x-kom hosting

kmj.exe

avex699
utworzono
utworzono (edytowane)

Witam, po 2 tygodniowym pobycie za granicą, wbijam na kompa i mam błędy z wirusem kmj.exe - jak się go pozbyć ? Logi z OTL :

http://www.wklej.org/id/272182/

http://www.wklej.org/id/272183/

Co dalej ?

Z góry dziękuję za pomoc, avexx

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[code]:Processes
explorer.exe

:OTL
O4 - HKLM..\Run: [GEST] File not found
O4 - HKCU..\Run: [cdoosoft] C:\Documents and Settings\start\Ustawienia lokalne\Temp\herss.exe ()
O4 - HKCU..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe File not found
O32 - AutoRun File - [2010-01-17 22:32:10 | 000,000,053 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-01-17 22:32:10 | 000,000,053 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-01-17 22:32:10 | 000,000,053 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-07-16 23:13:07 | 001,246,440 | R--- | M] (BioWare) - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009-04-14 04:17:18 | 000,000,058 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{3279eed0-daa8-11de-8ba8-001fd0890f66}\Shell - "" = Autorun
O33 - MountPoints2\{3279eed0-daa8-11de-8ba8-001fd0890f66}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2004-08-03 23:44:28 | 000,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{568f6ccc-baf5-11de-8b8f-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{568f6ccc-baf5-11de-8b8f-806d6172696f}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2009-07-16 23:13:07 | 001,246,440 | R--- | M] (BioWare)
O33 - MountPoints2\{cd454f07-aa99-11de-be76-001fd0890f66}\Shell\AutoRun\command - "" = G:\kmj.exe -- File not found
O33 - MountPoints2\{cd454f07-aa99-11de-be76-001fd0890f66}\Shell\open\Command - "" = G:\kmj.exe -- File not found
O33 - MountPoints2\{ee0fa578-8c96-11dd-8700-806d6172696f}\Shell\AutoRun\command - "" = C:\kmj.exe -- [2010-01-16 10:43:50 | 000,120,320 | RHS- | M] ()
O33 - MountPoints2\{ee0fa578-8c96-11dd-8700-806d6172696f}\Shell\open\Command - "" = C:\kmj.exe -- [2010-01-16 10:43:50 | 000,120,320 | RHS- | M] ()
O33 - MountPoints2\{ee0fa579-8c96-11dd-8700-806d6172696f}\Shell\AutoRun\command - "" = D:\kmj.exe -- [2010-01-16 10:43:50 | 000,120,320 | RHS- | M] ()
O33 - MountPoints2\{ee0fa579-8c96-11dd-8700-806d6172696f}\Shell\open\Command - "" = D:\kmj.exe -- [2010-01-16 10:43:50 | 000,120,320 | RHS- | M] ()
O33 - MountPoints2\{ee0fa57a-8c96-11dd-8700-806d6172696f}\Shell\AutoRun\command - "" = E:\kmj.exe -- [2010-01-16 10:43:50 | 000,120,320 | RHS- | M] ()
O33 - MountPoints2\{ee0fa57a-8c96-11dd-8700-806d6172696f}\Shell\open\Command - "" = E:\kmj.exe -- [2010-01-16 10:43:50 | 000,120,320 | RHS- | M] ()
O33 - MountPoints2\{f2810160-b995-11de-be7e-001fd0890f66}\Shell\AutoRun\command - "" = L:\olu392qj.exe -- File not found
O33 - MountPoints2\{f2810160-b995-11de-be7e-001fd0890f66}\Shell\open\Command - "" = L:\olu392qj.exe -- File not found


:Files
C:\found.000
C:\autorun.inf
C:\kmj.exe
D:\autorun.inf
D:\kmj.exe
E:\autorun.inf
E:\kmj.exe
C:\olu392qj.exe
D:\olu392qj.exe
E:\olu392qj.exe
C:\8xcrbho6.exe
D:\8xcrbho6.exe
E:\8xcrbho6.exe
C:\31lyx.exe
C:\mltox.exe
D:\31lyx.exe
D:\mltox.exe
E:\31lyx.exe
E:\mltox.exe
C:\e9naq.exe
D:\e9naq.exe
E:\e9naq.exe
C:\anoataly.exe
D:\anoataly.exe
E:\anoataly.exe
C:\imghyva6.exe
D:\imghyva6.exe
E:\imghyva6.exe
C:\u16sqrqn.exe
D:\u16sqrqn.exe
E:\u16sqrqn.exe
C:\9ffp.exe
D:\9ffp.exe
E:\9ffp.exe
C:\nx.exe
D:\nx.exe
E:\nx.exe
C:\t8g.exe
D:\t8g.exe
E:\t8g.exe
C:\nqdymj.exe
D:\nqdymj.exe
E:\nqdymj.exe
C:\2id9.exe
C:\k8jc.exe
D:\2id9.exe
D:\k8jc.exe
E:\2id9.exe
E:\k8jc.exe
C:\wu1n.exe
D:\wu1n.exe
E:\wu1n.exe
C:\0qw6vege.exe
D:\0qw6vege.exe
E:\0qw6vege.exe
C:\9g86.exe
D:\9g86.exe
E:\9g86.exe
C:\opdux.exe
D:\opdux.exe
C:\g12g.exe
C:\v1cbvsmq.exe
C:\1a1dndah.exe
E:\opdux.exe
D:\g12g.exe
D:\v1cbvsmq.exe
D:\1a1dndah.exe
E:\g12g.exe
E:\v1cbvsmq.exe
E:\1a1dndah.exe




:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.