dawid156

Dzięki za pomoc. BlitzBlank 1.0.0.32 File/Registry Modification Engine native application MoveDirectoryOnReboot: sourceDirectory = "\??\c:\programdata\razoru0", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\programdata\razoru0\iflmnkfrd.exe", destinationFile = "(null)", replaceWithDummy = 0 RemoveFile: ZwDeleteFile failed: status = c0000121 MoveDirectoryOnReboot: ProcessElement failed: status = c0000121 Nowy log: OTL.Txt

Nowy log: OTL.Txt

Wielkie dzięki za poświęcony czas. Wygląda na to ze proces bitcoin-miner już się nie uruchamia. Odnośnie dziwnej paczki to patch do PES. Oto logi: BlitzBlank 1.0.0.32 File/Registry Modification Engine native application MoveDirectoryOnReboot: sourceDirectory = "\??\c:\programdata\razoru0", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\programdata\razoru0\iflmnkfrd.exe", destinationFile = "(null)", replaceWithDummy = 0 RemoveFile: ZwDeleteFile failed: status = c0000121 MoveDirectoryOnReboot: ProcessElement failed: status = c0000121 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\dawid\appdata\local\temp", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\users\dawid\appdata\local\temp\FXSAPIDebugLogFile.txt", destinationFile = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\users\dawid\appdata\local\temp\iflmnkfrdvb.exe", destinationFile = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\dawid\appdata\local\temp\Low", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\users\dawid\appdata\local\temp\nkadlsgfden.exe", destinationFile = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\dawid\appdata\local\temp\wargaming.net", destinationDirectory = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\dawid\appdata\local\temp\wargaming.net\wot", destinationDirectory = "(null)", replaceWithDummy = 0 MoveDirectoryOnReboot: sourceDirectory = "\??\c:\users\dawid\appdata\local\temp\WPDNSE", destinationDirectory = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\users\dawid\appdata\local\temp\~DFDB59AA5B1533FA8A.TMP", destinationFile = "(null)", replaceWithDummy = 0 MoveFileOnReboot: sourceFile = "\??\c:\programdata\adobeupdate.exe", destinationFile = "(null)", replaceWithDummy = 0 LaunchOnReboot: launchName = "\fix.bat", commandLine = "c:\fix.bat" OpenDriver: ZwLoadDriver(\Registry\Machine\System\CurrentControlSet\Services\blzblk) failed: status = c0000428 LaunchOnReboot: OpenDriver failed: status = c0000428 AdwCleanerS1.txt OTL.Txt

Witam. Mam problem z programem bitcoin-miner po uruchomienie systemu program uruchamia się automatycznie i zżera procesor. Podjęte działania: usuniecie ręcznie pliku z dysku (po restarcie plik zostaje powtórnie utworzony) wyłączenie w opcjach msconfig (zawiodło) użycie (wiem ze nie powinienem ) Combofix (zawiodło) (używany 2x) Załączam logi; I zrzut ekranu Extras.Txt Gmer.txt OTL.Txt ComboFix.txt ComboFix2.txt