?????? ????? ????? ????????? ???????? ?? ???? ????? "??? ???" ?? ????? ??? "?????" ?? Windows Server 2003 ?? Windows XP ?? Windows 2000?

?????? ????????? ?????? ?????????
???? ???????: 894278 - ??? ???????? ???? ????? ????? ??? ???????.
????? ???? | ?? ????

?? ??? ??????

??????

???? ??? ??????? ?????? ?? ??????? ???? ?? ??????? ??? ??? ????????? ???? ?????? ?????? ???? ???? ?????? Spyware.Service.MiscrosoftUpdate (???? ??????). ?????? ????? "???? ??????"? ??? ????? ??????? ???? ????? ?? ???? ??? ??????? ?? ????? ????? ??? ???????.

???? ????? ?????? ??? ???????? (?????? ??????) Msupd*.exe ?Reloadmedude.exe ?????? ??? ????? ??????? ?? ????????? ?? ????? ??????? ?? ????? ?????? ????? ????? ????? ?????? ?????? ??????. ?? ???? ?????? ?????? ?????? ???? "gbqxhia.sys" ?? "upzvlbvv.sys" ?? "jsbmefvk.sys" ?? ??? ??? ?????? ??? ????? ??? ???? ????? ???.

??? ??? ?????? ?? ????? ??????? ?? ????? ?????? ???? ?????? ?????? ??? ??????? ?? ????? "???? ?? ?????????".

???????

?? ?????? ?????? ?? ???? ?? ??????? ???????:
  • ??? ????? ????? ???? ????????? ????????.
  • ????? ????? ????? ??????? ??? ????? ??????:
    Microsoft Windows
    ???? ??????? ?????? ?? ??? ???. ?? ????? ??? ???? ?????. ?????? ????? Microsoft ???? ???????. ??? ?????? ??????? ?? ????? ????? ?????? ????????? ??? ????? Microsoft Windows. ?????? ??? ??????? ???? ?????? ??????. ??????? ??? ???????? ???????? ?? ??? ??????? ?? ?????? ???? ???.
    ?? ???? ??????? ???? ????? ????? ??? ??????? ???? ??? ???????? "???? ???" ??????? ???? ???? ??????? ??? ??? ???? ????? ???????? ???? ??????? ????? ?????. ??? ?????? ????? ???? ??????? ????? ????? ???? ?? ???? ?????? ??? ???:
    BCCode : 00000050 BCP1 : 0xeb7ff002 BCP2 : 0x00000000 BCP3 : 0x8054af32 BCP4 : 0x00000001 OSVer : 5_1_2600 SP : 0_0 Product : 256_1
  • ???? ????? ??? ??????? Stop ???????:
    ???? ????? ?? ???? ????? ???? ?? ????? Windows ?????? ?? ??? ?? ???? ??????????. ????????? ??????: *** ?????: 0x00000050 (0xeb7ff002, 0x00000000, 0x8054af32, 0x00000001) PAGE_FAULT_IN_NONPAGED_AREA nt!ExFreePoolWithTag+237
  • ???? ??? ?????? ?????? ??? ????? ??? ???:

    ???????: ?????
    ??????: ??? ??????
    ?????: ???
    ?????: (102)
    ?????: ???
    ????? ?????: 1003
    ????????: ??? ?????
    ?????????: ?????????
    ?????: Error code 00000050, parameter1 0xeb7ff002, parameter2 0x00000000, parameter3 0x8054af32, parameter4 0x00000001. ????? ?? ?????????? ???? ???? "????????? ??????" ??? ?????? ?????? http://support.microsoft.com. ???????: 0000: 53 79 73 74 65 6d 20 45 System E 0008: 72 72 6f 72 20 20 45 72 rror Er 0010: 72 6f 72 20 63 6f 64 65 ror code 0018: 20 30 30 30 30 30 30 35 00000MN 0020: 30 20 20 50 61 72 61 6d 0 Param 0028: 65 74 65 72 73 20 66 66 eters ff 0030: 66 66 66 66 64 31 2c

???????

????? ????? ??? "???????" Stop ????? ??????? ????? ?????? ????? ?????????. ????? ?? ????????? ??? ????? ????? ?????? ??? ??????? ???? ??? ??? ??????? ?????? ?????? ?? "????? ??????? ?? Microsoft" (?? ????? ??? ??????? ??? ???????? ??? ????? ?????? ?????????? (????? ?? ??? ?????? ???)):
307973 ????? ????? ?????? ??? ?????? ?????????? ?? Windows
?? ????? ???????? ?????? ??????? ?? ??????? ????? ????? (BCPn) ????? ?? ????? ???????? ???????? ??? ???? ????????? ?????? ?????? ???? ??????? Stop ????? ?????? ???? ?????????.

?? ???? ???? ????? ??????? 0x00000050 ?? ??????? ??????? ?? ????? "?????".

?????

???? ????? ????? ??? ?? ?????? ???? kernel ?????? ?????? ????? ?????? ??????? ?????? ???????? ???????:
  • Msupd5.exe
  • Reloadmedude.exe

????

??? ??? ???????? ???? ????? ????? ?? ???? ?? ????? ???????. ??? ??? ??? ????? ???????? ??????.

??????? ??????: ????? ????? ?????? ?????? ????? ???????? Internet Explorer

  1. ?? ???? ?????? Internet Explorer.
  2. ?? ?????? ???????? ???? %windir%\system32\drivers? ?? ???? ????? ???????.
  3. ??? ???? ????? ?????? ???????? .sys? ?? ???? ??? ?????? ?????? ??? ?????? ?? ??? ????? ?????.
  4. ???? malware.old ?????? ????? ?????? ?? ???? ????? ???????.
  5. ?? ?????? ???????? ???? \WINDOWS\system32? ?? ???? ????? ???????.
  6. ??? ???? ??????? ???????? ??? ???? ??????? ?? ?? ?????? ???????:
    • Msupd5.exe. ?? ?????? ????? ??? ????? ???? Msupd5.old.
    • Msupd4.exe. ?? ?????? ????? ??? ????? ???? Msupd4.old.
    • Msupd.exe. ?? ?????? ????? ??? ????? ???? Msupd.old.
    • Reloadmedude.exe. ?? ?????? ????? ??? ????? ???? Reloadmedude.old.
  7. ?? ?????? Internet Explorer.
  8. ??? ????? ???? ?????????.
  9. ???? ?? ?? ????? ??????? ?? ????????? ?? ????? ??????? ?? ????? ?????? ???? ????? ????? ?????????? ?? ?? ?????? ???? ???? ??????.

??????? ???????: ????? ????? ?????? ?????? ????? ???????? "???? ?????????" ?? "????? ?????"

  1. ?? ?????? ???? ????????? ?? ????? ????? (Safe Mode). ?????? ????? ???? ??????? ???????:
    1. ??? ????? ???? ?????????.
    2. ????? ??? ????? ???? ?????????? ???? ??????? F8 ????? ????? (????? ???? ????? ?? ?????). ????? ?????? ???? ??????? ??? ???? ?????? ????? Microsoft Windows Advanced Startup Menu.
    3. ?????? ????? ??? ?????? ?????? ??? ?????? ?????? Safe Mode? ?? ???? ????? ???????.
  2. ?? ???? ?????? Internet Explorer
  3. ?? ?????? ???????? ???? %windir%\system32\drivers? ?? ???? ????? ???????.
  4. ?? ?????? ??? ??????? ???????. ?????? ????? ???? ??????? ???????:
    1. ???? ??? ????? ?? ???? ??? ???? ?????????.
    2. ?? ??????? ?????? ???? ??? ?????? ??????.
    3. ?? ????? ??????? ???? ???? ?????? ????? ???? ???????? ????? ????? ???? ??????? ??????? (??????)? ?? ???? ??? ??? ??? ???? ????? ????? ??? ??? ??? ??? ??????? ??? ????? ???? ??????? ???????.
    4. ??? ??????? ????????? ???????? ???? ??? ????? ??????? ????????? ???????.
    5. ???? ?????? ????? ???? ???????? ????? ?????? ??????? ?????? ??????? ????????.
    6. ?? ??????? ??? ??? ??????? ???? ??? ????? ??? ???? ????????? ?? ???? ??? ?????.
  5. ??? ???? ?????? Drivers ??????? ??? ?????? C:\%windir%\System32.
  6. ??? ?? ??? .sys ???????? ???????:
    1. ??? ????? ?? ?????? ???????? ?????? ?? ? ???? ????? (?? ?????? ???? ????? ?????? ????? ??? ??????)? ??? "gbqxmhia.sys" ?? "upzvlbvv.sys" ?? "jsbmefvk.sys".
    2. ????? ????? ?? ????? ????
    3. ??? ????? ?? ???????? (??.??? ????)
    4. ?? ????? ??? ????? ???? ?????

      ?????? ???? ????? ???? ?? ????? ??? ????? ?? ???? "HA" ?? ?????? ?????? ?? "????? Windows". ?????? ??? ??????? ??? ????? ??? ?????? ??????? ???? ???????? 5a ?5b ?? ??????? ?????? ?? ????? "???? ?? ?????????".
    5. ?? ????? ???? ????? ??????? ?????? ??????? ?? ??????? ?? ??? ??????.
  7. ??? ??? ???? ?????? ?????? ???? ??? ?????? ?????? ??? ?????? ?? ??? ????? ?????.
  8. ???? malware.old ?????? ????? ????? ?????? ?? ???? ????? ???????.

    ?????? ???? malware2.old ?????? ????? ????? ??????? ?? ???? malware3.old ?????? ????? ????? ??????? ?????.
  9. ??? ???? ?????? System32 ??????? ??? ?????? %windir%.
  10. ?? ?????? ????? ??????? ???????? ?? ???? ??????:
    • Msupd5.exe. ?? ?????? ????? ??? ????? ???? msupd5.old.
    • Msupd4.exe. ?? ?????? ????? ??? ????? ???? Msupd4.old.
    • Msupd.exe. ?? ?????? ????? ??? ????? ???? Msupd.old.
    • Reloadmedude.exe. ?? ?????? ????? ??? ????? ???? Reloadmedude.old.
  11. ??? ????? ???? ?????????.
  12. ???? ?? ?? ????? ??????? ?? ????????? ?? ????? ??????? ?? ????? ?????? ???? ????? ????? ?????????? ?? ?? ?????? ???? ???? ??????.

??????? ???????: ????? ????? ?????? ?????? ????? ???????? ???? ??????? ?? "????? ?????"

  1. ?? ?????? ???? ????????? ?? ????? ????? (Safe Mode). ?????? ????? ???? ??????? ???????:
    1. ??? ????? ???? ?????????.
    2. ????? ??? ????? ???? ?????????? ???? ??????? F8 ????? ????? (????? ???? ????? ?? ?????). ????? ?????? ???? ??????? ??? ???? ?????? ????? Microsoft Windows Advanced Startup Menu.
    3. ?????? ????? ??? ?????? ?????? ??? ?????? ?????? Safe Mode with Command Prompt? ?? ???? ????? ???????.
  2. ???? ??? ????? ?? ???? ??? ?????? ?? ???? cmd ?? ???? ???? ?? ???? ??? ?????.
  3. ?? ???? ???????? ???? CD %windir%\system32\drivers? ?? ???? ????? ???????.
  4. ???? Dir /ah? ?? ???? ????? ???????.
  5. ???? ?? ??????? ???? ??????. ??? ????? ??? ????? .sys ????????.
    Directory of C:\WINDOWS\system32\drivers
    
    ?01/11/2005  09:18 AM               13,824 gbqxmhia.sys
                   ?1 File(s)            13,824 bytes
                   ?0 Dir(s)     961,425,408 bytes free
    
  6. ???? Attrib ?s ?h RandomFilename? ?? ???? ????? ???????. ???? ??? ??????? ??? ????? ???? ?????? ??????? ??????? ?? ?????.

    ?????? ???? ?????? ?????? RandomFilename ??? ????? .sys ??????? ??? ????? ?????? 5. ??? ???? ??????? ???? ????? ?????? ?? ?????? ?????? ?? ?????? 5? ????? ????? Attrib ?s ?h gbqxmhia.sys.
  7. ???? Ren RandomFilename malware.old? ?? ???? ????? ???????. ???? ??? ??????? ??? ????? ????? ????? ?????? ????????.
  8. ???? CD? ?? ???? ????? ???????. ???? ??? ??? ????? ??? ????? ??? ?????? %windir%\System32.
  9. ???? ??????? ??????? (??? ???? ?? ????? ???????) ?? ???? ????? ??????? ??? ????? ?? ???:
    Ren msupd5.exe msupd5.old
    Ren msupd4.exe msupd4.old
    Ren msupd.exe msupd.old
    Ren reloadmedude.exe reloadmedude.old
    ?????? ?? ???? ???? ????? ????? ???????? ????? ????? ??????? ???? ???? ????? ???? ??? ?? ????? ???????? ??? ?????:
    ????? ??? ?????? ?????? ??? ????? ??????.
  10. ???? Exit? ?? ???? ????? ???????.
  11. ??? ????? ???? ?????????.
  12. ???? ?? ?? ????? ??????? ?? ????????? ?? ????? ??????? ?? ????? ?????? ???? ????? ????? ?????????? ?? ?? ?????? ???? ???? ??????.

??????? ????

?????? ??? ??? ??? ???? ????????? ?????? ??????? ?????? ???? ???? ??? ???????:
  1. ?? ?????? ?????? Internet Explorer.
  2. ?? ?????? ??????? ????? ??????? Internet Explorer? ???? %windir%\system32\drivers? ?? ???? ????? ???????.
  3. ?? ?????? ????? ??? Windows ??????? ??????? ?????? ???? ??????? ???????. ?????? ????? ???? ??????? ???????:
    1. ?? ??????? ?????? ???? ??? ?????? ??????.
    2. ?? ????? ??????? ???? ???? ?????? ????? ???? ???????? ????? ????? ???? ??????? ??????? (??????)? ?? ???? ??? ??? ??? ???? ????? ????? ??? ??? ??? ??? ?????? ??? ????? ???? ??????? ???????.
    3. ??? ??????? ????????? ???????? ???? ??? ????? ??????? ????????? ???????.
    4. ???? ?????? ????? ???? ???????? ????? ?????? ??????? ?????? ??????? ????????.
    5. ???? ?????? ???? ???????? ??? ??????? ?????? ??????? ?? ???? ??? ?????.
    6. ?? ??????? ???? ???? ??? ??????.
  4. ???? F5 ?????? ????? ??? ?????? Drivers.
  5. ??? ???? ?? ??? ?? ????? ?????? (??????? ???? ????? ??? ?????? .sys ?? ?????) ??????? ?? ??? ????? ?????? ??? ???????? ???????? ???? ?????? ??????? ?????? ?????.

    ?????? ???? ??????? ???? ?? ????? ??? ????? ??? ???? "HA" ?? ?????? ?????? ?? "????? Windows". ?????? ??? ??????? ??? ????? ??? ?????? ??????? ???? ???????? 5a ?5b.

    ?????? ????? ???? ??????? ???????.

    ?????? ?? ???? ??? ?????? ?????? ???? ??? ?? ?????? ???????? ???? ?? ? ???? ?????.
    1. ?? ?????? ????? ??? "????? Windows" ??????? ??????? ???????? ?? ??????. ?????? ????? ???? ??????? ???????:
      1. ?? ??????? ???? ???? ??? ?????? ????????.
      2. ???? ?????? ???? ???????? ??????.
      3. ???? ?????? ???? ???????? ??? ??????.
      4. ???? ?????? ???? ???????? ??????.
      5. ???? ?????? ???? ???????? ????? ?????.
    2. ???? ??? ????? ?????? ?????? ???? ????? ??????? ??? ??????. ????? ??????? ???????? ?? ?????? Drivers ????? ??? ??? ??????? (A). ???? ?? ??? ????? ?????? ??????? (HA) ?????.
      ????? ??????? ??????? ??? ????? ?????? ????? ????? ?????? ??????? ???? ???? ????? ?? ???? ??? ???????:
      • gbqxmhia.sys
      • upzvlbvv.sys
      • jsbmefvk.sys
      ??? ????? ???? ??? ????? ?? ??? ??? ?????? ????? ???? ?? ????? ????? ???????? ???? ?????? ?????. ???? ??? ?????? ?????? ??? ?????? ????? ??? ?????? ?? ???? ?? ????????? ???????:
      • ?? ????? ??????? "???":
        • ????? ???????: ?? ????? ????
        • ?????: ?? ???????? (??.??? ????)
        • ????? ????? ?? ???? ???????? ????
      • ?? ????? ??????? "???????":
        • ?? ???? ????? ???
        • ?? ???? ???
        • ?? ???? ???? ???
        • ?? ???? ??? ????
        • ?? ???? ??? ????
    ??? ??? ????? ?? ??? ????? ?????? ?????? ????? ?????? ?????? ???? ?????? ??????? ?????? ?????? ???? ??? ??? ????? ????????? ??????? ????.
  6. ???? ??? ????? ?????? ???? ?????? ?????? ?? ???? ????? ???? ????? ??????? ?? ????? "????" ??? ??? ???????.
  7. ?? ?????? ??????? ????? ??????? Internet Explorer? ???? %windir%\system32? ?? ???? ????? ???????.
  8. ???? ?? ????? ??????? (??????? ???? ????? ??? ?????? .exe ?? ?????) ???? ??? ????? ?????? ??? ???:
    • Msupd.exe
    • Msupd*.exe

      ?????? ???? ?????? ?????? * ????? ?? ??? ????
    • Reloadmedude.exe
    ???? ???? ??????? ????? ???? ?????? ?? ???????? (61.440 ????).
    ????? ??????? ???????? ?????? ????? ?????? ????? ??????? ???????:
    • Msupd.exe
    • Msupd4.exe
    • Msupd5.exe
    • Reloadmedude.exe
  9. ?? ???? ???? ??? ???? ?? ???? ?? ??? ???????? ???? ??? ??? ????? ????????? ??????? ????. ???? ????? ???? ????? ??????? ?? ????? "????" ??? ???????.

?????? ?????? ???? ????? ?????? ?????? ???

???? ?????? ?? ?????? ?????? ???? ???? ??? ?????? ?????? ?????? ???. ????? ??????? ??? ??? ???????? ?????? ????? ?????? ???? ?? ??????? ???? ?? ???:
?? ??? ??????????? ??? ??????
????????? ?????? ?????? ???? ?? ??????? ???
Microsoft AntiSpyware Spyware.Service.MiscrosoftUpdate (???? ??????)
Computer AssociatesWin32/Benuti.61440!Downloader!Dr
Doctor Web DrWebCL Trojan.Medude
F-Secure Trojan.Win32.Agent.aw
Kaspersky Lab AVPDOS32Trojan.Win32.Agent.aw
McAfeeDownloader-va
Panda Trj/Agent.FO and Adware/Apropos
Trend Micro VScanTROJ_LODMEDUD.A
Symantec Trojan.Lodmeduod

?????

????? ?? ????????? ??? ???? Microsoft AntiSpyware? ???? ??? ???? ????????? ???????? ??????? ?? "????? ??????? ?? Microsoft" (?? ????? ????? ????????? ??? ???????? ??? ????? ?????? ?????????? (????? ?? ??? ?????? ???)):
892279 ????? ?????? ??? Microsoft Windows AntiSpyware (????? ????)
892340 ????? ??? ??????? ??? ??? ?????? ???? ?? ???? Microsoft Windows AntiSpyware (????? ????)

????? ?? ????????? ??? ?????? ????? ??????? ?? ?????????? ???? ??? ??? ??????? ?????? ?????? ?? "????? ??????? ?? Microsoft" (?? ????? ??? ??????? ??? ???????? ??? ????? ?????? ?????????? (????? ?? ??? ?????? ???)):
49500 ????? ?????? ????? ??????? ?? ?????????

???????

???? ???????: 894278 - ????? ??? ??????: 08/?? ??????/1427 - ??????: 3.2
????? ???
  • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
  • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
  • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Tablet PC Edition
  • Microsoft Windows XP Tablet PC Edition 2005
  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Professional 64-Bit Edition (Itanium)
  • Microsoft Windows XP for Itanium-based Systems Version 2003
  • Microsoft Windows XP Media Center Edition
  • Microsoft Windows XP Media Center Edition 2002
  • Microsoft Windows XP Media Center Edition 2004
  • Microsoft Windows XP Media Center Edition 2005
  • Microsoft Windows XP 64-Bit Edition Version 2002
  • Microsoft Windows XP 64-Bit Edition Version 2003
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows 2000 Professional Edition
  • Microsoft Windows 2000 Server
????? ??????: 
kbtshoot kbsecurity kbprb kbsecantivirus KB894278

????? ???????

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com