информер на рабочем столе достал

This topic has 3 ответа, 3 участника, and was last updated 16 years, 2 months назад by Admin.

Просмотр 4 сообщений - с 1 по 4 (из 4 всего)

Автор

Сообщения
4 февраля, 2009 в 5:50 пп #16245
solo
Participant
- Темы:1
- Сообщений:1
зашёл на сайт один раз вылез информер. но то ладно,тот информер удалил 600 рублей отдал. Зашёл на другой сайт,ОПЯТЬ этот долбаный информер вылез,тока уже на рабочем столе и ничё сделать не могу,он 1/4 рабочего стола закрыл помогите плиз! 😥 мой нод антивирус его вообще не находит
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Администратор at 2009-01-20 16:55:29
Microsoft Windows XP Professional Service Pack 2
System drive C: has 72 GB (63%) free of 114 GB
Total RAM: 511 MB (40% free)

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0binssv.dll [2008-12-13 501384]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} — ICQToolBar — C:Program FilesICQ6ToolbarICQToolBar.dll [2008-12-09 958200]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Vistadrv»=C:Program FilesVistaDrivevsdrv.exe [2006-07-30 121089]
«ATIPTA»=C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe [2004-04-21 335872]
«Anti Trojan Elite»=C:Program FilesAnti Trojan EliteTJEnder.exe :NO []
«SunJavaUpdateSched»=C:Program FilesJavajre1.6.0binjusched.exe [2008-12-13 77824]
«Logitech Hardware Abstraction Layer»=C:Program FilesCommon FilesLogitechKhalSharedKHALMNPR.EXE [2006-05-10 94208]
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]
«BootSkin Startup Jobs»=C:PROGRA~1StardockWINCUS~1BootSkinBootSkin.exe [2004-04-26 270336]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-16 577536]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«UnlockerAssistant»=C:Program FilesUnlockerUnlockerAssistant.exe [2006-09-07 15872]
«»=C:WINDOWSsystem32scvhost.exe [2009-01-14 256512]
«DAEMON Tools»=C:Program FilesDAEMON Toolsdaemon.exe [2005-12-10 133016]
«VVSN»=C:Program FilesVVSNVVSN.exe [2005-10-25 107520]
«QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2007-06-29 286720]
«MSServer»=C:WINDOWSsystem3230370.dll [2009-01-20 12288]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce]
«WIAWizardMenu»=C:WINDOWSsystem32sti_ci.dll [2007-08-30 540160]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2007-08-30 30208]
«amva»=C:WINDOWSsystem32amvo.exe [2005-11-21 106210]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-11-16 139264]
«CursorXP»=C:Program FilesCursorXPCursorXP.exe [2003-03-01 125440]
«AlcoholAutomount»=C:Program FilesAlcohol SoftAlcohol 120axcmd.exe [2007-12-22 221568]

C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Logitech SetPoint.lnk — C:Program FilesLogitechSetPointSetPoint.exe
Программа Kodak EasyShare.lnk — C:Program FilesKodakKodak EasyShare softwarebinEasyShare.exe

C:Documents and SettingsАдминистраторГлавное менюПрограммыАвтозагрузка
OpenOffice.org 2.2.lnk — C:Program FilesOpenOffice.org 2.2programquickstart.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify11853]
C:WINDOWSsystem3211853.dll [2009-01-20 12288]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify13709]
C:WINDOWSsystem3213709.dll [2009-01-20 12288]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify19226]
C:WINDOWSsystem3219226.dll [2009-01-20 12288]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify30370]
C:WINDOWSsystem3230370.dll [2009-01-20 12288]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2004-04-21 86016]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«DisableStatusMessages»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoSMHelp»=1
«NoSMMyPictures»=1
«NoSMConfigurePrograms»=1
«StartMenuLogoff»=1
«ForceStartMenuLogoff»=0
«ForceClassicControlPanel»=1
«NoResolveTrack»=1
«NoResolveSearch»=1

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»
«C:Program FilesKodakKodak EasyShare softwarebinEasyShare.exe»=»C:Program FilesKodakKodak EasyShare softwarebinEasyShare.exe:*:Enabled:EasyShare»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2bb82e8a-d9ca-11dd-bc48-ae0ac1820bc8}]
shellAutoRuncommand — E:y82td3td.com
shellexplorecommand — E:y82td3td.com
shellopencommand — E:y82td3td.com

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{6ddc8989-d7ec-11dd-bc3f-9d9f0c8490c8}]
shellAutoRuncommand — E:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013iuhi64.exe
shellopencommand — E:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013iuhi64.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{6ddc898a-d7ec-11dd-bc3f-9d9f0c8490c8}]
shellAutoRuncommand — F:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013iuhi64.exe
shellopencommand — F:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013iuhi64.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b4e6be7e-e50a-11dd-9bc6-0080485b7ded}]
shellAutoRuncommand — G:autorun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{d51b9c96-cc80-11dd-bc1f-cc1a429c98c8}]
shellAutoRuncommand — E:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013iuhi64.exe
shellopencommand — E:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013iuhi64.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{e9df52ec-e33e-11dd-9bb3-0080485b7ded}]
shellAutoRuncommand — G:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013iuhi64.exe
shellopencommand — G:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013iuhi64.exe

======List of files/folders created in the last 1 months======

2009-01-20 16:54:46 —-D—- C:Program Filestrend micro
2009-01-20 16:54:45 —-D—- C:rsit
2009-01-20 16:41:04 —-A—- C:WINDOWSsystem3230370.dll
2009-01-20 16:28:44 —-A—- C:WINDOWSsystem3219226.dll
2009-01-20 16:14:12 —-A—- C:WINDOWSsystem3211853.dll
2009-01-20 16:09:48 —-D—- C:WINDOWSsystem32appmgmt
2009-01-20 16:03:29 —-A—- C:windowsupdates.exe
2009-01-20 16:03:29 —-A—- C:WINDOWSsystem3213709.dll
2009-01-20 11:01:11 —-D—- C:Documents and SettingsАдминистраторApplication DataYandex
2009-01-20 11:00:18 —-D—- C:Program FilesMozilla Firefox
2009-01-20 07:11:01 —-A—- C:WINDOWSsystem3228976.dll
2009-01-20 07:10:53 —-A—- C:updates.exe
2009-01-19 22:50:38 —-D—- C:Documents and SettingsАдминистраторApplication DataApple Computer
2009-01-19 00:05:19 —-D—- C:Program FilesQuickTime
2009-01-19 00:05:18 —-D—- C:Documents and SettingsAll UsersApplication DataApple Computer
2009-01-19 00:04:37 —-A—- C:WINDOWSsystem32ptpusb.dll
2009-01-19 00:04:36 —-A—- C:WINDOWSsystem32ptpusd.dll
2009-01-19 00:04:31 —-D—- C:Program FilesCommon FilesKodak
2009-01-19 00:03:21 —-D—- C:Program FilesKodak
2009-01-19 00:01:18 —-D—- C:Documents and SettingsAll UsersApplication DataKodak
2009-01-18 06:03:46 —-A—- C:Program Filesdaemon403-x86.exe
2009-01-18 06:03:44 —-A—- C:Program Filesdaemon403-x64.exe
2009-01-18 06:01:44 —-A—- C:memory.txt
2009-01-18 05:50:21 —-D—- C:Program FilesVVSN
2009-01-18 05:50:03 —-D—- C:Program FilesDAEMON Tools
2009-01-16 21:59:05 —-D—- C:Program Files1C
2009-01-15 14:39:10 —-D—- C:Program FilesICQ6Toolbar
2009-01-15 14:39:06 —-D—- C:Documents and SettingsАдминистраторApplication DataMozilla
2009-01-15 14:39:06 —-D—- C:Documents and SettingsAll UsersApplication DataICQ
2009-01-15 14:38:04 —-D—- C:Documents and SettingsАдминистраторApplication DataICQ
2009-01-15 14:37:32 —-D—- C:Program FilesICQ6.5
2009-01-14 13:09:36 —-D—- C:Program FilesStarship Troopers
2009-01-14 11:54:19 —-A—- C:WINDOWSsystem32scvhost.exe
2009-01-14 11:54:19 —-A—- C:WINDOWSsystem32notify.exe
2009-01-13 07:18:36 —-D—- C:Program FilesUnlocker
2009-01-12 02:31:36 —-D—- C:Documents and SettingsAll UsersApplication DataTrymedia
2009-01-12 02:21:19 —-D—- C:Program FilesAlcohol Soft
2009-01-11 22:46:57 —-D—- C:Documents and SettingsAll UsersApplication DataESET
2009-01-11 20:35:25 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-01-11 20:23:14 —-D—- C:Documents and SettingsАдминистраторApplication DataMacromedia
2009-01-11 19:57:42 —-A—- C:winupdates2.exe
2009-01-11 16:55:41 —-D—- C:Documents and SettingsАдминистраторApplication DataQIP
2009-01-11 16:54:40 —-D—- C:Program FilesQIP Infium
2009-01-11 16:23:01 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2009-01-11 15:58:18 —-A—- C:latestupdates.exe
2009-01-09 03:07:36 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-01-09 03:07:17 —-D—- C:WINDOWSsystem32AGEIA
2009-01-09 03:07:14 —-D—- C:Program FilesAGEIA Technologies
2009-01-09 03:06:34 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-01-09 01:21:14 —-D—- C:WINDOWSMinidump
2009-01-09 00:50:34 —-D—- C:Program FilesSilverfall — Guardian of the Elements
2009-01-08 21:13:00 —-D—- C:Program FilesColin McRae Rally 2005
2008-12-29 19:19:28 —-A—- C:WINDOWSsystem32ChCfg.exe
2008-12-29 19:19:06 —-D—- C:Program FilesRealtek AC97
2008-12-29 19:15:35 —-A—- C:WINDOWSPhotoSnapViewer.INI
2008-12-29 18:58:33 —-D—- C:Program FilesCursorXP
2008-12-29 18:56:09 —-D—- C:Program FilesCommon FilesStardock
2008-12-29 18:56:08 —-D—- C:Program FilesStardock
2008-12-29 18:24:27 —-D—- C:Program FilesArtMoney
2008-12-29 18:22:22 —-D—- C:Program FilesCheMaxRus
2008-12-29 13:47:19 —-A—- C:WINDOWSNeroDigital.ini
2008-12-29 13:46:30 —-D—- C:Program FilesCommon FilesLightScribe
2008-12-29 13:44:52 —-D—- C:Documents and SettingsАдминистраторApplication DataAhead
2008-12-29 13:42:14 —-D—- C:Program FilesNero
2008-12-29 13:42:14 —-D—- C:Program FilesCommon FilesAhead
2008-12-29 13:42:14 —-D—- C:Documents and SettingsAll UsersApplication DataNero
2008-12-25 13:26:56 —-A—- C:WINDOWSsystem32OggDSuninst.exe
2008-12-25 13:14:50 —-A—- C:WINDOWSsystem32wrap_oal.dll
2008-12-25 13:14:49 —-N—- C:WINDOWSsystem32vp6vfw.dll
2008-12-25 13:14:49 —-A—- C:WINDOWSsystem32vp6install.exe
2008-12-25 13:14:32 —-A—- C:WINDOWSsystem32Vb5db.dll
2008-12-25 13:14:31 —-A—- C:WINDOWSsystem32OpenAL32.dll
2008-12-25 13:14:30 —-A—- C:WINDOWSsystem32msxml4a.dll
2008-12-25 13:14:27 —-A—- C:WINDOWSsystem32msvcr80.dll
2008-12-25 13:14:27 —-A—- C:WINDOWSsystem32msvcr71d.dll
2008-12-25 13:14:26 —-A—- C:WINDOWSsystem32msvcr71.dll
2008-12-25 13:14:25 —-A—- C:WINDOWSsystem32msvcr70d.dll
2008-12-25 13:14:25 —-A—- C:WINDOWSsystem32Msvcr70.dll
2008-12-25 13:14:24 —-A—- C:WINDOWSsystem32msvcp80.dll
2008-12-25 13:14:23 —-A—- C:WINDOWSsystem32msvcp71d.dll
2008-12-25 13:14:23 —-A—- C:WINDOWSsystem32msvcp71.dll
2008-12-25 13:14:22 —-A—- C:WINDOWSsystem32msvcp70d.dll
2008-12-25 13:14:21 —-A—- C:WINDOWSsystem32Msvcp70.dll
2008-12-25 13:14:21 —-A—- C:WINDOWSsystem32Msvcp60d.dll
2008-12-25 13:14:19 —-A—- C:WINDOWSsystem32msvci70d.dll
2008-12-25 13:14:18 —-A—- C:WINDOWSsystem32msvci70.dll
2008-12-25 13:14:13 —-A—- C:WINDOWSsystem32MFC71u.dll
2008-12-25 13:14:12 —-A—- C:WINDOWSsystem32mfc71.dll
2008-12-25 13:14:11 —-A—- C:WINDOWSsystem32mfc70u.dll
2008-12-25 13:14:10 —-A—- C:WINDOWSsystem32mfc70.dll
2008-12-25 13:14:09 —-A—- C:WINDOWSsystem32eax.dll
2008-12-25 13:13:57 —-A—- C:WINDOWSsystem32Cc3250mt.dll
2008-12-25 13:13:56 —-A—- C:WINDOWSsystem32Borlndmm.dll
2008-12-25 13:13:55 —-A—- C:WINDOWSsystem32xmlparse.dll
2008-12-25 13:13:55 —-A—- C:WINDOWSsystem32xmlinst.exe
2008-12-25 13:13:54 —-A—- C:WINDOWSsystem32xmltok.dll
2008-12-25 13:04:41 —-D—- C:Games
2008-12-25 12:57:09 —-D—- C:Program FilesFar Cry — Anti Terror

======List of files/folders modified in the last 1 months======

2009-01-20 16:54:46 —-RD—- C:Program Files
2009-01-20 16:53:34 —-D—- C:WINDOWSTemp
2009-01-20 16:44:59 —-D—- C:WINDOWSsystem32
2009-01-20 16:41:01 —-D—- C:Documents and SettingsАдминистраторApplication DataOpenOffice.org2
2009-01-20 16:40:32 —-RSH—- C:WINDOWSsystem32amvo0.dll
2009-01-20 16:35:30 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-20 16:11:26 —-D—- C:WINDOWS
2009-01-20 16:10:23 —-SHD—- C:WINDOWSInstaller
2009-01-20 13:46:52 —-D—- C:WINDOWSsystem32drivers
2009-01-19 00:13:25 —-D—- C:WINDOWSinf
2009-01-19 00:05:40 —-D—- C:Program FilesInternet Explorer
2009-01-19 00:04:31 —-D—- C:Program FilesCommon Files
2009-01-19 00:03:23 —-D—- C:WINDOWSWinSxS
2009-01-18 06:07:19 —-A—- C:boot.ini
2009-01-18 05:51:10 —-D—- C:WINDOWSsystem32DirectX
2009-01-15 21:42:38 —-A—- C:WINDOWSwin.ini
2009-01-15 14:39:07 —-HD—- C:Program FilesInstallShield Installation Information
2009-01-15 14:36:38 —-SD—- C:Documents and SettingsАдминистраторApplication DataMicrosoft
2009-01-12 03:32:19 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-11 21:53:58 —-D—- C:WINDOWSnetwork diagnostic

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Драйвер AMD K7 процессора; C:WINDOWSsystem32DRIVERSamdk7.sys [2007-08-30 41728]
R1 prodrv06;StarForce Protection Environment Driver v6; C:WINDOWSSystem32driversprodrv06.sys [2004-08-09 53920]
R2 LBeepKE;LBeepKE; C:WINDOWSSystem32DriversLBeepKE.sys [2006-06-30 3712]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2006-12-04 62336]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2008-01-24 4127488]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2004-04-21 729088]
R3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2009-01-18 223128]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:WINDOWSsystem32DRIVERSL8042Kbd.sys [2006-05-10 13568]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-03 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2007-08-29 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2007-08-29 59392]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2007-08-29 20608]
S3 aizt2prn;aizt2prn; C:WINDOWSsystem32driversaizt2prn.sys []
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:WINDOWSsystem32driversALCXSENS.SYS [2003-12-11 391424]
S3 ATE_PROCMON;ATE_PROCMON; ??C:Program FilesAnti Trojan EliteATEPMon.sys []
S3 npkcrypt;npkcrypt; ??C:GamesьютьбLineage2 — Hellboundsystemnpkcrypt.sys []
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbscan;Usbscan; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2004-04-21 397312]
R2 ICQ Service;ICQ Service; C:Program FilesICQ6ToolbarICQ Service.exe [2008-10-19 222456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2006-10-19 61440]
R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2004-04-21 516096]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]

EOF
6 февраля, 2009 в 4:31 пп #21747
Admin
Keymaster
- Темы:40
- Сообщений:5676
Здравствуйте, добро пожаловать на Spyware-ru форум.

но то ладно,тот информер удалил 600 рублей отдал

Это как, смской ? Ни в коей мере не нужно поддерживать разработчиков этих паразитов.

Судя по RSIT логу ваш компьютер заражён несколькими троянами, включая autorun.inf троян.
Прочитайте эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов. Скачайте и запустите Flash_Disinfector, не забудьте при этом по требованию программы вставить ваш флэш диск или подключить другие внешние устройства хранения информации. Если у вас несколько флешек, которые вы не можете подключить одновременно, то запускаете Flash_Disinfector столько раз, при этом меняя флешку, сколько необходимо для очистки их всех.

Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите программу и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.
```
:Processes

explorer.exe



:services

aizt2prn



:reg

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]

""=-

"MSServer"=-



[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]

"amva"=-



[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify11853]

[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify13709]

[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify19226]

[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify30370]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2bb82e8a-d9ca-11dd-bc48-ae0ac1820bc8}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{6ddc8989-d7ec-11dd-bc3f-9d9f0c8490c8}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{6ddc898a-d7ec-11dd-bc3f-9d9f0c8490c8}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b4e6be7e-e50a-11dd-9bc6-0080485b7ded}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{d51b9c96-cc80-11dd-bc1f-cc1a429c98c8}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{e9df52ec-e33e-11dd-9bb3-0080485b7ded}]



:files

C:WINDOWSsystem3230370.dll

C:WINDOWSsystem3219226.dll

C:WINDOWSsystem3211853.dll

C:windowsupdates.exe

C:WINDOWSsystem3213709.dll

C:WINDOWSsystem3228976.dll

C:updates.exe

C:WINDOWSsystem32scvhost.exe

C:WINDOWSsystem32notify.exe

C:winupdates2.exe

C:latestupdates.exe

C:WINDOWSsystem32scvhost.exe

C:WINDOWSsystem3230370.dll

C:WINDOWSsystem32amvo.exe

C:WINDOWSsystem32driversaizt2prn.sys



:Commands

[emptytemp]

[start explorer]

[Reboot]
```
Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог, вставьте его в ваш ответ.
Так же к вашему ответу приложите свежий RSIT лог.
28 февраля, 2009 в 5:19 пп #21748
RoooooT
Participant
- Темы:0
- Сообщений:1
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service aizt2prn .
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\ not found.
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\MSServer deleted successfully.
Registry value HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun\amva not found.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify11853\ not found.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify13709\ not found.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify19226\ not found.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify30370\ not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2bb82e8a-d9ca-11dd-bc48-ae0ac1820bc8}\ not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{6ddc8989-d7ec-11dd-bc3f-9d9f0c8490c8}\ not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{6ddc898a-d7ec-11dd-bc3f-9d9f0c8490c8}\ not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b4e6be7e-e50a-11dd-9bc6-0080485b7ded}\ not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{d51b9c96-cc80-11dd-bc1f-cc1a429c98c8}\ not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{e9df52ec-e33e-11dd-9bb3-0080485b7ded}\ not found.
========== FILES ==========
File/Folder C:WINDOWSsystem3230370.dll not found.
File/Folder C:WINDOWSsystem3219226.dll not found.
File/Folder C:WINDOWSsystem3211853.dll not found.
File/Folder C:windowsupdates.exe not found.
File/Folder C:WINDOWSsystem3213709.dll not found.
File/Folder C:WINDOWSsystem3228976.dll not found.
File/Folder C:updates.exe not found.
File/Folder C:WINDOWSsystem32scvhost.exe not found.
File/Folder C:WINDOWSsystem32notify.exe not found.
File/Folder C:winupdates2.exe not found.
File/Folder C:latestupdates.exe not found.
File/Folder C:WINDOWSsystem32scvhost.exe not found.
File/Folder C:WINDOWSsystem3230370.dll not found.
File/Folder C:WINDOWSsystem32amvo.exe not found.
File/Folder C:WINDOWSsystem32driversaizt2prn.sys not found.
========== COMMANDS ==========
File delete failed. C:DOCUME~1UserLOCALS~1Temp12372.exe scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempPerflib_Perfdata_364.dat scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempPerflib_Perfdata_45c.dat scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempPerflib_Perfdata_c4.dat scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1Temp~DF5D6D.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 02282009_191948

Files moved on Reboot…
C:DOCUME~1UserLOCALS~1Temp12372.exe moved successfully.
File C:DOCUME~1UserLOCALS~1TempPerflib_Perfdata_364.dat not found!
File C:DOCUME~1UserLOCALS~1TempPerflib_Perfdata_45c.dat not found!
File C:DOCUME~1UserLOCALS~1TempPerflib_Perfdata_c4.dat not found!
File C:DOCUME~1UserLOCALS~1Temp~DF5D6D.tmp not found!
File move failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be moved on reboot.
2 марта, 2009 в 10:16 дп #21749
Admin
Keymaster
- Темы:40
- Сообщений:5676
Пришлите свежий RSIT лог.
Автор

Сообщения