Wall

Ето лога от combofix-aComboFix.txt

Преди малко ги делнах .. но след рестарта на пц са си пак там .. и пак са инфектирани Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6078 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3/17/2011 5:46:41 PM mbam-log-2011-03-17 (17-46-38).txt Scan type: Quick scan Objects scanned: 135654 Time elapsed: 5 minute(s), 3 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 5 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (PUM.Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ANTIVIRUSDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FIREWALLDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UPDATESDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)

Да , пак излизат същите обекти. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6078 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3/17/2011 4:06:55 PM mbam-log-2011-03-17 (16-06-53).txt Scan type: Quick scan Objects scanned: 135765 Time elapsed: 9 minute(s), 39 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 5 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\AdTools, Inc. (Adware.AdTools) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (PUM.Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Folders Infected: (No malicious items detected) Files Infected: c:\WINDOWS\system32\utilman.exe (Trojan.FakeMS) -> No action taken.

Ще го инсталирам. И все пак за Task-a някаква идея.. ? п.п да със администраторския акаунт съм.

SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 03/16/2011 at 07:46 PM Application Version : 4.49.1000 Core Rules Database Version : 6607 Trace Rules Database Version: 4419 Scan type : Quick Scan Total Scan Time : 00:42:30 Memory items scanned : 525 Memory threats detected : 0 Registry items scanned : 1385 Registry threats detected : 8 File items scanned : 10890 File threats detected : 589 Disabled.RegistryEditor HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System#DisableRegistryTools Disabled.TaskManager HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System#DisableTaskMgr HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM#DISABLETASKMGR HKU\S-1-5-21-1229272821-1078145449-842925246-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM#DISABLETASKMGR HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM#DISABLETASKMGR Disabled.SecurityCenterOption HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#ANTIVIRUSDISABLENOTIFY HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#FIREWALLDISABLENOTIFY HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#UPDATESDISABLENOTIFY Trojan.SVCHost/Fake C:\PHOTOSHOP\1000000600002I\SVCHOST.EXE Не съм със ИЕ а със Chrome..

Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6078 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 3/16/2011 8:14:22 PM mbam-log-2011-03-16 (20-14-17).txt Scan type: Quick scan Objects scanned: 136478 Time elapsed: 4 minute(s), 57 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 5 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\AdTools, Inc. (Adware.AdTools) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (PUM.Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Folders Infected: (No malicious items detected) Files Infected: c:\WINDOWS\system32\utilman.exe (Trojan.FakeMS) -> No action taken. П.П нещо неможах да се оправя със лога на SuperAntiSpyware..

Не помогна.. :[ http://prikachi.com/images/574/3099574Y.jpg

Влизам през главния.. т.е няма други акаунти

Добър ден , когато натисна ctrl + alt + del ми пише "диспечерът на задачите е бил забранен от вашия администратор" , имам ехе-то в систем32 .. някаква идея ?