Вирус на мозилле. помогите!!!

вот что получилось
Logfile of HijackThis v1.99.1
Scan saved at 15:09:18, on 25.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
D:\Programme\Java\jre6\bin\jusched.exe
D:\Programme\Home Cinema\PowerDVD\PDVDServ.exe
D:\Programme\Home Cinema\PowerCinema\PCMService.exe
D:\PROGRA~1\Medion Tools\KeyStat\KeyStat.exe
D:\Programme\VIA\RAID\raid_tool.exe
D:\WINDOWS\vsnp2std.exe
D:\Programme\Lexmark X1100 Series\lxbkbmgr.exe
D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Programme\QuickTime\qttask.exe
D:\Programme\Lexmark X1100 Series\lxbkbmon.exe
D:\WINDOWS\AGRSMMSG.exe
D:\Programme\ESET\ESET NOD32 Antivirus\egui.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Programme\AOL 9.0a\aoltray.exe
D:\Programme\StarOffice7\program\soffice.exe
D:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
D:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
D:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
D:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\Programme\Java\jre6\bin\jqs.exe
D:\Programme\CyberLink\Shared Files\RichVideo.exe
D:\WINDOWS\system32\svchost.exe
D:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
D:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wuauclt.exe
H:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Пожалуйста зарегистрируйся для просмотра данной ссылки на страницу.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {88888888-8888-8888-8888-888888888888} - (no file)
O2 - BHO: BP Data Feeder - {9D64F819-9380-8473-DAB2-702FCB3D7A3E} - %USERPROFILE%\Application Data\bpfeed.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - D:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [AOLDialer] D:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "D:\Programme\Home Cinema\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PCMService] "D:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [SetIcon] \Program Files\SMSC\SetIcon.exe
O4 - HKLM\..\Run: [Keyboard Status] D:\PROGRA~1\Medion Tools\KeyStat\KeyStat.exe
O4 - HKLM\..\Run: [RaidTool] D:\Programme\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [snp2std] D:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "D:\Programme\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "D:\Programme\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "D:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "D:\Programme\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [swg] D:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: StarOffice 7.lnk = D:\Programme\StarOffice7\program\quickstart.exe
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = D:\Programme\AOL 9.0a\aoltray.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - D:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - D:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - D:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - D:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - D:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Programme\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - D:\Programme\Java\jre6\bin\jqs.exe" -service -config "D:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NBService - Nero AG - D:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - D:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

вот при включённой мозилле
Logfile of HijackThis v1.99.1
Scan saved at 15:20:25, on 25.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
D:\Programme\Java\jre6\bin\jusched.exe
D:\Programme\Home Cinema\PowerDVD\PDVDServ.exe
D:\Programme\Home Cinema\PowerCinema\PCMService.exe
D:\PROGRA~1\Medion Tools\KeyStat\KeyStat.exe
D:\Programme\VIA\RAID\raid_tool.exe
D:\WINDOWS\vsnp2std.exe
D:\Programme\Lexmark X1100 Series\lxbkbmgr.exe
D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Programme\QuickTime\qttask.exe
D:\Programme\Lexmark X1100 Series\lxbkbmon.exe
D:\WINDOWS\AGRSMMSG.exe
D:\Programme\ESET\ESET NOD32 Antivirus\egui.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Programme\AOL 9.0a\aoltray.exe
D:\Programme\StarOffice7\program\soffice.exe
D:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
D:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
D:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
D:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\Programme\Java\jre6\bin\jqs.exe
D:\Programme\CyberLink\Shared Files\RichVideo.exe
D:\WINDOWS\system32\svchost.exe
D:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
D:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
D:\WINDOWS\System32\svchost.exe
D:\Programme\Mozilla Firefox\firefox.exe
H:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Пожалуйста зарегистрируйся для просмотра данной ссылки на страницу.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {88888888-8888-8888-8888-888888888888} - (no file)
O2 - BHO: BP Data Feeder - {9D64F819-9380-8473-DAB2-702FCB3D7A3E} - %USERPROFILE%\Application Data\bpfeed.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - D:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [AOLDialer] D:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "D:\Programme\Home Cinema\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PCMService] "D:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [SetIcon] \Program Files\SMSC\SetIcon.exe
O4 - HKLM\..\Run: [Keyboard Status] D:\PROGRA~1\Medion Tools\KeyStat\KeyStat.exe
O4 - HKLM\..\Run: [RaidTool] D:\Programme\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [snp2std] D:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "D:\Programme\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "D:\Programme\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "D:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "D:\Programme\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [swg] D:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: StarOffice 7.lnk = D:\Programme\StarOffice7\program\quickstart.exe
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = D:\Programme\AOL 9.0a\aoltray.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - D:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - D:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - D:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - D:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - D:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Programme\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - D:\Programme\Java\jre6\bin\jqs.exe" -service -config "D:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NBService - Nero AG - D:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - D:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Цитата

Со слов пользователя ku4a

А что им же не убереш лишнее?
А в целом, если б у меня такой лог был...тихий ужас формат c:

если бы знал как, то сделал бы. первый раз эту программу вижу.
подскажи как...

Цитата

Со слов пользователя mike

когда делал лог, картинка с "информером" уже была?
или был просто фирефокс запушен ???

да конечно была!!!

ЕСТЬ!!! ГОТОВО!!! Скачас новую мозилу, через интернет эксплорер. переустановил и всё исчезло. А когда скачивал через ту же мозилу и переустанавливал, реклама оставалась...
кстати, так ничего и не понял как это так сработало...