Перейти к содержанию
Правила раздела
Летний корпоратив «Лаборатории Касперского» 2024. Как попасть?

Помогите удалить вирус [ LOG?]

Эдвард

Автор Эдвард,
в Помощь в удалении вирусов

 Share Подписчики 0

Рекомендуемые сообщения

Эдвард

Эдвард 0

Опубликовано
Опубликовано

Моя история такова , я залез на сайт по чистки габиленов , но не это главное , главное то что подхватил вирус показал мне это стандартная антивирусная демо программа , то есть касперского небыло ещё у меня , в итоге нашёл 34 вирус критических , после того как они появились нажимаю на папку какую нибудь у меня грузит комп не как обычно , в итоге открывается папка , но и открывается опера с страницей 404 еррор , и так с каждей папкой . В итоге я сходил купил касперский все активировал все сделал , проверяю на вируса находит вируса , но 4 раза ставил полную проверку компа все равно папки также открываются , помогите что посоветуете как решить проблему!

Ссылка на сообщение
Поделиться на другие сайты
ika-ilya

ika-ilya 270

Опубликовано
Опубликовано

Эдвард

Если я правильно понял, то после проверки антивирус удалил все вирусы, но проблема осталась?

 

Тут нужно просто вылечить последствия действия вируса.

 

Для начала создайте лог, как это сделать написано в этой теме: http://forum.kasperskyclub.ru/index.php?showtopic=1698

Также в этой теме: http://forum.kasperskyclub.ru/index.php?showtopic=7611

 

И выложить скриншот в котором видно на какой сайт переходит при открытии папки.(когда появляется ошибка 404)

Ссылка на сообщение
Поделиться на другие сайты
Эдвард

Эдвард 0

Опубликовано
  • Автор
Опубликовано

Раскрывающийся текст:

ROOTREPEAL © AD, 2007-2009

==================================================

Scan Time: 2009/06/21 17:50

Program Version: Version 1.3.0.0

Windows Version: Windows XP SP3

==================================================

 

Drivers

-------------------

Name: dump_atapi.sys

Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys

Address: 0xB68C0000 Size: 98304 File Visible: No Signed: -

Status: -

 

Name: dump_WMILIB.SYS

Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS

Address: 0xBAE06000 Size: 8192 File Visible: No Signed: -

Status: -

 

Name: PCI_PNP2414

Image Path: \Driver\PCI_PNP2414

Address: 0x00000000 Size: 0 File Visible: No Signed: -

Status: -

 

Name: rootrepeal.sys

Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys

Address: 0xB3EE6000 Size: 49152 File Visible: No Signed: -

Status: -

 

Name: spqz.sys

Image Path: spqz.sys

Address: 0xBA67E000 Size: 1052672 File Visible: No Signed: -

Status: -

 

Name: sptd

Image Path: \Driver\sptd

Address: 0x00000000 Size: 0 File Visible: No Signed: -

Status: -

 

Hidden/Locked Files

-------------------

Path: c:\documents and settings\all users\application data\kaspersky lab\avp8\data\avc5.tmp

Status: Allocation size mismatch (API: 24457216, Raw: 0)

 

Path: C:\Documents and Settings\user\Мои документы\ICQ\418236907\ReceivedFiles\365685481 Моя девочка.

Status: Locked to the Windows API!

 

Path: C:\Documents and Settings\user\Мои документы\ICQ\418236907\ReceivedFiles\365685481 Моя девочка..

Status: Locked to the Windows API!

 

SSDT

-------------------

#: 011 Function Name: NtAdjustPrivilegesToken

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeb1da

 

#: 019 Function Name: NtAssignProcessToJobObject

Status: Hooked by "<unknown>" at address 0x89c6f630

 

#: 025 Function Name: NtClose

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeb7ae

 

#: 031 Function Name: NtConnectPort

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aed1ea

 

#: 037 Function Name: NtCreateFile

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aecb9c

 

#: 041 Function Name: NtCreateKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aea950

 

#: 052 Function Name: NtCreateSymbolicLinkObject

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeeb7c

 

#: 053 Function Name: NtCreateThread

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeb5ae

 

#: 063 Function Name: NtDeleteKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aead92

 

#: 065 Function Name: NtDeleteValueKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeaf92

 

#: 066 Function Name: NtDeviceIoControlFile

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeceac

 

#: 068 Function Name: NtDuplicateObject

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aef084

 

#: 071 Function Name: NtEnumerateKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeb0a8

 

#: 073 Function Name: NtEnumerateValueKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeb110

 

#: 084 Function Name: NtFsControlFile

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aecd5e

 

#: 097 Function Name: NtLoadDriver

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aee620

 

#: 116 Function Name: NtOpenFile

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aec9f8

 

#: 119 Function Name: NtOpenKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeaab2

 

#: 122 Function Name: NtOpenProcess

Status: Hooked by "<unknown>" at address 0x89c6ea60

 

#: 125 Function Name: NtOpenSection

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeeba6

 

#: 128 Function Name: NtOpenThread

Status: Hooked by "<unknown>" at address 0x89c6ee80

 

#: 160 Function Name: NtQueryKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeb178

 

#: 161 Function Name: NtQueryMultipleValueKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeae7c

 

#: 177 Function Name: NtQueryValueKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeac5a

 

#: 180 Function Name: NtQueueApcThread

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aee888

 

#: 193 Function Name: NtReplaceKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aea5d2

 

#: 200 Function Name: NtRequestWaitReplyPort

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeda74

 

#: 204 Function Name: NtRestoreKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aea734

 

#: 206 Function Name: NtResumeThread

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeef56

 

#: 207 Function Name: NtSaveKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aea3d0

 

#: 210 Function Name: NtSecureConnectPort

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aed08c

 

#: 213 Function Name: NtSetContextThread

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeb6ac

 

#: 237 Function Name: NtSetSecurityObject

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aee71a

 

#: 240 Function Name: NtSetSystemInformation

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeebd0

 

#: 247 Function Name: NtSetValueKey

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeab08

 

#: 253 Function Name: NtSuspendProcess

Status: Hooked by "<unknown>" at address 0x89c6f460

 

#: 254 Function Name: NtSuspendThread

Status: Hooked by "<unknown>" at address 0x89c6f280

 

#: 255 Function Name: NtSystemDebugControl

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aee54c

 

#: 257 Function Name: NtTerminateProcess

Status: Hooked by "<unknown>" at address 0x89c6ec90

 

#: 258 Function Name: NtTerminateThread

Status: Hooked by "<unknown>" at address 0x89c6f0b0

 

#: 277 Function Name: NtWriteVirtualMemory

Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xb6aeb4f0

 

Stealth Objects

-------------------

Object: Hidden Code [ETHREAD: 0x8a643770]

Process: System Address: 0x89c6d790 Size: 1000

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]

Process: System Address: 0x8abf81f8 Size: 121

 

Object: Hidden Code [Driver: atapi, IRP_MJ_INTERNAL_DEVICE_CONTROL]

Process: System Address: 0x8ab3dae0 Size: 266

 

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]

Process: System Address: 0x8a9481f8 Size: 121

 

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]

Process: System Address: 0x8a9481f8 Size: 121

 

Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]

Process: System Address: 0x8a9481f8 Size: 121

 

Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]

Process: System Address: 0x8a9481f8 Size: 121

 

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]

Process: System Address: 0x8a9481f8 Size: 121

 

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]

Process: System Address: 0x8a9481f8 Size: 121

 

Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]

Process: System Address: 0x8a9481f8 Size: 121

 

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]

Process: System Address: 0x8a9481f8 Size: 121

 

Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]

Process: System Address: 0x8a9481f8 Size: 121

 

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]

Process: System Address: 0x8a9481f8 Size: 121

 

Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]

Process: System Address: 0x8a9481f8 Size: 121

 

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CREATE]

Process: System Address: 0x8a5f2500 Size: 121

 

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_CLOSE]

Process: System Address: 0x8a5f2500 Size: 121

 

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_READ]

Process: System Address: 0x8a5f2500 Size: 121

 

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_WRITE]

Process: System Address: 0x8a5f2500 Size: 121

 

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_DEVICE_CONTROL]

Process: System Address: 0x8a5f2500 Size: 121

 

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_INTERNAL_DEVICE_CONTROL]

Process: System Address: 0x8a520318 Size: 139

 

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_POWER]

Process: System Address: 0x8a5f2500 Size: 121

 

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_SYSTEM_CONTROL]

Process: System Address: 0x8a5f2500 Size: 121

 

Object: Hidden Code [Driver: USBSTOR, IRP_MJ_PNP]

Process: System Address: 0x8a5f2500 Size: 121

 

Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE]

Process: System Address: 0x8ac6a1f8 Size: 121

 

Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE]

Process: System Address: 0x8ac6a1f8 Size: 121

 

Object: Hidden Code [Driver: dmio, IRP_MJ_READ]

Process: System Address: 0x8ac6a1f8 Size: 121

 

Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE]

Process: System Address: 0x8ac6a1f8 Size: 121

 

Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS]

Process: System Address: 0x8ac6a1f8 Size: 121

 

Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL]

Process: System Address: 0x8ac6a1f8 Size: 121

 

Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL]

Process: System Address: 0x8ac6a1f8 Size: 121

 

Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN]

Process: System Address: 0x8ac6a1f8 Size: 121

 

Object: Hidden Code [Driver: dmio, IRP_MJ_POWER]

Process: System Address: 0x8ac6a1f8 Size: 121

 

Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL]

Process: System Address: 0x8ac6a1f8 Size: 121

 

Object: Hidden Code [Driver: dmio, IRP_MJ_PNP]

Process: System Address: 0x8ac6a1f8 Size: 121

 

Object: Hidden Code [Driver: aey0st0sȅ浍浓ȁఐ卆浩, IRP_MJ_CREATE]

Process: System Address: 0x8a8d0500 Size: 121

 

Object: Hidden Code [Driver: aey0st0sȅ浍浓ȁఐ卆浩, IRP_MJ_CLOSE]

Process: System Address: 0x8a8d0500 Size: 121

 

Object: Hidden Code [Driver: aey0st0sȅ浍浓ȁఐ卆浩, IRP_MJ_DEVICE_CONTROL]

Process: System Address: 0x8a8d0500 Size: 121

 

Object: Hidden Code [Driver: aey0st0sȅ浍浓ȁఐ卆浩, IRP_MJ_INTERNAL_DEVICE_CONTROL]

Process: System Address: 0x8a5d61e8 Size: 114

 

Object: Hidden Code [Driver: aey0st0sȅ浍浓ȁఐ卆浩, IRP_MJ_POWER]

Process: System Address: 0x8a8d0500 Size: 121

 

Object: Hidden Code [Driver: aey0st0sȅ浍浓ȁఐ卆浩, IRP_MJ_SYSTEM_CONTROL]

Process: System Address: 0x8a8d0500 Size: 121

 

Object: Hidden Code [Driver: aey0st0sȅ浍浓ȁఐ卆浩, IRP_MJ_PNP]

Process: System Address: 0x8a8d0500 Size: 121

 

Object: Hidden Code [Driver: usbuhci, IRP_MJ_CREATE]

Process: System Address: 0x8a9c21f8 Size: 121

 

Object: Hidden Code [Driver: usbuhci, IRP_MJ_CLOSE]

Process: System Address: 0x8a9c21f8 Size: 121

 

Object: Hidden Code [Driver: usbuhci, IRP_MJ_DEVICE_CONTROL]

Process: System Address: 0x8a9c21f8 Size: 121

 

Object: Hidden Code [Driver: usbuhci, IRP_MJ_INTERNAL_DEVICE_CONTROL]

Process: System Address: 0x8a9c21f8 Size: 121

 

Object: Hidden Code [Driver: usbuhci, IRP_MJ_POWER]

Process: System Address: 0x8a9c21f8 Size: 121

 

Object: Hidden Code [Driver: usbuhci, IRP_MJ_SYSTEM_CONTROL]

Process: System Address: 0x8a9c21f8 Size: 121

 

Object: Hidden Code [Driver: usbuhci, IRP_MJ_PNP]

Process: System Address: 0x8a9c21f8 Size: 121

 

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]

Process: System Address: 0x8abfa1f8 Size: 121

 

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]

Process: System Address: 0x8abfa1f8 Size: 121

 

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]

Process: System Address: 0x8abfa1f8 Size: 121

 

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]

Process: System Address: 0x8abfa1f8 Size: 121

 

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]

Process: System Address: 0x8abfa1f8 Size: 121

 

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]

Process: System Address: 0x8abfa1f8 Size: 121

 

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]

Process: System Address: 0x8abfa1f8 Size: 121

 

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]

Process: System Address: 0x8abfa1f8 Size: 121

 

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]

Process: System Address: 0x8abfa1f8 Size: 121

 

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]

Process: System Address: 0x8abfa1f8 Size: 121

 

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]

Process: System Address: 0x8abfa1f8 Size: 121

 

Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]

Process: System Address: 0x8a406408 Size: 121

 

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]

Process: System Address: 0x8a406408 Size: 121

 

Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]

Process: System Address: 0x8a406408 Size: 121

 

Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]

Process: System Address: 0x8a406408 Size: 121

 

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]

Process: System Address: 0x8a406408 Size: 121

 

Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]

Process: System Address: 0x8a406408 Size: 121

 

Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]

Process: System Address: 0x8a98b1f8 Size: 121

 

Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]

Process: System Address: 0x8a98b1f8 Size: 121

 

Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]

Process: System Address: 0x8a98b1f8 Size: 121

 

Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]

Process: System Address: 0x8a98b1f8 Size: 121

 

Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]

Process: System Address: 0x8a98b1f8 Size: 121

 

Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]

Process: System Address: 0x8a98b1f8 Size: 121

 

Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]

Process: System Address: 0x8a98b1f8 Size: 121

 

Object: Hidden Code [Driver: ac5agyw5ࠅఆ卐㔵慰慰콤뾘, IRP_MJ_CREATE]

Process: System Address: 0x8a947500 Size: 121

 

Object: Hidden Code [Driver: ac5agyw5ࠅఆ卐㔵慰慰콤뾘, IRP_MJ_CLOSE]

Process: System Address: 0x8a947500 Size: 121

 

Object: Hidden Code [Driver: ac5agyw5ࠅఆ卐㔵慰慰콤뾘, IRP_MJ_DEVICE_CONTROL]

Process: System Address: 0x8a947500 Size: 121

 

Object: Hidden Code [Driver: ac5agyw5ࠅఆ卐㔵慰慰콤뾘, IRP_MJ_INTERNAL_DEVICE_CONTROL]

Process: System Address: 0x8a5d21e8 Size: 203

 

Object: Hidden Code [Driver: ac5agyw5ࠅఆ卐㔵慰慰콤뾘, IRP_MJ_POWER]

Process: System Address: 0x8a947500 Size: 121

 

Object: Hidden Code [Driver: ac5agyw5ࠅఆ卐㔵慰慰콤뾘, IRP_MJ_SYSTEM_CONTROL]

Process: System Address: 0x8a947500 Size: 121

 

Object: Hidden Code [Driver: ac5agyw5ࠅఆ卐㔵慰慰콤뾘, IRP_MJ_PNP]

Process: System Address: 0x8a947500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]

Process: System Address: 0x8a5f0500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_CREATE]

Process: System Address: 0x8a5f1500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_CLOSE]

Process: System Address: 0x8a5f1500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_READ]

Process: System Address: 0x8a5f1500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_QUERY_INFORMATION]

Process: System Address: 0x8a5f1500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_SET_INFORMATION]

Process: System Address: 0x8a5f1500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_QUERY_VOLUME_INFORMATION]

Process: System Address: 0x8a5f1500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_DIRECTORY_CONTROL]

Process: System Address: 0x8a5f1500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_FILE_SYSTEM_CONTROL]

Process: System Address: 0x8a5f1500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_DEVICE_CONTROL]

Process: System Address: 0x8a5f1500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_SHUTDOWN]

Process: System Address: 0x8a5f1500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_LOCK_CONTROL]

Process: System Address: 0x8a5f1500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_CLEANUP]

Process: System Address: 0x8a5f1500 Size: 121

 

Object: Hidden Code [Driver: Micr, IRP_MJ_PNP]

Process: System Address: 0x8a5f1500 Size: 121

 

==EOF==

 

 

!А это вот после как нажимаю на папки , щас начила не ошибка появлятся а вот это!

oBezymyannyj.JPG

Ссылка на сообщение
Поделиться на другие сайты
ika-ilya

ika-ilya 270

Опубликовано
Опубликовано (изменено)
Строгое предупреждение от модератора Falcon
Это указано в правилах оформления запроса.
Изменено пользователем Falcon
Ссылка на сообщение
Поделиться на другие сайты
FCK

FCK 0

Опубликовано
Опубликовано

обратите внимание на страницу: в заголовке типа ИЕ не может открыть страницу, но адрес от майкрософта, значит сидит вирь, который работает по принципу DNS сервера, перехватывающего нужные адреса, либо вирь от одной из многочисленных партнерок, которые впаривают поддельных антивирусов

Ссылка на сообщение
Поделиться на другие сайты

Присоединяйтесь к обсуждению

Вы можете написать сейчас и зарегистрироваться позже. Если у вас есть аккаунт, авторизуйтесь, чтобы опубликовать от имени своего аккаунта.

Гость
Ответить в этой теме...

×   Вставлено с форматированием.   Вставить как обычный текст

  Разрешено использовать не более 75 эмодзи.

×   Ваша ссылка была автоматически встроена.   Отображать как обычную ссылку

×   Ваш предыдущий контент был восстановлен.   Очистить редактор

×   Вы не можете вставлять изображения напрямую. Загружайте или вставляйте изображения по ссылке.

×
 Share
Подписчики 0
Перейти к списку тем
×
×
  • Создать...