Prover'te pliz!pishu eng bukvami iz za sluchainosti))
Printable View
Prover'te pliz!pishu eng bukvami iz za sluchainosti))
[URL="http://virusinfo.info/showthread.php?t=4491"]Профиксите[/URL] в HijackThis
[CODE]
R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\widrive32.exe
O4 - HKLM\..\Run: [msnmsgs] C:\Documents and Settings\Жесткий вар\Application Data\inoxpbm.exe
O4 - HKLM\..\Run: [MSODESNV7] C:\WINDOWS\system32\msvmiode.exe
O4 - HKLM\..\Run: [VGA] C:\RECYCLER\S-1-5-21-4371151400-4584260376-483873432-7984\mcssc.exe
O4 - HKCU\..\Run: [msnmsgs] C:\Documents and Settings\Жесткий вар\Application Data\inoxpbm.exe
O4 - HKCU\..\Run: [Driversys] C:\WINDOWS\fqdpjae.exe
O4 - HKCU\..\Run: [VGA] C:\RECYCLER\S-1-5-21-4371151400-4584260376-483873432-7984\mcssc.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\widrive32.exe
O4 - HKLM\..\Policies\Explorer\Run: [msnmsgs] C:\Documents and Settings\Жесткий вар\Application Data\inoxpbm.exe
O4 - HKLM\..\Policies\Explorer\Run: [Driversys] C:\WINDOWS\fqdpjae.exe
O4 - HKLM\..\Policies\Explorer\Run: [VGA] C:\WINDOWS\fqdpjae.exe
O4 - HKUS\S-1-5-18\..\Run: [VGA] 78.exe (User 'SYSTEM')
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
[/CODE]
- Сделайте логи по [URL="http://virusinfo.info/pravila_old.html"]правилам[/URL] п.1-3 раздела Диагностика.([COLOR="Blue"]virusinfo_syscure.zip;virusinfo_syscheck.zip; hijackthis.log[/COLOR])
если не получится, сделайте лог [URL="http://virusinfo.info/showthread.php?t=58309"][COLOR="Blue"][B]Combofix[/B][/COLOR][/URL]