- This topic has 5 ответов, 2 участника, and was last updated 16 years, 2 months назад by
.
-
Сообщения
-
- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Помогите!!!
Блокирует IE информер ПОРНО.
Следую вашей пошаговой инструкции и надеюсь.
info.txt logfile of random’s system information tool 1.05 2009-02-25 08:37:48======Uninstall list======
—>C:Program FilesNeroNero 7nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
7-Zip 4.57—>»C:Program Files7-ZipUninstall.exe»
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Photoshop CS—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime�701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EFB21DE7-8C19-4A88-BB28-A766E16493BC}setup.exe» -l0x9
Adobe Reader 9 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A90000000001}
Advanced WindowsCare Professional—>»C:Program FilesIObitAdvanced WindowsCare V2 Prounins000.exe»
Choice Guard—>MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Crawler Toolbar with Web Security Guard—>C:PROGRA~1CrawlerToolbarCToolbar.exe uninst
D-Link DFE520TX—>C:PROGRA~1COMMON~1INSTAL~1Driver10INTEL3~1IDriver.exe /M{9629C9A1-74F7-4DD0-B99B-9066925E63F8}
D-Link DFM-562I Controllerless Modem Card—>C:Program FilesIntelD-Link DFM-562I Controllerless Modem Cardsetup.exe -r PCIVEN_8086&DEV_1040&SUBSYS_10008086&REV_00 -n «D-Link DFM-562I Controllerless Modem Card»
D-Link PCI Fast Ethernet Adapter—>Rundll32.exe vuins32.dll,vuins32Ex $Rhine $D-Link
Download Master version 5.5.7.1145—>»C:Program FilesDownload Masterunins000.exe»
ESET NOD32 Antivirus—>MsiExec.exe /I{3407FD83-0A2F-475E-BE94-34F1FA342C84}
Genius Scanner—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{CCEB2144-5F5D-49E8-AADC-05CA48AE9AA5}setup.exe»
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Intel Application Accelerator—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9984DF60-1C5B-11D3-ACA1-908A4FC10801}Setup.exe» -INTELUNINST
Lernout & Hauspie TruVoice for Microsoft Agent—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFcgminst.inf, RemoveCgram
Magic Gooddy—>C:Program FilesMagic GooddyCMPSETUPUNINSTAL.EXE MG_0001
Microsoft Agent 1.5—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFagtinst.inf, RemoveAgent
Microsoft Command & Control Engine—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFmscnc.inf, Uninstall
Microsoft DirectX Transform optional components—>RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:WINDOWSINFDXTXTRA.INF,UNINSTALL.NT,12
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft Speech API 3.0—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFspchapi.inf, Uninstall
Microsoft Speech Lexicon—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFmslex.inf, Uninstall
ML-1200 Series—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{8C19F391-A225-4F32-8681-EDB8AFE6E436}setup.exe»
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Demo—>MsiExec.exe /I{A9B58F82-880E-9610-5F21-E99294F81049}
Nokia Connectivity Cable Driver—>MsiExec.exe /X{6882DD11-33B8-4DEA-8305-7E765BF74BD3}
Nokia MTP driver—>MsiExec.exe /I{0E94871C-623C-464F-A117-B8474BFF84E1}
Nokia PC Connectivity Solution—>MsiExec.exe /I{0D80391C-0A72-43BB-9BC2-143F63CC111D}
Nokia PC Suite—>MsiExec.exe /I{531317A5-586A-4E36-87C1-CA823447B375}
Opera 9.63—>MsiExec.exe /X{2C0CD17D-0B06-4700-83FA-7344B868B0A2}
PCI Audio Applications—>C:Program FilesPCI Audio ApplicationsBinUninstall.exe
PCI Audio Driver—>cmuninst.exe
Skype™ 3.8—>MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Spyware Terminator—>»C:Program FilesSpyware Terminatorunins000.exe»
Total Commander 7.00 Total Commander 7.00 PowerPack 1.00—>»C:Program FilesTotal Commanderuninstall.exe»
Voice Editor—>C:WINDOWSuninst.exe -f»C:Program FilesWinbondVoice EditorDeIsL1.isu» -c»C:Program FilesWinbondVoice Editor_ISREG32.DLL»
Winamp—>»C:Program FilesWinampUninstWA.exe»
Windows Driver Package — Nokia Modem (06/12/2006 6.81.0.21)—>C:PROGRA~1DIFXD6ACC4BE676423A2B130B78A4B627FC457D98997dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_62A340731F8930057B44B8864F236850B0D49D65nokbtmdm.inf
Windows Live Communications Platform—>MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Messenger—>MsiExec.exe /X{4740F152-2F61-4DEF-80C4-BFDEC8D928C3}
Исправление для Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Картмейстер-Начало от WEBaby—>C:Program FilesWEBabyКартмейстер-Началоuninstall.exe
Налогоплательщик ЮЛ—>MsiExec.exe /I{7CFC4E69-C9F7-4CBA-A2D4-968B53D84524}
Обновление безопасности для Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950760)—>»C:WINDOWS$NtUninstallKB950760$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954211)—>»C:WINDOWS$NtUninstallKB954211$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954459)—>»C:WINDOWS$NtUninstallKB954459$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956841)—>»C:WINDOWS$NtUninstallKB956841$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958215)—>»C:WINDOWS$NtUninstallKB958215$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960714)—>»C:WINDOWS$NtUninstallKB960714$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960715)—>»C:WINDOWS$NtUninstallKB960715$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление для Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Обновление для Windows XP (KB951978)—>»C:WINDOWS$NtUninstallKB951978$spuninstspuninst.exe»
Обновление для Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
Основные компоненты Windows Live—>C:Program FilesWindows LiveInstallerwlarp.exe
Основные компоненты Windows Live—>MsiExec.exe /I{C26868BF-3550-4BA2-9B75-8876C5F3D9B1}
Печать НД с PDF417 3.0.8—>MsiExec.exe /I{14FA2F5A-B75A-4F5B-AB22-B3274FA976FA}
Помощник по входу в Windows Live—>MsiExec.exe /I{A327A636-5D38-4D63-8EA9-477B528D3CC2}
Средство передачи Windows Live—>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}======Security center information======
AV: ESET NOD32 Antivirus 3.0
System event log
Computer Name: 8DFF59690CC3402
Event Code: 7036
Message: Служба «Телефония» перешла в состояние Работает.Record Number: 3229
Source Name: Service Control Manager
Time Written: 20090206082402.000000+180
Event Type: информация
User:Computer Name: 8DFF59690CC3402
Event Code: 7036
Message: Служба «Служба шлюза уровня приложения» перешла в состояние Работает.Record Number: 3228
Source Name: Service Control Manager
Time Written: 20090206082401.000000+180
Event Type: информация
User:Computer Name: 8DFF59690CC3402
Event Code: 7035
Message: Служба «Служба шлюза уровня приложения» успешно отправила управляющий элемент «запустить».Record Number: 3227
Source Name: Service Control Manager
Time Written: 20090206082401.000000+180
Event Type: информация
User: NT AUTHORITYSYSTEMComputer Name: 8DFF59690CC3402
Event Code: 7036
Message: Служба «Служба сетевого расположения (NLA)» перешла в состояние Работает.Record Number: 3226
Source Name: Service Control Manager
Time Written: 20090206082401.000000+180
Event Type: информация
User:Computer Name: 8DFF59690CC3402
Event Code: 7035
Message: Служба «Служба сетевого расположения (NLA)» успешно отправила управляющий элемент «запустить».Record Number: 3225
Source Name: Service Control Manager
Time Written: 20090206082401.000000+180
Event Type: информация
User: NT AUTHORITYSYSTEMApplication event log
Computer Name: 8DFF59690CC3402
Event Code: 11707
Message: Product: ISScript — Installation operation completed successfully.Record Number: 163
Source Name: MsiInstaller
Time Written: 20090110220530.000000+180
Event Type: информация
User: 8DFF59690CC3402НатэллаComputer Name: 8DFF59690CC3402
Event Code: 11729
Message: Продукт: Налогоплательщик ЮЛ — Сбой настройки.Record Number: 162
Source Name: MsiInstaller
Time Written: 20090110220400.000000+180
Event Type: информация
User: 8DFF59690CC3402НатэллаComputer Name: 8DFF59690CC3402
Event Code: 11707
Message: Продукт: Налогоплательщик ЮЛ — Операция установки успешно завершена.Record Number: 161
Source Name: MsiInstaller
Time Written: 20090110220018.000000+180
Event Type: информация
User: 8DFF59690CC3402НатэллаComputer Name: 8DFF59690CC3402
Event Code: 11707
Message: Product: ISScript — Installation operation completed successfully.Record Number: 160
Source Name: MsiInstaller
Time Written: 20090110215718.000000+180
Event Type: информация
User: 8DFF59690CC3402НатэллаComputer Name: 8DFF59690CC3402
Event Code: 11728
Message: Продукт: Налогоплательщик ЮЛ — Настройка завершена успешно.Record Number: 159
Source Name: MsiInstaller
Time Written: 20090110215659.000000+180
Event Type: информация
User: 8DFF59690CC3402Натэлла======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 2 Stepping 7, GenuineIntel
«PROCESSOR_REVISION»=0207
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Натэлла at 2009-02-25 08:34:39
Microsoft Windows XP Professional Service Pack 3
System drive C: has 18 GB (72%) free of 25 GB
Total RAM: 255 MB (39% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:37:44, on 25.02.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesESETESET NOD32 Antivirusekrn.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesOperaopera.exe
C:Program FilesSpyware Terminatorsp_rsser.exe
C:Documents and SettingsНатэллаРабочий столRSIT.exe
C:Program Filestrend microНатэлла.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.live.com
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru/
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:8600
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — (no file)
O2 — BHO: Adobe PDF Link Helper — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: (no name) — {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} — C:PROGRA~1CrawlerToolbarctbr.dll
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 — BHO: ldglibP — {3DD96B8E-968D-41B2-A41D-AD076B077548} — C:Documents and SettingsAll UsersApplication Dataldglib.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL
O2 — BHO: Помощник по входу в Windows Live — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — C:Program FilesDownload Masterdmbar.dll
O3 — Toolbar: Панель &Crawler — {4B3803EA-5230-4DC3-A7FC-33638F3D3542} — C:PROGRA~1CrawlerToolbarctbr.dll
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Crawler Search — tbr:iemenu
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~1MICROS~2Office12GR99D3~1.DLL
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O18 — Protocol: tbr — {4D25FB7A-8902-4291-960E-9ADA051CFBBF} — C:PROGRA~1CrawlerToolbarctbr.dll
O23 — Service: Adobe LM Service — Unknown owner — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe
O23 — Service: Spyware Terminator Realtime Shield Service (sp_rssrv) — Crawler.com — C:Program FilesSpyware Terminatorsp_rsser.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 6420 bytes======Scheduled tasks folder======
C:WINDOWStasksAdvanced WindowsCare V2 Pro.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:PROGRA~1CrawlerToolbarctbr.dll [2009-02-17 1192960][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2008-09-23 1088296][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3DD96B8E-968D-41B2-A41D-AD076B077548}]
FLAC Video Codec — C:Documents and SettingsAll UsersApplication Dataldglib.dll [2009-02-22 500736][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Помощник по входу в Windows Live — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2008-11-18 408952][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2008-10-24 157696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — C:Program FilesDownload Masterdmbar.dll [2007-11-26 180224]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} — Панель &Crawler — C:PROGRA~1CrawlerToolbarctbr.dll [2009-02-17 1192960][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2008-07-01 1447168][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-04-15 15360][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoResolveSearch»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«C:WINDOWSsystem32sessmgr.exe»=»C:WINDOWSsystem32sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
«C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Documents and SettingsНатэллаLocal SettingsTempRarSFX0flashget.exe»=»C:Documents and SettingsНатэллаLocal SettingsTempRarSFX0flashget.exe:*:Enabled:Flashget»
«C:Program FilesWindows LiveMessengermsnmsgr.exe»=»C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»
«C:WINDOWSNetwork Diagnosticxpnetdiag.exe»=»C:WINDOWSNetwork Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesWindows LiveMessengermsnmsgr.exe»=»C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger»======List of files/folders created in the last 1 months======
2009-02-25 08:34:46 —-D—- C:Program Filestrend micro
2009-02-25 08:34:38 —-D—- C:rsit
2009-02-25 07:54:11 —-D—- C:Documents and SettingsНатэллаApplication DataSpyware Terminator
2009-02-25 07:54:06 —-D—- C:Documents and SettingsAll UsersApplication DataSpyware Terminator
2009-02-25 07:54:03 —-D—- C:Program FilesSpyware Terminator
2009-02-25 07:23:45 —-D—- C:WINDOWSLastGood
2009-02-24 21:38:24 —-HDC—- C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-02-24 21:37:38 —-HDC—- C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-02-24 21:34:41 —-A—- C:WINDOWSsystem32MRT.exe
2009-02-24 20:17:09 —-D—- C:Program FilesESET
2009-02-24 20:17:09 —-D—- C:Documents and SettingsAll UsersApplication DataESET
2009-02-24 20:04:17 —-A—- C:WINDOWSActive Setup Log.txt
2009-02-24 20:04:17 —-A—- C:WINDOWSActive Setup Log.BAK
2009-02-24 17:19:53 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2009-02-24 17:19:27 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2009-02-24 17:19:07 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2009-02-24 17:18:44 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-02-24 17:18:22 —-HDC—- C:WINDOWS$NtUninstallKB955839$
2009-02-24 17:17:39 —-HDC—- C:WINDOWS$NtUninstallKB958215$
2009-02-24 17:16:53 —-HDC—- C:WINDOWS$NtUninstallKB951978$
2009-02-24 17:16:27 —-D—- C:Documents and SettingsНатэллаApplication DataIObit
2009-02-24 17:16:21 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-02-24 17:15:20 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2009-02-24 17:14:17 —-HDC—- C:WINDOWS$NtUninstallKB954211$
2009-02-24 17:12:31 —-HDC—- C:WINDOWS$NtUninstallKB956841$
2009-02-24 17:11:58 —-HDC—- C:WINDOWS$NtUninstallKB960714$
2009-02-24 17:11:30 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2009-02-24 17:10:40 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-02-24 17:09:50 —-HDC—- C:WINDOWS$NtUninstallKB960715$
2009-02-24 17:09:04 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-02-24 17:08:40 —-D—- C:Inetpub
2009-02-24 17:08:38 —-D—- C:WINDOWSsystem32Logfiles
2009-02-24 17:08:32 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2009-02-24 17:08:09 —-HDC—- C:WINDOWS$NtUninstallKB950760$
2009-02-24 17:07:50 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2009-02-24 17:07:13 —-HDC—- C:WINDOWS$NtUninstallKB954459$
2009-02-24 17:06:24 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-02-24 17:05:22 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-02-24 17:05:14 —-D—- C:WINDOWSSxsCaPendDel
2009-02-24 17:05:03 —-HDC—- C:WINDOWS$NtUninstallKB938464$
2009-02-24 17:04:42 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-02-24 17:04:19 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-02-24 17:03:37 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-02-24 17:02:46 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-02-24 17:02:04 —-D—- C:Program FilesMSXML 4.0
2009-02-24 16:24:36 —-D—- C:Documents and SettingsНатэллаApplication DataUniblue
2009-02-24 16:24:36 —-D—- C:Documents and SettingsAll UsersApplication DataDriverScanner
2009-02-24 16:08:30 —-D—- C:Program Filestrashreg381rus
2009-02-24 10:34:29 —-D—- C:Program FilesCrawler
2009-02-24 09:22:44 —-D—- C:Documents and SettingsНатэллаApplication DataMalwarebytes
2009-02-24 09:22:32 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2009-02-24 08:58:13 —-D—- C:WINDOWSsystem32PreInstall
2009-02-24 08:58:11 —-N—- C:WINDOWSsystem32spmsg.dll
2009-02-24 08:58:11 —-A—- C:WINDOWSsystem32spupdsvc.exe
2009-02-24 08:58:10 —-HDC—- C:WINDOWS$NtUninstallKB898461$
2009-02-24 08:58:10 —-HD—- C:WINDOWS$hf_mig$
2009-02-24 08:47:26 —-D—- C:WINDOWSsystem32SoftwareDistribution
2009-02-24 08:16:02 —-D—- C:WINDOWSMinidump
2009-02-23 14:22:01 —-D—- C:Documents and SettingsНатэллаApplication DataOpera
2009-02-23 14:21:41 —-D—- C:Program FilesOpera
2009-02-23 13:33:10 —-A—- C:WINDOWSODBC.INI
2009-02-23 12:44:07 —-HD—- C:WINDOWSsystem32GroupPolicy
2009-02-23 12:36:39 —-D—- C:Program FilesThe Cleaner Demo
2009-02-23 12:01:38 —-RASHD—- C:autorun.inf
2009-02-23 08:25:24 —-D—- C:Program FilesD-Link
2009-02-22 17:37:52 —-D—- C:Program FilesCommon Files{6EA9B29A-C801-4F76-805F-E41ACF9ED16Z}
2009-02-22 17:37:11 —-A—- C:Documents and SettingsAll UsersApplication Dataldglib.dll
2009-02-21 09:59:19 —-A—- C:WINDOWSrSrm.INI
2009-02-21 09:53:04 —-AD—- C:Program Filestemp
2009-02-21 08:42:52 —-A—- C:WINDOWSGPInstall.exe
2009-02-18 10:56:33 —-D—- C:WINDOWSsystem32appmgmt
2009-02-16 11:56:01 —-D—- C:Documents and SettingsНатэллаApplication DataDriverCure
2009-02-16 11:55:52 —-D—- C:Documents and SettingsAll UsersApplication DataParetoLogic
2009-02-16 11:55:52 —-D—- C:Documents and SettingsAll UsersApplication DataDriverCure======List of files/folders modified in the last 1 months======
2009-02-25 08:37:33 —-D—- C:WINDOWSTemp
2009-02-25 08:34:46 —-RD—- C:Program Files
2009-02-25 08:34:45 —-D—- C:WINDOWSPrefetch
2009-02-25 07:54:17 —-D—- C:WINDOWSsystem32drivers
2009-02-25 07:24:20 —-HD—- C:WINDOWSinf
2009-02-25 07:23:45 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-25 07:23:45 —-D—- C:WINDOWS
2009-02-24 22:56:53 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-24 22:37:24 —-D—- C:WINDOWSNetwork Diagnostic
2009-02-24 22:19:32 —-D—- C:WINDOWSsystem32CatRoot
2009-02-24 22:17:56 —-D—- C:WINDOWSsystem32
2009-02-24 22:16:02 —-D—- C:Program FilesInternet Explorer
2009-02-24 22:15:41 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-02-24 21:37:54 —-A—- C:WINDOWSimsins.BAK
2009-02-24 21:34:45 —-D—- C:WINDOWSDebug
2009-02-24 20:18:02 —-SHD—- C:WINDOWSInstaller
2009-02-24 20:12:21 —-HD—- C:Program FilesInstallShield Installation Information
2009-02-24 17:19:11 —-D—- C:Program FilesMessenger
2009-02-24 17:10:56 —-SD—- C:WINDOWSTasks
2009-02-24 17:08:40 —-D—- C:WINDOWSsystem32inetsrv
2009-02-24 17:05:15 —-D—- C:WINDOWSWinSxS
2009-02-24 16:26:00 —-D—- C:WINDOWSsystem32config
2009-02-24 09:43:31 —-D—- C:Program FilesDownload Master
2009-02-24 08:47:43 —-D—- C:WINDOWSSoftwareDistribution
2009-02-24 08:47:42 —-D—- C:WINDOWSHelp
2009-02-24 08:37:37 —-SD—- C:Documents and SettingsНатэллаApplication DataMicrosoft
2009-02-23 13:33:28 —-D—- C:Program FilesCommon Files
2009-02-22 20:56:52 —-D—- C:Documents and Settings
2009-02-22 18:50:30 —-A—- C:WINDOWSNeroDigital.ini
2009-02-22 18:43:14 —-D—- C:Documents and SettingsНатэллаApplication DataAdobe
2009-02-22 18:43:14 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-02-22 17:51:10 —-D—- C:Downloads
2009-02-21 11:43:35 —-A—- C:WINDOWSwin.ini
2009-02-21 11:43:01 —-RSD—- C:WINDOWSFonts
2009-02-18 10:48:00 —-D—- C:Documents and SettingsAll UsersApplication DataDownloaded Installations
2009-02-02 21:40:25 —-D—- C:Documents and SettingsНатэллаApplication DataSkype
2009-02-02 21:20:13 —-D—- C:Documents and SettingsНатэллаApplication DataskypePM======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:WINDOWSsystem32DRIVERSeasdrv.sys [2008-07-01 53256]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2008-07-01 34312]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-15 14720]
R2 eamon;EAMON; C:WINDOWSsystem32DRIVERSeamon.sys [2008-07-01 39944]
R2 WBHWDOCT;WBHWDOCT; C:WINDOWSsystem32driversWBHWDOCT.sys [2002-02-27 6950]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2008-04-15 701440]
R3 atinrvxx;ATI WDM Rage Theater Video (Microsoft Corporation); C:WINDOWSsystem32DRIVERSatinrvxx.sys [2008-04-14 104960]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:WINDOWSsystem32driverscmaudio.sys [2002-06-12 379150]
R3 FETNDISB;D-Link PCI Fast Ethernet Adapter Driver Service; C:WINDOWSsystem32DRIVERSdlkfet5b.sys [2006-12-27 46080]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 Intels51;D-Link DFM-562I Controllerless Modem Card; C:WINDOWSsystem32DRIVERSIntels51.sys [2002-10-26 642958]
R3 MODEMCSA;Устройство фильтрации потока Unimodem; C:WINDOWSsystem32driversMODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 MVDCODEC;ATI WDM Specialized MVD Codec (Microsoft Corporation); C:WINDOWSsystem32DRIVERSatinmdxx.sys [2008-04-14 13824]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-15 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-14 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-14 17024]
S3 MS1000;MS1000; C:WINDOWSSystem32DRIVERSMS1000.sys [2009-02-23 5376]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-14 15232]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-14 19200]
S4 FileObjInfo;STFileDriver; ??C:Documents and SettingsAll UsersApplication DataSpyware TerminatorFileObjInfo.sys []
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2008-04-15 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;Eset Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2007-12-21 468224]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:Program FilesSpyware Terminatorsp_rsser.exe [2009-02-25 540672]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2009-01-08 68096]
S3 EhttpSrv;Eset HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2008-07-01 19200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe [2006-06-05 174080]
EOF
Здравствуйте, добро пожаловать на Spyware-ru форум.
Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите OTMoveIt3 и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:reg
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3DD96B8E-968D-41B2-A41D-AD076B077548}]
:files
C:Documents and SettingsAll UsersApplication Dataldglib.dll
:Commands
[emptytemp]
[start explorer]
[Reboot]Проверьте вставленный скрипт, если слева перед директивами появились пробелы, то удалите их, скрипт должен вглядить так же как в сообщении. Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMoveItMovedFiles.Вставьте в ваше ответное сообщение содержимое этого лога. Так же приложите свежий RSIT лог.
- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Благодарю Вас за помощь.
IE удален из программ, но при попытке зайти в него через Оперу, информер по-прежнему на месте.
После выполнения Ваших инструкций — результат:========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3DD96B8E-968D-41B2-A41D-AD076B077548}\ deleted successfully.
========== FILES ==========
C:Documents and SettingsAll UsersApplication Dataldglib.dll unregistered successfully.
C:Documents and SettingsAll UsersApplication Dataldglib.dll moved successfully.
========== COMMANDS ==========
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�009adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�009md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�009url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�009w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�009wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�008adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�008md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�008url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�008w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�008wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�007adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�007md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�007url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�007w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�007wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�006adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�006md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�006url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�006w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�006wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�005adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�005md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�005url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�005w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�005wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�004adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�004md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�004url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�004w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�004wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�003adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�003md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�003url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�003w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�003wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�002adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�002md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�002url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�002w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�002wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000adoc.bx-j scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000md.dat-j scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000url.ax-j scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000w.ax-j scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000wb.vx-j scheduled to be deleted on reboot.
Opera cache emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 02282009_101417
Files moved on Reboot…
C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�009adoc.bx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�009md.dat moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�009url.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�009w.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�009wb.vx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�008adoc.bx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�008md.dat moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�008url.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�008w.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�008wb.vx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�007adoc.bx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�007md.dat moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�007url.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�007w.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�007wb.vx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�006adoc.bx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�006md.dat moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�006url.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�006w.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�006wb.vx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�005adoc.bx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�005md.dat moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�005url.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�005w.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�005wb.vx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�004adoc.bx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�004md.dat moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�004url.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�004w.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�004wb.vx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�003adoc.bx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�003md.dat moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�003url.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�003w.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�003wb.vx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�002adoc.bx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�002md.dat moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�002url.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�002w.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�002wb.vx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000adoc.bx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000adoc.bx-j moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000md.dat moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000md.dat-j moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000url.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000url.ax-j moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000w.ax moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000w.ax-j moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000wb.vx moved successfully.
C:Documents and SettingsНатэллаLocal SettingsApplication DataOperaOperaProfilevps�000wb.vx-j moved successfully.Свежий лог
info.txt logfile of random’s system information tool 1.05 2009-02-28 10:22:58======Uninstall list======
—>C:Program FilesNeroNero 7nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
7-Zip 4.57—>»C:Program Files7-ZipUninstall.exe»
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Photoshop CS—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime�701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EFB21DE7-8C19-4A88-BB28-A766E16493BC}setup.exe» -l0x9
Adobe Reader 9 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A90000000001}
Advanced WindowsCare Professional—>»C:Program FilesIObitAdvanced WindowsCare V2 Prounins000.exe»
a-squared Anti-Malware 4.0—>»C:Program Filesa-squared Anti-Malwareunins000.exe»
Choice Guard—>MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
D-Link DFE520TX—>C:PROGRA~1COMMON~1INSTAL~1Driver10INTEL3~1IDriver.exe /M{9629C9A1-74F7-4DD0-B99B-9066925E63F8}
D-Link DFM-562I Controllerless Modem Card—>C:Program FilesIntelD-Link DFM-562I Controllerless Modem Cardsetup.exe -r PCIVEN_8086&DEV_1040&SUBSYS_10008086&REV_00 -n «D-Link DFM-562I Controllerless Modem Card»
D-Link PCI Fast Ethernet Adapter—>Rundll32.exe vuins32.dll,vuins32Ex $Rhine $D-Link
Download Master version 5.5.9.1157—>»C:Program FilesDownload Masterunins000.exe»
ESET NOD32 Antivirus—>MsiExec.exe /I{3407FD83-0A2F-475E-BE94-34F1FA342C84}
Genius Scanner—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{CCEB2144-5F5D-49E8-AADC-05CA48AE9AA5}setup.exe»
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Intel Application Accelerator—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9984DF60-1C5B-11D3-ACA1-908A4FC10801}Setup.exe» -INTELUNINST
Lernout & Hauspie TruVoice for Microsoft Agent—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFcgminst.inf, RemoveCgram
Magic Gooddy—>C:Program FilesMagic GooddyCMPSETUPUNINSTAL.EXE MG_0001
Microsoft Agent 1.5—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFagtinst.inf, RemoveAgent
Microsoft Command & Control Engine—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFmscnc.inf, Uninstall
Microsoft DirectX Transform optional components—>RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:WINDOWSINFDXTXTRA.INF,UNINSTALL.NT,12
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft Speech API 3.0—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFspchapi.inf, Uninstall
Microsoft Speech Lexicon—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFmslex.inf, Uninstall
ML-1200 Series—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{8C19F391-A225-4F32-8681-EDB8AFE6E436}setup.exe»
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Demo—>MsiExec.exe /I{A9B58F82-880E-9610-5F21-E99294F81049}
Nokia Connectivity Cable Driver—>MsiExec.exe /X{6882DD11-33B8-4DEA-8305-7E765BF74BD3}
Nokia MTP driver—>MsiExec.exe /I{0E94871C-623C-464F-A117-B8474BFF84E1}
Nokia PC Connectivity Solution—>MsiExec.exe /I{0D80391C-0A72-43BB-9BC2-143F63CC111D}
Nokia PC Suite—>MsiExec.exe /I{531317A5-586A-4E36-87C1-CA823447B375}
Opera 9.63—>MsiExec.exe /X{2C0CD17D-0B06-4700-83FA-7344B868B0A2}
PCI Audio Applications—>C:Program FilesPCI Audio ApplicationsBinUninstall.exe
PCI Audio Driver—>cmuninst.exe
Skype™ 3.8—>MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Total Commander 7.00 Total Commander 7.00 PowerPack 1.00—>»C:Program FilesTotal Commanderuninstall.exe»
Visual C++ 2008 x86 Runtime — (v9.0.30729)—>MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime — v9.0.30729.01—>C:WINDOWSsystem32msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=»»
Voice Editor—>C:WINDOWSuninst.exe -f»C:Program FilesWinbondVoice EditorDeIsL1.isu» -c»C:Program FilesWinbondVoice Editor_ISREG32.DLL»
Winamp—>»C:Program FilesWinampUninstWA.exe»
Windows Driver Package — Nokia Modem (06/12/2006 6.81.0.21)—>C:PROGRA~1DIFXD6ACC4BE676423A2B130B78A4B627FC457D98997dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_62A340731F8930057B44B8864F236850B0D49D65nokbtmdm.inf
Windows Live Communications Platform—>MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Messenger—>MsiExec.exe /X{4740F152-2F61-4DEF-80C4-BFDEC8D928C3}
Исправление для Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Картмейстер-Начало от WEBaby—>C:Program FilesWEBabyКартмейстер-Началоuninstall.exe
Налогоплательщик ЮЛ—>MsiExec.exe /I{7CFC4E69-C9F7-4CBA-A2D4-968B53D84524}
Обновление безопасности для Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950760)—>»C:WINDOWS$NtUninstallKB950760$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954211)—>»C:WINDOWS$NtUninstallKB954211$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954459)—>»C:WINDOWS$NtUninstallKB954459$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956841)—>»C:WINDOWS$NtUninstallKB956841$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958215)—>»C:WINDOWS$NtUninstallKB958215$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960714)—>»C:WINDOWS$NtUninstallKB960714$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960715)—>»C:WINDOWS$NtUninstallKB960715$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление для Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Обновление для Windows XP (KB951978)—>»C:WINDOWS$NtUninstallKB951978$spuninstspuninst.exe»
Обновление для Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
Обновление для Windows XP (KB967715)—>»C:WINDOWS$NtUninstallKB967715$spuninstspuninst.exe»
Основные компоненты Windows Live—>C:Program FilesWindows LiveInstallerwlarp.exe
Основные компоненты Windows Live—>MsiExec.exe /I{C26868BF-3550-4BA2-9B75-8876C5F3D9B1}
Печать НД с PDF417 3.0.8—>MsiExec.exe /I{14FA2F5A-B75A-4F5B-AB22-B3274FA976FA}
Помощник по входу в Windows Live—>MsiExec.exe /I{A327A636-5D38-4D63-8EA9-477B528D3CC2}
Средство передачи Windows Live—>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}======Security center information======
AV: ESET NOD32 Antivirus 3.0
System event log
Computer Name: 8DFF59690CC3402
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.Record Number: 3574
Source Name: EventLog
Time Written: 20090211200135.000000+180
Event Type: информация
User:Computer Name: 8DFF59690CC3402
Event Code: 6006
Message: Служба журнала событий остановлена.Record Number: 3573
Source Name: EventLog
Time Written: 20090211181153.000000+180
Event Type: информация
User:Computer Name: 8DFF59690CC3402
Event Code: 7036
Message: Служба «Служба COM записи компакт-дисков IMAPI» перешла в состояние Остановлена.Record Number: 3572
Source Name: Service Control Manager
Time Written: 20090211153802.000000+180
Event Type: информация
User:Computer Name: 8DFF59690CC3402
Event Code: 7036
Message: Служба «Обозреватель компьютеров» перешла в состояние Остановлена.Record Number: 3571
Source Name: Service Control Manager
Time Written: 20090211153800.000000+180
Event Type: информация
User:Computer Name: 8DFF59690CC3402
Event Code: 7036
Message: Служба «Диспетчер подключений удаленного доступа» перешла в состояние Работает.Record Number: 3570
Source Name: Service Control Manager
Time Written: 20090211153757.000000+180
Event Type: информация
User:Application event log
Computer Name: 8DFF59690CC3402
Event Code: 11707
Message: Product: ISScript — Installation operation completed successfully.Record Number: 181
Source Name: MsiInstaller
Time Written: 20090111105737.000000+180
Event Type: информация
User: 8DFF59690CC3402НатэллаComputer Name: 8DFF59690CC3402
Event Code: 11707
Message: Продукт: Налогоплательщик ЮЛ — Операция установки успешно завершена.Record Number: 180
Source Name: MsiInstaller
Time Written: 20090111104521.000000+180
Event Type: информация
User: 8DFF59690CC3402НатэллаComputer Name: 8DFF59690CC3402
Event Code: 11707
Message: Product: ISScript — Installation operation completed successfully.Record Number: 179
Source Name: MsiInstaller
Time Written: 20090111104229.000000+180
Event Type: информация
User: 8DFF59690CC3402НатэллаComputer Name: 8DFF59690CC3402
Event Code: 101
Message: wuauclt (1916) Ядро базы данных остановлено.Record Number: 178
Source Name: ESENT
Time Written: 20090111104008.000000+180
Event Type: информация
User:Computer Name: 8DFF59690CC3402
Event Code: 103
Message: wuaueng.dll (1916) SUS20ClientDataStore: Ядро базы данных остановило работу экземпляра (0).Record Number: 177
Source Name: ESENT
Time Written: 20090111104008.000000+180
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 2 Stepping 7, GenuineIntel
«PROCESSOR_REVISION»=0207
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Натэлла at 2009-02-28 10:22:52
Microsoft Windows XP Professional Service Pack 3
System drive C: has 18 GB (71%) free of 25 GB
Total RAM: 255 MB (24% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:57, on 28.02.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:Program Filesa-squared Anti-Malwarea2guard.exe
C:Program Filesa-squared Anti-Malwarea2service.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesDownload Masterdmaster.exe
C:Program FilesESETESET NOD32 Antivirusekrn.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesOperaopera.exe
C:Documents and SettingsНатэллаРабочий столRSIT.exe
C:Program Filestrend microНатэлла.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.live.com
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru/
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:8600
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — (no file)
O2 — BHO: Adobe PDF Link Helper — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL
O2 — BHO: Помощник по входу в Windows Live — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKLM..Run: [a-squared] «C:Program Filesa-squared Anti-Malwarea2guard.exe»
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [Download Master] C:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~1MICROS~2Office12GR99D3~1.DLL
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: a-squared Anti-Malware Service (a2AntiMalware) — Emsi Software GmbH — C:Program Filesa-squared Anti-Malwarea2service.exe
O23 — Service: Adobe LM Service — Unknown owner — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 6100 bytes======Scheduled tasks folder======
C:WINDOWStasksAd-Aware Update (Weekly).job
C:WINDOWStasksAdvanced WindowsCare V2 Pro.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2008-09-23 1088296][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Помощник по входу в Windows Live — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2008-11-18 408952][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2008-10-24 157696][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2008-07-01 1447168]
«a-squared»=C:Program Filesa-squared Anti-Malwarea2guard.exe [2009-01-27 2784912][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-04-15 15360]
«Download Master»=C:Program FilesDownload Masterdmaster.exe [2009-02-06 3769856][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoResolveSearch»=
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«C:WINDOWSsystem32sessmgr.exe»=»C:WINDOWSsystem32sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
«C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Documents and SettingsНатэллаLocal SettingsTempRarSFX0flashget.exe»=»C:Documents and SettingsНатэллаLocal SettingsTempRarSFX0flashget.exe:*:Enabled:Flashget»
«C:Program FilesWindows LiveMessengermsnmsgr.exe»=»C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»
«C:WINDOWSNetwork Diagnosticxpnetdiag.exe»=»C:WINDOWSNetwork Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesWindows LiveMessengermsnmsgr.exe»=»C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger»======List of files/folders created in the last 1 months======
2009-02-28 10:20:27 —-D—- C:rsit
2009-02-28 10:14:17 —-D—- C:_OTMoveIt
2009-02-27 09:17:03 —-SHD—- C:Config.Msi
2009-02-25 17:00:37 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2009-02-25 15:27:38 —-D—- C:NBGCleanRR
2009-02-25 13:57:53 —-D—- C:WINDOWSERDNT
2009-02-25 13:29:58 —-D—- C:Program FilesParetoLogic
2009-02-25 12:44:33 —-D—- C:Program Filesa-squared Anti-Malware
2009-02-25 10:02:09 —-D—- C:Program FilesLavasoft
2009-02-25 10:02:09 —-D—- C:Documents and SettingsAll UsersApplication DataLavasoft
2009-02-25 08:34:46 —-D—- C:Program Filestrend micro
2009-02-24 21:38:24 —-HDC—- C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-02-24 21:37:38 —-HDC—- C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-02-24 21:34:41 —-A—- C:WINDOWSsystem32MRT.exe
2009-02-24 20:17:09 —-D—- C:Program FilesESET
2009-02-24 20:17:09 —-D—- C:Documents and SettingsAll UsersApplication DataESET
2009-02-24 20:04:17 —-A—- C:WINDOWSActive Setup Log.txt
2009-02-24 20:04:17 —-A—- C:WINDOWSActive Setup Log.BAK
2009-02-24 17:19:53 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2009-02-24 17:19:27 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2009-02-24 17:19:07 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2009-02-24 17:18:44 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-02-24 17:18:22 —-HDC—- C:WINDOWS$NtUninstallKB955839$
2009-02-24 17:17:39 —-HDC—- C:WINDOWS$NtUninstallKB958215$
2009-02-24 17:16:53 —-HDC—- C:WINDOWS$NtUninstallKB951978$
2009-02-24 17:16:27 —-D—- C:Documents and SettingsНатэллаApplication DataIObit
2009-02-24 17:16:21 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-02-24 17:15:20 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2009-02-24 17:14:17 —-HDC—- C:WINDOWS$NtUninstallKB954211$
2009-02-24 17:12:31 —-HDC—- C:WINDOWS$NtUninstallKB956841$
2009-02-24 17:11:58 —-HDC—- C:WINDOWS$NtUninstallKB960714$
2009-02-24 17:11:30 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2009-02-24 17:10:40 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-02-24 17:09:50 —-HDC—- C:WINDOWS$NtUninstallKB960715$
2009-02-24 17:09:04 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-02-24 17:08:38 —-D—- C:WINDOWSsystem32Logfiles
2009-02-24 17:08:32 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2009-02-24 17:08:09 —-HDC—- C:WINDOWS$NtUninstallKB950760$
2009-02-24 17:07:50 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2009-02-24 17:07:13 —-HDC—- C:WINDOWS$NtUninstallKB954459$
2009-02-24 17:06:24 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-02-24 17:05:22 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-02-24 17:05:14 —-D—- C:WINDOWSSxsCaPendDel
2009-02-24 17:05:03 —-HDC—- C:WINDOWS$NtUninstallKB938464$
2009-02-24 17:04:42 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-02-24 17:04:19 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-02-24 17:03:37 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-02-24 17:02:46 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-02-24 16:24:36 —-D—- C:Documents and SettingsНатэллаApplication DataUniblue
2009-02-24 16:24:36 —-D—- C:Documents and SettingsAll UsersApplication DataDriverScanner
2009-02-24 16:08:30 —-D—- C:Program Filestrashreg381rus
2009-02-24 09:22:44 —-D—- C:Documents and SettingsНатэллаApplication DataMalwarebytes
2009-02-24 09:22:32 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2009-02-24 08:58:13 —-D—- C:WINDOWSsystem32PreInstall
2009-02-24 08:58:11 —-N—- C:WINDOWSsystem32spmsg.dll
2009-02-24 08:58:11 —-A—- C:WINDOWSsystem32spupdsvc.exe
2009-02-24 08:58:10 —-HDC—- C:WINDOWS$NtUninstallKB898461$
2009-02-24 08:58:10 —-HD—- C:WINDOWS$hf_mig$
2009-02-24 08:47:26 —-D—- C:WINDOWSsystem32SoftwareDistribution
2009-02-24 08:16:02 —-D—- C:WINDOWSMinidump
2009-02-23 14:22:01 —-D—- C:Documents and SettingsНатэллаApplication DataOpera
2009-02-23 14:21:41 —-D—- C:Program FilesOpera
2009-02-23 13:33:10 —-A—- C:WINDOWSODBC.INI
2009-02-23 12:44:07 —-HD—- C:WINDOWSsystem32GroupPolicy
2009-02-23 12:01:38 —-RASHD—- C:autorun.inf
2009-02-23 08:25:24 —-D—- C:Program FilesD-Link
2009-02-22 17:37:52 —-D—- C:Program FilesCommon Files{6EA9B29A-C801-4F76-805F-E41ACF9ED16Z}
2009-02-21 09:59:19 —-A—- C:WINDOWSrSrm.INI
2009-02-21 08:42:52 —-A—- C:WINDOWSGPInstall.exe
2009-02-18 10:56:33 —-D—- C:WINDOWSsystem32appmgmt
2009-02-16 11:56:01 —-D—- C:Documents and SettingsНатэллаApplication DataDriverCure
2009-02-16 11:55:52 —-D—- C:Documents and SettingsAll UsersApplication DataParetoLogic
2009-02-16 11:55:52 —-D—- C:Documents and SettingsAll UsersApplication DataDriverCure======List of files/folders modified in the last 1 months======
2009-02-28 10:22:05 —-D—- C:WINDOWSTemp
2009-02-28 10:21:39 —-D—- C:WINDOWSPrefetch
2009-02-28 10:14:58 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-27 14:49:18 —-A—- C:WINDOWSNeroDigital.ini
2009-02-27 10:18:27 —-D—- C:Program FilesDownload Master
2009-02-27 09:17:03 —-SHD—- C:WINDOWSInstaller
2009-02-27 09:16:45 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-02-27 09:16:45 —-D—- C:WINDOWSsystem32drivers
2009-02-27 09:16:43 —-D—- C:WINDOWSsystem32
2009-02-26 11:20:45 —-D—- C:Documents and SettingsНатэллаApplication DataAdobe
2009-02-26 11:20:45 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-02-26 11:01:10 —-D—- C:Documents and SettingsНатэллаApplication DataDownload Master
2009-02-26 09:13:44 —-D—- C:WINDOWS
2009-02-26 08:59:59 —-HD—- C:WINDOWSinf
2009-02-26 08:59:46 —-D—- C:WINDOWSsystem32CatRoot
2009-02-26 08:20:38 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-25 17:00:54 —-A—- C:WINDOWSimsins.BAK
2009-02-25 17:00:44 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-02-25 16:05:46 —-A—- C:WINDOWSwin.ini
2009-02-25 14:04:58 —-RD—- C:Program Files
2009-02-25 14:03:05 —-D—- C:WINDOWSsystem32config
2009-02-25 13:37:06 —-SD—- C:WINDOWSTasks
2009-02-25 13:37:03 —-D—- C:Program FilesCommon Files
2009-02-25 13:13:07 —-D—- C:Downloads
2009-02-25 12:14:56 —-D—- C:Program FilesInternet Explorer
2009-02-25 12:06:54 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-02-25 10:02:05 —-D—- C:WINDOWSWinSxS
2009-02-24 22:37:24 —-D—- C:WINDOWSNetwork Diagnostic
2009-02-24 21:34:45 —-D—- C:WINDOWSDebug
2009-02-24 20:12:21 —-HD—- C:Program FilesInstallShield Installation Information
2009-02-24 17:19:11 —-D—- C:Program FilesMessenger
2009-02-24 17:08:40 —-D—- C:WINDOWSsystem32inetsrv
2009-02-24 08:47:43 —-D—- C:WINDOWSSoftwareDistribution
2009-02-24 08:47:42 —-D—- C:WINDOWSHelp
2009-02-24 08:37:37 —-SD—- C:Documents and SettingsНатэллаApplication DataMicrosoft
2009-02-22 20:56:52 —-D—- C:Documents and Settings
2009-02-21 11:43:01 —-RSD—- C:WINDOWSFonts
2009-02-18 10:48:00 —-D—- C:Documents and SettingsAll UsersApplication DataDownloaded Installations
2009-02-02 21:40:25 —-D—- C:Documents and SettingsНатэллаApplication DataSkype
2009-02-02 21:20:13 —-D—- C:Documents and SettingsНатэллаApplication DataskypePM======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:WINDOWSsystem32DRIVERSeasdrv.sys [2008-07-01 53256]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2008-07-01 34312]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-15 14720]
R2 eamon;EAMON; C:WINDOWSsystem32DRIVERSeamon.sys [2008-07-01 39944]
R2 WBHWDOCT;WBHWDOCT; C:WINDOWSsystem32driversWBHWDOCT.sys [2002-02-27 6950]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2008-04-15 701440]
R3 atinrvxx;ATI WDM Rage Theater Video (Microsoft Corporation); C:WINDOWSsystem32DRIVERSatinrvxx.sys [2008-04-14 104960]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:WINDOWSsystem32driverscmaudio.sys [2002-06-12 379150]
R3 FETNDISB;D-Link PCI Fast Ethernet Adapter Driver Service; C:WINDOWSsystem32DRIVERSdlkfet5b.sys [2006-12-27 46080]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 Intels51;D-Link DFM-562I Controllerless Modem Card; C:WINDOWSsystem32DRIVERSIntels51.sys [2002-10-26 642958]
R3 MODEMCSA;Устройство фильтрации потока Unimodem; C:WINDOWSsystem32driversMODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 MVDCODEC;ATI WDM Specialized MVD Codec (Microsoft Corporation); C:WINDOWSsystem32DRIVERSatinmdxx.sys [2008-04-14 13824]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-15 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-14 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-14 17024]
S3 MS1000;MS1000; C:WINDOWSSystem32DRIVERSMS1000.sys [2009-02-23 5376]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-14 15232]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-14 19200]
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2008-04-15 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 a2AntiMalware;a-squared Anti-Malware Service; C:Program Filesa-squared Anti-Malwarea2service.exe [2009-01-27 421496]
R2 ekrn;Eset Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2007-12-21 468224]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2009-01-08 68096]
S3 EhttpSrv;Eset HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2008-07-01 19200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe [2006-06-05 174080]
EOF
Благодарю за желание помочьРазберёмся теперь с Оперой.
Запустите Оперу.
Кликните Инструменты ->Настройки.
Откройте вкладку Дополнительно.
Выберите раздел Содержимое.
Кликните по кнопке Настроить JavaScrypt.
Найдите строку «Папка пользовательских файлов JavaScrypt.
Удалите всё содержимое.
Сохраните настройки.
Закройте Оперу.Запустите её снова и проверьте наличие информера.
- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
СПАСИБО БОЛЬШОЕ!
Вроде все в порядке.
УДАЧИ ВАМ И УСПЕХА!!!Рад вам помочь 🙂
Несколько завершающих действий.
1. Обновите ваши программы.
Зайдите на сайт update.microsoft.com и обновите Windows.2. Удалите все программы, которые вы использовали в процессе лечения, в случае необходимости, вы всегда сможете скачать их заново. Удаление их необходимо по-причине того, что они содержат компоненты, которые вирусы и трояны могут использовать в плохих целях.
Запустите программу OTMoveIT3. Кликните по кнопке CleanUp. Если появится запрос на перезагрузку компьютера, то кликните Да/Yes.
Удалите RSIT и другие скачанные вами сканеры и небольшие утилиты, а так же все файлы и каталоги который были созданы в процессе лечения компьютера.3. Подойдите к защите вашего компьютера более серьёзно.
Установите программу Spybot Search and Destroy, это довольно неплохая дополнительная защита от шпионских и других вредоносных программ.
Большинство троянов и вирусов разработаны для поражения Internet Explorer`а, поэтому рекомендую установить и использовать Оперу или Firefox.
4. Создайте новую точку восстановления и удалите все старые.
Удалите старые точки восстановления, так как в них возможно нахождения инфицированных файлов, троянов и других вредоносных программ. Для этого кликните по иконке Мой компьютер, выберите пункт Свойства. В открывшемся окне выберите вкладку Восстановление системы. Поставьте галочку напротив пункта Отключить восстановление системы на всех дисках. Кликните по кнопке Применить. Подтвердите свои действия кликнув по кнопке OK в открывшемся диалоге. Закройте окно Свойства системы, кликнув по кнопке OK.
После загрузки компьютера выполните действия описанные выше, только в этот раз снимите галочку.
Создайте новую точку восстановления. Это поможет вам в случае необходимости загрузить текущую конфигурацию Windows и быстро излечиться от спайваре/вируса. Для этого кликните по кнопке Пуск, далее выберите пункт Стандартные, в нём Служебные и запустите программу Восстановление системы. В открывшемся окне выберите задачу Создать точку восстановления и нажмите кнопку Далее и следуйте указаниям.
5. И несколько дополнительных советов.
Запустите ваш антивирус и проверьте состояние автоматической защиты. Включите, если она выключена.
Не забывайте обновлять Windows, ваши программы и особенно ваш антивирус.
Не посещайте незнакомые сайты, очень внимательно относитесь к файлам скаченным с Интернета.
Всего доброго!
- Для ответа в этой теме необходимо авторизоваться.
