Перейти к содержанию

В последнее время часто тормозит, зависает система [ LOG?]


vetal07

Рекомендуемые сообщения

Деинсталлируйте ComboFix: нажмите Пуск => Выполнить в окне наберите команду Combofix /u, нажмите кнопку "ОК"

Combofix-unninstal.JPG

 

Скачайте OTCleanIt или с зеркала, запустите, нажмите Clean up

Ссылка на комментарий
Поделиться на другие сайты

Готово.

А что это за папка у меня на диске C:\32788R22FWJFW ?

В ней запускающий файл cmd.

Проверьте эти файлы на http://www.virustotal.com/ru/ отпишите результате.

Ссылка на комментарий
Поделиться на другие сайты

Проверил запускающий:

MD5: e73e101b533d0951de69be3c6c9cf3e4

First received: 2009.02.21 23:53:50 UTC

Дата: 2009.02.21 23:53:50 UTC [>268D]

Результаты: 0/35

Permalink: analisis/c28b379a5139b4e8d6e0a515a88d696c1a219b03ca8c96955cf08ad587c403f1-1235260430

 

Там еще есть запускающий AspackDie, антивирус на него ругается.

MD5: f673d8f61a32ff0e550f6985b194dbbf

First received: 2006.06.21 22:15:15 UTC

Дата: 2009.11.05 18:14:23 UTC [>11D]

Результаты: 0/40

Permalink: analisis/465e075688109b59ce08d12499751a6eff19cc825941e9d4dec9b792ae5220d5-1257444863

 

Все файлы не могу проверить их там 185 :huh:

 

 

Хм... еще я нашел на диске С файл Bug.txt

Раскрывающийся текст:

PUSHD C:\32788R22FWJFW 

SET "Comspec=C:\32788R22FWJFW\cmd.cfxxe" 

IF NOT EXIST C:\WINDOWS\system32\cmd.exe GOTO Not_NT 

VER  1>OsVer 

GREP.cfxxe -F "5.1.2" OsVer  1>XP.mac 

IF 0 == 0 GOTO NT 

GREP.cfxxe -isq "ProductType.*WinNT" WinNT00   || GOTO Not_NT 

Error: Key: system\currentcontrolset\control\safeboot\option does not exist!


IF NOT EXIST NircmdB.exe COPY /Y Nircmd.cfxxe NircmdB.exe   1>N_\31572 2>&1 

PEV UZIP License\pv_5_2_2.zip .\ 

MOVE /Y PV.exe PV.cfxxe	1>N_\19243 2>&1 

IF NOT EXIST PEV.cfxxe COPY /Y PEV.exe PEV.cfxxe   1>N_\32367 2>&1 

SED "/^PATH=/I!d; s///; s/\x22//g" Oripath  1>OriPath00 

PEV -rtf -s+901 .\OriPath00   && (
SED -r "s/\x22//g; s/(.{900}).*/\1/; s/;[^;]*$//" OriPath00  1>OriPath01  
FOR /F "TOKENS=*" %G IN (OriPath01) DO @SET "PATH=C:\32788R22FWJFW;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;%G" 
) 

IF NOT EXIST OriPath01 FOR /F "TOKENS=*" %G IN (OriPath00) DO SET "PATH=C:\32788R22FWJFW;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;%G" 

SET "PATH=C:\32788R22FWJFW;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\OpenVPN\bin" 

PEV -rtf -c:##5# .\* and { License.exe or 32788R22FWJFW.exe or OsVer.exe or WinNT.exe or N_.exe }   1>temp00  && (
PV -o%f *  1>temp01  
PEV -tf -t!o -files:temp01 -c:##5#b#f#  1>temp02  
GREP -Fif temp00 temp02  1>temp03  
SED "/.*	/!d; s///" temp03  1>temp04  
SED  ":a; $!N; s/\n/\x22 \x22/; ta; s/.*/\x22&\x22/" temp04  1>temp05  
FOR /F "TOKENS=*" %G IN (temp05) DO @NIRCMD KILLPROCESS %G 
) 
’ҐЄгй п Є®¤®ў п бва ­Ёж : 1251

CALL :MDCheck 

PEV -rtf -md5907FF9D69304865D4972EB552DFC87E7 .\md5sum.pif   || CALL :MDFaiL ChkSum_Fail 
.\md5sum.pif

PEV -tf -files:files.pif -c:##5#b#f#  1>mdCheck00.dat 

GREP -vs "^!MD5:" mdCheck00.dat  1>mdCheck0a.dat 

GREP -Fvf md5sum.pif mdCheck0a.dat   1>mdCheck01.dat  && CALL :MDFaiL 

GOTO :EOF 

=============================================

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Администратор\Application Data
cfExt=cfxxe
CFLDR=32788R22FWJFW
Chksum=907FF9D69304865D4972EB552DFC87E7
CLIENTNAME=Console
Command switches used=Command switches used
CommonProgramFiles=C:\Program Files\Common Files
Completion time=Completion time
COMPUTERNAME=MICROSOF-06013C
ComSpec=C:\32788R22FWJFW\cmd.cfxxe
Connecting to=Connecting to
Connecting to ComboFix servers=Connecting to ComboFix servers
Cryptography Services Error=Cryptography Services Error
Disclaimer=The following websites are not in any way affiliated to ComboFix:~n~n	http://www.combofix.org/~n	http://www.combofixdownload.com/~n~nIf you have purchased anything from them, I suggest you instruct your~nfinanciers to cancel the transaction.~n~n	   -----------------------  -----------------------~n~nA guide on proper ComboFix usage may be found at:~nhttp://www.bleepingcomputer.com/combofix/how-to-use-combofix~n~nComboFix is meant for private use. It should never be used in an~nunsupervised environment. If infections are found, it will automatically~nreboot the machine to complete the removal process. Please ensure all~nopened windows are closed before proceeding.~n~nThis software is provided 'as is', without warranty of any kind. All~nimplied warranties are expressly disclaimed. If you do not agree to the~nabove terms, please click No to exit" "DISCLAIMER OF WARRANTY ON SOFTWARE.
DLLs Loaded Under Running Processes=DLLs Loaded Under Running Processes
Drivers/Services=Drivers/Services
Fail2Delete=failed to delete
File Associations=File Associations
File Replicators=File Replicators
Files Infected - Patched=Files Infected - Patched
FIREFOX POLICIES=FIREFOX POLICIES
FP_NO_HOST_CHECK=NO
hidden files=hidden files
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Администратор
is infected=is infected
is missing=is missing
KMD=CF165.exe
Line1=Please wait.
Line10=ComboFix has detected the presence of rootkit activity and needs to reboot the machine~nKindly note down on paper, the name of each file. We may need it later~n~n%~G" "Rootkit !
Line10A=ComboFix has detected the presence of rootkit activity and needs to reboot the machine" "Rootkit !
Line11=Scanning for infected files . . .
Line12=This typically doesn't take more than 10 minutes
Line13=However, scan times for badly infected machines may easily double
Line14=%G ...... driver unloaded successfully.
Line15=Rootkit driver %G is still present. A rootkit scan is required
Line16=ComboFix has changed your clock settings.
Line17=Do not change it back. It shall be restored later
Line18=ComboFix encountered a terminal error! Please upload this file - C:\ComboFix_error.dat
Line19=to: http://www.bleepingcomputer.com/submit-malware.php?channel=4
Line2=ComboFix is preparing to run.
Line20=Preparing Log Report.
Line21=Do not run any programs until ComboFix has finished
Line22=No new files created in this timespan
Line23=*Note* empty entries ^& legit default entries are not shown
Line24=Contents of the 'Scheduled Tasks' folder
Line25=Almost done . . This window will close in a short while
Line26=Please wait a few seconds for the report log to pop up
Line27=ComboFix's log shall be located at C:\COMBOFIX.TXT
Line28=Rebooting Windows . . . Please wait
Line29=Please allow ComboFix to reboot the machine.
Line3=You need Administrative privileges to run this tool" "Not Admin !
Line30=Overlay aborted ... Please run ComboFix once more
Line31=Date Error: ~%CurrDate.yyyy-MM-dd%~n~nCheck your settings" "DATE ERROR
Line32=C:\WINDOWS\system32\HAL.DLL is missing !~n~nIt's IMPORTANT that you DO NOT reboot/shutdown the machine~n~nPost to the forums for immediate help. Do not click OK until further instructed" "CRITICAL WARNING !
Line33=ComboFix needs to submit malware files for further analysis.~n~nPlease ensure that you're connected to the internet before clicking OK" "Submit Files for further analysis
Line34=Submit malware to Bleeping Computer for analysis.
Line35=Copy/Paste the filepath below into the box above and click Send.
Line36=Infected copy of %~1 was found and disinfected
Line36A=Restored copy from - %~2
Line37=%~1 . . . is infected!
Line38=(((((((((((((((((((((((((   Files Created from %thirty% to %dateX%  )))))))))))))))))))))))))))))))
Line39=((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
Line4=C:\WINDOWS\regedit.exe is missing~n~nCopy one from another machine" "Terminal Error - Missing file
Line40=Webserver appears to be temporarily inaccessible.~nFor your convenience, ComboFix created a submissions form located at:~n~n* C:\CF-Submit.htm~n~nPlease use that to manually upload it later. " "Upload Failed!
Line41=(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
Line42=(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
Line43=Deleting Files:
Line43A=Deleting Folders:
Line44=- REDUCED FUNCTIONALITY MODE -
Line45=SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.
Line46=scanning hidden processes ... 
Line47=scanning hidden autostart entries ...
Line48=scanning hidden files ... 
Line49=-- Snapshot reset to current date --
Line5=Current date is ~%CurrDate.yyyy-MM-dd%. ComboFix has expired~n~nClick 'Yes' to run in REDUCED FUNCTIONALITY mode~n~nClick 'No' to exit" "Version_%ver_CF%
Line50=ComboFix is uninstalled" "Info
Line51=Will only install the Recovery Console for Windows XP
Line52=Boot Partition cannot be enumerated correctly
Line53=%BootDir%Boot.ini is not correctly formated
Line54=This machine already has the Recovery Console installed.~n~nAborting operations
Line55=Please click 'YES' in the End User License Agreement (EULA) dialog that follows ..." "Installing the Recovery Console
Line56=Installation file - %~G - cannot be found
Line57=You didn't select YES~n~nInstallation is aborted
Line58=Contents of %BootDir%cmdcons are not in order.~n~nPlease disable your security programs before trying again
Line59=Congratulations! The Microsoft Recovery Console was successfully installed.~n~nOn each restart of the machine, a black screen will offer you the option to boot into recovery console mode.~nFor normal use, just ignore the black screen. Windows shall boot normally in 2 seconds~n~nClick 'Yes' to continue scanning for malware" "Info
Line6=Were you trying to run CFScript?~n~nThe name, CFScript  appears to be incorrectly spelt" "CFScript Name Error
Line60=Click 'Yes' to continue scanning for malware~n~nClick 'No' to exit" "What's next ?
Line62=There's a newer version of ComboFix available.~n~nWould you like to update ComboFix?" "Update
Line63=--- WARNING ! ---~n~nA critical update is required.~n~nComboFix shall now update itself.~n~n--- WARNING ! ---" "Mandatory Update
Line64=Failed to download updated copy.~n~nWill continue with existing copy" "Failed Download
Line65=ComboFix shall now restart" "Updated
Line66=Interference detected~n~nPlease perform a Rootkit Scan" "Abort!
Line67=You cannot rename ComboFix as %FileName%~n~nPlease use another name, preferbaly made up of alphanumeric characters
Line68=%cd% not in expected location~n~n	   Inform sUBs now!
Line69=ComboFix effected repairs on missing C:\WINDOWS\system32\hal.dll
Line7=Attempting to create a new System Restore point
Line70=This machine does not have the 'Microsoft Windows recovery console' installed~n~nWithout it, ComboFix shall not attempt the fixing of some serious infections.~n~nClick 'Yes' to have ComboFix download/install it.~n~nNOTE: this requires an active internet connection." "Microsoft Windows Recovery Console
Line71=Click 'Yes' if this is a WINDOWS XP *HOME EDITION* machine" "XP Home Edition
Line72=Failed to download required files. Aborting ... ~n~nShall continue scanning for malware
Line73=Internal error! Failed to enumerate download path.  ~n~nAborting ... Shall continue scanning for malware
Line74=You do not appear to be connected to the internet. Kindly connect before clicking 'OK' 
Line75=The following files were trying to attach to ComboFix. They shall be disabled~nKindly note down on paper, the name of each file. We may need it later~n~n%~G" "Parasites found !
Line76=ComboFix has detected the following real time scanner(s) to be active:~n~n%G~n~nAntivirus and intrusion prevention programs are known to interfere~nwith ComboFix's running. This may lead to unpredictable results or~npossible machine damage.~n~nPlease disable these scanners before clicking 'OK'." "Warning !
Line77=%G~n~nThe above real time scanner(s) are still active but ComboFix shall~ncontinue to run. Kindly note that this is at your own risk" "Warning !
Line78=%~1 was missing
Line79=%~1 . . . is missing!
Line8=Rich text formats (RTF) are unacceptable !~n~nPlease save CFScript commands as a textfile, using Notepad.exe" "ERROR - Script format is incorrect
Line80=! ALERT ! It is NOT SAFE to continue!~n~nThe contents of the ComboFix package has been compromised.~nPlease download a fresh copy from:~n~nhttp://www.bleepingcomputer.com/combofix/how-to-use-combofix~n~nNote: You may be infected with a file patching virus 'Virut'" "Error
Line81=ComboFix's script appears tampered. It is not safe to continue.~nComboFix shall now exit. Please inform the forum helper that's aiding~nyou. Unless further instructed to do so, do not run ComboFix again." "Failed Verification
Line82=Webserver appears to be temporarily inaccessible.~nFor your convenience, a zipped file has been created at:~n~nC:\CFCollect.zip~n~nPlease upload the file to BleepingComputer~n~nDo not forget to fill in the 'Comments' section" "Upload Failed!
Line83=[COLOR=RED]NETSVCS REQUIRES REPAIRS - current entries shown[/COLOR]
Line84=http://download.bleepingcomputer.com/sUBs/ComboFix.exe~nhttp://www.forospyware.com/sUBs/ComboFix.exe~n~nComboFix.exe may be downloaded from any of the above sites. If you~nhave downloaded from some other site, there's a likely chance that it~nmay be tainted. For peace of mind, I suggest that you delete the current~ncopy and get a fresh one." "Caution
Line85=[color=red]Manual Fix is required for restoring CommonStartup[/color]
Line9=Rootkit driver %G is present. ... attempting disinfection
Line90=ComboFix needs to perform a deeper scan
Line91=This should not take more than 10-15 minutes
Line92=Infected HTML files detected.
Line93=ComboFix will now attempt to disinfect
Line94=This is going to take some time
Line95=Disinfection complete ! ... continuing Log Report preparation
Line96=Recovery in Progress . . .
Line97=WARNING ! Do not manually reboot the machine yourself
LOCKED REGISTRY KEYS=LOCKED REGISTRY KEYS
LOGONSERVER=\\MICROSOF-06013C
machine was rebooted=machine was rebooted
not completed=not completed
NUMBER_OF_PROCESSORS=2
ORPHANS REMOVED=ORPHANS REMOVED
OS=Windows_NT
Other Running Processes=Other Running Processes
Other Services/Drivers In Memory=Other Services/Drivers In Memory
Path=C:\32788R22FWJFW;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\OpenVPN\bin
PATHEXT=.cfxxe;.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
Possible infected sites=Possible infected sites
Post-Run=Post-Run
Pre-Run=Pre-Run
Previous Run=Previous Run
PROCESS=PROCESS
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$
Qrntn=C:\Qoobox\Quarantine
RecoveryConsole=WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !
Resident AV is active=Resident AV is active
RestorePoint= * Created a new restore point
RKEY_=hklm\software\microsoft\windows nt\currentversion\windows
Running from=Running from
scan completed successfully=scan completed successfully
SESSIONNAME=Console
sfxcmd="E:\Виталика\ComboFix\ComboFix.exe" /u
sfxname=E:\Виталика\ComboFix\ComboFix.exe
Stage=Completed Stage_
Supplementary Scan=Supplementary Scan
SYSDIR=C:\WINDOWS\system32
SYSTEM=C:\WINDOWS\system32
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\АДМИНИ~1\LOCALS~1\Temp
The following files were disabled during the run=The following files were disabled during the run
TMP=C:\DOCUME~1\АДМИНИ~1\LOCALS~1\Temp
Upload was successful=Upload was successful
Uploading files to server=Uploading files to server
USERDOMAIN=MICROSOF-06013C
USERNAME=Администратор
USERPROFILE=C:\Documents and Settings\Администратор
Ver_CF=09-11-08.03
windir=C:\WINDOWS

=============================================


IF NOT DEFINED sfxname GOTO END 

GREP -F \ temp01   && CALL :Aux 

IF NOT DEFINED RKEY_ GOTO :EOF 

IF /I "RKEYB" EQU "RKEYB" GOTO RKEYB 

GREP -Fi "C:\WINDOWS\system32\userinit.exe" Userinit00   || (SWREG ADD "hklm\software\microsoft\windows nt\currentversion\winlogon" /v Userinit /d "C:\WINDOWS\system32\userinit.exe," ) 
  Userinit	REG_SZ		 	C:\WINDOWS\system32\userinit.exe,

SET SfxCmd  1>SET00 

SED -r "/SfxCmd=/I!d; s///; s/\s*$//; s/^(\x22[^\x22]*\x22|[^\x22]\S*) +//; s/^\x22*E:\\Виталика\\ComboFix\\ComboFix.exe\x22*//I; s/^([^\x22]\S*)/@SET SfxCmd=\x22\1\x22/; s/^(\x22.*)/@SET SfxCmd=\1/" SET00  1>sfx.cmd 

DEL /A/F SET00 

ECHO."E:\Виталика\ComboFix\ComboFix.exe"1>MSName00 

GREP -Ei "\\(wscntfy|winlogon|wininit|nvsvc|lsm|lsass|iexplore|svchost|spoolsv|smss|slsvc
|services|explorer|ctfmon|csrss|alg)\.....$" MSName00   && (
CALL :MSNAME "E:\Виталика\ComboFix\ComboFix.exe"  
CALL MsName.bat 
) 

ATTRIB +R "E:\Виталика\ComboFix\ComboFix.exe" 
@SET SfxCmd="/u"

CALL sfx.cmd 

CALL AV.cmd 

SET /a AVCount+=1 

NIRCMD EXEC HIDE PV -d9000 -kf CSCRIPT.EXE 

CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:08 av.vbs 

PV -kf CSCRIPT.exe PV.* 
 Killing 'CSCRIPT.exe'
 Killing 'PV.*'

IF NOT EXIST AvBlack00 GREP -Fsf AVBlack resident.txt   1>AvBlack00  && (
SED -r "s/\x22//g; s/.*\) //; s/.*(\{.{8}-.{4}-.{4}-.{4}-.{12}\}).*/\1/" AvBlack00  1>AvBlack01  
FOR /F "TOKENS=*" %G IN (AvBlack01) DO @CSCRIPT.EXE //NOLOGO //E:VBSCRIPT //T:5 wmi_rem.vbs "%~G"  
NIRCMD EXEC HIDE PV -d6000 -kf CSCRIPT.EXE  
CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:08 av.vbs  
PV -kf CSCRIPT.exe PV.* 
) 

GREP -Fivf AVWhite resident.txt   | GREP -E "^(AV|SP): .*enabled\* \("   1>AVChk  && (
SED -r "s/^AV:/antivirus:	   /; s/^SP:/antispyware: /; s/ \*(On-access scanning |)enabled\*.*//" AVChk  | SED ":a; $!N;s/\n/~n/;ta"  1>AVChkB  
NIRCMD LOOP 2 80 BEEP 3000 200  
IF 1 LEQ 1 FOR /F "TOKENS=*" %G IN (AVChkB) DO @NIRCMD INFOBOX "ComboFix has detected the following real time scanner(s) to be active:~n~n%G~n~nAntivirus and intrusion prevention programs are known to interfere~nwith ComboFix's running. This may lead to unpredictable results or~npossible machine damage.~n~nPlease disable these scanners before clicking 'OK'." "Warning !" ""   && GOTO Av-check  
IF 1 GTR 1 FOR /F "TOKENS=*" %G IN (AVChkB) DO @NIRCMD INFOBOX "%G~n~nThe above real time scanner(s) are still active but ComboFix shall~ncontinue to run. Kindly note that this is at your own risk" "Warning !" "" 
) 

SET /a AVCount+=1 

NIRCMD EXEC HIDE PV -d9000 -kf CSCRIPT.EXE 

CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:08 av.vbs 

PV -kf CSCRIPT.exe PV.* 

IF NOT EXIST AvBlack00 GREP -Fsf AVBlack resident.txt   1>AvBlack00  && (
SED -r "s/\x22//g; s/.*\) //; s/.*(\{.{8}-.{4}-.{4}-.{4}-.{12}\}).*/\1/" AvBlack00  1>AvBlack01  
FOR /F "TOKENS=*" %G IN (AvBlack01) DO @CSCRIPT.EXE //NOLOGO //E:VBSCRIPT //T:5 wmi_rem.vbs "%~G"  
NIRCMD EXEC HIDE PV -d6000 -kf CSCRIPT.EXE  
CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:08 av.vbs  
PV -kf CSCRIPT.exe PV.* 
) 

GREP -Fivf AVWhite resident.txt   | GREP -E "^(AV|SP): .*enabled\* \("   1>AVChk  && (
SED -r "s/^AV:/antivirus:	   /; s/^SP:/antispyware: /; s/ \*(On-access scanning |)enabled\*.*//" AVChk  | SED ":a; $!N;s/\n/~n/;ta"  1>AVChkB  
NIRCMD LOOP 2 80 BEEP 3000 200  
IF 2 LEQ 1 FOR /F "TOKENS=*" %G IN (AVChkB) DO @NIRCMD INFOBOX "ComboFix has detected the following real time scanner(s) to be active:~n~n%G~n~nAntivirus and intrusion prevention programs are known to interfere~nwith ComboFix's running. This may lead to unpredictable results or~npossible machine damage.~n~nPlease disable these scanners before clicking 'OK'." "Warning !" ""   && GOTO Av-check  
IF 2 GTR 1 FOR /F "TOKENS=*" %G IN (AVChkB) DO @NIRCMD INFOBOX "%G~n~nThe above real time scanner(s) are still active but ComboFix shall~ncontinue to run. Kindly note that this is at your own risk" "Warning !" "" 
)

 

Сообщение от модератора vasdas
Убрано в спойлер.

Как я понял это чтото с ComboFix-ом связано.

Папку просто удалить?

Изменено пользователем vasdas
Ссылка на комментарий
Поделиться на другие сайты

  • 6 months later...

Помогите плиззз, я устанавливал игру CS и после этого Opera не разворачивается=(( Она внизу висит. Уже и переустанавливал, не помогает( В диспетчере устройств написано что приложение работает.

Ссылка на комментарий
Поделиться на другие сайты

Давайте разбирать по порядку...

Там еще есть запускающий AspackDie, антивирус на него ругается.

Цитирую один чудный сайт(Указать ссылку не имею права):

Антивирусники всегда ругались и будут ругаться на HackTool (хакерские утилиты). Просьба внимательно читать, что написано в окне детекта антивиря. Все комментарии типа "там вирус!" или "заражено трояном! не скачивайте!" будут удаляться.

Короче айайай! :) Но на другом сайте рекомендовали вместо этого анпакера другой - Aspackunpacker... ;)

Как я понял это чтото с ComboFix-ом связано.

Папку просто удалить?

http://forum.kaspersky.com/index.php?showt...18#entry1136465

Изменено пользователем Fasawe
Ссылка на комментарий
Поделиться на другие сайты

Fasawe, Вы внимательно читали последнее сообщение (№20) пользователя?

 

vetal07, какое отношение имеют проблемы с установкой игры и проблемой с Опера к вирусному заражению?

Ссылка на комментарий
Поделиться на другие сайты

Сначала я установил кс. При установке был запущен мой компьютер и Opera и они не разворачивались. Я восстановил систему и все стало норм. После этого я еще раз установил кс, и opera не разворачивается опять=( но теперь даже восстановление системы не действует.

 

P.S Эта проблема не связана с той что я писал ранее.

Изменено пользователем vetal07
Ссылка на комментарий
Поделиться на другие сайты

Все починил)) Оказалось что Opera была на втором экране которого у мну нет=)) вытащил я ее с помощью приложения HobRes

Ссылка на комментарий
Поделиться на другие сайты

Гость
Эта тема закрыта для публикации ответов.
  • Похожий контент

    • parnishka
    • Platina
      От Platina
      Здравствуйте, довольно часто замечаю что бездействие системы грузит проц, это происходит на заставке через 10мин у меня выставлено, при этом наблюдаю что проц нагревается до 56 это видно на индикаторе материнке, обороты кулеров водянки подымаются до 1600, как только выхожу из заставки все сразу резко нормализуется, в простое у меня проц 39 и обороты в районе 650, заставка стандартная из винды Ленты, причем если ее принудительно запустить то ничего ничего не грузит.. засек время это происходит через 5мин 30сек либо ровно через 6 мин после появления заставки, если выгрузить, выключить KIS то проблема решается
      KIS 21.3.10.391 (j)
      Windows 11 22H2
      i7 13700k
      после выхода из заставки в диспетчере удается обнаружить лаунчер касперского 


×
×
  • Создать...