Постоянное проникновение разных вирусов

[Firew@ll]

Добрый день!

Подскажите пожалуйста, почему постоянно на компьютер проникают разные вирусы.

Стоит лицензионный XP SP3 и NOD4 Business с ежедневными обновлениями.

Приходится периодически чистить руками систему от вирусов.

В чем собака порылась, может подскажите?

info.txt

log.txt

virusinfo_syscheck.zip

virusinfo_syscure.zip

info.txt

log.txt

virusinfo_syscheck.zip

virusinfo_syscure.zip

[Old men]

почему постоянно на компьютер проникают разные вирусы.

Это общий вопрос, поэтому позволю себе высказаться.

Ранее, в какой-то из тем я уже писал, что основну защиту компьютера обеспечивает НЕ антивирус, а файрволл. Антивирус работает уже по факту. А файрволл позволяет отсечь значительную часть паразитного трафика, заккрыть не нужные вам для работы порты, указать вредоносные сайты (внести их в черный список) и т.д. Разумеется, все это требует настроек.

Дополнительно надо отключить лишние службы, почистить список автозагрузки, отключить автоматическое обновление - вполне достаточно ручного один - два раза в месяц

[akoK]

Сейчас ничего интересного не вижу

Скачайте OTMoveIt3 by OldTimer или с зеркала и сохраните на рабочий стол.

Запустите OTMoveIt3 (в ОС Windows Vista необходимо запускать через правую кн. мыши от имени администратора)

временно выключите антивирус, firewall и другое защитное программное обеспечение. Выделите и скопируйте текст ниже (Ctrl+C)

:Processesexplorer.exe:Services:Files:Reg[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cce4078a-fce8-11dd-b5a1-002215870de7}][-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7040f87-e854-11dd-b57b-005056c00008}]:Commands[purity][emptytemp][start explorer][Reboot]

В OTMoveIt3 под панелью "Paste Instructions for Items to be Moved" (под желтой панелью) вставьте скопированный текст и нажмите кнопку "MoveIt!". Выделите (Ctrl+A) и скопируйте (Ctrl+C) текст из окна под панелью "Results" (правая зеленая панель) в следующее сообщение.

Прим: Если файлы и папки не могут быть перемещены немедленно и появиться запись <deleted on reboot>, потребуется перезагрузка. После перезагрузки откройте папку "C:\_OTMoveIt\MovedFiles", найдите последний .log файл (лог в формате mmddyyyy_hhmmss.log), откройте и скопируйте текст из него в следующее сообщение.

[Firew@ll]

========== PROCESSES ==========

Process explorer.exe killed successfully.

========== SERVICES/DRIVERS ==========

========== FILES ==========

========== REGISTRY ==========

Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cce4078a-fce8-11dd-b5a1-002215870de7}\\ deleted successfully.

Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7040f87-e854-11dd-b57b-005056c00008}\\ deleted successfully.

========== COMMANDS ==========

File delete failed. C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF179D.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF22C3.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF965E.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF9665.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF96C5.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF96CC.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF96FD.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF9704.tmp scheduled to be deleted on reboot.

User's Temp folder emptied.

User's Temporary Internet Files folder emptied.

User's Internet Explorer cache folder emptied.

Local Service Temp folder emptied.

File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

Local Service Temporary Internet Files folder emptied.

File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_664.dat scheduled to be deleted on reboot.

Windows Temp folder emptied.

Java cache emptied.

FireFox cache emptied.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\adoc.bx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\md.dat scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\url.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\w.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\wb.vx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\adoc.bx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\md.dat scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\url.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\w.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\wb.vx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\adoc.bx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\md.dat scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\url.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\w.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\wb.vx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\adoc.bx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\md.dat scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\url.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\w.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\wb.vx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\adoc.bx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\md.dat scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\url.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\w.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\wb.vx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\adoc.bx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\md.dat scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\url.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\w.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\wb.vx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\adoc.bx scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\md.dat scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\url.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\w.ax scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\wb.vx scheduled to be deleted on reboot.

Opera cache emptied.

Temp folders emptied.

Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 07222009_141704

Files moved on Reboot...

File C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF179D.tmp not found!

File C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF22C3.tmp not found!

File C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF965E.tmp not found!

File C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF9665.tmp not found!

File C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF96C5.tmp not found!

File C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF96CC.tmp not found!

File C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF96FD.tmp not found!

File C:\DOCUME~1\ROOT~1.YUV\LOCALS~1\Temp\~DF9704.tmp not found!

File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.

File C:\WINDOWS\temp\Perflib_Perfdata_664.dat not found!

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\adoc.bx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\md.dat moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\url.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\w.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0008\wb.vx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\adoc.bx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\md.dat moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\url.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\w.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0005\wb.vx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\adoc.bx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\md.dat moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\url.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\w.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0004\wb.vx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\adoc.bx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\md.dat moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\url.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\w.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\wb.vx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\adoc.bx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\md.dat moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\url.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\w.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\wb.vx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\adoc.bx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\md.dat moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\url.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\w.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\wb.vx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\adoc.bx moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\md.dat moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\url.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\w.ax moved successfully.

C:\Documents and Settings\Root.YUVIDA\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\wb.vx moved successfully.

[Firew@ll]

Нету никаких мыслей по поводу какой-нить заразы в системе?

[thyrex]

Подскажите пожалуйста, почему постоянно на компьютер проникают разные вирусы.

Компьютер чист.

Ни один разработчик антивирусных решений не дает 100% гарантии защиты

[Firew@ll]

Спасибо за помощь.