5.0_09binjusched.exe"" ["Sun Microsystems, Inc."]

HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"
InProcServer32(Default) = "C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll" ["Adobe Systems Incorporated"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
InProcServer32(Default) = "C:Program FilesJavajre1.5.0_09binssv.dll" ["Sun Microsystems, Inc."]
{C08DF07A-3E49-4E25-9AB0-D3882835F153}(Default) = (no title provided)
-> {HKLM...CLSID} = "QUICKfind BHO Object"
InProcServer32(Default) = "C:PROGRA~1TEXTwareQUICKF~1PlugInsIEHelp.dll" [null data]

HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
InProcServer32(Default) = "C:WINDOWSSystem32Audiodev.dll" [MS]
"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
InProcServer32(Default) = "C:WINDOWSSystem32nvcpl.dll" ["NVIDIA Corporation"]
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {HKLM...CLSID} = "NVIDIA CPL Extension"
InProcServer32(Default) = "C:WINDOWSSystem32nvcpl.dll" ["NVIDIA Corporation"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
InProcServer32(Default) = "C:WINDOWSSystem32nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
InProcServer32(Default) = "C:WINDOWSSystem32nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
InProcServer32(Default) = "C:WINDOWSSystem32nvshell.dll" ["NVIDIA Corporation"]
"{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" = "Shell Extension for Malware scanning"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
InProcServer32(Default) = "C:Program FilesAntiVir PersonalEdition Classicshlext.dll" ["H+BEDV Datentechnik GmbH"]
"{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}" = "jetAudio"
-> {HKLM...CLSID} = "JetFlExt"
InProcServer32(Default) = "C:Program FilesJetAudioJetFlExt.dll" ["JetAudio, Inc."]
"{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" = "OpenOffice.org Column Handler"
-> {HKCU...CLSID} = (no title provided)
InProcServer32(Default) = ""C:Program FilesOpenOffice.ux.pl 2.0.2programshlxthdl.dll"" ["Sun Microsystems, Inc."]
"{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" = "OpenOffice.org Infotip Handler"
-> {HKCU...CLSID} = (no title provided)
InProcServer32(Default) = ""C:Program FilesOpenOffice.ux.pl 2.0.2programshlxthdl.dll"" ["Sun Microsystems, Inc."]
"{63542C48-9552-494A-84F7-73AA6A7C99C1}" = "OpenOffice.org Property Sheet Handler"
-> {HKCU...CLSID} = (no title provided)
InProcServer32(Default) = ""C:Program FilesOpenOffice.ux.pl 2.0.2programshlxthdl.dll"" ["Sun Microsystems, Inc."]
"{3B092F0C-7696-40E3-A80F-68D74DA84210}" = "OpenOffice.org Thumbnail Viewer"
-> {HKCU...CLSID} = (no title provided)
InProcServer32(Default) = ""C:Program FilesOpenOffice.ux.pl 2.0.2programshlxthdl.dll"" ["Sun Microsystems, Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

HKLMSoftwareClassesFoldershellexColumnHandlers
{F9DB5320-233E-11D1-9F84-707F02C10627}(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
InProcServer32(Default) = "C:Program FilesAdobeAcrobat 7.0ActiveXPDFShell.dll" ["Adobe Systems, Inc."]

HKLMSoftwareClasses*shellexContextMenuHandlers
Shell Extension for Malware scanning(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
InProcServer32(Default) = "C:Program FilesAntiVir PersonalEdition Classicshlext.dll" ["H+BEDV Datentechnik GmbH"]
TzShell(Default) = "{B38FE8E9-5DFC-4D58-8459-1E3AC5165E34}"
-> {HKLM...CLSID} = "TzShell"
InProcServer32(Default) = "C:PROGRA~1TUGZipTzShell.dll" [null data]
WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

HKLMSoftwareClassesDirectoryshellexContextMenuHandlers
jetAudio(Default) = "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}"
-> {HKLM...CLSID} = "JetFlExt"
InProcServer32(Default) = "C:Program FilesJetAudioJetFlExt.dll" ["JetAudio, Inc."]
WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

HKLMSoftwareClassesFoldershellexContextMenuHandlers
jetAudio(Default) = "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}"
-> {HKLM...CLSID} = "JetFlExt"
InProcServer32(Default) = "C:Program FilesJetAudioJetFlExt.dll" ["JetAudio, Inc."]
Shell Extension for Malware scanning(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
InProcServer32(Default) = "C:Program FilesAntiVir PersonalEdition Classicshlext.dll" ["H+BEDV Datentechnik GmbH"]
TzShell(Default) = "{B38FE8E9-5DFC-4D58-8459-1E3AC5165E34}"
-> {HKLM...CLSID} = "TzShell"
InProcServer32(Default) = "C:PROGRA~1TUGZipTzShell.dll" [null data]
WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]


Default executables:
--------------------

HKCUSoftwareClasses.bat(Default) = (value not set)

HKCUSoftwareClasses.cmd(Default) = (value not set)

HKCUSoftwareClasses.com(Default) = (value not set)

HKCUSoftwareClasses.exe(Default) = (value not set)

<<!>> HKLMSoftwareClassesscrfileshellopencommand(Default) = ""%1" %*" [file not found]


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCUSoftwareMicrosoftInternet ExplorerDesktopGeneral
"Wallpaper" = "C:Documents and SettingsLida & wojtASUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCUControl PanelDesktop
"Wallpaper" = "C:Documents and SettingsLida & wojtASDane aplikacjiMicrosoftInternet ExplorerTapeta programu Internet Explorer.bmp"


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLMSystemCurrentControlSetServicesWinsock2ParametersNameSpace_Catalog5Catalog_Entries {++}
000000000001LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]
000000000002LibraryPath = "%SystemRoot%System32winrnr.dll" [MS]
000000000003LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]

Transport Service Providers

HKLMSystemCurrentControlSetServicesWinsock2ParametersProtocol_Catalog9Catalog_Entries {++}
0000000000##PackedCatalogItem (contains) DLL [Company Name] , (at) ## range:
%SystemRoot%system32mswsock.dll [MS] , 01 - 03, 06 - 15
%SystemRoot%system32rsvpsp.dll [MS] , 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Explorer Bars

HKLMSoftwareMicrosoftInternet ExplorerExplorer Bars

HKLMSoftwareClassesCLSID{01002DB2-8170-4D9B-A8B1-DDC9DD114E03}(Default) = "Volet Wanadoo"
Implemented Categories{00021494-0000-0000-C000-000000000046} [horizontal bar]
InProcServer32(Default) = "C:PROGRA~1NEOSTR~1audienceaudience.dll" [empty string]

HKLMSoftwareClassesCLSID{3BAF4A27-C764-4E1A-A6F4-62F7A7E5E51C}(Default) = "ToolBand Class"
Implemented Categories{00021494-0000-0000-C000-000000000046} [horizontal bar]
InProcServer32(Default) = "C:PROGRA~1NEOSTR~1audienceaudience.dll" [empty string]

HKLMSoftwareClassesCLSID{5BF498C0-931E-4A4F-B33F-456D07137EAA}(Default) = "Volet Wanadoo"
Implemented Categories{00021494-0000-0000-C000-000000000046} [horizontal bar]
InProcServer32(Default) = "C:PROGRA~1NEOSTR~1audienceaudience.dll" [empty string]

Extensions (Tools menu items, main toolbar menu buttons)

HKLMSoftwareMicrosoftInternet ExplorerExtensions
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.5.0_09"
InProcServer32(Default) = "C:Program FilesJavajre1.5.0_09binssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.5.0_09"
InProcServer32(Default) = "C:Program FilesJavajre1.5.0_09binnpjpi150_09.dll" ["Sun Microsystems, Inc."]

{AFC3FA82-AD07-45CD-8B57-983435B9899E}
"ButtonText" = "Free Surfer"
"MenuText" = "Free Surfer"
"Exec" = "C:Program FilesFree SurferFS20.exe" ["EMS-Project 2002 ©"]


Miscellaneous IE Hijack Points
------------------------------

HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks
<<H>> "{08C06D61-F1F3-4799-86F8-BE1A89362C85}" = (no title provided)
-> {HKLM...CLSID} = "Search Class"
InProcServer32(Default) = "C:PROGRA~1NEOSTR~1SEARCH~1.DLL" [empty string]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

AntiVir PersonalEdition Classic Service, AntiVirService, "C:Program FilesAntiVir PersonalEdition Classicavguard.exe" ["AVIRA GmbH"]
AntiVir Scheduler, AntiVirScheduler, "C:Program FilesAntiVir PersonalEdition Classicsched.exe" ["Avira GmbH"]
NVIDIA Display Driver Service, NVSvc, "C:WINDOWSSystem32nvsvc32.exe" ["NVIDIA Corporation"]
Sygate Personal Firewall, SmcService, "C:Program FilesSygateSPFsmc.exe" ["Sygate Technologies, Inc."]
W2k PCtel speaker phone, Pctspk, "C:WINDOWSsystem32pctspk.exe" ["PCtel, Inc."]
Windows User Mode Driver Framework, UMWdf, "C:WINDOWSSystem32wdfmgr.exe" [MS]


----------
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 599 seconds.
---------- (total run time: 2993 seconds)
Odpowiedz
#28
Ten log również jest OK Smile
Odpowiedz
#29
Dzięki wszystkim na razie. Mam nadzieję że nic się nie zepsuje. Jak coś to będę pisał.8)
Odpowiedz


Skocz do:


Użytkownicy przeglądający ten wątek: 1 gości