[gingersonny]

Vai ir iespējams nolaupīt this thread maz, jo man ir tieši tāda pati problēma kā Mooseknuckle, Avast! saka, esmu tas rootkit, kā vīrusu, tai skaitā SKYNETievebpws.dll in system32 sub mape ... es varu arī sekot pasākumi šeit un pasta informāciju?

Any help appreciated

[evilfantasy]

Sākt šeit http://www.computer-juice.com/forums...-posting-7476/

Post 3 žurnālus, kad pabeigta.

[gingersonny]

Doing skenē tagad, tomēr es esmu tikai braukt drošajā režīmā ar tīklu aktivizēt šobrīd tik es neesmu pilnīgi pārliecināts, vai visas programmas darbojas drošajā režīmā. Redzēsim gan ...

[evilfantasy]

Sāciet nākamo parastajā režīmā. Tie ir efektīvāki veidā.

[gingersonny]

Es būtu, ja es varētu, bet tas nav boot līdzi normālā režīmā pēc brīža, kad man to, es pieslēdzieties un tā iet, ka Vista welcome ekrāns un karājas tur stundām, tāpēc vienīgais veids, kā es varu pieteikties uz manu dators ir drošs veids diemžēl = (

[evilfantasy]

Sāciet nākamo parastajā režīmā.

Ja ne, tad tas ir OK tagad, bet, lūdzu, mēģiniet.

[gingersonny]

Man izdevās beidzot piekļūt normālā atsāknēšana un esmu pašlaik darbojas SAS skenēšanas ... tomēr, tā ņem 2 stundām jau tagad un tas, šķiet, ir skenēšanas pats simts failus atkal un atkal vēl skaitot tos kā jaunus failus, es uzskatu, ka tas maz ziņkārīgs? Tas joprojām darbojas, taču, kad piereģistrējos tikai tagad tā joprojām dara pats failus ...

Jebkuru konsultāciju, kas patiešām pateicību saņēma

[evilfantasy]

Skip to Malwarebytes norādījumiem.

[gingersonny]

Labi, tad šeit ir skenēšanas rezultātus ...

SAS scan:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/26/2009 at 08:30

Application Version: 4.26.1006

Core Noteikumi Database Version: 3.958
Trace Noteikumi Database Version: 1900

Scan type: Complete Scan
Kopā Scan Time: 02:09:51

Atmiņas vienības skenēts: 812
Memory draudiem detected: 0
Reģistra vienības skenēts: 7.764
Reģistrs draudiem detected: 0
File preces skenēts: 128.575
File draudiem detected: 1

Trojan.Agent / Gen-FSG
FF7 \ CRICKET.SCORER.V5.0.1.INCL.KEYMAKER-apskāviens \ CRICKET.SCORER.V5.0.1.INCL.KEYMAKER-apskāviens \ KEYGEN.EXE


Malwarebytes Scan:

Malwarebytes "Anti-Malware 1,38
Database version: 2338
Windows 6.0.6001 Service Pack 1

26/06/2009 18:01:10
mbam-log-2009-06-26 (18-01-10). txt

Scan type: Full Scan (C: \ | D: \ |)
Objekti skenēts: 482.026
Pagājušo laiku: 1 stunda (s) 27 minūte (s), 51 second (s)

Memory Processes Inficētie: 1
Memory Modules Inficētie: 0
Registry Keys Inficētie: 6
Reģistra vērtības Inficētie: 2
Registry Data Items Infected: 2
Mapes Inficētie: 1
Faili Inficētie: 4

Atmiņas procesi Inficētie:
C: \ Windows \ System32 \ sdra64.exe (Trojan.FakeAlert) -> Izkrautas process veiksmīgi.

Memory Modules Inficētie:
(No ļaunprātīgs preces konstatētas)

Registry Keys Inficētie:
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Explorer \ (19127ad2-394b-70f5-C650-b97867baa1f7) (Backdoor.Bot) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Explorer \ (19127ad2-394b-70f5-C650-b97867baa1f7) (Backdoor.Bot) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Explorer \ (43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6) (Backdoor.Bot) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_USERS \ S-1-5-18 \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explo rer \ (19127ad2-394b-70f5-C650-b97867baa1f7) (Backdoor.Bot) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_USERS \ S-1-5-18 \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explo rer \ (43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6) (Backdoor.Bot) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_CURRENT_USER \ SOFTWARE \ (NSINAME) (Trojan.Agent) -> Karantīnā ievietotie un svītrots veiksmīgi.

Reģistra vērtības Inficētie:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Network \ UID (Malware.Trace) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run \ Userinit (Trojan.Agent) -> Karantīnā ievietotie un svītrots veiksmīgi.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Userinit (Trojan.FakeAlert) -> Data: c: \ windows \ system32 \ sdra64.exe -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Userinit (Hijack.Userinit) -> Bad: (C: \ Windows \ system32 \ userinit.exe, C: \ Windows \ syste M32 \ sdra64.exe,) Laba: (Userinit.exe) -> Karantīnā ievietotie un svītrots veiksmīgi.

Mapes Inficētie:
C: \ Windows \ System32 \ lowsec (Stolen.data) -> Delete par reboot.

Faili Inficētie:
c: \ Windows \ System32 \ lowsec \ local.ds (Stolen.data) -> Delete par reboot.
c: \ Windows \ System32 \ lowsec \ user.ds (Stolen.data) -> Delete par reboot.
C: \ Windows \ System32 \ sdra64.exe (Trojan.FakeAlert) -> Delete par reboot.
C: \ Users \ Sonny \ AppData \ Roaming \ sdra64.exe (Trojan.Agent) -> Karantīnā ievietotie un svītrots veiksmīgi.



HijackThis scan:

Logfile of Trend Micro HijackThis v2.0.2
Scan saglabāts 20:54:54, uz 26/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: drošajā režīmā ar tīkla atbalstu

Running procesiem:
C: \ Windows \ Explorer.exe
C: \ Windows \ system32 \ wbem \ unsecapp.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe
C: \ Windows \ explorer.exe
C: \ Program Files \ Trend Micro \ HijackThis \ juice.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.vistaforums.com/Forum/Topic13079-9-3.aspx
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet iestatījumi ProxyServer = 83.218.164.193:8080
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ installs \ CPN \ yt.dll
O1 - Hosts::: 1 localhost
O2 - BHO: & Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ installs \ CPN \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll (file missing)
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - (CC59E0F9-7E43-44FA-9FAA-8377850BF205) - C: \ Program Files \ Free Download Manager \ iefdm2.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: SingleInstance Class - (FDAD4DA1-61A2-4FD8-9C17-86F7AC245081) - C: \ Program Files \ Yahoo! \ Companion \ installs \ CPN \ YTSingleInstan ce.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ installs \ CPN \ yt.dll
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ HP \ Support \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [OsdMaestro] "C: \ Program Files \ Hewlett-Packard \ On-Screen OSD Indicator \ OSD.exe"
O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaanotif.exe"
O4 - HKLM \ .. \ Run: [CCUTRAYICON] FactoryMode
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8.582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / / M " C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8.582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [4oD] "C: \ Program Files \ Kontiki \ KHost.exe"-visu
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe" MSRun
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [Avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKCU \ .. \ Run: [Skype] "C: \ Program Files \ Skype \ Phone \ Skype.exe" / nosplash / minimāla
O4 - HKCU \ .. \ Run: [Steam] "C: \ Program Files \ tvaika \ steam.exe"-kluss
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ Windows Live \ Messenger \ MsnMsgr.Exe" / background
O4 - HKCU \ .. \ Run: [kdx] C: \ Program Files \ Kontiki \ KHost.exe-all
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% programfiles% \ Windows sānjoslas \ Sidebar.exe / detectMem (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% programfiles% \ Windows sānjoslas \ Sidebar.exe / detectMem (User 'NETWORK SERVICE')
Ø8 - ārpus konteksta menu item: Download visām Free Download Manager - file: / / C: \ Program Files \ Free Download Manager \ dlall.htm
Ø8 - ārpus konteksta menu item: Download izvēlētas, Free Download Manager - file: / / C: \ Program Files \ Free Download Manager \ dlselected.htm
Ø8 - ārpus konteksta menu item: Download video ar Free Download Manager - file: / / C: \ Program Files \ Free Download Manager \ dlfvideo.htm
Ø8 - ārpus konteksta menu item: Download ar Free Download Manager - file: / / C: \ Program Files \ Free Download Manager \ dllink.htm
Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ EXCEL.EXE/3000
Ø9 - Extra button: Nosūtīt OneNote - (2670000A-7350-4f3c-8.081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ ONBttnIE.dll
Ø9 - Extra 'Tools' MENUITEM: S & galu OneNote - (2670000A-7350-4f3c-8.081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ ONBttnIE.dll
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ REFIEBAR.DLL
Ø9 - Extra button: PartyPoker.com - (B7FE5D70-9AA2-40F1-9C6B-12A255F085E1) - C: \ Programs \ PartyGaming \ PartyPoker \ RunApp.exe
Ø9 - Extra 'Tools' MENUITEM: PartyPoker.com - (B7FE5D70-9AA2-40F1-9C6B-12A255F085E1) - C: \ Programs \ PartyGaming \ PartyPoker \ RunApp.exe
Ø9 - Extra button: Upload - (FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1) - C: \ Program Files \ Free Download Manager \ FUM \ fumiebtn.dll
O13 - Gopher Prefix:
Ø16 - DPF: (15AB0590-D322-4.440-B129-BFC893FB3CC2) (AFCStarter_17FunTv Control) -- http://live.17funtv.com:8057/AFCStarter_17funtv.cab
Ø16 - DPF: (4E218431-2F07-40BD-A9D3-035324C1F13F) (DyynoX klase) -- http://webserver.dyyno.com/DyynoClient/DyynoCAB.CAB
Ø16 - DPF: (7E3C8EE9-0EA1-4ACA-A8A2-87B76A3A6BC4) (OpenTV_17FunTV Control) -- http://afocx.17funtv.com:9091/AFC_TW/OpenTV_17FunTV.cab
Ø16 - DPF: (A903E5AB-C67E-40FB-94F1-E1305982F6E0) (KooPlayer Control) -- http://www.ooxtv.com/livetv.ocx
Ø16 - DPF: (C8AEB218-8B7A-4E15-AC17-0EE8D99B80EB) (GameTap Web Updater) -- http://archives.gametap.com/static/c...WebUpdater.cab
Ø16 - DPF: (D4003189-95B1-4A2F-9A87-F2B03665960D) (VodClient Control klase) -- http://www.tvucricket.com/player/vjocx-en-black.cab
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9.458-1830C7DD7F5D) - C: \ PROGRA ~ 1 \ Common ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O18 - Protocol: symres - (AA1061FE-6C41-421F-9.344-69640C9732AB) - C: \ Program Files \ Norton Internet Security \ Engine \ 16.5.0.135 \ coIEPlg.dll (file missing)
Ø20 - Winlogon Paziņot:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Intel (R) Alert Service (AlertService) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ CCU \ AlertService.exe
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc - C: \ Windows \ system32 \ Ati2evxx.exe
O23 - Service: Avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: Avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
O23 - Service: Avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect dienests (CLTNetCnService) - Unknown īpašnieks - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe (file missing)
O23 - Service: DQLWinService - Unknown īpašnieks - C: \ Program Files \ Common Files \ Intel \ IntelDH \ NLS \ AdpPlugins \ DQLWinService.e XE
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C: \ Program Files \ Firebird \ Firebird_2_1 \ bin \ fb_inet_server.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C: \ Program Files \ Hewlett-Packard \ HP veselības pārbaudi \ hphc_service.exe
O23 - Service: Intel (R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Tools \ IntelDHSvcConf.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Intel (R) Software Services Manager (ISSM) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Media Server \ bin \ ISSM.exe
O23 - Service: KService - Kontiki Inc - C: \ Program Files \ Kontiki \ KService.exe
O23 - Service: LightScribeService Direct Disc Marķēšanas dienests (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown īpašnieks - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8.582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: Intel (R) Viiv (TM) Media Server (M1 Server) - Unknown īpašnieks - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Media Server \ bin \ mediaserver.exe
O23 - Service: Intel (R) Piemērošana Tracker (MCLServiceATL) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ čaulas \ MCLServiceATL.exe
O23 - Service: PnkBstrA - Unknown īpašnieks - C: \ Windows \ system32 \ PnkBstrA.exe
O23 - Service: Intel (R) Remoting Service (Remote UI Service) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ čaulas \ Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9,0 \ SharedCOM \ RoxMediaDB9.exe
O23 - Service: Steam Client Service - Valve Corporation - C: \ Program Files \ Common Files \ Steam \ SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc - C: \ Program Files \ Common Files \ SureThing Shared \ stllssvr.exe

--
End of failu - 11.060 bytes


Diemžēl kopš pēdējās reboot es esmu spiests atkal drošais režīms atkal = (Kas ir noticis tas, ka pāris dienu pirms mana datora iesaldēja ar tukšu ekrānu un beidzās parāda kļūdas ziņojumu, ka teica "Pieteikšanās process ir izdevies radīt drošības opcijas dialog. Pārkāpums - Security Options ".

Tā turpināja darīt to, booting un tad iegūt patiešām lēns, tiklīdz es mēģināju palaist programmu, tad iesaldēšana pusceļā ar startēšanas procesus, tad ne pat kļūst pagātnē Vista Welcome screen. Tāpēc es pilnībā atinstalēt atkritumi Norton Internet Security un uzstāda Avast! un tas nebija boot scan un uzskatīja, ka šis rootkit in dažus failus, bet nevar darīt neko par viņiem, vai es teicu, lai noņemtu vai karantīnas tiem (I did this scan divreiz pārbaude).

Un tad es atradu šajā forumā ... anyway, cerams, skenēšanas žurnālus palīdzību un mans stāsts ir jēga =)

[evilfantasy]

Download ComboFix © by subs no vienas no saitēm. Pārliecinieties top saglabājiet to Desktop.

Link # 1
Link # 2

** Piezīme: Ir svarīgi, ka tā ir saglabāta tieši jūsu Desktop

Aizveriet visas atvērtās interneta pārlūkprogrammas. (Firefox, Internet Explorer uc) pirms uzsākt ComboFix.

Laiku sakropļot jūsu antivīruss un visiem antispyware reāllaika aizsardzību pirms veic skenēšanu. Click šo saiti redzēt sarakstu drošības programmas, kas ir invalīdi un to, kā pārtraukt to darbību.

Dubultklikšķi combofix.exe un sekojiet norādījumiem.
Vista lietotājiem Right-Click uz ComboFix.exe un izvēlieties Palaist kā administratoram (jūs saņemsiet UAC ātru, lūdzu, atļauj to)
Kad pabeigts ComboFix ražos log for you.
Post ComboFix log Jūsu nākamo atbildi.

Svarīgi: Nav mouseclick ComboFix loga kamēr tas darbojas. Tas var izraisīt to apstāsies.

Atcerieties, ka jauna aktivizētu jūsu antivīrusu un antispyware aizsardzību, ja ComboFix ir pabeigta.

Ja Jums ir problēmas ar ComboFix lietošana, skatīt Kā lietot ComboFix