[inflames]

Sveiki. Es esmu šeit bijis pāris reizes, lai mēģinātu noteikt mans kaitīgās programmas un tā ir bijusi veiksmīga, taču pašas lietas, šķiet, uzturēt reappearing kas skenē. Man ir grūti darboties kaut kas iet caur CMD (combofix / mgtools / Iseeyouxp), kāda iemesla dēļ. Es esmu rosināja domāt, ka tas ir tādēļ PATH vides mainīgais nav ļauj cmd piekļūt labi failus? Anyway, šeit ir daži MBAM skenē un HJT log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saglabāts 7:20:37 gada 6/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running procesiem:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ PROGRA ~ 1 \ Common ~ 1 \ AOL \ ACS \ AOLacsd.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
C: \ Program Files \ Microsoft Small Business \ Business Contact Manager \ BcmSqlStartupSvc.exe
C: \ programma Files \ Belkin \ Belkin Wireless Network Utility \ WLService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Belkin \ Belkin Wireless Network Utility \ WLanCfgG.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaantmon.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
c: \ Program Files \ Microsoft SQL Server \ 90 \ Shared \ sqlwriter.exe
C: \ Windows \ Explorer.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
C: \ WINDOWS \ system32 \ dllhost.exe
c: \ windows \ system32 \ rundll32.exe
c: \ PROGRA ~ 1 \ avg \ avg8 \ avgtray.exe
c: \ windows \ system32 \ rundll32.exe
c: \ Program Files \ iTunes \ ituneshelper.exe
c: \ windows \ stsystra.exe
c: \ Program Files \ Common Files \ InstallShield \ updateservice \ issch.exe
c: \ Program Files \ Intel \ Intel matricas glabāšanas Manager \ iaanotif.exe
c: \ windows \ ehome \ ehtray.exe
c: \ Program Files \ HP \ mediju pieredzi \ dmxlauncher.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
c: \ program files \ free desktop pulksteni \ desktopclock.exe
c: \ Program Files \ Google \ googletoolbarnotifier \ googletoolbarno tifier.exe
c: \ windows \ system32 \ ctfmon.exe
c: \ Documents and Settings \ Kevin jauniešu \ Local Settings \ Application Data \ Google \ update \ googleupdate.exe
c: \ Program Files \ superantispyware \ superantispyware.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
c: \ Garmin \ ant aģents \ ant agent.exe
c: \ Program Files \ ciparu līniju atklāt \ dlg.exe
c: \ Program Files \ iTunes \ itunes.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
c: \ Documents and Settings \ Kevin jauniešu \ Local Settings \ Application Data \ Google \ Chrome \ Application \ chrome.exe
c: \ Documents and Settings \ Kevin jauniešu \ Local Settings \ Application Data \ Google \ Chrome \ Application \ chrome.exe
c: \ Program Files \ Malwarebytes "anti-ļaundabīgo programmu \ mbam.exe
c: \ Documents and Settings \ Kevin jauniešu \ Local Settings \ Application Data \ Google \ Chrome \ Application \ chrome.exe
c: \ Documents and Settings \ Kevin jauniešu \ Local Settings \ Application Data \ Google \ Chrome \ Application \ chrome.exe
c: \ Documents and Settings \ Kevin jauniešu \ My Documents \ Downloads \ hijackthis.exe

R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=4061002
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet iestatījumi ProxyOverride = *. vietējo
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - (7C554162-8CB7-45A4-B8F4-8EA1C75885F9) - C: \ Program Files \ AOL \ AIM rīkjoslu 5,0 \ aoltb.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4.638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 5.1.1309.3572 \ s wg.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ izvietot \ jqs \ ti \ jqs_plugin.dll
O3 - Toolbar: AIM Toolbar - (DE9C389F-3.316-41A7-809B-AA305ED9D922) - C: \ Program Files \ AOL \ AIM rīkjoslu 5,0 \ aoltb.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [AppleSyncNotifier] C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleSyncNotifier.exe
O4 - HKLM \ .. \ Run: [Google Desktop Search] "C: \ Program Files \ Google \ Google Desktop Search \ GoogleDesktop.exe" / starta
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ quicktime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe"-sākums
O4 - HKLM \ .. \ Run: [ISUSPM Startup] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ isuspm.exe"-starta
O4 - HKLM \ .. \ Run: [IAAnotif] C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaanotif.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [DMXLauncher] C: \ Program Files \ Dell \ Media Experience \ DMXLauncher.exe
O4 - HKLM \ .. \ Run: [DellHelp] C: \ Dell \ DellHelp \ DellHelp.exe / c
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [SkinClock] C: \ Program Files \ free desktop pulksteni \ DesktopClock.exe
O4 - HKCU \ .. \ Run: [SWG] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [labo] "C: \ Documents and Settings \ Kevin Young \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe" / c
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKCU \ .. \ Run: [ANT Agent] C: \ Garmin \ ANT Agent \ ANT Agent.exe
O4 - HKCU \ .. \ Run: [Octoshape Streaming Services] "C: \ Documents and Settings \ Kevin Young \ Application Data \ Octoshape \ Octoshape Streaming Services \ OctoshapeClient.exe"-inv: bootrun
O4 - HKUS \ S-1-5-21-1206202269-1744925342-3452710213-1006 \ .. \ Run: [SkinClock] C: \ Program Files \ free desktop pulksteni \ DesktopClock.exe (User '? ")
O4 - HKUS \ S-1-5-21-1206202269-1744925342-3452710213-1006 \ .. \ Run: [SWG] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe (User '? ")
O4 - HKUS \ S-1-5-21-1206202269-1744925342-3452710213-1006 \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User '? ")
O4 - HKUS \ S-1-5-21-1206202269-1744925342-3452710213-1006 \ .. \ Run: [labo] "C: \ Documents and Settings \ Kevin Young \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe "/ c (User '?")
O4 - HKUS \ S-1-5-21-1206202269-1744925342-3452710213-1006 \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe (User '? ")
O4 - HKUS \ S-1-5-21-1206202269-1744925342-3452710213-1006 \ .. \ Run: [ANT Agent] C: \ Garmin \ ANT Agent \ ANT Agent.exe (User '? ")
O4 - HKUS \ S-1-5-21-1206202269-1744925342-3452710213-1006 \ .. \ Run: [Octoshape Streaming Services] "C: \ Documents and Settings \ Kevin Young \ Application Data \ Octoshape \ Octoshape Streaming Services \ OctoshapeClient.exe "-inv: bootrun (User '?")
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk =?
Ø8 - ārpus konteksta menu item: & AIM Meklēt - c: \ Program Files \ aol \ mērķis rīkjoslu 5,0 \ resursu \ en-US \ Local \ search.html
Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office12 \ EXCEL.EXE/3000
Ø9 - Extra button: AIM Toolbar - (3369AF0D-62E9-4bda-8.103-B4C75499B578) - C: \ Program Files \ AOL \ AIM rīkjoslu 5,0 \ aoltb.dll
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL
Ø9 - Extra button: (no name) - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - (no file)
Ø9 - Extra button: (no name) - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20.001 - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø16 - DPF: (2D8ED06D-3C30-438B-96AE-4D110FDC1FB8) (ActiveScan 2,0 Installer klase) -- http://acs.pandasoftware.com/actives.../as2stubie.cab
Ø16 - DPF: (4871A87A-BFDD-4.106-8.153-FFDE2BAC2967) (DLM Control) -- http://dlm.tools.akamai.com/dlmanage...ex-2.2.4.1.cab
Ø16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) (OnlineScanner Control) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
Ø16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klase) -- http://update.microsoft.com/microsof...?1229742173692
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll
Ø20 - Winlogon Paziņot:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
Ø20 - Winlogon Paziņot: avgrsstarter - C: \ WINDOWS \ SYSTEM32 \ avgrsstx.dll
O23 - Service: AOL Savienojumi Service (AOL ACS) - America Online, Inc - C: \ PROGRA ~ 1 \ Common ~ 1 \ AOL \ ACS \ AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: AVG Free8 Watchdog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter pakalpojums) - Unknown īpašnieks - C: \ Program Files \ Belkin \ Belkin Wireless Network Utility \ WLService.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Intel (R) Quick Resume tehnoloģijas (ELService) - Intel Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel (R) Quick Resume Technology Drivers \ Elservice.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061.008-081.103) - Google - C: \ Program Files \ Google \ Google Desktop Search \ GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: Intel (R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaantmon.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe

--
End of failu - 11.391 bytes



Malwarebytes "Anti-Malware 1,37
Database version: 2216
Windows 5.1.2600 Service Pack 3

6/2/2009 6:34:22
mbam-log-2009-06-02 (18-34-22). txt

Scan type: Full Scan (C: \ |)
Objekti skenēts: 196.280
Pagājušo laiku: 53 minūte (s), 59 second (s)

Memory Processes Inficētie: 0
Memory Modules Inficētie: 0
Registry Keys Inficētie: 10
Reģistra vērtības Inficētie: 0
Registry Data Items Infected: 0
Mapes Inficētie: 0
Faili Inficētie: 1

Atmiņas procesi Inficētie:
(No ļaunprātīgs preces konstatētas)

Memory Modules Inficētie:
(No ļaunprātīgs preces konstatētas)

Registry Keys Inficētie:
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Explorer \ (19127ad2-394b-70f5-C650-b97867baa1f7) (Backdoor.Bot) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Explorer \ (43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6) (Backdoor.Bot) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_USERS \ S-1-5-18 \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explo rer \ (19127ad2-394b-70f5-C650-b97867baa1f7) (Backdoor.Bot) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_USERS \ S-1-5-18 \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explo rer \ (43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6) (Backdoor.Bot) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_CLASSES_ROOT \ TypeLib \ (967b15bc-c0b0-4a69-bfe3-2cdcd20adce4) (Spyware.Banker) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_CLASSES_ROOT \ Interface \ (1c1ebef0-37cf-4.408-b494-f6c000fd6ed7) (Spyware.Banker) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_CLASSES_ROOT \ Interface \ (339949fb-4a8c-4aa3-bd04-8b888d9a642a) (Spyware.Banker) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_CLASSES_ROOT \ Interface \ (cf3e4737-a002-49ce-8e07-3460cb177a28) (Spyware.Banker) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_CLASSES_ROOT \ CLSID \ (b42bf63c-5.354-4c5c-a789-66efeec5e1b0) (Spyware.Banker) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (b42bf63c-5.354-4c5c-a789-66efeec5e1b0) (Spyware.Banker) -> Karantīnā ievietotie un svītrots veiksmīgi.

Reģistra vērtības Inficētie:
(No ļaunprātīgs preces konstatētas)

Registry Data Items Infected:
(No ļaunprātīgs preces konstatētas)

Mapes Inficētie:
(No ļaunprātīgs preces konstatētas)

Faili Inficētie:
c: \ WINDOWS \ system32 \ AcroIEHelpe003.dll (Spyware.Banker) -> Karantīnā ievietotie un svītrots veiksmīgi.

[inflames]

Atvainojamies par dubultu, bet šeit ir nesen mbam skenēšanu.



Malwarebytes "Anti-Malware 1,37
Database version: 2259
Windows 5.1.2600 Service Pack 3

6/10/2009 7:46:14
mbam-log-2009-06-10 (19-46-14). txt

Scan type: Full Scan (C: \ |)
Objekti skenēts: 199.320
Pagājušo laiku: 53 minūte (s), 48 second (s)

Memory Processes Inficētie: 0
Memory Modules Inficētie: 0
Registry Keys Inficētie: 0
Reģistra vērtības Inficētie: 0
Registry Data Items Infected: 0
Mapes Inficētie: 0
Faili Inficētie: 2

Atmiņas procesi Inficētie:
(No ļaunprātīgs preces konstatētas)

Memory Modules Inficētie:
(No ļaunprātīgs preces konstatētas)

Registry Keys Inficētie:
(No ļaunprātīgs preces konstatētas)

Reģistra vērtības Inficētie:
(No ļaunprātīgs preces konstatētas)

Registry Data Items Infected:
(No ļaunprātīgs preces konstatētas)

Mapes Inficētie:
(No ļaunprātīgs preces konstatētas)

Faili Inficētie:
c: \ WINDOWS \ system32 \ AcroIEHelpe003.dll (Spyware.Banker) -> Karantīnā ievietotie un svītrots veiksmīgi.
c: \ Documents and Settings \ Kevin Young \ Application Data \ wiaserva.log (Malware.Trace) -> Karantīnā ievietotie un svītrots veiksmīgi.

[evilfantasy]

Lietošanai ESET Online Antivirus Scanner

Šis skeneris pieprasa Internet Explorer

1. Pārbaudiet lodziņu blakus Jā, es piekrītu Lietošanas noteikumi.
2. Click Sākums
3. Jautāti, ļauj ActiveX kontroli, lai instalētu
4. Click Sākums
5. Pārliecinieties, ka opcija Noņemt atrasts draudi un izvēle Scan nevēlamas programmas tikai jāpārbauda marked.
6. Click Scan
7. Sagaidiet scan pabeigt
8. Lietot notepad atvērt logfile atrodas C: \ Program Files \ EsetOnlineScanner \ log.txt
9. Pievienot C: \ Program Files \ EsetOnlineScanner \ log.txt Ieejiet savā nākamajā atbildi.

[inflames]

# Version = 4
# OnlineScanner.ocx = 1.0.0.635
# OnlineScannerDLLA.dll = 1, 0, 0, 79
# OnlineScannerDLLW.dll = 1, 0, 0, 78
# OnlineScannerUninstaller.exe = 1, 0, 0, 49
# Vers_standard_module = 4002 (20090411)
# Vers_arch_module = 1,064 (20.080.214)
# Vers_adv_heur_module = 1,066 (20.070.917)
# EOSSerial = 779dd52fbada7441aba5d1cce1027195
# End = pabeigts
# Remove_checked = true
# Unwanted_checked = true
# Utc_time = 2009/04/12 08:52:10
# Local_time = 2009/04/12 04:52:10 (-0.500, Eastern Daylight Time)
# Country = "United States"
# Osver = 5.1.2600 NT Service Pack 3
# Skenēts = 362.847
# Atrasts = 0
# Scan_time = 3.552

[evilfantasy]

Dzēst ComboFix un lejupielādētu jaunu kopiju. Pārdēvēt to pirms saglabāšanas to darbvirsmā.

Download ComboFix no viens par saitēm. Jums nepieciešams pārdēvēt to pirms saglabāšanas it!

Svarīgi! Jums ir jāsaglabā ComboFix uz Jūsu rakstāmgalda.

Link 1
Link 2
Link 3

Pārdēvēt ComboFix uz Combo--Fix pirms saglabājot to darbvirsmā.





Laiku sakropļot jūsu antivīruss un visiem antispyware reāllaika aizsardzību pirms veic skenēšanu. Click šo saiti redzēt sarakstu drošības programmas, kas ir invalīdi un to, kā pārtraukt to darbību.

Divreiz uzklikšķiniet uz Combo-Fix.exe un sekojiet norādījumiem.

Vista lietotājiem Right-Click uz Combo-Fix.exe un izvēlieties Palaist kā administratoram (jūs saņemsiet UAC ātru, lūdzu, atļauj to)

Nav peles klikšķi ComboFix loga kamēr tas darbojas. Tas var izraisīt to apstāsies.

Kad skenēšana pabeigta tā atver teksta loga.

Amata, ka žurnāla saturu nākamo atbildi.

Atcerieties, ka jauna aktivizētu jūsu antivīrusu un antispyware aizsardzību, ja ComboFix ir pabeigta.

[inflames]

Man ir pavadījuši apmēram 3 stundas, cenšoties saprast, kāpēc combofix nedarbosies ... neskaitāmu meklēšanu Google, ka man neko. Vienīgais, kas man var būt konstatēja, ka tad, kad mēģinu palaist "kaut kas" nav norādot uz īsto vietu lai visi man ir kravas joslas, kas saka combofix tad cmd logā nekad šovs. Pirms braukšanas tai nav nekādas C mapē: ar jebkuru combofix datiem, lai gan pēc mēģinājumiem, mape ar nosaukumu 32788R22FWJFW parādās, un ir visas. Bat,. Vbs, utt datnēm, ko tā izmanto, lai darbotos. Es neesmu pārliecināts, vai ir kaut ko varu darīt šajā brīdī, bet varbūt jūs zināt!

[evilfantasy]

Uzsākt Task Manager, nospiežot Ctrl + Alt + Delete

End process par šiem failu nosaukumi (ja atrasts)

- FindStr
- Vfind
- SED
- Grep
- Vai jebkuru failu, kas ir pagarinājums *. cfexe

Panāktu, katra tikai vienu reizi.

Tagad sāciet to vēlreiz ..

[inflames]

: (Nekas tur. Es tikai pārformatēt.

[evilfantasy]

Es neesmu pārliecināts, problēmas ir malware saistīti. ESET skenēšanas atgriezās tīras un MBAM secinājumus es nedomāju, ka būtu kas izraisa šo.

Jūs varētu mēģināt remonts pirmās.

[inflames]

Kā man iet, darīt to?