[thyrex]

Не торопите события. Надо же было все зверье собрать
В сообщении над Вашим рецепт

[-Lis-]

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
========== FILES ==========
C:\WINDOWS\system32\6Vg3gdX.exe moved successfully.
C:\WINDOWS\system32\gbuB5lt.exe moved successfully.
C:\WINDOWS\system32\eqFh9vz.exe moved successfully.
C:\WINDOWS\system32\SASy8VH.exe moved successfully.
C:\WINDOWS\system32\2nFjOat.exe moved successfully.
C:\WINDOWS\system32\c3b80fV.exe moved successfully.
C:\WINDOWS\system32\zB0blTb.exe moved successfully.
C:\WINDOWS\system32\RmF2lZR.exe moved successfully.
C:\WINDOWS\system32\KbIt2YP.exe moved successfully.
C:\WINDOWS\system32\HRJ9iC7.exe moved successfully.
C:\WINDOWS\system32\WLKGN2K.exe moved successfully.
C:\WINDOWS\system32\e6nDWO1.exe moved successfully.
C:\WINDOWS\system32\trLmu0s.exe moved successfully.
C:\WINDOWS\system32\iyBmDll.exe moved successfully.
C:\WINDOWS\system32\THFNpzO.exe moved successfully.
C:\WINDOWS\system32\gI9Pkig.exe moved successfully.
C:\WINDOWS\system32\DdUDRvN.exe moved successfully.
C:\WINDOWS\system32\CjNScNn.exe moved successfully.
C:\WINDOWS\system32\Cwxkl1S.exe moved successfully.
C:\WINDOWS\system32\8slKSX6.exe moved successfully.
C:\WINDOWS\system32\rID3h7Z.exe moved successfully.
C:\WINDOWS\system32\Iy3W85Q.exe moved successfully.
C:\WINDOWS\system32\ZtgBq0m.exe moved successfully.
C:\WINDOWS\system32\f1EJQPj.exe moved successfully.
C:\WINDOWS\system32\6D73xu9.exe moved successfully.
C:\WINDOWS\system32\46jIE01.exe moved successfully.
C:\WINDOWS\system32\hFbocSI.exe moved successfully.
C:\WINDOWS\system32\mwsl39v.exe moved successfully.
C:\Program Files\Common Files\keylog.txt moved successfully.
C:\WINDOWS\system32\KwoShpA.exe moved successfully.
C:\WINDOWS\system32\nbMVcfz.exe moved successfully.
C:\WINDOWS\system32\kyOZrpg.exe moved successfully.
C:\WINDOWS\system32\iRaR5Kh.exe moved successfully.
C:\WINDOWS\system32\6CWzlWB.exe moved successfully.
C:\WINDOWS\system32\ut7VEX0.exe moved successfully.
C:\WINDOWS\system32\c49Fp8m.exe moved successfully.
C:\WINDOWS\system32\4j5wdrg.exe moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 1020111595 bytes
->Temporary Internet Files folder emptied: 71780483 bytes
->Java cache emptied: 1935 bytes
->Flash cache emptied: 16069 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 2556916 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2340499 bytes
%systemroot%\System32 .tmp files removed: 5709 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4488414 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 467858 bytes
RecycleBin emptied: 1134350 bytes

Total Files Cleaned = 1*052,00 mb


OTM by OldTimer - Version 3.1.12.0 log created on 06292010_114427

Files moved on Reboot...

Registry entries deleted on Reboot...

[thyrex]

Запакуйте папку C:\_OTM\MovedFiles с паролем virus и пришлите на thyrex2002<at>tut.by (at=@) с указанной ссылкой на тему.
Если почтовый сервер не будет пропускать письмо, выложите архив на файлообменник, а на указанный e-mail отправьте письмо со ссылкой на скачивание.

Новые логи RSIT сделайте

[-Lis-]

Только вот сам он не перезагружался, вылезло сообщение, чтобы удалить перезагрузитесь, нажал "ок", он повисел мин 5, потом я закрыл OTM by OldTimer, нажав exit, после чего ребутнул комп

[thyrex]

Перестаньте замусоривать тему сообщениями.
Указания над Вашим постом

[-Lis-]

Новые логи RSIT

[okshef]

-Lis-, закончите лечение, обновите антивирус:

Цитата:

AV: Антивирусная система Eset NOD32 2.70 (outdated)

Совсем уже рудимент

[-Lis-]

Ну по другому не могу, Kerio WinRoute Firewall 6.5.* не работает с более поздней версией нода

[thyrex]

Карантин отправили?

Выполните скрипт в AVZ

Код:

begin
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
RebootWindows(true);
end.

Компьютер перезагрузится.

Если проблем больше нет, выписываем

[okshef]

-Lis-, тогда установите защиту по максимуму, обязательно включите защиту от потенциально нежелательных программ