• Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы

SPYWARE-RU.COM
Меню
  • Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы
В начало › Re: Re: утилизация программы
Adguard
 

Re: Re: утилизация программы

Удаление вирусов и троянов. Защита компьютера. › Помощь в удалении вирусов, троянов, рекламы и других зловредов › утилизация программы › Re: Re: утилизация программы

26 марта, 2009 в 8:53 пп #22654
Lev4uk-59
Participant
  • Темы:2
  • Сообщений:10
  • ☆

Все вместе не удалось.

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
ServiceDriver dwshd not found.
ServiceDriver dwshd not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa\»Notification Packages»|hex(7):73,00,63,00,65,00,63,00,6c,00,69,00,00,00,00,00 /E : value set successfully!
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ad1325cc-2639-11dd-9a53-001966444e39}\ not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ad1325cd-2639-11dd-9a53-001966444e39}\ not found.
========== FILES ==========
File/Folder C:WINDOWSSystem32driversdwshd.sys not found.
File/Folder F:Recycledctfmon.exe not found.
File/Folder E:Recycledctfmon.exe not found.
========== COMMANDS ==========
File delete failed. C:DOCUME~19335~1LOCALS~1Temp~DFA521.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1Temp~DFA536.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1Temp~DFA615.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1Temp~DFA629.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:WINDOWStempcch~97e0a7e8.htp scheduled to be deleted on reboot.
File delete failed. C:WINDOWStempcch~97e0cabd.htp scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Opera cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer — Version 1.0.9.0 log created on 03262009_232009

Files moved on Reboot…
File C:DOCUME~19335~1LOCALS~1Temp~DFA521.tmp not found!
File C:DOCUME~19335~1LOCALS~1Temp~DFA536.tmp not found!
File C:DOCUME~19335~1LOCALS~1Temp~DFA615.tmp not found!
File C:DOCUME~19335~1LOCALS~1Temp~DFA629.tmp not found!
File move failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be moved on reboot.
File C:WINDOWStempcch~97e0a7e8.htp not found!
File C:WINDOWStempcch~97e0cabd.htp not found!

Logfile of random’s system information tool 1.05 (written by random/random)
Run by Администратор at 2009-03-26 23:42:39
Microsoft Windows XP Professional Service Pack 2
System drive C: has 2 GB (23%) free of 10 GB
Total RAM: 247 MB (6% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:43:01, on 26.03.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32TaskSwitch.exe
C:WINDOWSsystem32igfxtray.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesBillP StudiosWinPatrolWinPatrol.exe
C:Program FilesBillP StudiosWinPatrolwinpatrol.exe
C:Program FilesTrend MicroInternet Securitypccguide.exe
C:Program FilesTrend MicroInternet SecurityPCClient.exe
C:Program FilesTrend MicroInternet SecurityTMOAgent.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesTrend MicroInternet SecurityTmntsrv.exe
C:Program FilesTrend MicroInternet Securitytmproxy.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSnotepad.exe
C:Documents and SettingsАдминистраторРабочий столRSIT.exe
C:Program Filestrend microАдминистратор.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yandex.ru/?clid=44290
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=44290
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O4 — HKLM..Run: [CoolSwitch] C:WINDOWSsystem32TaskSwitch.exe
O4 — HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 — HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [WinPatrol] C:Program FilesBillP StudiosWinPatrolWinPatrol.exe
O4 — HKLM..Run: [WinPatrol Russian v.2] C:Program FilesBillP StudiosWinPatrolwinpatrol.exe
O4 — HKLM..Run: [pccguide.exe] «C:Program FilesTrend MicroInternet Securitypccguide.exe»
O4 — HKLM..Run: [PCClient.exe] «C:Program FilesTrend MicroInternet SecurityPCClient.exe»
O4 — HKLM..Run: [TM Outbreak Agent] «C:Program FilesTrend MicroInternet SecurityTMOAgent.exe» /run
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: Добавить в Анти-Баннер — C:Program FilesKaspersky LabKaspersky Internet Security 2009ie_banner_deny.htm
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll
O23 — Service: Kaspersky Internet Security (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Trend NT Realtime Service (Tmntsrv) — Trend Micro Incorporated. — C:Program FilesTrend MicroInternet SecurityTmntsrv.exe
O23 — Service: Trend Micro Proxy Service (tmproxy) — Trend Micro Incorporated. — C:Program FilesTrend MicroInternet Securitytmproxy.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 5792 bytes

======Scheduled tasks folder======

C:WINDOWStasksNorton Security Scan for Администратор.job
C:WINDOWStasksUser_Feed_Synchronization-{E8E45A9D-4200-4086-BE90-3D1BFA392BBC}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«CoolSwitch»=C:WINDOWSsystem32TaskSwitch.exe [2005-12-22 45632]
«IgfxTray»=C:WINDOWSsystem32igfxtray.exe [2005-05-19 155648]
«HotKeysCmds»=C:WINDOWSsystem32hkcmd.exe [2005-05-19 118784]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2005-05-19 67584]
«WinPatrol»=C:Program FilesBillP StudiosWinPatrolWinPatrol.exe [2007-08-06 292152]
«WinPatrol Russian v.2″=C:Program FilesBillP StudiosWinPatrolwinpatrol.exe [2007-08-06 292152]
«pccguide.exe»=C:Program FilesTrend MicroInternet Securitypccguide.exe [2009-03-22 966718]
«PCClient.exe»=C:Program FilesTrend MicroInternet SecurityPCClient.exe [2009-03-22 663618]
«TM Outbreak Agent»=C:Program FilesTrend MicroInternet SecurityTMOAgent.exe [2009-03-22 450627]
«AVP»=C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-03-24 206088]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-10-13 1694208]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe -AutoStart []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll»

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:WINDOWSsystem32igfxsrvc.dll [2005-05-19 344064]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2008-11-11 218376]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«InstallVisualStyle»=C:WINDOWSResourcesThemesRoyaleRoyale.msstyles
«InstallTheme»=C:WINDOWSResourcesThemesRoyale.theme

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Program FilesKaspersky LabKaspersky AV for Yandex Onlineavp.exe»=»C:Program FilesKaspersky LabKaspersky AV for Yandex Onlineavp.exe:*:Enabled:Kaspersky Anti-Virus»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

======List of files/folders created in the last 1 months======

2009-03-26 23:20:09 —-D—- C:_OTMoveIt
2009-03-26 22:18:53 —-RASHD—- C:autorun.inf
2009-03-26 22:18:19 —-A—- C:WINDOWSsystem32ptpusb.dll
2009-03-26 22:18:15 —-A—- C:WINDOWSsystem32ptpusd.dll
2009-03-26 21:52:22 —-A—- C:avenger.txt
2009-03-24 10:37:53 —-D—- C:rsit
2009-03-24 10:02:29 —-D—- C:Avenger
2009-03-22 13:49:27 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-03-22 12:52:50 —-D—- C:WINDOWSCache
2009-03-22 12:51:21 —-D—- C:Program FilesMediaRing Dialer
2009-03-22 12:51:21 —-A—- C:WINDOWSsystem32sx5363s.dll
2009-03-22 12:51:21 —-A—- C:WINDOWSsystem32mrupvers.exe
2009-03-22 12:51:21 —-A—- C:WINDOWSsystem32MRSysIn.dll
2009-03-22 12:48:52 —-D—- C:WINDOWSProfiles
2009-03-22 12:48:46 —-D—- C:Documents and SettingsАдминистраторApplication DataInterTrust
2009-03-22 12:41:55 —-A—- C:WINDOWSsystem32nvumctl.exe
2009-03-22 12:41:41 —-A—- C:WINDOWSsystem32nvuide.exe
2009-03-22 12:41:07 —-A—- C:WINDOWSsystem32nvugart.exe
2009-03-22 12:32:27 —-D—- C:WINDOWSDrivers
2009-03-22 12:18:20 —-D—- C:Documents and SettingsАдминистраторApplication DataWinPatrol
2009-03-22 12:18:13 —-D—- C:Program FilesBillP Studios
2009-03-22 12:11:06 —-D—- C:Documents and SettingsAll UsersApplication DataDoctor Web
2009-03-20 21:04:11 —-D—- C:Documents and SettingsAll UsersApplication DataDoctor Web(2)
2009-03-20 16:21:11 —-D—- C:Program Filestrend micro
2009-03-20 12:22:23 —-D—- C:WINDOWSMinidump
2009-03-20 12:07:40 —-D—- C:Program FilesDrWeb
2009-03-20 11:53:51 —-D—- C:WINDOWSSxsCaPendDel
2009-03-20 11:14:15 —-D—- C:Documents and SettingsAll UsersApplication DataMegaVersion
2009-03-20 11:09:32 —-HD—- C:WINDOWSmsdownld.tmp
2009-03-20 09:38:58 —-D—- C:Program FilesKaspersky Lab
2009-03-20 09:33:52 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2009-03-20 08:39:27 —-RSD—- C:WINDOWSassembly
2009-03-20 08:36:15 —-D—- C:WINDOWSMicrosoft.NET
2009-03-20 07:32:19 —-HDC—- C:WINDOWSie8
2009-03-19 08:53:12 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-03-19 08:52:47 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-03-08 14:23:06 —-N—- C:WINDOWSsystem32msrating.dll.mui
2009-03-08 14:22:48 —-N—- C:WINDOWSsystem32mshta.exe.mui
2009-03-08 14:21:24 —-N—- C:WINDOWSsystem32ie4uinit.exe.mui
2009-03-08 14:21:04 —-N—- C:WINDOWSsystem32iedkcs32.dll.mui
2009-03-06 07:26:50 —-HDC—- C:WINDOWS$NtUninstallKB927779$
2009-03-06 07:26:33 —-HDC—- C:WINDOWS$NtUninstallKB927802$
2009-03-06 07:26:19 —-HDC—- C:WINDOWS$NtUninstallKB924270$
2009-03-06 07:26:02 —-HDC—- C:WINDOWS$NtUninstallKB930916$
2009-03-06 07:25:35 —-HDC—- C:WINDOWS$NtUninstallKB950749$
2009-03-06 07:25:12 —-HDC—- C:WINDOWS$NtUninstallKB908531$
2009-03-06 07:24:50 —-HDC—- C:WINDOWS$NtUninstallKB913580$
2009-03-06 07:24:29 —-HDC—- C:WINDOWS$NtUninstallKB935839$
2009-03-06 07:24:11 —-HDC—- C:WINDOWS$NtUninstallKB943055$
2009-03-06 07:23:56 —-HDC—- C:WINDOWS$NtUninstallKB920683$
2009-03-06 07:23:42 —-HDC—- C:WINDOWS$NtUninstallKB914389$
2009-03-06 07:23:23 —-HDC—- C:WINDOWS$NtUninstallKB944653$
2009-03-06 07:23:01 —-HDC—- C:WINDOWS$NtUninstallKB928843$
2009-03-06 04:18:22 —-D—- C:Program FilesParagon Software
2009-03-06 03:26:30 —-HDC—- C:WINDOWS$NtUninstallKB937894$
2009-03-06 03:25:32 —-HDC—- C:WINDOWS$NtUninstallKB928255$
2009-03-06 03:25:16 —-HDC—- C:WINDOWS$NtUninstallKB933729$
2009-03-06 03:24:59 —-HDC—- C:WINDOWS$NtUninstallKB920685$
2009-03-06 03:24:44 —-HDC—- C:WINDOWS$NtUninstallKB923980$
2009-03-06 03:24:29 —-HDC—- C:WINDOWS$NtUninstallKB911280$
2009-03-06 03:24:15 —-HDC—- C:WINDOWS$NtUninstallKB911562$
2009-03-06 03:23:59 —-HDC—- C:WINDOWS$NtUninstallKB938828$
2009-03-06 03:23:41 —-HDC—- C:WINDOWS$NtUninstallKB924667$
2009-03-06 03:23:19 —-HDC—- C:WINDOWS$NtUninstallKB931261$
2009-03-06 03:23:00 —-HDC—- C:WINDOWS$NtUninstallKB927891$
2009-03-06 03:22:44 —-HDC—- C:WINDOWS$NtUninstallKB936357$
2009-03-06 03:22:27 —-HDC—- C:WINDOWS$NtUninstallKB946026$
2009-03-06 03:22:15 —-HDC—- C:WINDOWS$NtUninstallKB925398_WMP64$
2009-03-06 03:21:44 —-HDC—- C:WINDOWS$NtUninstallKB925902$
2009-03-06 03:21:25 —-HDC—- C:WINDOWS$NtUninstallKB929123$
2009-03-06 03:21:09 —-HDC—- C:WINDOWS$NtUninstallKB920670$
2009-03-06 03:20:46 —-HDC—- C:WINDOWS$NtUninstallKB918439$
2009-03-06 03:20:26 —-HDC—- C:WINDOWS$NtUninstallKB926436$
2009-03-06 03:20:10 —-HDC—- C:WINDOWS$NtUninstallKB920872$
2009-03-06 03:19:48 —-HDC—- C:WINDOWS$NtUninstallKB930178$
2009-03-06 03:19:29 —-HDC—- C:WINDOWS$NtUninstallKB914388$
2009-03-06 03:19:07 —-HDC—- C:WINDOWS$NtUninstallKB932168$
2009-03-06 03:18:48 —-HDC—- C:WINDOWS$NtUninstallKB923191$
2009-03-06 03:18:30 —-HDC—- C:WINDOWS$NtUninstallKB922582$
2009-03-06 03:18:12 —-HDC—- C:WINDOWS$NtUninstallKB918118$
2009-03-06 03:17:56 —-HDC—- C:WINDOWS$NtUninstallKB926255$
2009-03-06 03:17:32 —-HDC—- C:WINDOWS$NtUninstallKB920213$
2009-03-06 03:16:53 —-HDC—- C:WINDOWS$NtUninstallKB935840$
2009-03-06 03:16:14 —-HDC—- C:WINDOWS$NtUninstallKB943485$
2009-03-06 03:14:58 —-HDC—- C:WINDOWS$NtUninstallKB945553$
2009-03-06 03:13:06 —-HDC—- C:WINDOWS$NtUninstallKB916595$
2009-03-06 02:30:47 —-D—- C:WINDOWSie8updates
2009-03-06 02:24:57 —-D—- C:WINDOWSsystem32en-US
2009-03-06 00:31:10 —-D—- C:Program FilesMozilla Firefox
2009-03-06 00:22:45 —-D—- C:Documents and SettingsАдминистраторApplication DataMozilla
2009-03-05 23:20:00 —-D—- C:multitran
2009-03-05 23:14:42 —-D—- C:Documents and SettingsАдминистраторApplication DataHelp
2009-03-05 23:09:50 —-D—- C:Program FilesMuller_dictionary
2009-03-04 16:59:39 —-D—- C:Documents and SettingsAll UsersApplication DataWindows Genuine Advantage
2009-03-04 16:53:37 —-DC—- C:WINDOWS$NtUninstallwmp11$
2009-03-04 16:49:16 —-DC—- C:WINDOWS$NtUninstallWMFDist11$
2009-03-04 16:47:18 —-DC—- C:WINDOWS$NtUninstallWudf01000$
2009-03-04 10:20:48 —-D—- C:Program FilesCommon FilesSymantec Shared(2)
2009-03-04 10:20:33 —-D—- C:Program FilesNorton Security Scan(2)
2009-03-03 23:58:53 —-HDC—- C:WINDOWS$NtUninstallKB954156_WM9L$
2009-03-03 23:58:32 —-HDC—- C:WINDOWS$NtUninstallKB960715$
2009-03-03 23:58:06 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2009-03-03 23:56:46 —-D—- C:WINDOWSie7updates
2009-03-03 21:36:15 —-D—- C:Program FilesFlash Movie Player
2009-03-03 19:21:39 —-D—- C:Program FilesProxomitron
2009-03-03 17:56:33 —-D—- C:WINDOWSsystem32Adobe
2009-03-02 19:22:31 —-D—- C:WINDOWSWBEM
2009-03-02 19:22:30 —-D—- C:WINDOWSsystem32ru-ru
2009-03-02 19:20:39 —-HDC—- C:WINDOWSie7
2009-03-02 19:20:16 —-HDC—- C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-03-02 19:19:53 —-HDC—- C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-03-02 19:19:11 —-HDC—- C:WINDOWS$NtUninstallKB915865$
2009-03-02 19:18:33 —-A—- C:WINDOWSsystem32xmllite.dll

======List of files/folders modified in the last 1 months======

2009-03-26 23:40:02 —-D—- C:WINDOWSTemp
2009-03-26 23:37:21 —-D—- C:WINDOWSPrefetch
2009-03-26 23:23:26 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-26 22:18:24 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-26 22:18:20 —-D—- C:WINDOWSsystem32
2009-03-26 22:18:15 —-D—- C:WINDOWSsystem32drivers
2009-03-26 22:18:01 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-24 10:21:26 —-RD—- C:Program Files
2009-03-22 14:00:57 —-D—- C:WINDOWS
2009-03-22 13:52:04 —-SHD—- C:WINDOWSInstaller
2009-03-22 13:51:15 —-HD—- C:WINDOWSinf
2009-03-22 13:19:33 —-D—- C:Program FilesOpera
2009-03-22 12:55:39 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-03-22 12:55:22 —-D—- C:Program FilesAdobe
2009-03-22 12:48:47 —-D—- C:Documents and SettingsАдминистраторApplication DataAdobe
2009-03-22 12:48:46 —-D—- C:Program FilesCommon FilesAdobe
2009-03-22 12:45:00 —-D—- C:Новая папка
2009-03-22 12:37:16 —-D—- C:Program FilesCommon Files
2009-03-22 12:12:00 —-D—- C:WINDOWSsystem32config
2009-03-22 12:11:38 —-D—- C:WINDOWSsystem32wbem
2009-03-22 12:11:36 —-D—- C:WINDOWSRegistration
2009-03-22 11:59:43 —-D—- C:WINDOWSsystem32Macromed
2009-03-20 23:19:58 —-D—- C:Program FilesInternet Explorer
2009-03-20 21:15:05 —-SD—- C:WINDOWSTasks
2009-03-20 11:54:53 —-D—- C:Program FilesOpera 10 Preview
2009-03-20 11:53:51 —-D—- C:WINDOWSWinSxS
2009-03-20 11:40:42 —-D—- C:Program FilesYandex
2009-03-20 11:28:39 —-D—- C:WINDOWSsystem32CatRoot
2009-03-20 11:12:05 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-03-20 11:11:37 —-D—- C:WINDOWSsystem32mui
2009-03-20 11:11:27 —-D—- C:WINDOWSpchealth
2009-03-20 09:02:06 —-SD—- C:Documents and SettingsАдминистраторApplication DataMicrosoft
2009-03-20 08:46:27 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-03-20 07:39:52 —-D—- C:WINDOWSMedia
2009-03-20 07:39:52 —-D—- C:WINDOWSHelp
2009-03-20 07:38:30 —-A—- C:WINDOWSimsins.BAK
2009-03-20 07:37:53 —-HD—- C:WINDOWS$hf_mig$
2009-03-08 14:23:22 —-A—- C:WINDOWSsystem32ieframe.dll.mui
2009-03-08 14:21:22 —-A—- C:WINDOWSsystem32advpack.dll.mui
2009-03-08 14:09:26 —-A—- C:WINDOWSsystem32iedkcs32.dll
2009-03-08 04:41:16 —-A—- C:WINDOWSsystem32mshtml.dll
2009-03-08 04:39:48 —-A—- C:WINDOWSsystem32ieframe.dll
2009-03-08 04:34:58 —-A—- C:WINDOWSsystem32wininet.dll
2009-03-08 04:34:56 —-A—- C:WINDOWSsystem32urlmon.dll
2009-03-08 04:34:48 —-A—- C:WINDOWSsystem32WinFXDocObj.exe
2009-03-08 04:34:48 —-A—- C:WINDOWSsystem32webcheck.dll
2009-03-08 04:34:30 —-A—- C:WINDOWSsystem32licmgr10.dll
2009-03-08 04:34:28 —-A—- C:WINDOWSsystem32url.dll
2009-03-08 04:34:18 —-A—- C:WINDOWSsystem32occache.dll
2009-03-08 04:34:18 —-A—- C:WINDOWSsystem32msrating.dll
2009-03-08 04:33:40 —-A—- C:WINDOWSsystem32corpol.dll
2009-03-08 04:33:26 —-A—- C:WINDOWSsystem32jsproxy.dll
2009-03-08 04:33:16 —-A—- C:WINDOWSsystem32jscript.dll
2009-03-08 04:33:08 —-A—- C:WINDOWSsystem32ieaksie.dll
2009-03-08 04:33:06 —-A—- C:WINDOWSsystem32vbscript.dll
2009-03-08 04:33:02 —-A—- C:WINDOWSsystem32ieakeng.dll
2009-03-08 04:32:56 —-A—- C:WINDOWSsystem32admparse.dll
2009-03-08 04:32:54 —-A—- C:WINDOWSsystem32ie4uinit.exe
2009-03-08 04:32:52 —-A—- C:WINDOWSsystem32ieudinit.exe
2009-03-08 04:32:52 —-A—- C:WINDOWSsystem32ieakui.dll
2009-03-08 04:32:50 —-A—- C:WINDOWSsystem32iesetup.dll
2009-03-08 04:32:50 —-A—- C:WINDOWSsystem32iernonce.dll
2009-03-08 04:32:48 —-A—- C:WINDOWSsystem32advpack.dll
2009-03-08 04:32:46 —-A—- C:WINDOWSsystem32inseng.dll
2009-03-08 04:32:26 —-A—- C:WINDOWSsystem32msfeeds.dll
2009-03-08 04:32:22 —-A—- C:WINDOWSsystem32iertutil.dll
2009-03-08 04:32:04 —-A—- C:WINDOWSsystem32mstime.dll
2009-03-08 04:31:56 —-A—- C:WINDOWSsystem32iepeers.dll
2009-03-08 04:31:54 —-A—- C:WINDOWSsystem32msfeedssync.exe
2009-03-08 04:31:52 —-A—- C:WINDOWSsystem32msfeedsbs.dll
2009-03-08 04:31:52 —-A—- C:WINDOWSsystem32icardie.dll
2009-03-08 04:31:44 —-A—- C:WINDOWSsystem32dxtmsft.dll
2009-03-08 04:31:38 —-A—- C:WINDOWSsystem32imgutil.dll
2009-03-08 04:31:38 —-A—- C:WINDOWSsystem32dxtrans.dll
2009-03-08 04:31:36 —-A—- C:WINDOWSsystem32pngfilt.dll
2009-03-08 04:31:26 —-A—- C:WINDOWSsystem32mshtmled.dll
2009-03-08 04:31:18 —-A—- C:WINDOWSsystem32mshtmler.dll
2009-03-08 04:31:02 —-A—- C:WINDOWSsystem32mshta.exe
2009-03-08 04:22:46 —-A—- C:WINDOWSsystem32ieui.dll
2009-03-08 04:22:38 —-A—- C:WINDOWSsystem32msls31.dll
2009-03-08 04:11:12 —-A—- C:WINDOWSsystem32ieapfltr.dll
2009-03-06 04:19:06 —-RSD—- C:WINDOWSFonts
2009-03-06 03:28:58 —-D—- C:WINDOWSmsagent
2009-03-06 03:21:31 —-D—- C:Program FilesOutlook Express
2009-03-06 03:21:31 —-D—- C:Program FilesCommon FilesSystem
2009-03-05 22:46:23 —-D—- C:Documents and Settings
2009-03-05 00:53:34 —-D—- C:WINDOWSDebug
2009-03-04 17:11:51 —-D—- C:WINDOWSsystem32CatRoot_bak
2009-03-04 17:09:29 —-D—- C:Program FilesWindows Media Player
2009-03-04 17:09:21 —-D—- C:Program FilesWindows Media Connect 2
2009-03-04 17:08:23 —-D—- C:WINDOWSsystem32Restore
2009-03-04 17:05:07 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2009-03-24 226832]
R1 tmtdi;Trend Micro TDI Driver; C:WINDOWSSystem32Driverstmtdi.sys [2003-09-22 14976]
R2 tm_cfw;Common Firewall Driver; C:WINDOWSSystem32Driverstm_cfw.sys [2009-03-22 771712]
R2 Tmfilter;Tmfilter; C:WINDOWSsystem32driversTmXPFlt.sys [2009-03-22 205328]
R2 Tmpreflt;Tmpreflt; C:WINDOWSsystem32driversTmpreflt.sys [2009-03-22 36368]
R2 Vsapint;Vsapint; C:WINDOWSsystem32driversVsapint.sys [2009-03-22 1195384]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:WINDOWSsystem32driversALCXSENS.SYS [2005-05-19 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2005-05-19 626204]
R3 E100B;Intel(R) PRO Adapter Driver; C:WINDOWSsystem32DRIVERSe100b325.sys [2005-05-19 154112]
R3 ialm;ialm; C:WINDOWSsystem32DRIVERSialmnt5.sys [2005-05-19 730653]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:WINDOWSsystem32DRIVERSklfltdev.sys [2008-03-13 26640]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2006-02-17 27264]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Internet Security; C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-03-24 206088]
R2 Tmntsrv;Trend NT Realtime Service; C:Program FilesTrend MicroInternet SecurityTmntsrv.exe [2009-03-22 262214]
R2 tmproxy;Trend Micro Proxy Service; C:Program FilesTrend MicroInternet Securitytmproxy.exe [2009-03-22 204870]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 UMWdf;Компонент драйверов пользовательского режима Windows; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
S3 WMConnectCDS;Служба Windows Media Connect; C:Program FilesWindows Media Connect 2Wmccds.exe [2006-02-01 855552]

EOF


=

Добро пожаловать

На нашем сайте размещены инструкции и программы, которые помогут вам абсолютно бесплатно и самостоятельно удалить навязчивую рекламу, вирусы и трояны.

Поиск

Важные инструкции

Как удалить рекламный вирус в браузере (Chrome, Opera, Firefox, Internet Explorer, Edge)
Установлено в соответствии с корпоративным правилом (Удалить из Хрома)
Удалить вирус, всплывающие окна и рекламу в Mac OS X
Как запустить компьютер в безопасном режиме (Safe Mode)
вредоносные программы
Как удалить вредоносные программы, лучшие утилиты

СПАЙВАРЕ РУ

  • О Спайваре Ру
  • Контакты
  • Реклама на сайте
  • Политика конфиденциальности
  • Правила использования

Нужна помощь?

Задайте свой вопрос прямо сейчас кликнув по следующей ссылке Задать вопрос.

Или обратитесь на наш форум, где команда Spyware-ru поможет вам. Узнайте, как попросить о помощи здесь.

Ссылки

  • Инструкции
  • Скачать программы
  • Помощь в удалении вирусов
  • Как вылечить компьютер
Copyright © 2008 - 2024 Spyware-RU.com (en)