Изпълнявам всичко според инструкциите !! Да опитам ли отново !!???

Не, недейте...Ще ги махнем с друг инструмент...!

Сега деинсталирайте Комбофикс така:

1.Натиснете Start ==> Run ==> въведете командата Combofix /Uninstall ==> OK

2.Изтеглете OTCleanIt или от тук,стартирайте и натиснете

Изтеглете OTL.exe и го запазете на десктопа.

• Стартирайте OTL (ако е необходимо, потвърдете през UAC).
• Направете следните настройки:
• Сложете отметка пред Scan All Users
• Под менюто File Age => изберете 90 days
• Под менюто Standard Registry => променете на ALL
• Сложете отметки пред LOP и Purity Check

Под с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):

netsvcs
msconfig
safebootminimal
safebootnetwork
%SYSTEMDRIVE%\*.*
%USERPROFILE%\*.*
%USERPROFILE%\Application Data\*.*
%USERPROFILE%\Local Settings\Application Data\*.*
%AllUsersProfile%\*.*
%AllUsersProfile%\Application Data\*.*
%USERPROFILE%\My Documents\*.*
%CommonProgramFiles%\*.*
%PROGRAMFILES%\*.*
%systemroot%\system32\config\systemprofile\*.*
%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.*
%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.*
%windir%\temp*.*
%systemroot%\assembly\temp\*.* /S /MD5
%systemroot%\assembly\tmp\*.* /S /MD5
%systemroot%\assembly\GAC_32\*.* /S /MD5
%systemroot%\assembly\GAC_MSIL\*.* /S /MD5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /90
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /mp /s
/md5start
explorer.exe
lsass.exe
svchost.exe
wininit.exe
winlogon.exe
userinit.exe
atapi.sys
iaStor.sys
serial.sys
disk.sys
volsnap.sys
redbook.sys
i8042prt.sys
afd.sys
netbt.sys
tcpip.sys
ipsec.sys
hlp.dat
/md5stop

• Натиснете маркираният в синьо бутон: Run Scan.
• Като приключи проверката, ще се създадат два файла - OTL.Txt и Extras.Txt. Прикачете тези два файла в следващия си коментар (погледнете опцията "прикачени файлове", когато публикувате мнение).

Extras.TxtOTL.Txt

Стартирайте отново OTL, копирайте (Copy) и поставете (Paste) скриптовия текст от текстовото поле по-долу под колонката Custom Scans/Fixes, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта.

:OTL
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
[2012/01/25 13:16:12 | 000,000,000 | ---D | C] -- C:\extensions
[2012/01/25 13:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\h\Application Data\Lwgame RuBar
[2012/01/25 13:16:02 | 000,000,000 | ---D | C] -- C:\Program Files\Lwgame RuBar Toolbar
[2012/01/22 16:57:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\h\Doctor Web
[2012/01/22 16:33:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Doctor Web
[2012/01/22 16:29:48 | 000,000,000 | ---D | C] -- C:\Program Files\DrWeb

:Reg

:files
C:\WINDOWS\Tasks\WGASetup.job
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp

autorun.inf /alldrives
autorun.exe /alldrives
recycler /alldrives
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]
[resethosts]
[clearallrestorepoints]
[emptyflash]
[Reboot]

След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run Fix

Windows ще се рестартира и ще се създаде лог файл. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

All processes killed

========== OTL ==========

Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.

Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\components folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\skin\search_icons folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\skin folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\locale\ru-RU folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\locale folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\content\support\.svn\text-base folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\content\support\.svn folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\content\support folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\content\search\.svn\text-base folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\content\search\.svn folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\content\search folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\content\rss\.svn\text-base folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\content\rss\.svn folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\content\rss folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\content\data folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome\content folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11}\chrome folder moved successfully.

C:\extensions\{9fcd1361-7a19-45af-840d-88ed70eaaa11} folder moved successfully.

C:\extensions folder moved successfully.

C:\Documents and Settings\h\Application Data\Lwgame RuBar folder moved successfully.

C:\Program Files\Lwgame RuBar Toolbar\images\search_icons folder moved successfully.

C:\Program Files\Lwgame RuBar Toolbar\images\menu_icons folder moved successfully.

C:\Program Files\Lwgame RuBar Toolbar\images folder moved successfully.

C:\Program Files\Lwgame RuBar Toolbar folder moved successfully.

C:\Documents and Settings\h\Doctor Web folder moved successfully.

C:\Program Files\Common Files\Doctor Web folder moved successfully.

C:\Program Files\DrWeb folder moved successfully.

========== REGISTRY ==========

========== FILES ==========

C:\WINDOWS\Tasks\WGASetup.job moved successfully.

C:\WINDOWS\002845_.tmp moved successfully.

C:\WINDOWS\SET3.tmp moved successfully.

C:\WINDOWS\SET4.tmp moved successfully.

C:\WINDOWS\SET8.tmp moved successfully.

C:\WINDOWS\System32\CONFIG.TMP moved successfully.

autorun.inf not found in C:\

autorun.inf not found in E:\

autorun.exe not found in C:\

autorun.exe not found in E:\

recycler not found in C:\

E:\RECYCLER\S-1-5-21-1292428093-343818398-839522115-1003 folder moved successfully.

E:\RECYCLER folder moved successfully.

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Documents and Settings\h\Desktop\cmd.bat deleted successfully.

C:\Documents and Settings\h\Desktop\cmd.txt deleted successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: h

->Temp folder emptied: 11353026 bytes

->Temporary Internet Files folder emptied: 13686993 bytes

->FireFox cache emptied: 9358868 bytes

->Google Chrome cache emptied: 53363374 bytes

->Flash cache emptied: 10372 bytes

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 66559 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 84.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

Unable to start service SRService!

[EMPTYFLASH]

User: All Users

User: Default User

User: h

->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 02052012_122653

Files\Folders moved on Reboot...

File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

C:\WINDOWS\temp\Perflib_Perfdata_944.dat moved successfully.

Registry entries deleted on Reboot...

Така..проверете какво е състоянието на системата ви ..?Наблюдавате ли някъкви проблеми..?

Всичко изглежда нормално , не забелязвам някакви проблеми !!!

Това е добра новина..!

Стартирайте OTL още веднъж и натиснете бутона CleanUp.

Ще последва рестарт на компютъра ви..!

Сега е монента да деинсталирате/изтриете всички програмки, фиксове и логове които използвахме в темата (които са останали).Препоръчвам да си оставите Malwarebytes' Anti-Malware и перодически да сканирате с нея.Все пак не забравяйте че това не е антивирусна програма.

Последно контролно сканиране и приключваме:

Изтеглете програмата: ESET Online Scanner

• Стартирайте esetsmartinstaller_enu.exe
• Сложете отметка на YES, I accept the Terms of Use и изберете Start:

  

• Скенерът ще започне да изтегля компонентите, които са му необходими:

  

• Уверете се, че има отметки на следните редове:

  

  Накрая изберете Start

• Скенерът ще започне да изтегля последните дефиниции.
• След, като сканирането завърши изберете Finish.
• Отидете в: C:\Program Files\ESET\ESET Online Scanner
• Отворете файла log.txt , копирайте съдържанието му и го поставете в следващия си коментар.

ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=cb7331acbbcaca42b0b03226c4d0b9ab # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-02-05 01:22:12 # local_time=2012-02-05 03:22:12 (+0200, FLE Standard Time) # country="Bulgaria" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=8192 67108863 100 0 343 343 0 0 # scanned=45000 # found=0 # cleaned=0 # scan_time=5654

Системата ви е чиста..!

Деинсталирайте ESET Online Scanner....!

Това е от мен...!Пожелавам лек ден и безопасен интернет..!

Благодаря много за оказаната помощ и отделените време и усилия !!! Пожелавам всичко най добро...!!