avex699 utworzono 1 lutego 2010 utworzono 1 lutego 2010 (edytowane) Witam, po 2 tygodniowym pobycie za granicą, wbijam na kompa i mam błędy z wirusem kmj.exe - jak się go pozbyć ? Logi z OTL : http://www.wklej.org/id/272182/ http://www.wklej.org/id/272183/ Co dalej ? Z góry dziękuję za pomoc, avexx
Psycholandia komentarz 1 lutego 2010 komentarz 1 lutego 2010 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O4 - HKLM..\Run: [GEST] File not found O4 - HKCU..\Run: [cdoosoft] C:\Documents and Settings\start\Ustawienia lokalne\Temp\herss.exe () O4 - HKCU..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe File not found O32 - AutoRun File - [2010-01-17 22:32:10 | 000,000,053 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-01-17 22:32:10 | 000,000,053 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-01-17 22:32:10 | 000,000,053 | RHS- | M] () - E:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-07-16 23:13:07 | 001,246,440 | R--- | M] (BioWare) - F:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2009-04-14 04:17:18 | 000,000,058 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{3279eed0-daa8-11de-8ba8-001fd0890f66}\Shell - "" = Autorun O33 - MountPoints2\{3279eed0-daa8-11de-8ba8-001fd0890f66}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2004-08-03 23:44:28 | 000,023,040 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{568f6ccc-baf5-11de-8b8f-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{568f6ccc-baf5-11de-8b8f-806d6172696f}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2009-07-16 23:13:07 | 001,246,440 | R--- | M] (BioWare) O33 - MountPoints2\{cd454f07-aa99-11de-be76-001fd0890f66}\Shell\AutoRun\command - "" = G:\kmj.exe -- File not found O33 - MountPoints2\{cd454f07-aa99-11de-be76-001fd0890f66}\Shell\open\Command - "" = G:\kmj.exe -- File not found O33 - MountPoints2\{ee0fa578-8c96-11dd-8700-806d6172696f}\Shell\AutoRun\command - "" = C:\kmj.exe -- [2010-01-16 10:43:50 | 000,120,320 | RHS- | M] () O33 - MountPoints2\{ee0fa578-8c96-11dd-8700-806d6172696f}\Shell\open\Command - "" = C:\kmj.exe -- [2010-01-16 10:43:50 | 000,120,320 | RHS- | M] () O33 - MountPoints2\{ee0fa579-8c96-11dd-8700-806d6172696f}\Shell\AutoRun\command - "" = D:\kmj.exe -- [2010-01-16 10:43:50 | 000,120,320 | RHS- | M] () O33 - MountPoints2\{ee0fa579-8c96-11dd-8700-806d6172696f}\Shell\open\Command - "" = D:\kmj.exe -- [2010-01-16 10:43:50 | 000,120,320 | RHS- | M] () O33 - MountPoints2\{ee0fa57a-8c96-11dd-8700-806d6172696f}\Shell\AutoRun\command - "" = E:\kmj.exe -- [2010-01-16 10:43:50 | 000,120,320 | RHS- | M] () O33 - MountPoints2\{ee0fa57a-8c96-11dd-8700-806d6172696f}\Shell\open\Command - "" = E:\kmj.exe -- [2010-01-16 10:43:50 | 000,120,320 | RHS- | M] () O33 - MountPoints2\{f2810160-b995-11de-be7e-001fd0890f66}\Shell\AutoRun\command - "" = L:\olu392qj.exe -- File not found O33 - MountPoints2\{f2810160-b995-11de-be7e-001fd0890f66}\Shell\open\Command - "" = L:\olu392qj.exe -- File not found :Files C:\found.000 C:\autorun.inf C:\kmj.exe D:\autorun.inf D:\kmj.exe E:\autorun.inf E:\kmj.exe C:\olu392qj.exe D:\olu392qj.exe E:\olu392qj.exe C:\8xcrbho6.exe D:\8xcrbho6.exe E:\8xcrbho6.exe C:\31lyx.exe C:\mltox.exe D:\31lyx.exe D:\mltox.exe E:\31lyx.exe E:\mltox.exe C:\e9naq.exe D:\e9naq.exe E:\e9naq.exe C:\anoataly.exe D:\anoataly.exe E:\anoataly.exe C:\imghyva6.exe D:\imghyva6.exe E:\imghyva6.exe C:\u16sqrqn.exe D:\u16sqrqn.exe E:\u16sqrqn.exe C:\9ffp.exe D:\9ffp.exe E:\9ffp.exe C:\nx.exe D:\nx.exe E:\nx.exe C:\t8g.exe D:\t8g.exe E:\t8g.exe C:\nqdymj.exe D:\nqdymj.exe E:\nqdymj.exe C:\2id9.exe C:\k8jc.exe D:\2id9.exe D:\k8jc.exe E:\2id9.exe E:\k8jc.exe C:\wu1n.exe D:\wu1n.exe E:\wu1n.exe C:\0qw6vege.exe D:\0qw6vege.exe E:\0qw6vege.exe C:\9g86.exe D:\9g86.exe E:\9g86.exe C:\opdux.exe D:\opdux.exe C:\g12g.exe C:\v1cbvsmq.exe C:\1a1dndah.exe E:\opdux.exe D:\g12g.exe D:\v1cbvsmq.exe D:\1a1dndah.exe E:\g12g.exe E:\v1cbvsmq.exe E:\1a1dndah.exe :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "SuperHidden"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Hidden"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "ShowSuperHidden"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=dword:00000001 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden] @="" :Commands [emptytemp] [start explorer] [Reboot][/code] Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.