- This topic has 7 ответов, 2 участника, and was last updated 16 years, 2 months назад by
.
-
Сообщения
-
Каждый день появляется один два вируса. Уже устал
Сделал по инструкции посылаю фпйлы info y log
Заранее благодарен за помощь
info.txt logfile of random’s system information tool 1.05 2009-02-15 13:16:01======Uninstall list======
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
AVG Free 8.0—>C:Archivos de programaAVGAVG8setup.exe /UNINSTALL
BySoft FreeRAM 4.0—>C:Archivos de programaBySoft FreeRAMuninst.exe
Claro Internet—>»C:Archivos de programaInstallShield Installation Information{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}setup.exe» -runfromtemp -l0x000a -removeonly
Google Talk (remove only)—>»C:Archivos de programaGoogleGoogle Talkuninstall.exe»
HijackThis 2.0.2—>»C:Archivos de programaTrend MicroHijackThisHijackThis.exe» /uninstall
Microsoft Office Professional Edition 2003—>MsiExec.exe /I{90110C0A-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
NetoDragon 56K Voice Modem—>C:WINDOWSModioSLAMR2KVSetup.exe /Remove
WinRAR archiver—>C:Archivos de programaWinRARuninstall.exe
X-VCD Player—>»C:Archivos de programaX-VCD Playerunins000.exe»======Security center information======
AV: AVG Anti-Virus Free
System event log
Computer Name: MACHINENAME
Event Code: 2
Message: Se ha detectado un «FIFO» mientras se comprobaba que DeviceSerial0 era un puerto serie. Se usará el «FIFO».Record Number: 5
Source Name: Serial
Time Written: 20090203123923.000000-180
Event Type: Información
User:Computer Name: MACHINENAME
Event Code: 4
Message: AMLI: la BIOS ACPI está intentando leer desde una dirección de puerto E/S no válida (0x71), que se
encuentra en el intervalo de dirección protegido 0x70 — 0x71. Esto puede llevar a una inestabilidad del sistema. Póngase en contacto con el proveedor del equipo para obtener asistencia técnica.Record Number: 4
Source Name: ACPI
Time Written: 20090203123923.000000-180
Event Type: ERROR
User:Computer Name: MACHINENAME
Event Code: 5
Message: AMLI: la BIOS ACPI está intentando escribir en una dirección de puerto E/S no válida (0x70), que se encuentra
en el intervalo de dirección protegido 0x70 — 0x71. Esto puede llevar a una inestabilidad del sistema. Póngase en contacto con el proveedor del equipo para obtener asistencia técnica.Record Number: 3
Source Name: ACPI
Time Written: 20090203123923.000000-180
Event Type: ERROR
User:Computer Name: MACHINENAME
Event Code: 6005
Message: Se ha iniciado el servicio de Registro de sucesos.Record Number: 2
Source Name: EventLog
Time Written: 20090203123921.000000-180
Event Type: Información
User:Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.Record Number: 1
Source Name: EventLog
Time Written: 20090203123921.000000-180
Event Type: Información
User:Application event log
Computer Name: BIKOV-376954333
Event Code: 103
Message: wuaueng.dll (120) SUS20ClientDataStore: El motor de base de datos detuvo la instancia (0).Record Number: 205
Source Name: ESENT
Time Written: 20090208105850.000000-180
Event Type: Información
User:Computer Name: BIKOV-376954333
Event Code: 1
Message:
Record Number: 204
Source Name: avg8emc
Time Written: 20090208105420.000000-180
Event Type: Información
User:Computer Name: BIKOV-376954333
Event Code: 102
Message: wuaueng.dll (120) SUS20ClientDataStore: El motor de base de datos inició una nueva instancia (0).Record Number: 203
Source Name: ESENT
Time Written: 20090208105309.000000-180
Event Type: Información
User:Computer Name: BIKOV-376954333
Event Code: 100
Message: wuauclt (120) Se inició el motor de base de datos 5.01.2600.2180.Record Number: 202
Source Name: ESENT
Time Written: 20090208105309.000000-180
Event Type: Información
User:Computer Name: BIKOV-376954333
Event Code: 1800
Message: Se inició el Servicio de Centro de seguridad de Windows.Record Number: 201
Source Name: SecurityCenter
Time Written: 20090208105306.000000-180
Event Type: Información
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=5
«PROCESSOR_IDENTIFIER»=x86 Family 5 Model 8 Stepping 12, AuthenticAMD
«PROCESSOR_REVISION»=080c
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Leonid at 2009-02-15 13:15:01
Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (34%) free of 4 GB
Total RAM: 247 MB (34% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:15:27 p.m., on 15/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:ARCHIV~1AVGAVG8avgwdsvc.exe
C:WINDOWSsystem32slserv.exe
C:ARCHIV~1AVGAVG8avgtray.exe
C:Archivos de programaMessengermsmsgs.exe
C:Archivos de programaGoogleGoogle Talkgoogletalk.exe
C:ARCHIV~1AVGAVG8avgemc.exe
C:ARCHIV~1AVGAVG8avgrsx.exe
C:ARCHIV~1AVGAVG8avgnsx.exe
C:Archivos de programaAVGAVG8avgcsrvx.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSsystem32taskmgr.exe
C:Archivos de programaInternet Exploreriexplore.exe
C:Archivos de programaClaro InternetModem.exe
C:WINDOWSsystem32NOTEPAD.EXE
C:Archivos de programaOutlook Expressmsimn.exe
D:Archivos temporales de InternetContent.IE5Z7P9XTLYRSIT[1].exe
C:Archivos de programaTrend MicroHijackThisLeonid.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Vínculos
F2 — REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe,C:WINDOWSTEMPinit.exe
O2 — BHO: WormRadar.com IESiteBlocker.NavFilter — {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} — C:Archivos de programaAVGAVG8avgssie.dll
O4 — HKLM..Run: [AVG8_TRAY] C:ARCHIV~1AVGAVG8avgtray.exe
O4 — HKLM..Run: [lsass driver] C:WINDOWSmsauc.exe
O4 — HKCU..Run: [MSMSGS] «C:Archivos de programaMessengermsmsgs.exe» /background
O4 — HKCU..Run: [googletalk] «C:Archivos de programaGoogleGoogle Talkgoogletalk.exe» /autostart
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SERVICIO LOCAL’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Servicio de red’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: E&xportar a Microsoft Excel — res://C:ARCHIV~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: Referencia — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:ARCHIV~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Archivos de programaMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Archivos de programaMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{B89D1E66-141B-415A-87F4-2B7A0519AEDD}: NameServer = 170.51.255.100 170.51.242.18
O18 — Protocol: linkscanner — {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} — C:Archivos de programaAVGAVG8avgpp.dll
O20 — Winlogon Notify: avgrsstarter — C:WINDOWSSYSTEM32avgrsstx.dll
O20 — Winlogon Notify: crypt — crypts.dll (file missing)
O23 — Service: AVG Free8 E-mail Scanner (avg8emc) — AVG Technologies CZ, s.r.o. — C:ARCHIV~1AVGAVG8avgemc.exe
O23 — Service: AVG Free8 WatchDog (avg8wd) — AVG Technologies CZ, s.r.o. — C:ARCHIV~1AVGAVG8avgwdsvc.exe
O23 — Service: SmartLinkService (SLService) — — C:WINDOWSSYSTEM32slserv.exe—
End of file — 3474 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Archivos de programaAVGAVG8avgssie.dll [2009-02-07 1078552][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«AVG8_TRAY»=C:ARCHIV~1AVGAVG8avgtray.exe [2009-02-07 1601304]
«lsass driver»=C:WINDOWSmsauc.exe [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«MSMSGS»=C:Archivos de programaMessengermsmsgs.exe [2004-08-19 1667584]
«googletalk»=C:Archivos de programaGoogleGoogle Talkgoogletalk.exe [2007-11-20 3293184][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavgrsstarter]
C:WINDOWSsystem32avgrsstx.dll [2009-02-07 10520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycrypt]
crypts.dll [][HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll, mcenspc.dll[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«C:Archivos de programaAVGAVG8avgemc.exe»=»C:Archivos de programaAVGAVG8avgemc.exe:*:Enabled:avgemc.exe»
«C:Archivos de programaAVGAVG8avgupd.exe»=»C:Archivos de programaAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»
«C:WINDOWSsystem32sessmgr.exe»=»C:WINDOWSsystem32sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019»
«C:Archivos de programaGoogleGoogle Talkgoogletalk.exe»=»C:Archivos de programaGoogleGoogle Talkgoogletalk.exe:*:Enabled:Google Talk»
«C:WINDOWSTEMPinit.exe»=»C:WINDOWSTEMPinit.exe:*:Enabled:ENABLE»
«C:Archivos de programaMessengerMSMSGS.EXE»=»C:Archivos de programaMessengerMSMSGS.EXE:*:Enabled:Windows Messenger»
«C:WINDOWSTemprdl2.tmp»=»C:WINDOWSTemprdl2.tmp:*:Disabled:rdl2»
«C:WINDOWSSystem32cssrss.exe»=»C:WINDOWSSystem32cssrss.exe:*:Disabled:cssrss»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-02-15 13:15:01 —-D—- C:rsit
2009-02-15 12:33:27 —-D—- C:Archivos de programaTrend Micro
2009-02-13 21:31:03 —-D—- C:Archivos de programaX-VCD Player
2009-02-13 01:56:22 —-D—- C:Documents and SettingsLeonidDatos de programaWinRAR
2009-02-13 01:55:41 —-D—- C:Archivos de programaWinRAR
2009-02-12 17:25:39 —-A—- C:WINDOWSwininit.ini
2009-02-07 10:11:17 —-HD—- C:$AVG8.VAULT$
2009-02-07 09:51:35 —-A—- C:WINDOWSsystem32shell31.dll
2009-02-07 09:44:25 —-D—- C:Archivos de programaMicrosoft Common
2009-02-06 19:35:05 —-D—- C:Archivos de programaGoogle
2009-02-05 12:33:08 —-D—- C:Archivos de programaBySoft FreeRAM
2009-02-04 19:21:09 —-A—- C:WINDOWSntbtlog.txt
2009-02-03 22:28:27 —-SHD—- C:Recycled
2009-02-03 19:29:42 —-D—- C:Documents and SettingsLeonidDatos de programaMacromedia
2009-02-03 19:29:41 —-D—- C:Documents and SettingsLeonidDatos de programaAdobe
2009-02-03 19:18:22 —-A—- C:WINDOWSModemLog_NetoDragon 56K Voice Modem.txt
2009-02-03 16:56:09 —-A—- C:WINDOWSsystem32h323log.txt
2009-02-03 16:46:38 —-A—- C:WINDOWSsystem32SiS6306v.dll
2009-02-03 16:46:08 —-A—- C:WINDOWSsystem32ksuser.dll
2009-02-03 16:45:48 —-A—- C:WINDOWSsystem32usbui.dll
2009-02-03 16:42:03 —-A—- C:WINDOWSimsins.BAK
2009-02-03 16:41:54 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-02-03 16:41:53 —-SHD—- C:WINDOWSInstaller
2009-02-03 16:41:52 —-D—- C:Archivos de programaArchivos comunesODBC
2009-02-03 16:41:52 —-A—- C:WINDOWSODBCINST.INI
2009-02-03 16:41:44 —-D—- C:Archivos de programaArchivos comunesSpeechEngines
2009-02-03 16:41:43 —-RD—- C:Archivos de programa
2009-02-03 16:41:43 —-D—- C:Archivos de programaArchivos comunesMicrosoft Shared
2009-02-03 16:41:43 —-D—- C:Archivos de programaArchivos comunes
2009-02-03 16:41:32 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-02-03 16:41:32 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-02-03 16:41:32 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdycc.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbduzb.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdur.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdtat.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdmon.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdkyr.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdkaz.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdaze.dll
2009-02-03 16:41:27 —-RA—- C:WINDOWSsystem32kbdru1.dll
2009-02-03 16:41:27 —-RA—- C:WINDOWSsystem32kbdru.dll
2009-02-03 16:41:27 —-RA—- C:WINDOWSsystem32kbdbu.dll
2009-02-03 16:41:27 —-RA—- C:WINDOWSsystem32kbdblr.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-02-03 16:41:20 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-02-03 16:41:20 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-02-03 16:41:20 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-02-03 16:41:20 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-02-03 16:41:20 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-02-03 16:41:15 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-02-03 16:41:15 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-02-03 16:41:15 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-02-03 16:41:06 —-A—- C:WINDOWSsystem32irclass.dll
2009-02-03 16:41:06 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-02-03 16:41:05 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-02-03 16:41:05 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-02-03 16:41:05 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-02-03 16:41:01 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-02-03 16:41:01 —-A—- C:WINDOWSTASKMAN.EXE
2009-02-03 16:41:00 —-A—- C:WINDOWSsystem32batt.dll
2009-02-03 16:41:00 —-A—- C:WINDOWSNOTEPAD.EXE
2009-02-03 16:40:52 —-A—- C:WINDOWSsystem32storprop.dll
2009-02-03 16:40:31 —-ASH—- C:Documents and SettingsAll UsersDatos de programadesktop.ini
2009-02-03 16:40:15 —-RA—- C:WINDOWSSET8.tmp
2009-02-03 16:40:04 —-RA—- C:WINDOWSSET4.tmp
2009-02-03 16:39:58 —-RA—- C:WINDOWSSET3.tmp
2009-02-03 16:39:43 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-03 16:39:43 —-D—- C:WINDOWSsystem32CatRoot
2009-02-03 16:39:35 —-SD—- C:Documents and SettingsAll UsersDatos de programaMicrosoft
2009-02-03 16:39:15 —-A—- C:WINDOWSsetuplog.txt
2009-02-03 16:39:06 —-D—- C:Documents and Settings
2009-02-03 16:37:57 —-ASH—- C:boot.ini
2009-02-03 16:27:39 —-D—- C:WINDOWSWinSxS
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem32usmt
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem32inetsrv
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem32IME
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem323com_dmi
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem323082
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem323076
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem322052
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321054
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321042
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321041
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321037
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321033
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321031
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321028
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321025
2009-02-03 16:27:39 —-D—- C:WINDOWSProvisioning
2009-02-03 16:27:39 —-D—- C:WINDOWSPeerNet
2009-02-03 16:27:39 —-D—- C:WINDOWSpchealth
2009-02-03 16:27:39 —-D—- C:WINDOWSmui
2009-02-03 16:27:39 —-D—- C:WINDOWSime
2009-02-03 16:27:39 —-D—- C:WINDOWSehome
2009-02-03 16:27:38 —-RSHD—- C:WINDOWSsystem32dllcache
2009-02-03 16:27:38 —-RSD—- C:WINDOWSFonts
2009-02-03 16:27:38 —-RD—- C:WINDOWSWeb
2009-02-03 16:27:38 —-HD—- C:WINDOWSinf
2009-02-03 16:27:38 —-D—- C:WINDOWStwain_32
2009-02-03 16:27:38 —-D—- C:WINDOWSTemp
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32wins
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32wbem
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32spool
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32ShellExt
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32Setup
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32ras
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32oobe
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32npp
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32mui
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32icsxml
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32ias
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32export
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32drivers
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32dhcp
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32config
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem
2009-02-03 16:27:38 —-D—- C:WINDOWSsecurity
2009-02-03 16:27:38 —-D—- C:WINDOWSResources
2009-02-03 16:27:38 —-D—- C:WINDOWSrepair
2009-02-03 16:27:38 —-D—- C:WINDOWSmsapps
2009-02-03 16:27:38 —-D—- C:WINDOWSmsagent
2009-02-03 16:27:38 —-D—- C:WINDOWSMedia
2009-02-03 16:27:38 —-D—- C:WINDOWSjava
2009-02-03 16:27:38 —-D—- C:WINDOWSHelp
2009-02-03 16:27:38 —-D—- C:WINDOWSDriver Cache
2009-02-03 16:27:38 —-D—- C:WINDOWSDebug
2009-02-03 16:27:38 —-D—- C:WINDOWSCursors
2009-02-03 16:27:38 —-D—- C:WINDOWSConnection Wizard
2009-02-03 16:27:38 —-D—- C:WINDOWSConfig
2009-02-03 16:27:38 —-D—- C:WINDOWSAppPatch
2009-02-03 16:27:38 —-D—- C:WINDOWSaddins
2009-02-03 16:27:38 —-D—- C:WINDOWS
2009-02-03 16:21:12 —-A—- C:WINDOWSModemLog_ZTE Proprietary HS-USB Modem.txt
2009-02-03 16:07:54 —-D—- C:WINDOWSsystem32SupportAppXL
2009-02-03 16:07:40 —-D—- C:Archivos de programaClaro Internet
2009-02-03 16:07:32 —-HD—- C:Archivos de programaInstallShield Installation Information
2009-02-03 16:00:26 —-A—- C:WINDOWSsystem32avgrsstx.dll
2009-02-03 15:59:17 —-D—- C:Archivos de programaAVG
2009-02-03 15:59:15 —-D—- C:Documents and SettingsAll UsersDatos de programaavg8
2009-02-03 15:32:17 —-A—- C:WINDOWSODBC.INI
2009-02-03 15:32:08 —-A—- C:WINDOWSsystem32mdimon.dll
2009-02-03 15:28:54 —-D—- C:Archivos de programaArchivos comunesDESIGNER
2009-02-03 15:28:01 —-D—- C:WINDOWSSHELLNEW
2009-02-03 15:27:53 —-D—- C:Archivos de programaMicrosoft Office
2009-02-03 15:26:26 —-D—- C:WINDOWSsystem32NtmsData
2009-02-03 15:19:54 —-A—- C:WINDOWSsystem32SLMOHServ.dll
2009-02-03 15:19:54 —-A—- C:WINDOWSsystem32minirec.exe
2009-02-03 15:19:53 —-A—- C:WINDOWSsystem32slmh.exe
2009-02-03 15:19:52 —-A—- C:WINDOWSsystem32SLLights.dll
2009-02-03 15:19:52 —-A—- C:WINDOWSSmCfg.exe
2009-02-03 15:19:44 —-A—- C:WINDOWSsystem32csamsp.dll
2009-02-03 15:19:40 —-D—- C:WINDOWSModio
2009-02-03 15:02:15 —-D—- C:Documents and SettingsLeonidDatos de programaIdentities
2009-02-03 15:02:04 —-HD—- C:Archivos de programaUninstall Information
2009-02-03 15:01:46 —-ASH—- C:Documents and SettingsLeonidDatos de programadesktop.ini
2009-02-03 15:01:45 —-SD—- C:Documents and SettingsLeonidDatos de programaMicrosoft
2009-02-03 14:57:04 —-SHD—- C:System Volume Information
2009-02-03 14:57:04 —-D—- C:WINDOWSSoftwareDistribution
2009-02-03 14:57:01 —-D—- C:WINDOWSPrefetch
2009-02-03 14:57:00 —-SD—- C:WINDOWSsystem32Microsoft
2009-02-03 14:56:59 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-03 14:24:48 —-D—- C:WINDOWSsystem32xircom
2009-02-03 14:24:48 —-D—- C:Archivos de programaxerox
2009-02-03 14:24:47 —-D—- C:Archivos de programamicrosoft frontpage
2009-02-03 14:22:26 —-A—- C:WINDOWScontrol.ini
2009-02-03 14:22:26 —-A—- C:AUTOEXEC.BAT
2009-02-03 14:21:37 —-A—- C:WINDOWSOEWABLog.txt
2009-02-03 14:21:29 —-A—- C:WINDOWSsystem32mapi32.dll
2009-02-03 14:17:06 —-RD—- C:WINDOWSOffline Web Pages
2009-02-03 14:17:05 —-SD—- C:WINDOWSDownloaded Program Files
2009-02-03 14:17:05 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-02-03 14:16:31 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-02-03 14:16:10 —-HD—- C:Archivos de programaWindowsUpdate
2009-02-03 14:16:00 —-D—- C:Archivos de programaServicios en línea
2009-02-03 14:14:59 —-D—- C:WINDOWSsystem32DirectX
2009-02-03 14:14:00 —-A—- C:WINDOWSsystem32atrace.dll
2009-02-03 14:13:55 —-A—- C:WINDOWSsystem32desktop.ini
2009-02-03 14:13:55 —-A—- C:WINDOWSdesktop.ini
2009-02-03 14:13:41 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-02-03 14:13:39 —-A—- C:WINDOWSsystem32acctres.dll
2009-02-03 14:13:38 —-D—- C:Archivos de programaArchivos comunesServices
2009-02-03 14:13:31 —-SD—- C:WINDOWSTasks
2009-02-03 14:13:31 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-02-03 14:13:29 —-D—- C:Archivos de programaArchivos comunesMSSoap
2009-02-03 14:13:21 —-D—- C:WINDOWSsrchasst
2009-02-03 14:13:19 —-D—- C:WINDOWSsystem32Macromed
2009-02-03 14:13:12 —-A—- C:WINDOWSsystem32wuweb.dll
2009-02-03 14:13:11 —-A—- C:WINDOWSsystem32wucltui.dll
2009-02-03 14:13:11 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-02-03 14:13:10 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-02-03 14:13:10 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-02-03 14:13:09 —-A—- C:WINDOWSsystem32wups.dll
2009-02-03 14:13:09 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-02-03 14:13:09 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-02-03 14:13:08 —-A—- C:WINDOWSsystem32wuapi.dll
2009-02-03 14:13:08 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-02-03 14:13:08 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-02-03 14:13:07 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-02-03 14:13:07 —-A—- C:WINDOWSsystem32qmgr.dll
2009-02-03 14:12:58 —-D—- C:Archivos de programaMovie Maker
2009-02-03 14:12:49 —-A—- C:WINDOWSsystem32safrslv.dll
2009-02-03 14:12:49 —-A—- C:WINDOWSsystem32safrdm.dll
2009-02-03 14:12:48 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-02-03 14:12:48 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-02-03 14:12:41 —-A—- C:WINDOWSsystem32fltMc.exe
2009-02-03 14:12:41 —-A—- C:WINDOWSsystem32fltlib.dll
2009-02-03 14:12:39 —-D—- C:WINDOWSsystem32Restore
2009-02-03 14:12:39 —-A—- C:WINDOWSsystem32srsvc.dll
2009-02-03 14:12:39 —-A—- C:WINDOWSsystem32srrstr.dll
2009-02-03 14:12:39 —-A—- C:WINDOWSsystem32srclient.dll
2009-02-03 14:12:37 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-02-03 14:12:37 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-02-03 14:12:37 —-A—- C:WINDOWSsystem32ils.dll
2009-02-03 14:12:36 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-02-03 14:12:36 —-A—- C:WINDOWSsystem32msconf.dll
2009-02-03 14:12:36 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-02-03 14:12:30 —-D—- C:Archivos de programaNetMeeting
2009-02-03 14:12:30 —-A—- C:WINDOWSsystem32msoert2.dll
2009-02-03 14:12:30 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-02-03 14:12:26 —-A—- C:WINDOWSsystem32inetres.dll
2009-02-03 14:12:25 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-02-03 14:12:21 —-D—- C:Archivos de programaOutlook Express
2009-02-03 14:12:21 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-02-03 14:12:20 —-A—- C:WINDOWSsystem32mstinit.exe
2009-02-03 14:12:20 —-A—- C:WINDOWSsystem32mstask.dll
2009-02-03 14:12:19 —-A—- C:WINDOWSsystem32isign32.dll
2009-02-03 14:12:19 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-02-03 14:12:19 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-02-03 14:12:19 —-A—- C:WINDOWSsystem32icwdial.dll
2009-02-03 14:11:59 —-D—- C:Archivos de programaArchivos comunesSystem
2009-02-03 14:11:50 —-D—- C:Archivos de programaInternet Explorer
2009-02-03 14:07:36 —-D—- C:Archivos de programaComPlus Applications
2009-02-03 14:07:33 —-A—- C:WINDOWSvbaddin.ini
2009-02-03 14:07:33 —-A—- C:WINDOWSvb.ini
2009-02-03 14:07:23 —-D—- C:WINDOWSRegistration
2009-02-03 14:07:08 —-D—- C:Archivos de programaOnline Services
2009-02-03 14:07:07 —-D—- C:Archivos de programaWindows Media Player
2009-02-03 14:06:39 —-D—- C:Archivos de programaMessenger
2009-02-03 14:06:30 —-D—- C:Archivos de programaMSN Gaming Zone
2009-02-03 14:06:30 —-A—- C:WINDOWSsystem32write.exe
2009-02-03 14:05:47 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-02-03 14:05:45 —-A—- C:WINDOWSsystem32hticons.dll
2009-02-03 14:05:44 —-A—- C:WINDOWSsystem32avwav.dll
2009-02-03 14:05:44 —-A—- C:WINDOWSsystem32avtapi.dll
2009-02-03 14:05:44 —-A—- C:WINDOWSsystem32avmeter.dll
2009-02-03 14:05:42 —-A—- C:WINDOWSsystem32winchat.exe
2009-02-03 14:05:27 —-D—- C:WINDOWSCursores
2009-02-03 14:05:24 —-A—- C:WINDOWSsystem32getuname.dll
2009-02-03 14:05:23 —-A—- C:WINDOWSsystem32charmap.exe
2009-02-03 14:05:22 —-A—- C:WINDOWSsystem32calc.exe
2009-02-03 14:05:21 —-A—- C:WINDOWSsystem32winmine.exe
2009-02-03 14:05:21 —-A—- C:WINDOWSsystem32sol.exe
2009-02-03 14:05:20 —-A—- C:WINDOWSsystem32freecell.exe
2009-02-03 14:05:19 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-02-03 14:05:19 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-02-03 14:05:19 —-A—- C:WINDOWSsystem32tslabels.ini
2009-02-03 14:05:19 —-A—- C:WINDOWSsystem32tskill.exe
2009-02-03 14:05:19 —-A—- C:WINDOWSsystem32reset.exe
2009-02-03 14:05:18 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-02-03 14:05:18 —-A—- C:WINDOWSsystem32tscon.exe
2009-02-03 14:05:18 —-A—- C:WINDOWSsystem32shadow.exe
2009-02-03 14:05:18 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-02-03 14:05:18 —-A—- C:WINDOWSsystem32regini.exe
2009-02-03 14:05:17 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-02-03 14:05:17 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-02-03 14:05:17 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-02-03 14:05:17 —-A—- C:WINDOWSsystem32msg.exe
2009-02-03 14:05:17 —-A—- C:WINDOWSsystem32logoff.exe
2009-02-03 14:05:16 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-02-03 14:05:16 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-02-03 14:05:15 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-02-03 14:05:11 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-02-03 14:05:11 —-A—- C:WINDOWSsystem32mtxex.dll
2009-02-03 14:05:11 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-02-03 14:05:10 —-A—- C:WINDOWSsystem32stclient.dll
2009-02-03 14:05:10 —-A—- C:WINDOWSsystem32comsnap.dll
2009-02-03 14:05:10 —-A—- C:WINDOWSsystem32comrepl.dll
2009-02-03 14:05:10 —-A—- C:WINDOWSsystem32comaddin.dll
2009-02-03 14:04:51 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-02-03 14:04:34 —-D—- C:Archivos de programaMSN
2009-02-03 14:04:33 —-A—- C:WINDOWSsystem32accwiz.exe
2009-02-03 14:04:32 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-02-03 14:04:32 —-A—- C:WINDOWSsystem32mplay32.exe
2009-02-03 14:04:31 —-D—- C:Archivos de programaWindows NT
2009-02-03 14:04:31 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-02-03 14:04:30 —-A—- C:WINDOWSsystem32mspaint.exe
2009-02-03 14:04:25 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-02-03 14:04:24 —-A—- C:WINDOWSsystem32mstscax.dll
2009-02-03 14:04:24 —-A—- C:WINDOWSsystem32mstsc.exe
2009-02-03 14:04:23 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-02-03 14:04:23 —-A—- C:WINDOWSsystem32remotepg.dll
2009-02-03 14:04:23 —-A—- C:WINDOWSsystem32rdshost.exe
2009-02-03 14:04:23 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-02-03 14:04:23 —-A—- C:WINDOWSsystem32rdchost.dll
2009-02-03 14:04:22 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-02-03 14:04:22 —-A—- C:WINDOWSsystem32termsrv.dll
2009-02-03 14:04:22 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-02-03 14:04:22 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-02-03 14:04:21 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-02-03 14:04:21 —-A—- C:WINDOWSsystem32qprocess.exe
2009-02-03 14:04:21 —-A—- C:WINDOWSsystem32icaapi.dll
2009-02-03 14:04:21 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-02-03 14:04:20 —-D—- C:WINDOWSsystem32MsDtc
2009-02-03 14:04:20 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-02-03 14:04:20 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-02-03 14:04:20 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-02-03 14:04:19 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-02-03 14:04:19 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-02-03 14:04:19 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-02-03 14:04:18 —-A—- C:WINDOWSsystem32msdtc.exe
2009-02-03 14:04:17 —-D—- C:WINDOWSsystem32Com
2009-02-03 14:04:17 —-A—- C:WINDOWSsystem32colbact.dll
2009-02-03 14:04:17 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-02-03 14:04:16 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-02-03 14:04:16 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-02-03 14:04:16 —-A—- C:WINDOWSsystem32catsrv.dll
2009-02-03 14:04:15 —-A—- C:WINDOWSsystem32comuid.dll
2009-02-03 14:04:15 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-02-03 14:04:14 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-02-03 14:03:49 —-A—- C:WINDOWSsystem32servdeps.dll
2009-02-03 14:03:49 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-02-03 14:03:49 —-A—- C:WINDOWSsystem32licwmi.dll
2009-02-03 14:03:48 —-A—- C:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-02-03 16:41:42 —-A—- C:WINDOWSsystem.ini
2009-02-03 14:22:26 —-A—- C:WINDOWSwin.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2009-02-07 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2009-02-07 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:WINDOWSSystem32Driversavgtdix.sys [2009-02-07 107272]
R3 es1969;Controlador de audio ESS 1969 (WDM); C:WINDOWSsystem32driverses1969.sys [2001-08-17 72192]
R3 MODEMCSA;Dispositivo de filtro de transmisión Unimodem; C:WINDOWSsystem32driversMODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5;Mtlmnt5; C:WINDOWSsystem32DRIVERSMtlmnt5.sys [2004-08-24 229720]
R3 SiSV6306;SiSV6306; C:WINDOWSsystem32DRIVERSSiS6306p.sys [2001-08-17 68608]
R3 Slntamr;NetoDragon AMR_PCI Driver; C:WINDOWSsystem32DRIVERSslntamr.sys [2004-08-24 650632]
R3 SlWdmSup;SlWdmSup; C:WINDOWSsystem32DRIVERSSlWdmSup.sys [2004-08-24 13216]
R3 usbccgp;Controlador primario genérico USB de Microsoft; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbhub;Concentrador habilitado USB2; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-04 57600]
R3 usbohci;Controlador minipuerto de la controladora de host abierto USB de Microsoft; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-04 17024]
R3 USBSTOR;Dispositivo de almacenamiento masivo de datos USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
R3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:WINDOWSsystem32DRIVERSZTEusbmdm6k.sys [2008-04-19 103936]
R3 ZTEusbnmea;ZTE NMEA Port; C:WINDOWSsystem32DRIVERSZTEusbnmea.sys [2008-04-19 103936]
R3 ZTEusbser6k;ZTE Diagnostic Port; C:WINDOWSsystem32DRIVERSZTEusbser6k.sys [2008-04-19 103936]
S3 Mtlstrm;Mtlstrm; C:WINDOWSsystem32DRIVERSMtlstrm.sys [2004-08-24 1395376]
S3 SlNtHal;SlNtHal; C:WINDOWSsystem32DRIVERSSlnthal.sys [2004-08-24 100240]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8emc;AVG Free8 E-mail Scanner; C:ARCHIV~1AVGAVG8avgemc.exe [2009-02-07 903960]
R2 avg8wd;AVG Free8 WatchDog; C:ARCHIV~1AVGAVG8avgwdsvc.exe [2009-02-07 298264]
R2 SLService;SmartLinkService; C:WINDOWSsystem32slserv.exe [2004-08-24 57344]
S3 ose;Office Source Engine; C:Archivos de programaArchivos comunesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
Здравствуйте, добро пожаловать на Spyware-ru форум.
Запустите HijackThis. Для этого кликните Пуск, Выполнить, введите C:Archivos de programaTrend MicroHijackThisLeonid.exe и нажмите Enter.
Кликните по кнопке Do a system scan only.
Далее отметьте галочкой (слева) следующую строку:F2 - REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe,C:WINDOWSTEMPinit.exeКликните по кнопке Fix checked и подтвердите свои действия выбрав YES.
Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите программу и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:reg
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
"lsass driver"=-
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycrypt]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
:files
C:WINDOWSmsauc.exe
%windirsystem32crypts.dll
%windirsystem32digeste.dll
%windirsystem32mcenspc.dll
:Commands
[emptytemp]
[start explorer]
[Reboot]Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMoveItMovedFiles.Вставьте в ваше ответное сообщение содержимое этого лога. Так же приложите свежий RSIT лог.
Добрый день!
Сделал все как советовали
Даю файлы========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\lsass driver deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycrypt\ deleted successfully.
HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders\»SecurityProviders»|»msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll» /E : value set successfully!
========== FILES ==========
File/Folder C:WINDOWSmsauc.exe not found.
Invalid Environment Variable: windirsystem32crypts.dll
Invalid Environment Variable: windirsystem32digeste.dll
Invalid Environment Variable: windirsystem32mcenspc.dll
========== COMMANDS ==========
File delete failed. C:DOCUME~1LeonidCONFIG~1TempJETE47F.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 02172009_140739
Files moved on Reboot…
File C:DOCUME~1LeonidCONFIG~1TempJETE47F.tmp not found!Logfile of random’s system information tool 1.05 (written by random/random)
Run by Leonid at 2009-02-17 14:44:24
Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (37%) free of 4 GB
Total RAM: 247 MB (9% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:45:47 p.m., on 17/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:ARCHIV~1AVGAVG8avgwdsvc.exe
C:WINDOWSsystem32slserv.exe
C:WINDOWSnotepad.exe
C:ARCHIV~1AVGAVG8avgrsx.exe
C:ARCHIV~1AVGAVG8avgemc.exe
C:ARCHIV~1AVGAVG8avgnsx.exe
C:ARCHIV~1AVGAVG8avgtray.exe
C:Archivos de programaMessengermsmsgs.exe
C:Archivos de programaGoogleGoogle Talkgoogletalk.exe
C:Archivos de programaAVGAVG8avgcsrvx.exe
C:WINDOWSsystem32wscntfy.exe
C:Archivos de programaClaro InternetModem.exe
C:Archivos de programaInternet Exploreriexplore.exe
D:DiscoViejoAlexNorton AntivirusRSIT.exe
C:Archivos de programaTrend MicroHijackThisLeonid.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Vínculos
O2 — BHO: WormRadar.com IESiteBlocker.NavFilter — {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} — C:Archivos de programaAVGAVG8avgssie.dll
O4 — HKLM..Run: [AVG8_TRAY] C:ARCHIV~1AVGAVG8avgtray.exe
O4 — HKCU..Run: [MSMSGS] «C:Archivos de programaMessengermsmsgs.exe» /background
O4 — HKCU..Run: [googletalk] «C:Archivos de programaGoogleGoogle Talkgoogletalk.exe» /autostart
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SERVICIO LOCAL’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Servicio de red’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: E&xportar a Microsoft Excel — res://C:ARCHIV~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: Referencia — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:ARCHIV~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Archivos de programaMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Archivos de programaMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{B89D1E66-141B-415A-87F4-2B7A0519AEDD}: NameServer = 170.51.255.100 170.51.242.18
O18 — Protocol: linkscanner — {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} — C:Archivos de programaAVGAVG8avgpp.dll
O20 — Winlogon Notify: avgrsstarter — C:WINDOWSSYSTEM32avgrsstx.dll
O23 — Service: AVG Free8 E-mail Scanner (avg8emc) — AVG Technologies CZ, s.r.o. — C:ARCHIV~1AVGAVG8avgemc.exe
O23 — Service: AVG Free8 WatchDog (avg8wd) — AVG Technologies CZ, s.r.o. — C:ARCHIV~1AVGAVG8avgwdsvc.exe
O23 — Service: SmartLinkService (SLService) — — C:WINDOWSSYSTEM32slserv.exe—
End of file — 3156 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Archivos de programaAVGAVG8avgssie.dll [2009-02-07 1078552][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«AVG8_TRAY»=C:ARCHIV~1AVGAVG8avgtray.exe [2009-02-07 1601304][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«MSMSGS»=C:Archivos de programaMessengermsmsgs.exe [2004-08-19 1667584]
«googletalk»=C:Archivos de programaGoogleGoogle Talkgoogletalk.exe [2007-11-20 3293184][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavgrsstarter]
C:WINDOWSsystem32avgrsstx.dll [2009-02-07 10520][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«C:Archivos de programaAVGAVG8avgemc.exe»=»C:Archivos de programaAVGAVG8avgemc.exe:*:Enabled:avgemc.exe»
«C:Archivos de programaAVGAVG8avgupd.exe»=»C:Archivos de programaAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»
«C:WINDOWSsystem32sessmgr.exe»=»C:WINDOWSsystem32sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019»
«C:Archivos de programaGoogleGoogle Talkgoogletalk.exe»=»C:Archivos de programaGoogleGoogle Talkgoogletalk.exe:*:Enabled:Google Talk»
«C:WINDOWSTEMPinit.exe»=»C:WINDOWSTEMPinit.exe:*:Enabled:ENABLE»
«C:Archivos de programaMessengerMSMSGS.EXE»=»C:Archivos de programaMessengerMSMSGS.EXE:*:Enabled:Windows Messenger»
«C:WINDOWSTemprdl2.tmp»=»C:WINDOWSTemprdl2.tmp:*:Disabled:rdl2»
«C:WINDOWSSystem32cssrss.exe»=»C:WINDOWSSystem32cssrss.exe:*:Disabled:cssrss»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-02-15 13:15:01 —-D—- C:rsit
2009-02-15 12:33:27 —-D—- C:Archivos de programaTrend Micro
2009-02-13 21:31:03 —-D—- C:Archivos de programaX-VCD Player
2009-02-13 01:56:22 —-D—- C:Documents and SettingsLeonidDatos de programaWinRAR
2009-02-13 01:55:41 —-D—- C:Archivos de programaWinRAR
2009-02-12 17:25:39 —-A—- C:WINDOWSwininit.ini
2009-02-07 10:11:17 —-HD—- C:$AVG8.VAULT$
2009-02-07 09:51:35 —-A—- C:WINDOWSsystem32shell31.dll
2009-02-07 09:44:25 —-D—- C:Archivos de programaMicrosoft Common
2009-02-06 19:35:05 —-D—- C:Archivos de programaGoogle
2009-02-05 12:33:08 —-D—- C:Archivos de programaBySoft FreeRAM
2009-02-04 19:21:09 —-A—- C:WINDOWSntbtlog.txt
2009-02-03 22:28:27 —-SHD—- C:Recycled
2009-02-03 19:29:42 —-D—- C:Documents and SettingsLeonidDatos de programaMacromedia
2009-02-03 19:29:41 —-D—- C:Documents and SettingsLeonidDatos de programaAdobe
2009-02-03 19:18:22 —-A—- C:WINDOWSModemLog_NetoDragon 56K Voice Modem.txt
2009-02-03 16:56:09 —-A—- C:WINDOWSsystem32h323log.txt
2009-02-03 16:46:38 —-A—- C:WINDOWSsystem32SiS6306v.dll
2009-02-03 16:46:08 —-A—- C:WINDOWSsystem32ksuser.dll
2009-02-03 16:45:48 —-A—- C:WINDOWSsystem32usbui.dll
2009-02-03 16:42:03 —-A—- C:WINDOWSimsins.BAK
2009-02-03 16:41:54 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-02-03 16:41:53 —-SHD—- C:WINDOWSInstaller
2009-02-03 16:41:52 —-D—- C:Archivos de programaArchivos comunesODBC
2009-02-03 16:41:52 —-A—- C:WINDOWSODBCINST.INI
2009-02-03 16:41:44 —-D—- C:Archivos de programaArchivos comunesSpeechEngines
2009-02-03 16:41:43 —-RD—- C:Archivos de programa
2009-02-03 16:41:43 —-D—- C:Archivos de programaArchivos comunesMicrosoft Shared
2009-02-03 16:41:43 —-D—- C:Archivos de programaArchivos comunes
2009-02-03 16:41:32 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-02-03 16:41:32 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-02-03 16:41:32 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdycc.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbduzb.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdur.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdtat.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdmon.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdkyr.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdkaz.dll
2009-02-03 16:41:28 —-RA—- C:WINDOWSsystem32kbdaze.dll
2009-02-03 16:41:27 —-RA—- C:WINDOWSsystem32kbdru1.dll
2009-02-03 16:41:27 —-RA—- C:WINDOWSsystem32kbdru.dll
2009-02-03 16:41:27 —-RA—- C:WINDOWSsystem32kbdbu.dll
2009-02-03 16:41:27 —-RA—- C:WINDOWSsystem32kbdblr.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-02-03 16:41:23 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-02-03 16:41:20 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-02-03 16:41:20 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-02-03 16:41:20 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-02-03 16:41:20 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-02-03 16:41:20 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-02-03 16:41:16 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-02-03 16:41:15 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-02-03 16:41:15 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-02-03 16:41:15 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-02-03 16:41:06 —-A—- C:WINDOWSsystem32irclass.dll
2009-02-03 16:41:06 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-02-03 16:41:05 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-02-03 16:41:05 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-02-03 16:41:05 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-02-03 16:41:01 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-02-03 16:41:01 —-A—- C:WINDOWSTASKMAN.EXE
2009-02-03 16:41:00 —-A—- C:WINDOWSsystem32batt.dll
2009-02-03 16:41:00 —-A—- C:WINDOWSNOTEPAD.EXE
2009-02-03 16:40:52 —-A—- C:WINDOWSsystem32storprop.dll
2009-02-03 16:40:31 —-ASH—- C:Documents and SettingsAll UsersDatos de programadesktop.ini
2009-02-03 16:40:15 —-RA—- C:WINDOWSSET8.tmp
2009-02-03 16:40:04 —-RA—- C:WINDOWSSET4.tmp
2009-02-03 16:39:58 —-RA—- C:WINDOWSSET3.tmp
2009-02-03 16:39:43 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-03 16:39:43 —-D—- C:WINDOWSsystem32CatRoot
2009-02-03 16:39:35 —-SD—- C:Documents and SettingsAll UsersDatos de programaMicrosoft
2009-02-03 16:39:15 —-A—- C:WINDOWSsetuplog.txt
2009-02-03 16:39:06 —-D—- C:Documents and Settings
2009-02-03 16:37:57 —-ASH—- C:boot.ini
2009-02-03 16:27:39 —-D—- C:WINDOWSWinSxS
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem32usmt
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem32inetsrv
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem32IME
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem323com_dmi
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem323082
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem323076
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem322052
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321054
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321042
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321041
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321037
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321033
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321031
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321028
2009-02-03 16:27:39 —-D—- C:WINDOWSsystem321025
2009-02-03 16:27:39 —-D—- C:WINDOWSProvisioning
2009-02-03 16:27:39 —-D—- C:WINDOWSPeerNet
2009-02-03 16:27:39 —-D—- C:WINDOWSpchealth
2009-02-03 16:27:39 —-D—- C:WINDOWSmui
2009-02-03 16:27:39 —-D—- C:WINDOWSime
2009-02-03 16:27:39 —-D—- C:WINDOWSehome
2009-02-03 16:27:38 —-RSHD—- C:WINDOWSsystem32dllcache
2009-02-03 16:27:38 —-RSD—- C:WINDOWSFonts
2009-02-03 16:27:38 —-RD—- C:WINDOWSWeb
2009-02-03 16:27:38 —-HD—- C:WINDOWSinf
2009-02-03 16:27:38 —-D—- C:WINDOWStwain_32
2009-02-03 16:27:38 —-D—- C:WINDOWSTemp
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32wins
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32wbem
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32spool
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32ShellExt
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32Setup
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32ras
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32oobe
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32npp
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32mui
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32icsxml
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32ias
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32export
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32drivers
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32dhcp
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32config
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem32
2009-02-03 16:27:38 —-D—- C:WINDOWSsystem
2009-02-03 16:27:38 —-D—- C:WINDOWSsecurity
2009-02-03 16:27:38 —-D—- C:WINDOWSResources
2009-02-03 16:27:38 —-D—- C:WINDOWSrepair
2009-02-03 16:27:38 —-D—- C:WINDOWSmsapps
2009-02-03 16:27:38 —-D—- C:WINDOWSmsagent
2009-02-03 16:27:38 —-D—- C:WINDOWSMedia
2009-02-03 16:27:38 —-D—- C:WINDOWSjava
2009-02-03 16:27:38 —-D—- C:WINDOWSHelp
2009-02-03 16:27:38 —-D—- C:WINDOWSDriver Cache
2009-02-03 16:27:38 —-D—- C:WINDOWSDebug
2009-02-03 16:27:38 —-D—- C:WINDOWSCursors
2009-02-03 16:27:38 —-D—- C:WINDOWSConnection Wizard
2009-02-03 16:27:38 —-D—- C:WINDOWSConfig
2009-02-03 16:27:38 —-D—- C:WINDOWSAppPatch
2009-02-03 16:27:38 —-D—- C:WINDOWSaddins
2009-02-03 16:27:38 —-D—- C:WINDOWS
2009-02-03 16:21:12 —-A—- C:WINDOWSModemLog_ZTE Proprietary HS-USB Modem.txt
2009-02-03 16:07:54 —-D—- C:WINDOWSsystem32SupportAppXL
2009-02-03 16:07:40 —-D—- C:Archivos de programaClaro Internet
2009-02-03 16:07:32 —-HD—- C:Archivos de programaInstallShield Installation Information
2009-02-03 16:00:26 —-A—- C:WINDOWSsystem32avgrsstx.dll
2009-02-03 15:59:17 —-D—- C:Archivos de programaAVG
2009-02-03 15:59:15 —-D—- C:Documents and SettingsAll UsersDatos de programaavg8
2009-02-03 15:32:17 —-A—- C:WINDOWSODBC.INI
2009-02-03 15:32:08 —-A—- C:WINDOWSsystem32mdimon.dll
2009-02-03 15:28:54 —-D—- C:Archivos de programaArchivos comunesDESIGNER
2009-02-03 15:28:01 —-D—- C:WINDOWSSHELLNEW
2009-02-03 15:27:53 —-D—- C:Archivos de programaMicrosoft Office
2009-02-03 15:26:26 —-D—- C:WINDOWSsystem32NtmsData
2009-02-03 15:19:54 —-A—- C:WINDOWSsystem32SLMOHServ.dll
2009-02-03 15:19:54 —-A—- C:WINDOWSsystem32minirec.exe
2009-02-03 15:19:53 —-A—- C:WINDOWSsystem32slmh.exe
2009-02-03 15:19:52 —-A—- C:WINDOWSsystem32SLLights.dll
2009-02-03 15:19:52 —-A—- C:WINDOWSSmCfg.exe
2009-02-03 15:19:44 —-A—- C:WINDOWSsystem32csamsp.dll
2009-02-03 15:19:40 —-D—- C:WINDOWSModio
2009-02-03 15:02:15 —-D—- C:Documents and SettingsLeonidDatos de programaIdentities
2009-02-03 15:02:04 —-HD—- C:Archivos de programaUninstall Information
2009-02-03 15:01:46 —-ASH—- C:Documents and SettingsLeonidDatos de programadesktop.ini
2009-02-03 15:01:45 —-SD—- C:Documents and SettingsLeonidDatos de programaMicrosoft
2009-02-03 14:57:04 —-SHD—- C:System Volume Information
2009-02-03 14:57:04 —-D—- C:WINDOWSSoftwareDistribution
2009-02-03 14:57:01 —-D—- C:WINDOWSPrefetch
2009-02-03 14:57:00 —-SD—- C:WINDOWSsystem32Microsoft
2009-02-03 14:56:59 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-03 14:24:48 —-D—- C:WINDOWSsystem32xircom
2009-02-03 14:24:48 —-D—- C:Archivos de programaxerox
2009-02-03 14:24:47 —-D—- C:Archivos de programamicrosoft frontpage
2009-02-03 14:22:26 —-A—- C:WINDOWScontrol.ini
2009-02-03 14:22:26 —-A—- C:AUTOEXEC.BAT
2009-02-03 14:21:37 —-A—- C:WINDOWSOEWABLog.txt
2009-02-03 14:21:29 —-A—- C:WINDOWSsystem32mapi32.dll
2009-02-03 14:17:06 —-RD—- C:WINDOWSOffline Web Pages
2009-02-03 14:17:05 —-SD—- C:WINDOWSDownloaded Program Files
2009-02-03 14:17:05 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-02-03 14:16:31 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-02-03 14:16:10 —-HD—- C:Archivos de programaWindowsUpdate
2009-02-03 14:16:00 —-D—- C:Archivos de programaServicios en línea
2009-02-03 14:14:59 —-D—- C:WINDOWSsystem32DirectX
2009-02-03 14:14:00 —-A—- C:WINDOWSsystem32atrace.dll
2009-02-03 14:13:55 —-A—- C:WINDOWSsystem32desktop.ini
2009-02-03 14:13:55 —-A—- C:WINDOWSdesktop.ini
2009-02-03 14:13:41 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-02-03 14:13:39 —-A—- C:WINDOWSsystem32acctres.dll
2009-02-03 14:13:38 —-D—- C:Archivos de programaArchivos comunesServices
2009-02-03 14:13:31 —-SD—- C:WINDOWSTasks
2009-02-03 14:13:31 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-02-03 14:13:29 —-D—- C:Archivos de programaArchivos comunesMSSoap
2009-02-03 14:13:21 —-D—- C:WINDOWSsrchasst
2009-02-03 14:13:19 —-D—- C:WINDOWSsystem32Macromed
2009-02-03 14:13:12 —-A—- C:WINDOWSsystem32wuweb.dll
2009-02-03 14:13:11 —-A—- C:WINDOWSsystem32wucltui.dll
2009-02-03 14:13:11 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-02-03 14:13:10 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-02-03 14:13:10 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-02-03 14:13:09 —-A—- C:WINDOWSsystem32wups.dll
2009-02-03 14:13:09 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-02-03 14:13:09 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-02-03 14:13:08 —-A—- C:WINDOWSsystem32wuapi.dll
2009-02-03 14:13:08 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-02-03 14:13:08 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-02-03 14:13:07 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-02-03 14:13:07 —-A—- C:WINDOWSsystem32qmgr.dll
2009-02-03 14:12:58 —-D—- C:Archivos de programaMovie Maker
2009-02-03 14:12:49 —-A—- C:WINDOWSsystem32safrslv.dll
2009-02-03 14:12:49 —-A—- C:WINDOWSsystem32safrdm.dll
2009-02-03 14:12:48 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-02-03 14:12:48 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-02-03 14:12:41 —-A—- C:WINDOWSsystem32fltMc.exe
2009-02-03 14:12:41 —-A—- C:WINDOWSsystem32fltlib.dll
2009-02-03 14:12:39 —-D—- C:WINDOWSsystem32Restore
2009-02-03 14:12:39 —-A—- C:WINDOWSsystem32srsvc.dll
2009-02-03 14:12:39 —-A—- C:WINDOWSsystem32srrstr.dll
2009-02-03 14:12:39 —-A—- C:WINDOWSsystem32srclient.dll
2009-02-03 14:12:37 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-02-03 14:12:37 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-02-03 14:12:37 —-A—- C:WINDOWSsystem32ils.dll
2009-02-03 14:12:36 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-02-03 14:12:36 —-A—- C:WINDOWSsystem32msconf.dll
2009-02-03 14:12:36 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-02-03 14:12:30 —-D—- C:Archivos de programaNetMeeting
2009-02-03 14:12:30 —-A—- C:WINDOWSsystem32msoert2.dll
2009-02-03 14:12:30 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-02-03 14:12:26 —-A—- C:WINDOWSsystem32inetres.dll
2009-02-03 14:12:25 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-02-03 14:12:21 —-D—- C:Archivos de programaOutlook Express
2009-02-03 14:12:21 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-02-03 14:12:20 —-A—- C:WINDOWSsystem32mstinit.exe
2009-02-03 14:12:20 —-A—- C:WINDOWSsystem32mstask.dll
2009-02-03 14:12:19 —-A—- C:WINDOWSsystem32isign32.dll
2009-02-03 14:12:19 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-02-03 14:12:19 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-02-03 14:12:19 —-A—- C:WINDOWSsystem32icwdial.dll
2009-02-03 14:11:59 —-D—- C:Archivos de programaArchivos comunesSystem
2009-02-03 14:11:50 —-D—- C:Archivos de programaInternet Explorer
2009-02-03 14:07:36 —-D—- C:Archivos de programaComPlus Applications
2009-02-03 14:07:33 —-A—- C:WINDOWSvbaddin.ini
2009-02-03 14:07:33 —-A—- C:WINDOWSvb.ini
2009-02-03 14:07:23 —-D—- C:WINDOWSRegistration
2009-02-03 14:07:08 —-D—- C:Archivos de programaOnline Services
2009-02-03 14:07:07 —-D—- C:Archivos de programaWindows Media Player
2009-02-03 14:06:39 —-D—- C:Archivos de programaMessenger
2009-02-03 14:06:30 —-D—- C:Archivos de programaMSN Gaming Zone
2009-02-03 14:06:30 —-A—- C:WINDOWSsystem32write.exe
2009-02-03 14:05:47 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-02-03 14:05:45 —-A—- C:WINDOWSsystem32hticons.dll
2009-02-03 14:05:44 —-A—- C:WINDOWSsystem32avwav.dll
2009-02-03 14:05:44 —-A—- C:WINDOWSsystem32avtapi.dll
2009-02-03 14:05:44 —-A—- C:WINDOWSsystem32avmeter.dll
2009-02-03 14:05:42 —-A—- C:WINDOWSsystem32winchat.exe
2009-02-03 14:05:27 —-D—- C:WINDOWSCursores
2009-02-03 14:05:24 —-A—- C:WINDOWSsystem32getuname.dll
2009-02-03 14:05:23 —-A—- C:WINDOWSsystem32charmap.exe
2009-02-03 14:05:22 —-A—- C:WINDOWSsystem32calc.exe
2009-02-03 14:05:21 —-A—- C:WINDOWSsystem32winmine.exe
2009-02-03 14:05:21 —-A—- C:WINDOWSsystem32sol.exe
2009-02-03 14:05:20 —-A—- C:WINDOWSsystem32freecell.exe
2009-02-03 14:05:19 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-02-03 14:05:19 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-02-03 14:05:19 —-A—- C:WINDOWSsystem32tslabels.ini
2009-02-03 14:05:19 —-A—- C:WINDOWSsystem32tskill.exe
2009-02-03 14:05:19 —-A—- C:WINDOWSsystem32reset.exe
2009-02-03 14:05:18 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-02-03 14:05:18 —-A—- C:WINDOWSsystem32tscon.exe
2009-02-03 14:05:18 —-A—- C:WINDOWSsystem32shadow.exe
2009-02-03 14:05:18 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-02-03 14:05:18 —-A—- C:WINDOWSsystem32regini.exe
2009-02-03 14:05:17 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-02-03 14:05:17 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-02-03 14:05:17 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-02-03 14:05:17 —-A—- C:WINDOWSsystem32msg.exe
2009-02-03 14:05:17 —-A—- C:WINDOWSsystem32logoff.exe
2009-02-03 14:05:16 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-02-03 14:05:16 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-02-03 14:05:15 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-02-03 14:05:11 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-02-03 14:05:11 —-A—- C:WINDOWSsystem32mtxex.dll
2009-02-03 14:05:11 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-02-03 14:05:10 —-A—- C:WINDOWSsystem32stclient.dll
2009-02-03 14:05:10 —-A—- C:WINDOWSsystem32comsnap.dll
2009-02-03 14:05:10 —-A—- C:WINDOWSsystem32comrepl.dll
2009-02-03 14:05:10 —-A—- C:WINDOWSsystem32comaddin.dll
2009-02-03 14:04:51 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-02-03 14:04:34 —-D—- C:Archivos de programaMSN
2009-02-03 14:04:33 —-A—- C:WINDOWSsystem32accwiz.exe
2009-02-03 14:04:32 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-02-03 14:04:32 —-A—- C:WINDOWSsystem32mplay32.exe
2009-02-03 14:04:31 —-D—- C:Archivos de programaWindows NT
2009-02-03 14:04:31 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-02-03 14:04:30 —-A—- C:WINDOWSsystem32mspaint.exe
2009-02-03 14:04:25 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-02-03 14:04:24 —-A—- C:WINDOWSsystem32mstscax.dll
2009-02-03 14:04:24 —-A—- C:WINDOWSsystem32mstsc.exe
2009-02-03 14:04:23 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-02-03 14:04:23 —-A—- C:WINDOWSsystem32remotepg.dll
2009-02-03 14:04:23 —-A—- C:WINDOWSsystem32rdshost.exe
2009-02-03 14:04:23 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-02-03 14:04:23 —-A—- C:WINDOWSsystem32rdchost.dll
2009-02-03 14:04:22 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-02-03 14:04:22 —-A—- C:WINDOWSsystem32termsrv.dll
2009-02-03 14:04:22 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-02-03 14:04:22 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-02-03 14:04:21 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-02-03 14:04:21 —-A—- C:WINDOWSsystem32qprocess.exe
2009-02-03 14:04:21 —-A—- C:WINDOWSsystem32icaapi.dll
2009-02-03 14:04:21 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-02-03 14:04:20 —-D—- C:WINDOWSsystem32MsDtc
2009-02-03 14:04:20 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-02-03 14:04:20 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-02-03 14:04:20 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-02-03 14:04:19 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-02-03 14:04:19 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-02-03 14:04:19 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-02-03 14:04:18 —-A—- C:WINDOWSsystem32msdtc.exe
2009-02-03 14:04:17 —-D—- C:WINDOWSsystem32Com
2009-02-03 14:04:17 —-A—- C:WINDOWSsystem32colbact.dll
2009-02-03 14:04:17 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-02-03 14:04:16 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-02-03 14:04:16 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-02-03 14:04:16 —-A—- C:WINDOWSsystem32catsrv.dll
2009-02-03 14:04:15 —-A—- C:WINDOWSsystem32comuid.dll
2009-02-03 14:04:15 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-02-03 14:04:14 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-02-03 14:03:49 —-A—- C:WINDOWSsystem32servdeps.dll
2009-02-03 14:03:49 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-02-03 14:03:49 —-A—- C:WINDOWSsystem32licwmi.dll
2009-02-03 14:03:48 —-A—- C:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-02-03 16:41:42 —-A—- C:WINDOWSsystem.ini
2009-02-03 14:22:26 —-A—- C:WINDOWSwin.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2009-02-07 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2009-02-07 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:WINDOWSSystem32Driversavgtdix.sys [2009-02-07 107272]
R3 es1969;Controlador de audio ESS 1969 (WDM); C:WINDOWSsystem32driverses1969.sys [2001-08-17 72192]
R3 MODEMCSA;Dispositivo de filtro de transmisión Unimodem; C:WINDOWSsystem32driversMODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5;Mtlmnt5; C:WINDOWSsystem32DRIVERSMtlmnt5.sys [2004-08-24 229720]
R3 SiSV6306;SiSV6306; C:WINDOWSsystem32DRIVERSSiS6306p.sys [2001-08-17 68608]
R3 Slntamr;NetoDragon AMR_PCI Driver; C:WINDOWSsystem32DRIVERSslntamr.sys [2004-08-24 650632]
R3 SlWdmSup;SlWdmSup; C:WINDOWSsystem32DRIVERSSlWdmSup.sys [2004-08-24 13216]
R3 usbccgp;Controlador primario genérico USB de Microsoft; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbhub;Concentrador habilitado USB2; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-04 57600]
R3 usbohci;Controlador minipuerto de la controladora de host abierto USB de Microsoft; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-04 17024]
R3 USBSTOR;Dispositivo de almacenamiento masivo de datos USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
R3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:WINDOWSsystem32DRIVERSZTEusbmdm6k.sys [2008-04-19 103936]
R3 ZTEusbnmea;ZTE NMEA Port; C:WINDOWSsystem32DRIVERSZTEusbnmea.sys [2008-04-19 103936]
R3 ZTEusbser6k;ZTE Diagnostic Port; C:WINDOWSsystem32DRIVERSZTEusbser6k.sys [2008-04-19 103936]
S3 Mtlstrm;Mtlstrm; C:WINDOWSsystem32DRIVERSMtlstrm.sys [2004-08-24 1395376]
S3 SlNtHal;SlNtHal; C:WINDOWSsystem32DRIVERSSlnthal.sys [2004-08-24 100240]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8emc;AVG Free8 E-mail Scanner; C:ARCHIV~1AVGAVG8avgemc.exe [2009-02-07 903960]
R2 avg8wd;AVG Free8 WatchDog; C:ARCHIV~1AVGAVG8avgwdsvc.exe [2009-02-07 298264]
R2 SLService;SmartLinkService; C:WINDOWSsystem32slserv.exe [2004-08-24 57344]
S3 ose;Office Source Engine; C:Archivos de programaArchivos comunesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
Info.txt почему-то не вышло
Info.txt почему-то не вышло
Это нормально.
Лог выглядит хорошо, но проверим ещё одной программой.
Прочитайте описание программы Malwarebytes Anti-malware (MBAM).
Скачайте и выполните сканирование вашего компьютера. Удалите всё что будет найдено. В конце работы будет показан лог, вставьте его содержимое в ваш ответ.Добрый день!
Все выполнил. Посылаю log
За один час проверила все и нашла два троянаMalwarebytes’ Anti-Malware 1.34
Versión de la Base de Datos: 1775
Windows 5.1.2600 Service Pack 218/02/2009 06:11:09 p.m.
mbam-log-2009-02-18 (18-11-09).txtTipo de examen : Examen Completo (C:|D:|F:|G:|)
Objetos examinados: 77821
Tiempo transcurrido: 1 hour(s), 37 minute(s), 10 second(s)Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 1
Ficheros Infectados: 1Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)Valores del Registro Infectados:
(No se han detectado elementos maliciosos)Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)Carpetas Infectadas:
C:Archivos de programaMicrosoft Common (Trojan.Agent) -> Quarantined and deleted successfully.Ficheros Infectados:
C:WINDOWSsystem32shell31.dll (Trojan.Agent) -> Quarantined and deleted successfully.Огромное спасибо!
Комп несмотря на 256 памяти и 400 процессор под ХР работает достаточно быстро.
Вчера проверил: все чисто.Еще раз большое спасибо
Меня продолжает волновать поведение modem.exe ZTE VF626 (открыта отдельная тема)
- Для ответа в этой теме необходимо авторизоваться.
