Siema. Wiem, że mam na kompie trojana. Niestety nie wiem jak go usunąć. Możecie mi napisać na forum jak się go pozbyć? Mam tez do Was małą prośbę. Czy ktoś mógłby mi opisać co robi gdy na jego komputerze znajdzie się jakis trojan? Wpierw trzeba ustalić co to. Później znaleźć jakiś programik co to usuwa czy grzebać w rejestrach? Gdyby ktoś mógł mi coś takiego opisać co robi gdy ma trojana. Ja na przykłąd piszę na centrumxp.pl ale nie chcę za każdym razem zaśmiecać forum ;) Logi z HJT: Logfile of HijackThis v1.99.1 Scan saved at 11:21:19, on 2007-09-23 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Microsoft Security Adviser\mssadv.exe C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Internet Explorer\iexplore.exe E:\GRY\Gry\iCCup\iccup_launcher\Launcher.exe D:\Ratowanie kompa\HiJackThis\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start24.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [Microsoft security adviser] C:\Program Files\Microsoft Security Adviser\mssadv.exe O4 - HKLM\..\Run: [msctrl.exe] C:\Program Files\Microsoft Security Adviser\msctrl.exe O4 - HKLM\..\Run: [msavsc.exe] C:\Program Files\Microsoft Security Adviser\msavsc.exe O4 - HKLM\..\Run: [msscan.exe] C:\Program Files\Microsoft Security Adviser\msscan.exe O4 - HKLM\..\Run: [msiemon.exe] C:\Program Files\Microsoft Security Adviser\msiemon.exe O4 - HKLM\..\Run: [msfw.exe] C:\Program Files\Microsoft Security Adviser\msfw.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe O4 - HKCU\..\Run: [Microsoft security adviser] C:\Program Files\Microsoft Security Adviser\mssadv.exe O4 - HKCU\..\Run: [msctrl.exe] C:\Program Files\Microsoft Security Adviser\msctrl.exe O4 - HKCU\..\Run: [msavsc.exe] C:\Program Files\Microsoft Security Adviser\msavsc.exe O4 - HKCU\..\Run: [msscan.exe] C:\Program Files\Microsoft Security Adviser\msscan.exe O4 - HKCU\..\Run: [msiemon.exe] C:\Program Files\Microsoft Security Adviser\msiemon.exe O4 - HKCU\..\Run: [msfw.exe] C:\Program Files\Microsoft Security Adviser\msfw.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: www.youtube.com O17 - HKLM\System\CCS\Services\Tcpip\..\{0B0791E7-1EFC-4F1B-BBFA-D7FE27D73390}: NameServer = 85.255.115.108,85.255.112.24 O17 - HKLM\System\CCS\Services\Tcpip\..\{35958AB9-7BCB-49A2-ABE4-5EEEE97F03AA}: NameServer = 85.255.115.108,85.255.112.24 O17 - HKLM\System\CCS\Services\Tcpip\..\{8D106F6F-0B73-4227-8789-4765D71471BC}: NameServer = 85.255.115.108,85.255.112.24 O17 - HKLM\System\CCS\Services\Tcpip\..\{A593C78F-608E-4E69-B58E-107D22CD4EFB}: NameServer = 85.255.115.108,85.255.112.24 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.108 85.255.112.24 O17 - HKLM\System\CS1\Services\Tcpip\..\{0B0791E7-1EFC-4F1B-BBFA-D7FE27D73390}: NameServer = 85.255.115.108,85.255.112.24 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.108 85.255.112.24 O17 - HKLM\System\CS2\Services\Tcpip\..\{0B0791E7-1EFC-4F1B-BBFA-D7FE27D73390}: NameServer = 85.255.115.108,85.255.112.24 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.108 85.255.112.24 O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe Sprawwdzałem na hjt.de i faktycznie jest tego sporo. Naprawiałem to fixem w hjt ale dalej trojan siedzi. Hlp ;/