- This topic has 3 ответа, 3 участника, and was last updated 16 years, 6 months назад by
.
-
Сообщения
-
- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Помогите удалить FREE PORNO INFORMER! :ugeek:
ComboFix 08-11-29.03 — Марат 2008-11-30 19:56:28.2 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.1.1049.18.251 [GMT 4:00]
Running from: c:documents and settingsМаратРабочий столComboFix.exe
* Resident AV is activeWARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:documents and settingsМаратLocal SettingsTemporary Internet Files0EB9F12C_6E6B_4c03_AEBA_8C04CFA98AA4.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files15913497_F86C_4218_8817_F50940D1E1B2.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files29887DDE_00B9_4011_9CF7_59511F1ECC1B.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files2A665EDD_5758_480c_8366_66DFC5F23877.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files35B7DFFA_884F_4fbc_8E60_DA601BDC7BF7.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files362FD6E8_8CDA_4c2a_A8AA-BDA22B321711.jpg
c:documents and settingsМаратLocal SettingsTemporary Internet Files3DF04940_9866_4241_A998_0CDDFAFD147A.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files426500D7_0FF3_426c_828D_065DBAEA0581.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files478BD4AE_2691_438d_BDCA_3485DC022700.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files5C6C645F_BAA8_4149_BFEB_2031230FF0FD.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files61EA7D69_19D4_421a_A899_0DF4D58CD119.jpg
c:documents and settingsМаратLocal SettingsTemporary Internet Files777FDAFB_83CF_4960_AA71_4E5D7BCD8E57.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files8DA878D5_E80B_4721_B75A_17EFFAF1A700.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files98F6DF79_7171_452d_9C26_C0193E12DBDF.gif
c:documents and settingsМаратLocal SettingsTemporary Internet FilesA2B240D6_0386_419e_91C5_3F7D90437CD0.jpg
c:documents and settingsМаратLocal SettingsTemporary Internet FilesC75CEF8D_5AF4_4563_8594_C45A45E14E63.gif
c:documents and settingsМаратLocal SettingsTemporary Internet FilesE21285C1_40E6_435c_A69F_3387E7BD89CB.gif
c:documents and settingsМаратLocal SettingsTemporary Internet FilesE9A4D648_ED73_4ea7_88B2_18332DBA4F3E.jpg
.
—- Previous Run
.
c:documents and settingsМаратLocal SettingsTemporary Internet Files0EB9F12C_6E6B_4c03_AEBA_8C04CFA98AA4.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files15913497_F86C_4218_8817_F50940D1E1B2.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files29887DDE_00B9_4011_9CF7_59511F1ECC1B.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files2A665EDD_5758_480c_8366_66DFC5F23877.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files35B7DFFA_884F_4fbc_8E60_DA601BDC7BF7.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files362FD6E8_8CDA_4c2a_A8AA-BDA22B321711.jpg
c:documents and settingsМаратLocal SettingsTemporary Internet Files3DF04940_9866_4241_A998_0CDDFAFD147A.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files426500D7_0FF3_426c_828D_065DBAEA0581.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files478BD4AE_2691_438d_BDCA_3485DC022700.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files5C6C645F_BAA8_4149_BFEB_2031230FF0FD.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files61EA7D69_19D4_421a_A899_0DF4D58CD119.jpg
c:documents and settingsМаратLocal SettingsTemporary Internet Files777FDAFB_83CF_4960_AA71_4E5D7BCD8E57.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files8DA878D5_E80B_4721_B75A_17EFFAF1A700.gif
c:documents and settingsМаратLocal SettingsTemporary Internet Files98F6DF79_7171_452d_9C26_C0193E12DBDF.gif
c:documents and settingsМаратLocal SettingsTemporary Internet FilesA2B240D6_0386_419e_91C5_3F7D90437CD0.jpg
c:documents and settingsМаратLocal SettingsTemporary Internet FilesC75CEF8D_5AF4_4563_8594_C45A45E14E63.gif
c:documents and settingsМаратLocal SettingsTemporary Internet FilesE21285C1_40E6_435c_A69F_3387E7BD89CB.gif
c:documents and settingsМаратLocal SettingsTemporary Internet FilesE9A4D648_ED73_4ea7_88B2_18332DBA4F3E.jpg.
((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-30 )))))))))))))))))))))))))))))))
.2008-11-30 18:30 . 2008-11-30 18:30 250 —a
c:windowsgmer.ini
2008-11-29 01:58 . 2008-11-29 01:57 316,928 —a
c:windowssystem32emolib.dll
2008-11-27 00:41 . 2008-11-27 20:28 84 —a
c:windowswinamp.ini
2008-11-25 21:26 . 2008-11-25 21:26d
c:documents and settingsМаратApplication DataNokia Multimedia Player
2008-11-16 21:25 . 2008-11-16 21:25d
c:documents and settingsМаратPhone Browser
2008-11-16 21:25 . 2008-11-16 21:25d
c:documents and settingsМаратPhone Browser
2008-11-16 21:25 . 2008-11-16 21:25d
c:documents and settingsМаратApplication DataDataLayer
2008-11-16 21:24 . 2008-11-16 21:24d
c:documents and settingsМаратApplication DataNokia
2008-11-16 21:22 . 2008-11-16 21:22d
c:program filesDIFX
2008-11-16 21:21 . 2008-11-16 21:21d
c:program filesCommon FilesNokia
2008-11-16 21:21 . 2008-11-16 21:21d
c:documents and settingsМаратApplication DataPC Suite
2008-11-16 21:20 . 2008-11-16 21:22d—-c— c:windowssystem32DRVSTORE
2008-11-16 21:20 . 2008-11-16 21:21d
c:program filesNokia
2008-11-16 21:20 . 2008-11-16 21:21d
c:program filesCommon FilesPCSuite
2008-11-16 21:20 . 2008-11-16 21:22d
c:documents and settingsAll UsersApplication DataPC Suite
2008-11-16 21:20 . 2008-11-16 21:20d
c:documents and settingsAll UsersApplication DataDownloaded Installations
2008-11-16 21:20 . 2006-05-29 08:26 127,488 —a
c:windowssystem32driversnmwcd.sys
2008-11-16 21:20 . 2006-05-29 08:26 50,688 —a
c:windowssystem32nmwcdcls.dll
2008-11-16 21:20 . 2006-05-29 08:26 30,720 —a
c:windowssystem32nmwcdcocls.dll
2008-11-16 21:20 . 2006-05-29 08:26 13,312 —a
c:windowssystem32driversnmwcdcm.sys
2008-11-16 21:20 . 2006-05-29 08:26 13,312 —a
c:windowssystem32driversnmwcdcj.sys
2008-11-16 21:20 . 2006-05-29 08:26 8,704 —a
c:windowssystem32driversnmwcdc.sys
2008-11-16 21:20 . 2006-05-29 08:26 4,608 —a
c:windowssystem32nmwcdlog.dll
2008-11-16 20:37 . 2008-11-16 20:37 864,363 —a
c:windowssystem32LADA Kalina — Nov2006.scr
2008-11-14 20:05 . 2008-11-14 20:05d
c:windowssystem32bits
2008-11-14 19:59 . 2008-11-14 20:06d
c:windowsServicePackFiles
2008-11-14 02:06 . 2008-11-20 11:20d
c:documents and settingsМаратApplication DataAldea
2008-11-14 02:06 . 2008-11-30 19:55 769 —a
c:documents and settingsМаратApplication Dataaldea.dat
2008-11-12 21:33 . 2008-10-24 15:21 455,296
c— c:windowssystem32dllcachemrxsmb.sys
2008-11-12 21:16 . 2008-11-12 21:16d
c:documents and settingsМаратApplication DataQIP
2008-11-12 21:15 . 2008-11-17 16:37d
c:program filesQIP Infium
2008-11-08 23:35 . 2008-11-08 23:35d
c:documents and settingsAll UsersApplication DataFLEXnet
2008-11-07 10:29 . 2008-10-03 21:26 6,066,176
c— c:windowssystem32dllcacheieframe.dll
2008-11-07 10:29 . 2007-04-17 13:32 2,455,488
c— c:windowssystem32dllcacheieapfltr.dat
2008-11-07 10:29 . 2007-03-08 09:12 1,060,864
c— c:windowssystem32dllcacheieframe.dll.mui
2008-11-07 10:29 . 2008-08-26 12:26 459,264
c— c:windowssystem32dllcachemsfeeds.dll
2008-11-07 10:29 . 2008-08-26 12:26 383,488
c— c:windowssystem32dllcacheieapfltr.dll
2008-11-07 10:29 . 2008-08-26 12:26 267,776
c— c:windowssystem32dllcacheiertutil.dll
2008-11-07 10:29 . 2008-08-26 12:26 63,488
c— c:windowssystem32dllcacheicardie.dll
2008-11-07 10:29 . 2008-08-26 12:26 52,224
c— c:windowssystem32dllcachemsfeedsbs.dll
2008-11-07 10:29 . 2008-08-25 12:38 13,824
c— c:windowssystem32dllcacheieudinit.exe
2008-11-07 10:27 . 2008-11-14 20:05d
c:windowssystem32ru-ru
2008-11-05 23:25 . 2008-11-05 23:25d
c:program filesCanon
2008-11-05 23:11 . 2005-03-27 19:00 53,248 —a
c:windowssystem32CNAB4RPA.EXE
2008-11-05 23:07 . 2008-04-13 22:47 25,856 —a
c:windowssystem32driversusbprint.sys
2008-11-05 10:40 . 2008-11-05 10:40d
c:program filesMSXML 6.0
2008-11-04 22:54 . 2004-08-03 22:41 1,041,536
c:windowssystem32drivershsfdpsp2.sys
2008-11-04 22:53 . 2008-04-14 20:10 651,264
c:windowssystem32dot3ui.dll
2008-11-04 16:32 . 2008-06-14 21:35 272,512
c:windowssystem32driversbthport.sys
2008-11-04 16:32 . 2008-06-14 21:35 272,512
c— c:windowssystem32dllcachebthport.sys
2008-11-04 16:29 . 2008-08-14 14:04 138,496
c— c:windowssystem32dllcacheafd.sys
2008-11-04 16:28 . 2008-09-08 14:41 333,824
c— c:windowssystem32dllcachesrv.sys
2008-11-04 16:26 . 2008-08-14 17:26 2,190,976
c— c:windowssystem32dllcachentoskrnl.exe
2008-11-04 16:26 . 2008-08-14 17:26 2,147,328
c— c:windowssystem32dllcachentkrnlmp.exe
2008-11-04 16:26 . 2008-08-14 17:26 2,067,840
c— c:windowssystem32dllcachentkrnlpa.exe
2008-11-04 16:26 . 2008-08-14 17:26 2,025,984
c— c:windowssystem32dllcachentkrpamp.exe
2008-11-04 16:22 . 2008-09-15 19:27 1,846,528
c— c:windowssystem32dllcachewin32k.sys
2008-11-04 15:59 . 2008-05-08 18:02 203,136
c— c:windowssystem32dllcachermcast.sys
2008-11-04 15:58 . 2008-04-11 23:06 691,712
c— c:windowssystem32dllcacheinetcomm.dll
2008-11-04 15:48 . 2008-11-15 14:16d—h
c:windows$hf_mig$
2008-11-04 15:46 . 2008-10-15 20:37 337,408
c— c:windowssystem32dllcachenetapi32.dll
2008-11-04 15:15 . 2008-10-16 14:06 268,648 —a
c:windowssystem32mucltui.dll
2008-11-04 15:15 . 2008-10-16 14:08 31,768 —a
c:windowssystem32wucltui.dll.mui
2008-11-04 15:15 . 2008-10-16 14:08 27,672 —a
c:windowssystem32wuapi.dll.mui
2008-11-04 15:15 . 2008-10-16 14:06 27,496 —a
c:windowssystem32mucltui.dll.mui
2008-11-04 15:15 . 2008-10-16 14:07 23,576 —a
c:windowssystem32wuaucpl.cpl.mui
2008-11-04 15:15 . 2008-10-16 14:07 18,968 —a
c:windowssystem32wuaueng.dll.mui
2008-11-04 03:05 . 2008-11-04 03:05d
c:windowsMCADMIN
2008-11-04 03:05 . 2008-11-04 03:05d
c:documents and settingsМаратWINDOWS
2008-11-04 03:05 . 2008-11-04 03:05d
c:documents and settingsМаратWINDOWS
2008-11-03 23:03 . 2008-11-03 23:03d
c:program filesQIP
2008-11-03 19:01 . 2008-04-14 19:41 58,368 —a
c:windowssystem32driversredbook.sys
2008-11-03 19:01 . 2001-08-18 01:59 3,072 —a
c:windowssystem32driversaudstub.sys
2008-11-03 19:00 . 2008-04-14 20:10 1,888,992 —a
c:windowssystem32ati3duag.dll
2008-11-03 19:00 . 2008-04-14 20:10 870,784 —a
c:windowssystem32ati3d1ag.dll
2008-11-03 19:00 . 2004-08-17 19:48 701,440 —a
c:windowssystem32driversati2mtag.sys
2008-11-03 19:00 . 2008-04-14 20:10 516,768 —a
c:windowssystem32ativvaxx.dll
2008-11-03 19:00 . 2008-04-14 20:10 229,376 —a
c:windowssystem32ati2cqag.dll
2008-11-03 19:00 . 2008-04-14 20:10 201,728 —a
c:windowssystem32ati2dvag.dll
2008-11-03 19:00 . 2008-04-14 20:10 76,800 —a
c:windowssystem32usbui.dll
2008-11-03 19:00 . 2008-04-13 22:36 42,368 —a
c:windowssystem32driversagp440.sys
2008-11-03 19:00 . 2008-04-13 22:45 10,624 —a
c:windowssystem32driversgameenum.sys
2008-11-03 19:00 . 2008-04-14 19:46 5,504 —a
c:windowssystem32driversintelide.sys
2008-11-03 16:52 . 2008-11-03 16:55d
c:documents and settingsМаратDoctorWeb
2008-11-03 16:52 . 2008-11-03 16:55d
c:documents and settingsМаратDoctorWeb
2008-11-03 16:14 . 2008-11-03 16:14d
c:documents and settingsМаратApplication DataPRMT.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-28 18:28
d
w c:program filesAVerTV
2008-11-12 21:47
d
w c:documents and settingsAll UsersApplication DataMicrosoft Help
2008-11-06 18:21
d
w c:program filesESET
2008-11-03 14:31
d
w c:program filesCommon FilesAdobe
2008-11-03 14:26
d—h—w c:program filesInstallShield Installation Information
2008-11-03 14:26
d
w c:program filesInterVideo
2008-11-03 14:25 353,856 —-a-w c:windowssystem32driversCap7134.sys
2008-11-03 14:25 25,216 —-a-w c:windowssystem32driversPhTVTune.sys
2008-11-03 14:25 135,168 —-a-w c:windowssystem3234api.dll
2008-11-03 14:25 110,592 —-a-w c:windowssystem32Prop7134.dll
2008-11-03 14:25 110,592 —-a-w c:windowssystem3234com.dll
2008-11-03 14:24
d
w c:program filesCommon FilesInstallShield
2008-11-03 14:21
d
w c:program filesIntel
2008-11-03 14:04
d
w c:program filesRealtek Sound Manager
2008-11-03 14:04
d
w c:program filesRealtek AC97
2008-11-03 14:04
d
w c:program filesAvRack
2008-11-03 13:43
d
w c:program filesSiSoftware
2008-11-03 13:19 512,096 —-a-w c:windowssystem32driversamon.sys
2008-11-03 13:19 298,104 —-a-w c:windowssystem32imon.dll
2008-11-03 13:19 15,424 —-a-w c:windowssystem32driversnod32drv.sys
2008-11-03 13:15
d
w c:program filesDrWeb
2008-11-03 13:13
d
w c:program filesDrUpdate
2008-11-03 12:36
d
w c:program filesBonjour
2008-11-03 12:25
d
w c:program filesCommon FilesMacrovision Shared
2008-11-03 12:00
d
w c:program filesPRMT8
2008-11-03 11:59
d
w c:documents and settingsAll UsersApplication DataPRMT
2008-11-03 11:56
d
w c:program filesMSBuild
2008-11-03 11:50
d
w c:program filesReference Assemblies
2008-11-03 11:32
d
w c:program filesMicrosoft Works
2008-11-03 11:09
d
w c:program filesMSXML 4.0
2008-11-03 11:09
d
w c:program filesmsi InstallSource MSXML
2008-11-03 11:09
d
w c:program filesmicrosoft frontpage
2008-10-24 11:21 455,296 —-a-w c:windowssystem32driversmrxsmb.sys
2008-10-16 10:13 202,776 —-a-w c:windowssystem32wuweb.dll
2008-10-16 10:13 1,809,944 —-a-w c:windowssystem32wuaueng.dll
2008-10-16 10:12 561,688 —-a-w c:windowssystem32wuapi.dll
2008-10-16 10:12 323,608 —-a-w c:windowssystem32wucltui.dll
2008-10-16 10:09 92,696 —-a-w c:windowssystem32cdm.dll
2008-10-16 10:09 51,224 —-a-w c:windowssystem32wuauclt.exe
2008-10-16 10:09 43,544 —-a-w c:windowssystem32wups2.dll
2008-10-16 10:08 34,328 —-a-w c:windowssystem32wups.dll
2008-10-16 10:06 208,744 —-a-w c:windowssystem32muweb.dll
2008-09-30 12:43 1,286,152 —-a-w c:windowssystem32msxml4.dll
2008-09-15 15:27 1,846,528 —-a-w c:windowssystem32win32k.sys
2008-09-10 01:15 1,307,648 —-a-w c:windowssystem32msxml6.dll
2008-09-04 17:17 1,106,944 —-a-w c:windowssystem32msxml3.dll
2008-08-26 08:26 826,368 —-a-w c:windowssystem32wininet.dll
2008-08-14 13:26 2,190,976 —-a-w c:windowssystem32ntoskrnl.exe
2008-08-14 13:26 2,067,840 —-a-w c:windowssystem32ntkrnlpa.exe
.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINE~Browser Helper Objects{41F60EE2-ED6B-44A7-B3AE-76305D05B697}]
2008-11-29 01:57 316928 —a
c:windowssystem32emolib.dll[HKEY_LOCAL_MACHINE~Browser Helper Objects{B8F88615-A49E-4443-A26F-E97379BE1B1A}]
2008-11-20 09:29 573440 —a
c:docume~142C6~1APPLIC~1AldeaAldea.dll[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2008-04-14 15360]
«PcSync»=»c:program filesNokiaNokia PC Suite 6PcSync2.exe» [2006-06-19 1449984][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«GrooveMonitor»=»c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe» [2007-08-24 33648]
«nod32kui»=»c:program filesEsetnod32kui.exe» [2008-11-03 949376]
«PCSuiteTrayApplication»=»c:progra~1NokiaNOKIAP~1LAUNCH~1.EXE» [2006-06-15 229376]
«SoundMan»=»SOUNDMAN.EXE» [2006-08-03 c:windowssoundman.exe][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-14 15360]c:documents and settingsЊ а вѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
QuickTV.lnk — c:program filesAVerTVQuickTV.exe [2003-09-30 262144]
‚л१Є нЄа Ё Їа®Ја ¬¬ § ЇгбЄ ¤«п OneNote 2007.lnk — c:program filesMicrosoft OfficeOffice12ONENOTEM.EXE [2007-12-07 101440]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Adobe Reader Speed Launch.lnk — c:program filesAdobeReader 8.0Readerreader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk — c:program filesAdobeReader 8.0ReaderAdobeCollabSync.exe [2006-10-23 734872][HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusDisableNotify»=dword:00000001
«UpdatesDisableNotify»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE»=
«c:\Program Files\Microsoft Office\Office12\GROOVE.EXE»=
«c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«c:\Program Files\SiSoftware\SiSoftware Sandra Lite XI\RpcSandraSrv.exe»=
«c:\Program Files\SiSoftware\SiSoftware Sandra Lite XI\Win32\RpcDataSrv.exe»=R3 Cap7134;Cap7134 Capture;c:windowssystem32DRIVERSCap7134.sys [2008-11-03 353856]
R3 PhTVTune;Cap7134 TVTuner;c:windowssystem32DRIVERSPhTVTune.sys [2008-11-03 25216]
.**************************************************************************
catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-30 19:58:35
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘lsass.exe'(684)
c:windowssystem32imon.dll
c:program filesEsetpr_imon.dll
.
Completion time: 2008-11-30 19:59:48
ComboFix-quarantined-files.txt 2008-11-30 15:59:20Pre-Run: 27,980,365,824 байт свободно
Post-Run: 27,970,719,744 байт свободно251 — E O F — 2008-11-15 12:24:00
Здравствуйте, добро пожаловать на Spyware-ru форум.
Откройте блокнот и вставьте в него следующий текст:
Registry::
[-HKEY_LOCAL_MACHINE~Browser Helper Objects{41F60EE2-ED6B-44A7-B3AE-76305D05B697}]
[-HKEY_LOCAL_MACHINE~Browser Helper Objects{B8F88615-A49E-4443-A26F-E97379BE1B1A}]
File::
c:windowssystem32emolib.dllЗапишите получившийся файл на ваш рабочий стол под именем CFScript
Далее перетащите получившийся файл на иконку Combofix, как показано на картинке ниже.
Сombofix запуститься и выполнит процедуры описанные в созданном нами файле.
По результатам работы Combofix будет создан новый лог, его и вставьте в свой следующий ответ.ComboFix 09-01-02.01 — Марина 2009-01-03 23:10:01.1 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.1.1049.18.511.218 [GMT 3:00]
Running from: c:documents and settingsМаринаРабочий столComboFix.exe
Command switches used :: c:documents and settingsМаринаРабочий столCFScript.txt
AV: Антивирусная система Eset NOD32 2.70 *On-access scanning disabled* (Outdated)
* Created a new restore point
* Resident AV is activeWARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE ::
c:windowssystem32emolib.dll
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:docume~185B6~1LOCALS~1TempE_4
c:docume~185B6~1LOCALS~1TempE_4com.run
c:docume~185B6~1LOCALS~1TempE_4dp1.fne
c:docume~185B6~1LOCALS~1TempE_4eAPI.fne
c:docume~185B6~1LOCALS~1TempE_4internet.fne
c:docume~185B6~1LOCALS~1TempE_4krnln.fnr
c:docume~185B6~1LOCALS~1TempE_4RegEx.fnr
c:docume~185B6~1LOCALS~1TempE_4shell.fne
c:docume~185B6~1LOCALS~1TempE_4spec.fne
c:documents and settingsМаринаLocal SettingsTemporary Internet Files0EB9F12C_6E6B_4c03_AEBA_8C04CFA98AA4.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet Files15913497_F86C_4218_8817_F50940D1E1B2.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet Files29887DDE_00B9_4011_9CF7_59511F1ECC1B.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet Files2A665EDD_5758_480c_8366_66DFC5F23877.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet Files35B7DFFA_884F_4fbc_8E60_DA601BDC7BF7.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet Files362FD6E8_8CDA_4c2a_A8AA-BDA22B321711.jpg
c:documents and settingsМаринаLocal SettingsTemporary Internet Files3DF04940_9866_4241_A998_0CDDFAFD147A.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet Files426500D7_0FF3_426c_828D_065DBAEA0581.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet Files478BD4AE_2691_438d_BDCA_3485DC022700.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet Files5C6C645F_BAA8_4149_BFEB_2031230FF0FD.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet Files61EA7D69_19D4_421a_A899_0DF4D58CD119.jpg
c:documents and settingsМаринаLocal SettingsTemporary Internet Files777FDAFB_83CF_4960_AA71_4E5D7BCD8E57.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet Files8DA878D5_E80B_4721_B75A_17EFFAF1A700.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet Files98F6DF79_7171_452d_9C26_C0193E12DBDF.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet FilesA2B240D6_0386_419e_91C5_3F7D90437CD0.jpg
c:documents and settingsМаринаLocal SettingsTemporary Internet FilesC75CEF8D_5AF4_4563_8594_C45A45E14E63.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet FilesE21285C1_40E6_435c_A69F_3387E7BD89CB.gif
c:documents and settingsМаринаLocal SettingsTemporary Internet FilesE9A4D648_ED73_4ea7_88B2_18332DBA4F3E.jpg
c:windowsmdrive
c:windowssystem32com.run
c:windowssystem32dp1.fne
c:windowssystem32eAPI.fne
c:windowssystem32internet.fne
c:windowssystem32krnln.fnr
c:windowssystem32og.dll
c:windowssystem32og.edt
c:windowssystem32RegEx.fnr
c:windowssystem32shell.fne
c:windowssystem32spec.fne
c:windowssystem32ul.dll.
((((((((((((((((((((((((( Files Created from 2008-12-03 to 2009-01-03 )))))))))))))))))))))))))))))))
.2009-01-03 21:30 . 2009-01-03 21:30
d
c:documents and settingsAll Users.WINDOWSApplication DataAlawar Stargaze
2009-01-03 21:19 . 2009-01-03 21:19d
c:documents and settingsAll Users.WINDOWSApplication DataAlawarWrapper
2009-01-03 21:17 . 2009-01-03 22:49d
c:program filesAlawar.ru
2008-12-30 16:13 . 2008-12-30 16:14 12,126 —a
c:documents and settingsМаринаntuserdirect_MyManager.dat
2008-12-30 16:13 . 2008-12-30 16:14 12,126 —a
c:documents and settingsМаринаntuserdirect_MyManager.dat
2008-12-30 16:09 . 2008-12-30 16:09d
c:program filesEMS
2008-12-29 12:12 . 2008-12-29 12:12 1,501,856 -r-hs—- c:windowssystem32XP-F2A0D02D.EXE
2008-12-27 06:07 . 2008-12-27 06:07d
c:documents and settingsМаринаApplication DataSmartFTP
2008-12-27 01:43 . 2008-12-27 01:43d
c:documents and settingsМаринаApplication DataDesktop Software
2008-12-27 01:25 . 2008-12-27 01:25d
c:windowssystem32Logfiles
2008-12-27 01:25 . 2008-12-27 01:25d
C:Inetpub
2008-12-27 00:52 . 2008-12-27 00:52d
c:documents and settingsAll Users.WINDOWSApplication DataGlobalSCAPE
2008-12-27 00:51 . 2008-12-27 00:51d
c:program filesAskBarDis
2008-12-27 00:51 . 2008-12-27 00:51d
c:documents and settingsМаринаApplication DataGlobalSCAPE
2008-12-22 20:35 . 2008-12-22 20:35d
C:keuinit
2008-12-22 12:21 . 2008-10-16 23:33 6,066,176
c— c:windowssystem32dllcacheieframe.dll
2008-12-22 12:21 . 2007-04-17 12:32 2,455,488
c— c:windowssystem32dllcacheieapfltr.dat
2008-12-22 12:21 . 2007-03-08 08:12 1,060,864
c— c:windowssystem32dllcacheieframe.dll.mui
2008-12-22 12:21 . 2008-10-16 23:33 459,264
c— c:windowssystem32dllcachemsfeeds.dll
2008-12-22 12:21 . 2008-10-16 23:33 383,488
c— c:windowssystem32dllcacheieapfltr.dll
2008-12-22 12:21 . 2008-10-16 23:33 267,776
c— c:windowssystem32dllcacheiertutil.dll
2008-12-22 12:21 . 2008-10-16 23:33 63,488
c— c:windowssystem32dllcacheicardie.dll
2008-12-22 12:21 . 2008-10-16 23:33 52,224
c— c:windowssystem32dllcachemsfeedsbs.dll
2008-12-22 12:21 . 2008-10-16 16:11 13,824
c— c:windowssystem32dllcacheieudinit.exe
2008-12-21 19:06 . 2008-12-21 19:06d
c:program filesVenta
2008-12-21 19:06 . 2003-08-29 13:59 16,384 —a
c:windowssystem32ventmon.dll
2008-12-21 18:56 . 2001-08-17 21:57 16,128 —a
c:windowssystem32driversMODEMCSA.sys
2008-12-19 16:29 . 2009-01-03 19:54d
c:documents and settingsМаринаApplication DataNewSoft
2008-12-19 16:19 . 1997-10-14 05:19 11,776 —a
c:windowssystem32pmsbfn32.dll
2008-12-19 16:18 . 2008-12-19 16:19d
c:program filesCommon FilesPDFView
2008-12-19 16:17 . 2008-12-19 16:17d
c:documents and settingsAll Users.WINDOWSApplication DataInstallShield
2008-12-19 16:17 . 2008-12-19 16:17d
c:documents and settingsМаринаApplication DataScanSoft
2008-12-19 16:17 . 2008-12-19 16:17 416 —a
c:windowsMAXLINK.INI
2008-12-19 16:16 . 2008-12-19 16:16d
c:program filesCommon FilesScanSoft Shared
2008-12-19 16:16 . 2008-12-19 16:17d
c:documents and settingsAll Users.WINDOWSApplication DataScanSoft
2008-12-19 16:15 . 2008-12-19 16:15d
c:program filesScanSoft
2008-12-19 13:09 . 2008-12-19 13:09d
c:documents and settingsМаринаApplication DataCanon
2008-12-17 12:06 . 2008-12-17 12:06d
c:program filesCanon
2008-12-17 12:05 . 2008-12-17 12:05d—h
c:windowssystem32CanonMF Uninstaller Information
2008-12-17 12:05 . 2008-12-17 12:05d—h
C:CanonMF
2008-12-17 11:56 . 2004-08-17 16:04 21,504 —a
c:windowssystem32hidserv.dll
2008-12-17 11:56 . 2004-08-17 16:04 21,504 —a—c— c:windowssystem32dllcachehidserv.dll
2008-12-17 11:56 . 2001-10-19 20:33 12,160 —a
c:windowssystem32driversmouhid.sys
2008-12-17 11:56 . 2001-10-19 20:33 12,160 —a—c— c:windowssystem32dllcachemouhid.sys
2008-12-17 11:55 . 2001-08-17 22:02 9,600 —a
c:windowssystem32drivershidusb.sys
2008-12-17 11:55 . 2001-08-17 22:02 9,600 —a—c— c:windowssystem32dllcachehidusb.sys
2008-12-14 15:46 . 2008-12-14 15:54d
C:logistik
2008-12-14 15:46 . 2007-03-02 14:05 393,216 —a
c:windowssystem32GDS32.DLL
2008-12-14 15:45 . 2008-12-14 15:45d
c:program filesFirebird
2008-12-14 14:37 . 2008-10-16 13:39 1,023,488
c— c:windowssystem32dllcachebrowseui.dll
2008-12-14 14:37 . 2008-10-16 23:33 477,696
c— c:windowssystem32dllcachemshtmled.dll
2008-12-14 14:37 . 2008-10-16 23:33 347,136
c— c:windowssystem32dllcachedxtmsft.dll
2008-12-14 14:37 . 2008-10-16 23:33 193,024
c— c:windowssystem32dllcachemsrating.dll
2008-12-14 14:36 . 2008-10-17 02:03 3,593,216
c— c:windowssystem32dllcachemshtml.dll
2008-12-14 14:36 . 2008-10-16 13:39 1,494,528
c— c:windowssystem32dllcacheshdocvw.dll
2008-12-14 14:36 . 2008-10-16 23:33 1,160,192
c— c:windowssystem32dllcacheurlmon.dll
2008-12-14 14:36 . 2008-10-16 13:39 1,055,232
c— c:windowssystem32dllcachedanim.dll
2008-12-14 14:36 . 2008-10-16 23:33 671,232
c— c:windowssystem32dllcachemstime.dll
2008-12-14 14:36 . 2008-10-16 13:39 474,112
c— c:windowssystem32dllcacheshlwapi.dll
2008-12-14 14:36 . 2008-10-16 23:33 214,528
c— c:windowssystem32dllcachedxtrans.dll
2008-12-14 14:36 . 2007-08-13 18:54 191,488 —a—c— c:windowssystem32dllcacheiepeers.dll
2008-12-14 14:36 . 2008-10-16 13:39 151,552
c— c:windowssystem32dllcachecdfview.dll
2008-12-14 14:36 . 2008-10-16 23:33 133,120
c— c:windowssystem32dllcacheextmgr.dll
2008-12-14 14:36 . 2007-08-13 18:39 92,672 —a—c— c:windowssystem32dllcacheinseng.dll
2008-12-14 14:36 . 2008-10-16 23:33 44,544
c— c:windowssystem32dllcachepngfilt.dll
2008-12-11 17:21 . 2008-10-03 13:17 247,326
c— c:windowssystem32dllcachestrmdll.dll
2008-12-11 17:01 . 2008-12-11 17:14 512,096 —a
c:windowssystem32driversamon.sys
2008-12-11 17:01 . 2008-12-11 17:14 298,104 —a
c:windowssystem32imon.dll
2008-12-11 17:01 . 2008-12-11 17:14 15,424 —a
c:windowssystem32driversnod32drv.sys
2008-12-11 16:17 . 2008-12-11 16:17 0 —a
c:windowscfgedit.INI
2008-12-09 02:36 . 2008-12-09 02:36d
c:program filesMSXML 4.0
2008-12-08 20:26 . 2008-12-08 20:26d
c:documents and settingsAll Users.WINDOWSApplication DataCrystal Office
2008-12-08 20:25 . 2008-12-08 20:27d
c:program filesMaple Professional
2008-12-08 18:51 . 2008-12-17 11:04d
c:windowssystem32CatRoot_bak
2008-12-08 18:40 . 2008-06-14 20:59 272,512
c— c:windowssystem32dllcachebthport.sys
2008-12-08 18:39 . 2008-08-14 16:47 2,182,144
c— c:windowssystem32dllcachentoskrnl.exe
2008-12-08 18:39 . 2008-08-14 16:47 2,138,112
c— c:windowssystem32dllcachentkrnlmp.exe
2008-12-08 18:39 . 2008-08-14 16:47 2,059,520
c— c:windowssystem32dllcachentkrnlpa.exe
2008-12-08 18:39 . 2008-08-14 16:47 2,017,792
c— c:windowssystem32dllcachentkrpamp.exe
2008-12-07 23:13 . 2008-08-14 12:51 138,368
c— c:windowssystem32dllcacheafd.sys
2008-12-07 23:11 . 2008-08-28 13:04 333,056
c— c:windowssystem32dllcachesrv.sys
2008-12-07 23:10 . 2008-09-15 18:40 1,846,144
c— c:windowssystem32dllcachewin32k.sys
2008-12-07 23:01 . 2008-10-24 14:10 453,632
c— c:windowssystem32dllcachemrxsmb.sys
2008-12-07 23:01 . 2008-05-08 15:28 202,752
c— c:windowssystem32dllcachermcast.sys
2008-12-07 23:00 . 2008-05-01 17:33 331,776
c— c:windowssystem32dllcachemsadce.dll
2008-12-07 22:59 . 2008-04-11 21:51 683,520
c— c:windowssystem32dllcacheinetcomm.dll
2008-12-07 22:57 . 2008-09-04 19:45 1,106,944
c— c:windowssystem32dllcachemsxml3.dll
2008-12-07 22:07 . 2008-12-07 22:07 113 —a
c:windowsbkg.ini
2008-12-07 18:41 . 2008-12-07 18:51 13,030 —a
C:PDOXUSRS.NET.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-03 16:56
d—h—w c:program filesInstallShield Installation Information
2008-12-19 13:16
d
w c:program filesCommon FilesInstallShield
2008-12-11 15:12
d
w c:program filesESET
2008-12-11 14:29
d
w c:program filesMail.Ru
2008-12-07 18:04
d
w c:documents and settingsМаринаApplication DataMra
2008-11-25 17:11
d
w c:program filesWinamp
2008-11-23 17:34 316,416 —-a-w c:windowssystem32eihlib.dll
2008-11-23 17:34 315,904 —-a-w c:windowssystem32nuplib.dll
2008-11-08 21:05
d
w c:program filesCorbinaShadowDC
2008-10-23 13:01 283,648 —-a-w c:windowssystem32gdi32.dll
2008-10-16 20:33 826,368 —-a-w c:windowssystem32wininet.dll
2008-10-16 11:13 202,776 —-a-w c:windowssystem32wuweb.dll
2008-10-16 11:13 1,809,944 —-a-w c:windowssystem32wuaueng.dll
2008-10-16 11:12 561,688 —-a-w c:windowssystem32wuapi.dll
2008-10-16 11:12 323,608 —-a-w c:windowssystem32wucltui.dll
2008-10-16 11:09 92,696 —-a-w c:windowssystem32cdm.dll
2008-10-16 11:09 51,224 —-a-w c:windowssystem32wuauclt.exe
2008-10-16 11:09 43,544 —-a-w c:windowssystem32wups2.dll
2008-10-16 11:08 34,328 —-a-w c:windowssystem32wups.dll
2008-10-03 10:17 247,326 —-a-w c:windowssystem32strmdll.dll
2005-03-02 05:19 31,304 -c—a-w c:documents and settingsOvchinnikovaApplication DataGDIPFONTCACHEV1.DAT
.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINE~Browser Helper Objects{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 17:20 279944 —a
c:program filesAskBarDisbarbinaskBar.dll[HKEY_LOCAL_MACHINE~Browser Helper Objects{92B9DADB-7736-448E-82DD-60EE9EF1524C}]
2008-11-23 20:34 316416 —a
c:windowssystem32eihlib.dll[HKEY_LOCAL_MACHINE~Browser Helper Objects{D898D4FA-DA7F-49A9-AF9F-108E12362751}]
2008-11-23 20:34 315904 —a
c:windowssystem32nuplib.dll[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{3041d03e-fd4b-44e0-b742-2d9b88305f98}»= «c:program filesAskBarDisbarbinaskBar.dll» [2008-07-17 279944][HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{3041D03E-FD4B-44E0-B742-2D9B88305F98}»= «c:program filesAskBarDisbarbinaskBar.dll» [2008-07-17 279944][HKEY_CLASSES_ROOTclsid{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOTTypeLib{4b1c1e16-6b34-430e-b074-5928eca4c150}][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2004-08-18 15360][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2007-05-11 40048]
«MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2008-12-11 4428472]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«WinampAgent»=»c:program filesWinampwinampa.exe» [2004-12-20 33792]
«nod32kui»=»c:program filesEsetnod32kui.exe» [2008-12-11 949376]
«SSBkgdUpdate»=»c:program filesCommon FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe» [2006-09-28 185896]
«OpwareSE4″=»c:program filesScanSoftOmniPageSE4.0OpwareSE4.exe» [2006-10-11 75304]
«ScanSoft OmniPage SE 4.0-reminder»=»c:program filesScanSoftOmniPageSE4.0EregEreg.exe» [2006-09-26 1410600]
«XP-F2A0D02D»=»c:windowssystem32XP-F2A0D02D.EXE» [2008-12-29 1501856][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2004-08-18 15360]c:documents and settingsЊ аЁ ѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
цццццц.lnk — c:windowssystem32XP-F2A0D02D.EXE [2008-12-29 1501856][HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«nosimplestartmenu»= 0 (0x0)
«norecentdochistory»= 0 (0x0)
«maxrecentdocs»= 0 (0x0)[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\CorbinaShadowDC\CorbinaShadowDC.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«e:\игры\ICQ6\ICQ.exe»=R1 nod32drv;nod32drv;c:windowssystem32driversnod32drv.sys [2008-12-11 15424]
R3 FirebirdServerDefaultInstance;Firebird Server — DefaultInstance;c:program filesFirebirdFirebird_2_0binfbserver.exe -s —> c:program filesFirebirdFirebird_2_0binfbserver.exe -s [?]
R4 FirebirdGuardianDefaultInstance;Firebird Guardian — DefaultInstance;c:program filesFirebirdFirebird_2_0binfbguard.exe -s —> c:program filesFirebirdFirebird_2_0binfbguard.exe -s [?]*Newly Created Service* — PROCEXP90
.
.
Supplementary Scan
.
uStart Page = http://www.mail.ru
uInternet Connection Wizard,ShellNext = iexplore
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
LSP: c:windowssystem32imon.dll
TCP: {C8C96142-FE4D-47AC-A3B5-0CDB470BE4C3} = 213.234.192.7 85.21.192.5
.**************************************************************************
catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-03 23:13:28
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘lsass.exe'(564)
c:windowssystem32imon.dll
c:program filesEsetpr_imon.dll
.
Completion time: 2009-01-03 23:15:03
ComboFix-quarantined-files.txt 2009-01-03 20:14:55Pre-Run: 310,751,232 байт свободно
Post-Run: 330,461,184 байт свободно248 — E O F — 2008-12-23 10:48:16
Здравствуйте, долго же вы отвечали 😉
С наступившим вас новым 2009 годом! Счастья и здоровья.Откройте блокнот (Кликните Пуск, Выполнить.В строке ввода введите notepad и нажмите Enter.) и вставьте в него следующий текст:
Registry::
[-HKEY_LOCAL_MACHINE~Browser Helper Objects{92B9DADB-7736-448E-82DD-60EE9EF1524C}]
[-HKEY_LOCAL_MACHINE~Browser Helper Objects{D898D4FA-DA7F-49A9-AF9F-108E12362751}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"XP-F2A0D02D"=-
File::
c:windowssystem32XP-F2A0D02D.EXE
c:windowssystem32nuplib.dll
c:windowssystem32eihlib.dllЗапишите получившийся файл на ваш рабочий стол под именем CFScript
Далее перетащите получившийся файл на иконку Combofix, как показано на картинке ниже.
Сombofix запуститься и выполнит процедуры описанные в созданном нами файле.
По результатам работы Combofix будет создан новый лог, его и вставьте в свой следующий ответ.
- Для ответа в этой теме необходимо авторизоваться.
