- e-mail

 
.

 -

, , ,
   ĸ

 -

 -

 -

 LiveInternet.ru:
: 18.01.2005
: 787
: 497
: 1882

:

( 8643 )


(0)

6 546

, 18 2014 . 13:16 +
, , , , , 8 , (H3 N2), (H1 N1) 09, . / , 14 % 76,4 10 .


:  
(4)

, SMS- -

, 10 2011 . 15:09 +
, SMS- - ( - , , , )

: , ! !

Live CD. , , CD-ROM, .

1.
ERD Commandere Userinit HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon. C:\windows\system32\usrinit.exe,* ( , ). - , , .
Userint. .
Shell. explorer.exe. - , .

:
HKEY_USERS\Admin\Software\Microsoft\Windows\CurrentVersion\Run +
HKEY_USERS\Admin\Software\Microsoft\Windows\CurrentVersion\RunOnce +
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run +
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
, - , .

2.
, :
:\Documents and Settings\
:\Documents and Settings\Admin\**
:\Documents and Settings\Admin\Application Data
:\Documents and Settings\Default User\
:\Documents and Settings\NetworkService\
:\Documents and Settings\All Users\Application Data
- .

3.
, :
:\WINDOWS\Temp
:\Documents and Settings\Admin\Local Settings\Temp
:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5 ( index.dat desktop.ini)
:\Documents and Settings\Default User\Local Settings\Temp
:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 ( index.dat desktop.ini)
:\Documents and Settings\NetworkService\Local Settings\Temp
:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 ( index.dat desktop.ini)

4.
:\WINDOWS\system32 userinit.exe. - 26,0 (26 624 ). - LiveCD I386 userinit.ex_. Rar 7ZIP , userinit.exe , system32.
, userinit :\WINDOWS\system32\dllcache, , . , , , .
taskgmr.exe explorer.exe WINDOWS.

. - .
, Dr.Web LiveCD . - .
- , , . .

* - , Windows
** - admin ,

. - . , .

:  
(0)

, 25 2009 . 20:27 +
, z-connect ( i-connect) - , ( GPRS ) . , - . , - - z-connect. (AVG AVZ) .

, . BackDoor.Poison.767 Win32/Dialer.NGB. , .

( ! ;-)))) . . , system32. . AI - . .
RECYCLER - . RECYCLER . , .


))) (AVG) + (COMODO) , - . .

:
1. AVZ . , ))
2. ( -> ->)
3. (-> -> )
4. AVZ, , , .
5. ( ) ,

( !!!):
1. , . , , Process Explorer. . ))) : , , (RECYCLER RECYCLED). , .
2. ( ) . )
3. ( RegCleaner) . .
4. ( Total Commander) AUTORUN.INF . ( ) . .
5. (RECYCLER RECYCLED). ( Unlocker ).
6. , , .
7.


, . , . , , .

UP:
- . - . - , .

:  

 : [1]