- This topic has 1 ответ, 2 участника, and was last updated 15 years, 10 months назад by
.
-
Сообщения
-
Помогите пожалуйста.
Появилась надпись о том что я пользовался порно ресурсами и по соглашению должен оплатить свой доступ. Прислать СМС ну и т.д. Вход в интернет был заблокирован. Принудительно перезагрузил, проверил Антивирусом (не нашел), Почистил попку Темп, Кеши. Перезагрузился и теперь не могу войти в простом режиме. Появляется окно Виндовс ХР и экран гаснет и все (сам блок работает) в безопастный режим могу войти свободно.Logfile of random’s system information tool 1.06 (written by random/random)
Run by MarZZ at 2010-01-04 13:42:12
Microsoft Windows XP Professional Service Pack 3
System drive C: has 26 GB (67%) free of 38 GB
Total RAM: 1023 MB (66% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:42:12, on 04.01.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network supportRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsMarZZLocal SettingsTemporary Internet FilesContent.IE5B6VC1OVVRSIT[1].exe
C:Program Filestrend microMarZZ.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [Gainward] C:Program FilesVDOToolTBPanel.exe /A
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [IAAnotif] C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [NBKeyScan] «C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe»
O4 — HKLM..Run: [ISUSPM Startup] «C:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe» -startup
O4 — HKLM..Run: [ISUSScheduler] «C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe» -start
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKLM..Run: [WireLessKeyboard] C:Program FilesMultimedia Keyboard DriverStartAutorun.exe PS2USBKbdDrv.exe
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [NevoDRM] «C:Игры от NevoSoftNevoDRMNevoDRM.exe»
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesNeroLibNMBgMonitor.exe»
O4 — HKCU..Run: [AutoStartNPSAgent] C:Program FilesSamsungSamsung New PC StudioNPSAgent.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [AlcoholAutomount] «C:Program FilesAlcohol SoftAlcohol 120axcmd.exe» /automount
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6.5ICQ.exe» silent
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [RunNarrator] Narrator.exe (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [RunNarrator] Narrator.exe (User ‘Default user’)
O4 — Global Startup: Windows Search.lnk = C:Program FilesWindows Desktop SearchWindowsSearch.exe
O4 — Global Startup: Быстрый запуск Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeBINDER.EXE
O4 — Global Startup: Панель Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeMSOFFICE.EXE
O4 — Global Startup: Поиск файлов.lnk = C:Program FilesMicrosoft OfficeOfficeFINDFAST.EXE
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O16 — DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) — http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249486373390
O16 — DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) — http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: FsUsbExService — Teruten — C:WINDOWSsystem32FsUsbExService.Exe
O23 — Service: getPlus(R) Helper — NOS Microsystems Ltd. — C:Program FilesNOSbingetPlus_HelperSvc.exe
O23 — Service: Служба Google Update (gupdate1ca18d595fb98f8) (gupdate1ca18d595fb98f8) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesAheadLibNMIndexingService.exe
O23 — Service: nProtect GameGuard Service (npggsvc) — Unknown owner — C:WINDOWSsystem32GameMon.des.exe (file missing)
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: StarWind AE Service (StarWindServiceAE) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe—
End of file — 6902 bytes======Scheduled tasks folder======
C:WINDOWStasksGoogleUpdateTaskMachineCore.job
C:WINDOWStasksGoogleUpdateTaskMachineUA.job
C:WINDOWStasksUser_Feed_Synchronization-{552A7935-C532-453D-A919-CFC39684CCB2}.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-10-11 41760][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-10-11 73728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-04-08 3700000][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Gainward»=C:Program FilesVDOToolTBPanel.exe [2006-09-13 2154496]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2008-09-17 13574144]
«nwiz»=nwiz.exe /install []
«IAAnotif»=C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe [2006-02-21 143360]
«SkyTel»=C:WINDOWSSkyTel.EXE [2006-05-16 2879488]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-06-28 16248320]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2008-09-17 86016]
«NBKeyScan»=C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe []
«ISUSPM Startup»=C:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe [2005-08-11 249856]
«ISUSScheduler»=C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe [2005-08-11 81920]
«NPSStartup»= []
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2008-06-10 1447168]
«WireLessKeyboard»=C:Program FilesMultimedia Keyboard DriverStartAutorun.exe [2005-11-30 94208]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-10-11 149280]
«NevoDRM»=C:Игры от NevoSoftNevoDRMNevoDRM.exe [2008-12-11 41984][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesNeroLibNMBgMonitor.exe []
«AutoStartNPSAgent»=C:Program FilesSamsungSamsung New PC StudioNPSAgent.exe [2009-06-03 102400]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232]
«AlcoholAutomount»=C:Program FilesAlcohol SoftAlcohol 120axcmd.exe [2008-09-02 205256]
«ICQ»=C:Program FilesICQ6.5ICQ.exe [2009-11-16 172792]C:Documents and SettingsAll UsersStart MenuProgramsStartup
Windows Search.lnk — C:Program FilesWindows Desktop SearchWindowsSearch.exe
Быстрый запуск Microsoft Office.lnk — C:Program FilesMicrosoft OfficeOfficeBINDER.EXE
Панель Microsoft Office.lnk — C:Program FilesMicrosoft OfficeOfficeMSOFFICE.EXE
Поиск файлов.lnk — C:Program FilesMicrosoft OfficeOfficeFINDFAST.EXE[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]
C:WINDOWSsystem32WgaLogon.dll [2009-03-10 239496][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{56F9679E-7826-4C84-81F3-532071A8BCC5}»=C:Program FilesWindows Desktop SearchMSNLNamespaceMgr.dll [2009-05-24 304128][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoClose»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesFlashGetflashget.exe»=»C:Program FilesFlashGetflashget.exe:*:Enabled:Flashget»
«C:Program FilesuTorrentutorrent.exe»=»C:Program FilesuTorrentutorrent.exe:*:Enabled:µTorrent»
«C:Program FilesSamsungSamsung New PC Studionpsasvr.exe»=»C:Program FilesSamsungSamsung New PC Studionpsasvr.exe:*:Enabled:KTF MUSIC AoD Server»
«C:Program FilesSamsungSamsung New PC Studionpsvsvr.exe»=»C:Program FilesSamsungSamsung New PC Studionpsvsvr.exe:*:Enabled:KTF MUSIC VoD Server»
«L:TmNationsForeverTmForever.exe»=»L:TmNationsForeverTmForever.exe:*:Enabled:TmForever»
«L:наскарNR2003.exe»=»L:наскарNR2003.exe:*:Enabled:NASCAR Racing 2003 Season»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»
«L:DragonsDWarC2.exe»=»L:DragonsDWarC2.exe:*:Enabled:Легенда: Наследие Драконов»
«L:JuicedJuiced.exe»=»L:JuicedJuiced.exe:*:Enabled:Juiced»
«C:Program FilesDC++DCPlusPlus.exe»=»C:Program FilesDC++DCPlusPlus.exe:*:Enabled:DC++»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»======List of files/folders created in the last 1 months======
2010-01-04 13:27:04 —-D—- C:Program Filestrend micro
2010-01-04 13:27:03 —-D—- C:rsit
2010-01-04 12:55:21 —-A—- C:drweb-500-win-space.exe
2010-01-04 12:12:00 —-SHD—- C:WINDOWSCSC
2010-01-04 11:58:50 —-A—- C:WINDOWSntbtlog.txt
2009-12-20 22:53:24 —-D—- C:Program FilesDC++
2009-12-20 18:21:06 —-D—- C:Игры от NevoSoft
2009-12-11 07:12:44 —-HDC—- C:WINDOWS$NtUninstallKB970430$
2009-12-11 07:12:37 —-HDC—- C:WINDOWS$NtUninstallKB974318$
2009-12-11 07:11:58 —-HDC—- C:WINDOWS$NtUninstallKB973904$
2009-12-11 07:11:51 —-HDC—- C:WINDOWS$NtUninstallKB974392$
2009-12-11 07:11:26 —-HDC—- C:WINDOWS$NtUninstallKB971737$
2009-12-10 21:18:42 —-A—- C:WINDOWSsystem32XAudio2_5.dll
2009-12-10 21:18:42 —-A—- C:WINDOWSsystem32xactengine3_5.dll
2009-12-10 21:18:41 —-A—- C:WINDOWSsystem32D3DCompiler_42.dll
2009-12-10 21:18:40 —-A—- C:WINDOWSsystem32d3dcsx_42.dll
2009-12-10 21:18:39 —-A—- C:WINDOWSsystem32d3dx11_42.dll
2009-12-10 21:18:39 —-A—- C:WINDOWSsystem32d3dx10_42.dll
2009-12-10 21:18:38 —-A—- C:WINDOWSsystem32D3DX9_42.dll
2009-12-09 23:52:59 —-D—- C:Program FilesCommon FilesINCA Shared
2009-12-08 17:51:53 —-A—- C:WINDOWSsetuplog.txt======List of files/folders modified in the last 1 months======
2010-01-04 13:27:04 —-RD—- C:Program Files
2010-01-04 12:38:40 —-D—- C:WINDOWSTemp
2010-01-04 12:32:49 —-SHD—- C:System Volume Information
2010-01-04 12:26:09 —-D—- C:Program FilesCrayon Physics Deluxe
2010-01-04 12:19:18 —-D—- C:Documents and Settings
2010-01-04 12:12:00 —-D—- C:WINDOWS
2010-01-04 12:07:21 —-A—- C:WINDOWSSchedLgU.Txt
2010-01-04 12:05:17 —-D—- C:WINDOWSsystem32CatRoot2
2010-01-04 12:03:52 —-D—- C:WINDOWSsystem32config
2010-01-04 12:02:44 —-D—- C:WINDOWSsystem32wbem
2010-01-04 12:02:35 —-D—- C:WINDOWSRegistration
2010-01-04 12:01:54 —-D—- C:Documents and SettingsMarZZApplication DatauTorrent
2010-01-04 11:57:12 —-D—- C:WINDOWSPrefetch
2010-01-04 11:41:59 —-AH—- C:WINDOWSsystem32FFASTLOG.TXT
2010-01-03 22:19:25 —-D—- C:WINDOWSsystem32
2009-12-30 19:08:48 —-A—- C:WINDOWSDFC.INI
2009-12-30 12:20:26 —-D—- C:Program FilesICQ6.5
2009-12-29 19:29:13 —-D—- C:Program FilesMozilla Firefox
2009-12-27 23:34:46 —-A—- C:WINDOWSNeroDigital.ini
2009-12-23 00:51:03 —-D—- C:Documents and SettingsMarZZApplication DataAhead
2009-12-22 21:34:30 —-D—- C:Documents and SettingsMarZZApplication DataNero
2009-12-22 13:36:15 —-A—- C:WINDOWSPhotoSnapViewer.INI
2009-12-21 17:22:53 —-HD—- C:WINDOWSinf
2009-12-20 16:55:47 —-A—- C:WINDOWSwin.ini
2009-12-20 13:43:02 —-D—- C:Documents and SettingsAll UsersApplication DataAlawarWrapper
2009-12-19 13:12:14 —-D—- C:WINDOWSMinidump
2009-12-11 18:24:49 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-12-11 18:21:48 —-D—- C:Program FilesInternet Explorer
2009-12-11 07:12:48 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-12-11 07:12:48 —-D—- C:WINDOWSsystem32drivers
2009-12-11 07:12:40 —-A—- C:WINDOWSimsins.BAK
2009-12-11 07:12:13 —-D—- C:WINDOWSie8updates
2009-12-11 07:12:06 —-HD—- C:WINDOWS$hf_mig$
2009-12-10 21:18:44 —-D—- C:WINDOWSsystem32DirectX
2009-12-09 23:52:59 —-D—- C:Program FilesCommon Files
2009-12-06 19:51:23 —-D—- C:Program FilesMovavi Видео Конвертер 7
2009-12-06 19:48:52 —-SHD—- C:WINDOWSInstaller======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2008-06-10 34312]
R1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-13 14592]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2006-02-28 12160]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtenicxp.sys [2005-11-16 78976]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-13 59520]
R3 usbstor;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-13 20608]
S1 easdrv;easdrv; C:WINDOWSsystem32DRIVERSeasdrv.sys [2008-06-10 53256]
S1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-13 36352]
S1 oreans32;oreans32; ??C:WINDOWSsystem32driversoreans32.sys []
S2 eamon;EAMON; C:WINDOWSsystem32DRIVERSeamon.sys [2008-06-10 39944]
S2 nvcap;nVidia WDM Video Capture (universal); C:WINDOWSsystem32DRIVERSnvcap.sys [2005-02-01 141246]
S2 NVXBAR;nVidia WDM A/V Crossbar; C:WINDOWSsystem32DRIVERSNVxbar.sys [2005-02-01 16176]
S2 TBPanel;TBPanel; C:WINDOWSsystem32driversTBPanel.sys [2002-07-27 5306]
S3 abrnjx6h;abrnjx6h; C:WINDOWSsystem32driversabrnjx6h.sys []
S3 Arp1394;1394 ARP Client Protocol; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-13 60800]
S3 Cardex;Cardex; ??C:WINDOWSsystem32driversTBPANEL.SYS []
S3 CCDECODE;Closed Caption Decoder; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-13 17024]
S3 EagleNT;EagleNT; ??C:WINDOWSsystem32driversEagleNT.sys []
S3 FsUsbExDisk;FsUsbExDisk; ??C:WINDOWSsystem32FsUsbExDisk.SYS []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-06-28 4304384]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-13 61824]
S3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2008-09-17 6132576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:WINDOWSsystem32DRIVERSpccsmcfd.sys [2007-09-17 21632]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-13 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:WINDOWSsystem32DRIVERSss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:WINDOWSsystem32DRIVERSss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:WINDOWSsystem32DRIVERSss_bmdm.sys [2009-03-20 121856]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:WINDOWSsystem32DRIVERSssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:WINDOWSsystem32DRIVERSssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:WINDOWSsystem32DRIVERSssm_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-13 15232]
S3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:WINDOWSsystem32DRIVERSwpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
S4 sr;System Restore Filter Driver; C:WINDOWSsystem32DRIVERSsr.sys [2008-04-13 73472]
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2006-02-28 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R01000000 papycpu2;papycpu2; C:WINDOWSSystem32DRIVERSpapycpu2.sys [2003-01-17 1984]
R01000000 papyjoy;papyjoy; C:WINDOWSSystem32DRIVERSpapyjoy.sys [2003-01-17 1856]
S2 ekrn;Eset Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2008-06-10 468224]
S2 FsUsbExService;FsUsbExService; C:WINDOWSsystem32FsUsbExService.Exe [2009-06-03 233472]
S2 gupdate1ca18d595fb98f8;Служба Google Update (gupdate1ca18d595fb98f8); C:Program FilesGoogleUpdateGoogleUpdate.exe [2009-08-09 133104]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe [2006-02-21 81920]
S2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-10-11 153376]
S2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2008-09-17 163908]
S2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
S2 WSearch;Windows Search; C:WINDOWSsystem32SearchIndexer.exe [2008-05-26 439808]
S2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2008-06-10 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; C:Program FilesNOSbingetPlus_HelperSvc.exe [2009-07-14 66056]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesAheadLibNMIndexingService.exe [2007-01-15 266240]
S3 npggsvc;nProtect GameGuard Service; C:WINDOWSsystem32GameMon.des [2009-11-03 3414888]
S3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2008-04-07 430592]
S3 usprserv;User Privilege Service; C:WINDOWSSystem32svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]
EOF
Прочитайте описание программы Malwarebytes Anti-malware (MBAM).
Скачайте и выполните сканирование вашего компьютера. Удалите всё что будет найдено. В конце работы будет показан лог.Скачайте сканер OTL кликнув по этой ссылке и сохраните файл на вашем рабочем столе.
* Дважды кликните по скачанному файлу.
* Поставьте галочку в пункте «Scan All Users».
* В окно Custom Scan/Fixes вставьте следующий текст:netsvcs
%SYSTEMDRIVE%*.exe
%SYSTEMDRIVE%eventlog.dll /s /md5
%SYSTEMDRIVE%scecli.dll /s /md5
%SYSTEMDRIVE%netlogon.dll /s /md5
%SYSTEMDRIVE%cngaudit.dll /s /md5
%SYSTEMDRIVE%sceclt.dll /s /md5
%SYSTEMDRIVE%ntelogon.dll /s /md5
%SYSTEMDRIVE%logevent.dll /s /md5
%SYSTEMDRIVE%iaStor.sys /s /md5
%SYSTEMDRIVE%nvstor.sys /s /md5
%SYSTEMDRIVE%atapi.sys /s /md5
%SYSTEMDRIVE%IdeChnDr.sys /s /md5
%SYSTEMDRIVE%viasraid.sys /s /md5
%SYSTEMDRIVE%AGP440.sys /s /md5
%SYSTEMDRIVE%vaxscsi.sys /s /md5
%SYSTEMDRIVE%nvatabus.sys /s /md5
%SYSTEMDRIVE%viamraid.sys /s /md5
%SYSTEMDRIVE%nvata.sys /s /md5
CREATERESTOREPOINT
* Кликните по кнопке «Run Scan».
* Когда программа закончит работу, будут показаны два лога (OTListIt.txt и Extra.txt).Вставьте MBAM лог и оба OTL лога в ваш ответ. Каждый лог в отдельное сообщение.
- Для ответа в этой теме необходимо авторизоваться.
