Ошибки svchost и usbmngr

**.silent.** · 28.03.2011, 20:30

Периодически в папке system32 возникают файлы типа: 53.exe, 16.exe и т.д., некоторые из них появляются в диспетчере задач.
Иногда появляются ошибки usbmngr или svchost. Если я запускаю игру, то стабильно возникает ошибка svchost.exe, продолжаю играть - звук есть. Выхожу, смотрю видео или запускаю другую игру - звук пропадает.
KiS 2011 вирусы удаляет, однако, после перезагрузки проблема появляется снова. Лечение CureIt'ом также результатов не дало.

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**V_Bond** · 28.03.2011, 21:52

E:\WINDOWS.0\usbmngr.exe - пришлите согласно приложения 2 правил

**.silent.** · 29.03.2011, 17:31

Вчера отправил файл карантина. Дошёл?

**thyrex** · 29.03.2011, 21:46

Выполните скрипт в AVZ

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
DeleteFile('E:\WINDOWS.0\usbmngr.exe');
 RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Windows Data Serivce');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.

Компьютер перезагрузится.

Установите все новые обновления для Windows
Установите Internet Explorer 8 (даже если им не пользуетесь)

Сделайте новые логи

Сделайте лог полного сканирования МВАМ

**.silent.** · 31.03.2011, 20:04

,,,,,,,,,,,,,,,,,,,,

**thyrex** · 31.03.2011, 22:08

Удалите в МВАМ только указанные ниже записи

Код:

Заражённые файлы:
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP30\A0026380.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP30\A0026400.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0026419.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0026439.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0026465.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0026500.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0026527.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027527.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027688.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027563.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027588.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027607.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027652.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027725.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027750.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027782.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0028782.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0028802.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0028831.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0028851.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0028956.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0028978.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029018.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029198.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029225.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029247.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029284.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029324.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029348.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029373.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029402.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP33\A0029418.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP34\A0029434.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP34\A0030408.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP34\A0031402.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP34\A0031445.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP34\A0031469.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP34\A0031499.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0031517.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0031609.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0031655.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0031675.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0032700.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0032722.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0032741.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0032801.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0032831.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0033831.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0033853.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0034853.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0034876.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0034898.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0035898.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0035933.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0035961.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0036020.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP36\A0036035.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP36\A0036055.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP36\A0036087.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP36\A0036109.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP36\A0037109.exe (Worm.AutoRun) -> No action taken.
e:\program files\avz4\quarantine\2011-03-28\avz00001.dta (Worm.Kolab) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP30\A0026387.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP30\A0026408.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0026426.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0026446.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0026472.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0026508.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0026534.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027535.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027570.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027595.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027615.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027659.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027732.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027757.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027696.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0027789.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0028789.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP31\A0028809.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0028838.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0028859.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0028963.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0028985.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029025.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029205.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029232.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029291.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029332.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029355.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029380.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP32\A0029409.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP33\A0029425.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP34\A0029441.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP34\A0030415.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP34\A0031410.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP34\A0031453.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP34\A0031477.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP34\A0031507.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0031524.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0031617.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0031663.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0031683.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0032708.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0032730.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0032748.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0032809.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0032838.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0033838.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0034861.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0034883.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0033860.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0034906.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0035905.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0035940.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0035969.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP35\A0036027.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP36\A0036042.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP36\A0036062.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP36\A0036094.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP36\A0036116.exe (Worm.AutoRun) -> No action taken.
f:\system volume information\_restore{a37912b2-5e7b-466a-8c33-d0b1255e113a}\RP36\A0037116.exe (Worm.AutoRun) -> No action taken.
f:\инсталл\каспер\resetter_2.3.exe (Trojan.Agent.CK) -> No action taken.
f:\разная литература\Качалка\бодибилдинг\IRONMAN\бодибилдинг\2.jpg (Extension.Mismatch) -> No action taken.

**CyberHelper** · 01.04.2011, 22:08

Статистика проведенного лечения:

Получено карантинов: 1
Обработано файлов: 1
В ходе лечения обнаружены вредоносные программы:
1. e:\\windows.0\\usbmngr.exe - Net-Worm.Win32.Kolab.rys ( DrWEB: Trojan.Packed.21497, BitDefender: Backdoor.Generic.526165, AVAST4: Win32:Malware-gen )

Ошибки svchost и usbmngr (заявка № 99969)

Опции темы

Ошибки svchost и usbmngr

Антивирусная помощь

Антивирусная помощь

Итог лечения

Похожие темы

После ошибки svchost на сервере отваливается сеть

Generic Host и ошибки svchost на компьютерах сети

Иногда выскакивают непонятные ошибки svchost.exe

ошибки приложения svchost.exe

Зависание после закрытия диалога ошибки Svchost.exe

Ваши права в разделе