nmotz Публикувано Юни 30, 2012 Report Share Публикувано Юни 30, 2012 Здравейте, от няколко дена антивирусната ми програма (Аvira) започна да ми засича странни вируси. Пробвах да ги изтрия от прозореца, но безуспешно, след няколко минути излиза отново. Можете да погледнете за какво става въпрос в прикачените файлове. Има ли някакъв начин проблемът да се оправи? Цитирай Link to comment Сподели другаде More sharing options...
B-boy/StyLe/ Публикувано Юни 30, 2012 Report Share Публикувано Юни 30, 2012 Здравейте, Имате си ZeroAccess рууткит.Временно деинсталирайте Avira (това е важно!).След това: 1. Изтеглете ComboFix от BleepingComputerи го запазете (бутон Save -> Save as) ComboFix на вашия десктоп:http://i46.tinypic.com/2exprgh.jpgСлед приключване на изтеглянето на ComboFix, иконката на програмата би трябвало да изглежда така:http://i46.tinypic.com/29eqjuq.jpg 2. Затворете всички работещи приложения, отворени прозорци и програми работещи във фонов режим. Спрете временно защитата в реално време на антивирусната програма и на другите програми за сигурност, ако има такива. 3. Стартирайте с двоен клик Combofix.exe. Изберете YES, за да се съгласите с условията за използване на програмата. Важно: По време на работата на ComboFix не бива да се движи мишката и да се натискат клавиши от клавиатурата. Просто търпеливо оставете ComboFix да си свърши работата, без да използвате компютъра за други цели. 4. Ако получите предупреждение от UAC, съгласете се. 5 ComboFix ще спре временно Интернет връзката, но след като приключи работата на програмата тази връзка ще бъде възстановена автоматично. ComboFix ще сканира за проблеми и за заразени файлове, като това може да отнеме известно време. Моля да бъдете търпеливи. Ако има проблем с Интернет връзката след приключване на работата на Combofix, моля да прочетете това: Manually restoring the Internet connection section. 6 Когато работата на ComboFix приключи, ще се появи текстов документ (log) в Notepad:http://i49.tinypic.com/157m978.jpg Копирайте с (Copy) и поставете с (Paste) съдържанието на лога в следващия си коментар. Забележка: Ако се появи следното съобщение при отварянето на различни програми след завършване на сканирането с Combofix - "illegal operation on a registry key that has been marked for deletion." просто рестартирайте компютъра още веднъж и то ще изчезне.По време на сканирането не използвайте компютъра си ! Цитирай Link to comment Сподели другаде More sharing options...
nmotz Публикувано Юли 1, 2012 Author Report Share Публикувано Юли 1, 2012 Току що пробвах да направя изброеното, но излезе някакъв проблем по време на стартирането на програма. След като я пусна, програмата започва да extract-ва файловете си и след това ми излиза за кратко съобщението прикачено по-долу, след което, когато завърши разархивирането на файловете си автоматично се затваря и дотам. Нищо не се случва след това, а не е като да не съм изчакал. Цитирай Link to comment Сподели другаде More sharing options...
B-boy/StyLe/ Публикувано Юли 1, 2012 Report Share Публикувано Юли 1, 2012 Ок..ще използваме нов инструмент: Изтеглете OTL.exe и го запазете на десктопа.Стартирайте OTL (ако е необходимо, потвърдете през UAC).Направете следните настройки:Сложете отметка пред Scan All UsersПод менюто File Age изберете 90 daysПод менюто Standard Registry променете на ALLСложете отметки пред LOP и Purity CheckПод http://store.picbg.net/pubpic/0A/C1/c814d031472c0ac1.png с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето): netsvcs msconfig safebootminimal safebootnetwork activex drivers32 "%WinDir%\$NtUninstallKB*$." /90 C:\Program Files\Common Files\ComObjects\*.* /s %SYSTEMDRIVE%\*.* %USERPROFILE%\*.* %USERPROFILE%\AppData\Local\*.* %USERPROFILE%\AppData\Roaming\*.* %ProgramData%\*.* %CommonProgramFiles%\*.* %PROGRAMFILES%\*.* %windir%\installer\*.* /S %systemroot%\system32\config\systemprofile\AppData\Local\*.* %windir%\SysWOW64\config\systemprofile\AppData\Local\*.* %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* %windir%\temp\*.* %windir%\system32\*. %windir%\sysnative\*. %Temp%\smtmp\1\*.* %Temp%\smtmp\2\*.* %Temp%\smtmp\3\*.* %Temp%\smtmp\4\*.* %systemroot%\system32\*.dll /lockedfiles %systemroot%\syswow64\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /90 %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\syswow64\drivers\*.sys /90 %systemroot%\syswow64\drivers\*.sys /lockedfiles %systemroot%\system32\Spool\prtprocs\w32x86\*.dll %systemroot%\*. /rp /s %systemroot%\assembly\tmp\*.* /S /MD5 %systemroot%\assembly\temp\*.* /S /MD5 %systemroot%\assembly\GAC\*.* /S /MD5 %systemroot%\assembly\GAC_32\*.* /S /MD5 %systemroot%\assembly\GAC_64\*.* /S /MD5 %SystemRoot%\assembly\GAC_MSIL\*.* /S /MD5 HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >C:\commands.txt echo list vol /raw /hide /c /wait >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c /wait type c:\diskreport.txt /c /wait erase c:\commands.txt /hide /c /wait erase c:\diskreport.txt /hide /c /md5start consrv.dll services.exe explorer.exe lsass.exe svchost.exe wininit.exe winlogon.exe userinit.exe atapi.sys iaStor.sys serial.sys volsnap.sys disk.sys redbook.sys i8042prt.sys afd.sys netbt.sys csc.sys tcpip.sys dfsc.sys hlp.dat /md5stop Натиснете маркираният в синьо бутон: Run Scan.Като приключи проверката, ще се създадат два файла - OTL.Txt и Extras.Txt. Прикачете тези два файла в следващия си коментар (погледнете опцията Прикачени файлове, когато публикувате мнение). Цитирай Link to comment Сподели другаде More sharing options...
nmotz Публикувано Юли 1, 2012 Author Report Share Публикувано Юли 1, 2012 Прикачвам файловете.Extras.TxtOTL.Txt Цитирай Link to comment Сподели другаде More sharing options...
B-boy/StyLe/ Публикувано Юли 1, 2012 Report Share Публикувано Юли 1, 2012 Така...имаме доста работа: СТЪПКА 1 Изтеглете BlitzBlank от emsisoft и го запазете на вашия десктоп.Стартирайте Blitzblank.exe.Натиснете OK на предупредителното съобщениеНатиснете Script и с копи/пейст въведете следната информация. DeleteFolder: "C:\Users\Kaloyan\AppData\Local\{e7e090c8-b53b-c5be-4e2b-37bfd5d3dba1}" "C:\Users\Kaloyan\AppData\Local\3cb2dd68" C:\Windows\Installer\{e7e090c8-b53b-c5be-4e2b-37bfd5d3dba1} MoveFile: C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe C:\Windows\System32\services.exe Натиснете Execute Now. Компютъра ще се рестартира в опит за изтриване на файловете.Когато процедурата завърши ще се създаде лог файл в C:\ => Публикувайте го в следващия си коментар. СТЪПКА 2 След това: Отворете Start => в полето за търсене въведете CMD.exe => кликнете върху файла с десен бутон и изберете Run as administrator. С copy/paste въведете командата: fsutil reparsepoint delete C:\Windows\$NtUninstallKB7717$ Натиснете EnterСтартирайте файла http://billy-oneal.com/forums/Canned%20Speeches/speechimages/OTL/otlDesktopIcon.png с двукратен клик на мишката.Под http://store.picbg.net/pubpic/0A/C1/c814d031472c0ac1.png с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето): :OTL SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aic78u2.dll -- (zfdwm) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\k56.dll -- (z800mgmt) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GcKernel.dll -- (XFX_program) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tmmbd.dll -- (XAudio) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\artourservice.dll -- (wzcsvc) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MMRTKRNL.dll -- (wintabservice) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\p3.dll -- (WimFltr) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MSIRCOMM.dll -- (WIBUKEY) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZDPSp50.dll -- (wdm_au8820) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SDdriver.dll -- (wap3gx) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ccispwdsvc.dll -- (wanatw) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbscan.dll -- (w550mgmt) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\inotask.dll -- (vhidmini) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iviregmgr.dll -- (vet-rec) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MtxDma0.dll -- (useraccess7) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mksvirmonsvc.dll -- (USBDeviceService) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\timounter.dll -- (usb_rndisx) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PEVSystemStart.dll -- (uploadmgr) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTSBLFX.DLL.dll -- (tvald) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mcods.dll -- (tng-dtmg) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w22n51.dll -- (tfsnpool) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlbt_device.dll -- (susbser) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlnemap.dll -- (stacsv) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asusgsb.dll -- (sscdserd) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\swenum.dll -- (SrvcEPIOMngr) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\viaudio.dll -- (SQTECH905C) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eventlog.dll -- (sonytvc) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ipinip.dll -- (snoopfreesvc) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epson_pm_rpcv4_01.dll -- (sit_mdm) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvlddmkm.dll -- (shuttleengine) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slee_81_service.dll -- (sfusvc) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\plsremotesvc.dll -- (SeaPort) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\regspy.dll -- (SE2Emdm) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTEXFIFX.DLL.dll -- (se27nd5) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emclisrv.dll -- (SE27bus) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s217bus.dll -- (SaiMini) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbuhci.dll -- (s716mdm) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\buslogic.dll -- (s116mgmt) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epsonbidirectionalagent.dll -- (rppkt) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RR2IOMod.dll -- (razerusb) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pfmodnt.dll -- (qhwscsvc) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CBN.dll -- (pshost) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iAimTV6.dll -- (prfldsvc) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\remotelyanywhere.dll -- (pmj151la) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Si3132r5.dll -- (pdlnafac) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\F700iat.dll -- (pcidump) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\irenum.dll -- (Pcatip) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AVCamUSB20.dll -- (oraclesnmppeermasteragent) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nimcdldu.dll -- (nvsmu) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RSAFAL.dll -- (ntsecure) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\EPSON_EB_RPCV4_01.dll -- (nsm1bus) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NSSvcMgr.dll -- (nscservice) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvmd.dll -- (NMSCFG) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Maplom.dll -- (mwagent) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AmdIde.dll -- (MSMQTriggers) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mi-raysat_3dsmax8.dll -- (mr7910) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ldap.dll -- (mindrepair) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\scarddrv.dll -- (mhn) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mssql$sony_mediamgr.dll -- (mcpromgr) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\liveupdate.dll -- (mclogmanagerservice) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DCamUSBEMPIA.dll -- (MA-620) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Subsonic.dll -- (lxcj_device) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VIAPFD.dll -- (lxby_device) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vsmon.dll -- (lxbs_device) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdr4_2k.dll -- (LwUsbHid) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\winvnc.dll -- (iteatapi) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fsbwsys.dll -- (InCDsrvR) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\psched.dll -- (imagedrv) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btfirst.dll -- (icollectservice) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cqmgserv.dll -- (iaimfp4) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bocdrive.dll -- (GTSCSER) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wuolservice.dll -- (GT891x) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wpshelper.dll -- (genregistrar) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\JavaQuickStarterService.dll -- (gbpoll) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadiagnosticsservice.dll -- (g400) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wandrv.dll -- (ftpds) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pcdrndisuio.dll -- (fa_scheduler) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CVirtA.dll -- (enethusb) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\msvsmon90.dll -- (emproxy) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cwafadmincontroller.dll -- (dtsagntsvc) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\redbook.dll -- (dlpwd) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxbs_device.dll -- (digisptiservice) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlacdbhm.dll -- (cwcpsvc20) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cwcwdm.dll -- (com4qlb) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\svchost.dll -- (cmuda3) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mqdmbus.dll -- (cmpci) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cics.region1.dll -- (ccproxy) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ndisuio.dll -- (Cam5603C) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTERFXFX.DLL.dll -- (bridge) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atinevxx.dll -- (bglivesvc) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qmofiltr.dll -- (bdselfpr) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vvdsvc.dll -- (ATSWPDRV) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aswrdr.dll -- (amusbprt) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rpclocator.dll -- (alcxwdm) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LHidFilt.dll -- (aic78u2) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aic78xx.dll -- (agrsrvce) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sscdmdfl.dll -- (adobeactivefilemonitor4.0) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\motmodem.dll -- (adihdaudaddservice) SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kmixer.dll -- (acs) SRV - [2012.06.30 19:48:39 | 000,375,680 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Users\Kaloyan\AppData\Local\Temp\GBBUUUQLMSXY.exe -- (GBBUUUQLMSXY) SRV - [2012.06.30 19:48:21 | 000,506,752 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Users\Kaloyan\AppData\Local\Temp\VXFJSHNBFS.exe -- (VXFJSHNBFS) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Kaloyan\AppData\Local\Temp\PCD65X2.sys -- (PCD65X2) IE - HKU\S-1-5-21-3157794219-3264756420-788014112-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://eu.ask.com/?l=dis&o=14597"]http://eu.ask.com/?l=dis&o=14597[/url] IE - HKU\S-1-5-21-3157794219-3264756420-788014112-1000\..\SearchScopes\{3B00D267-2A95-4B60-96E0-CBC49D975167}: "URL" = [url="http://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYBG&apn_uid=fd8bc969-4f8e-4b94-971c-78136d00cecf&apn_sauid=59A349B0-3E8E-49A4-881B-8DF1E12BA119"]http://websearch.ask...1B-8DF1E12BA119[/url] IE - HKU\S-1-5-21-3157794219-3264756420-788014112-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = [url="http://www.daemon-search.com/search/web?q={searchTerms}"]http://www.daemon-se...q={searchTerms}[/url] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" [2012.05.01 22:54:38 | 000,002,322 | ---- | M] () -- C:\Users\Kaloyan\AppData\Roaming\Mozilla\Firefox\Profiles\b4cgl1du.default\searchplugins\askcom.xml [2011.01.09 13:55:52 | 000,002,059 | ---- | M] () -- C:\Users\Kaloyan\AppData\Roaming\Mozilla\Firefox\Profiles\b4cgl1du.default\searchplugins\daemon-search.xml O2 - BHO: (no name) - {28CF50DA-4A17-4442-BBF9-D916BFDE072C} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3157794219-3264756420-788014112-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-3157794219-3264756420-788014112-1000\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found. O3 - HKU\S-1-5-21-3157794219-3264756420-788014112-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [TaskTray] File not found O4 - HKU\S-1-5-21-3157794219-3264756420-788014112-1000..\Run: [] File not found NetSvcs: SQTECH905C - %systemroot%\system32\viaudio.dll File not found NetSvcs: Cam5603C - %systemroot%\system32\ndisuio.dll File not found NetSvcs: bdselfpr - %systemroot%\system32\qmofiltr.dll File not found NetSvcs: sscdserd - %systemroot%\system32\asusgsb.dll File not found NetSvcs: SaiMini - %systemroot%\system32\s217bus.dll File not found NetSvcs: pshost - %systemroot%\system32\CBN.dll File not found NetSvcs: pdlnafac - %systemroot%\system32\Si3132r5.dll File not found NetSvcs: WimFltr - %systemroot%\system32\p3.dll File not found NetSvcs: dlpwd - %systemroot%\system32\redbook.dll File not found NetSvcs: razerusb - %systemroot%\system32\RR2IOMod.dll File not found NetSvcs: InCDsrvR - %systemroot%\system32\fsbwsys.dll File not found NetSvcs: ftpds - %systemroot%\system32\wandrv.dll File not found NetSvcs: mcpromgr - %systemroot%\system32\mssql$sony_mediamgr.dll File not found NetSvcs: ntsecure - %systemroot%\system32\RSAFAL.dll File not found NetSvcs: SeaPort - %systemroot%\system32\plsremotesvc.dll File not found NetSvcs: WIBUKEY - %systemroot%\system32\MSIRCOMM.dll File not found NetSvcs: s716mdm - %systemroot%\system32\usbuhci.dll File not found NetSvcs: wzcsvc - %systemroot%\system32\artourservice.dll File not found NetSvcs: bglivesvc - %systemroot%\system32\atinevxx.dll File not found NetSvcs: wanatw - %systemroot%\system32\ccispwdsvc.dll File not found NetSvcs: cmuda3 - %systemroot%\system32\svchost.dll File not found NetSvcs: snoopfreesvc - %systemroot%\system32\ipinip.dll File not found NetSvcs: z800mgmt - %systemroot%\system32\k56.dll File not found NetSvcs: amusbprt - %systemroot%\system32\aswrdr.dll File not found NetSvcs: emproxy - %systemroot%\system32\msvsmon90.dll File not found NetSvcs: agrsrvce - %systemroot%\system32\aic78xx.dll File not found NetSvcs: fa_scheduler - %systemroot%\system32\pcdrndisuio.dll File not found NetSvcs: oraclesnmppeermasteragent - %systemroot%\system32\AVCamUSB20.dll File not found NetSvcs: vet-rec - %systemroot%\system32\iviregmgr.dll File not found NetSvcs: shuttleengine - %systemroot%\system32\nvlddmkm.dll File not found NetSvcs: MA-620 - %systemroot%\system32\DCamUSBEMPIA.dll File not found NetSvcs: w550mgmt - %systemroot%\system32\usbscan.dll File not found NetSvcs: susbser - %systemroot%\system32\dlbt_device.dll File not found NetSvcs: nscservice - %systemroot%\system32\NSSvcMgr.dll File not found NetSvcs: iaimfp4 - %systemroot%\system32\cqmgserv.dll File not found NetSvcs: wdm_au8820 - %systemroot%\system32\ZDPSp50.dll File not found NetSvcs: XFX_program - %systemroot%\system32\GcKernel.dll File not found NetSvcs: adihdaudaddservice - %systemroot%\system32\motmodem.dll File not found NetSvcs: Pcatip - %systemroot%\system32\irenum.dll File not found NetSvcs: GTSCSER - %systemroot%\system32\bocdrive.dll File not found NetSvcs: USBDeviceService - %systemroot%\system32\mksvirmonsvc.dll File not found NetSvcs: dtsagntsvc - %systemroot%\system32\cwafadmincontroller.dll File not found NetSvcs: stacsv - %systemroot%\system32\pdlnemap.dll File not found NetSvcs: enethusb - %systemroot%\system32\CVirtA.dll File not found NetSvcs: zfdwm - %systemroot%\system32\aic78u2.dll File not found NetSvcs: se27nd5 - %systemroot%\system32\CTEXFIFX.DLL.dll File not found NetSvcs: SrvcEPIOMngr - %systemroot%\system32\swenum.dll File not found NetSvcs: ATSWPDRV - %systemroot%\system32\vvdsvc.dll File not found NetSvcs: g400 - %systemroot%\system32\rnadiagnosticsservice.dll File not found NetSvcs: genregistrar - %systemroot%\system32\wpshelper.dll File not found NetSvcs: nvsmu - %systemroot%\system32\nimcdldu.dll File not found NetSvcs: SE2Emdm - %systemroot%\system32\regspy.dll File not found NetSvcs: GT891x - %systemroot%\system32\wuolservice.dll File not found NetSvcs: sfusvc - %systemroot%\system32\slee_81_service.dll File not found NetSvcs: tfsnpool - %systemroot%\system32\w22n51.dll File not found NetSvcs: lxbs_device - %systemroot%\system32\vsmon.dll File not found NetSvcs: acs - %systemroot%\system32\kmixer.dll File not found NetSvcs: NMSCFG - %systemroot%\system32\nvmd.dll File not found NetSvcs: rppkt - %systemroot%\system32\epsonbidirectionalagent.dll File not found NetSvcs: vhidmini - %systemroot%\system32\inotask.dll File not found NetSvcs: nsm1bus - %systemroot%\system32\EPSON_EB_RPCV4_01.dll File not found NetSvcs: mwagent - %systemroot%\system32\Maplom.dll File not found NetSvcs: bridge - %systemroot%\system32\CTERFXFX.DLL.dll File not found NetSvcs: pcidump - %systemroot%\system32\F700iat.dll File not found NetSvcs: tng-dtmg - %systemroot%\system32\mcods.dll File not found NetSvcs: alcxwdm - %systemroot%\system32\rpclocator.dll File not found NetSvcs: MSMQTriggers - %systemroot%\system32\AmdIde.dll File not found NetSvcs: iteatapi - %systemroot%\system32\winvnc.dll File not found NetSvcs: cwcpsvc20 - %systemroot%\system32\dlacdbhm.dll File not found NetSvcs: adobeactivefilemonitor4.0 - %systemroot%\system32\sscdmdfl.dll File not found NetSvcs: lxby_device - %systemroot%\system32\VIAPFD.dll File not found NetSvcs: s116mgmt - %systemroot%\system32\buslogic.dll File not found NetSvcs: LwUsbHid - %systemroot%\system32\cdr4_2k.dll File not found NetSvcs: tvald - %systemroot%\system32\CTSBLFX.DLL.dll File not found NetSvcs: icollectservice - %systemroot%\system32\btfirst.dll File not found NetSvcs: ccproxy - %systemroot%\system32\cics.region1.dll File not found NetSvcs: imagedrv - %systemroot%\system32\psched.dll File not found NetSvcs: com4qlb - %systemroot%\system32\cwcwdm.dll File not found NetSvcs: aic78u2 - %systemroot%\system32\LHidFilt.dll File not found NetSvcs: pmj151la - %systemroot%\system32\remotelyanywhere.dll File not found NetSvcs: prfldsvc - %systemroot%\system32\iAimTV6.dll File not found NetSvcs: mhn - %systemroot%\system32\scarddrv.dll File not found NetSvcs: sit_mdm - %systemroot%\system32\epson_pm_rpcv4_01.dll File not found NetSvcs: XAudio - %systemroot%\system32\tmmbd.dll File not found NetSvcs: useraccess7 - %systemroot%\system32\MtxDma0.dll File not found NetSvcs: mclogmanagerservice - %systemroot%\system32\liveupdate.dll File not found NetSvcs: mindrepair - %systemroot%\system32\ldap.dll File not found NetSvcs: qhwscsvc - %systemroot%\system32\pfmodnt.dll File not found NetSvcs: wintabservice - %systemroot%\system32\MMRTKRNL.dll File not found NetSvcs: sonytvc - %systemroot%\system32\eventlog.dll File not found NetSvcs: wap3gx - %systemroot%\system32\SDdriver.dll File not found NetSvcs: mr7910 - %systemroot%\system32\mi-raysat_3dsmax8.dll File not found NetSvcs: gbpoll - %systemroot%\system32\JavaQuickStarterService.dll File not found NetSvcs: usb_rndisx - %systemroot%\system32\timounter.dll File not found NetSvcs: SE27bus - %systemroot%\system32\emclisrv.dll File not found NetSvcs: cmpci - %systemroot%\system32\mqdmbus.dll File not found NetSvcs: digisptiservice - %systemroot%\system32\lxbs_device.dll File not found NetSvcs: lxcj_device - %systemroot%\system32\Subsonic.dll File not found NetSvcs: uploadmgr - %systemroot%\system32\PEVSystemStart.dll File not found MsConfig - StartUpFolder: C:^Users^Kaloyan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^NHL® 09 Registration.lnk - - File not found MsConfig - StartUpReg: [b]Bonus.SSR.FR10[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Metropolis[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Rainlendar2[/b] - hkey= - key= - File not found [2012.06.30 12:03:03 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee :files rd /s/q C:\Windows\$NtUninstallKB7717$ /c :commands [emptytemp] След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run FixWindows ще се рестартира и ще се създаде лог файл - OTL fix log. Публикувайте съдържанието му с Copy/Paste в следващия си коментар. СТЪПКА 3 Моля изтеглете zoek.exe и я запазете на вашия десктоп.Кликнете с десен бутон върху програмата и изберете Run as administrator.Копирайте следния текстов скрипт и го поставете в програмата: attrib -r -s -h "C:\WINDOWS\system32\%%APPDA~1\*" /S /D;b attrib -r -s -h "C:\WINDOWS\system32\%%APPDA~1" /S /D;b ren "C:\WINDOWS\system32\%%APPDA~1" appdata;b C:\WINDOWS\system32\appdata;f Изберете Combined fix и след това кликнете върху Run Script.Ще се появи текстов лог файл с име на файла zoek-results.log.Копирайте съдържанието му в следващия си пост. Цитирай Link to comment Сподели другаде More sharing options...
nmotz Публикувано Юли 1, 2012 Author Report Share Публикувано Юли 1, 2012 Прикачвам лог-а от BlitzBlank, но при точка 1 на стъпка 2 ми дава прикаченият по-долу ерор. Да продължавам ли нататък ?blitzblank.txt Цитирай Link to comment Сподели другаде More sharing options...
B-boy/StyLe/ Публикувано Юли 1, 2012 Report Share Публикувано Юли 1, 2012 Windows-a ви на български ли е, защото не мога разчета грешката?Най-вероятно казва, че файла не е намерен (ако е на български).Също коя версия на Операционната Система използвате, защото не се вижда в лога на OTL? Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Цитирай Link to comment Сподели другаде More sharing options...
nmotz Публикувано Юли 1, 2012 Author Report Share Публикувано Юли 1, 2012 Да, на български е. Операционната система е Windows 7 Ultimate x32 SP1 Цитирай Link to comment Сподели другаде More sharing options...
B-boy/StyLe/ Публикувано Юли 1, 2012 Report Share Публикувано Юли 1, 2012 Ок...преди да преминем към стъпка 2 и 3, искам да се уверя че Junction-a е изтрит (това е много важно).Пробвайте да стартирате сега Combofix отново и изчакайте проверката да завърши.Публикувайте лог файла и после ще продължим. Цитирай Link to comment Сподели другаде More sharing options...
nmotz Публикувано Юли 1, 2012 Author Report Share Публикувано Юли 1, 2012 Най-сетне успях да стартирам ComboFix. Много полезна програма, междо другото. Предполагам супер много работа ми е спестила. Прикачвам лог-а.ComboFix.txt Цитирай Link to comment Сподели другаде More sharing options...
B-boy/StyLe/ Публикувано Юли 1, 2012 Report Share Публикувано Юли 1, 2012 Полезна е, но не трябва да се използва от начинаещи потребители, защото може да повреди Windows. Тези проксита да са ви познати: FF - prefs.js: network.proxy.ftp - 83.219.158.86 FF - prefs.js: network.proxy.ftp_port - 3128 FF - prefs.js: network.proxy.http - 83.219.158.86 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.socks - 83.219.158.86 FF - prefs.js: network.proxy.socks_port - 3128 FF - prefs.js: network.proxy.ssl - 83.219.158.86 FF - prefs.js: network.proxy.ssl_port - 3128 FF - prefs.js: network.proxy.type - 0 Направете нова проверка с OTL, по описания по-нагоре начин и публикувайте OTL.txt (втори лог няма да се създаде). Цитирай Link to comment Сподели другаде More sharing options...
nmotz Публикувано Юли 1, 2012 Author Report Share Публикувано Юли 1, 2012 Да, мисля, че преди време бях ползвам прокси за някой сайт. Прикачвам снимка от Firefox-a. След малко ще кача и лог-а. Цитирай Link to comment Сподели другаде More sharing options...
B-boy/StyLe/ Публикувано Юли 1, 2012 Report Share Публикувано Юли 1, 2012 Мисълта ми е дали да ги махаме или да си стоят? Цитирай Link to comment Сподели другаде More sharing options...
nmotz Публикувано Юли 1, 2012 Author Report Share Публикувано Юли 1, 2012 Махаме ги, не ми трябват. Ето лог-а от новото сканиране. OTL.Txt Цитирай Link to comment Сподели другаде More sharing options...
Препоръчан пост
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.