• Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы

SPYWARE-RU.COM
Меню
  • Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы
В начало › ПОМОГИТЕ УДАЛИТЬ ТРОЯН, ПОЖАЛУЙСТА
Adguard
 

ПОМОГИТЕ УДАЛИТЬ ТРОЯН, ПОЖАЛУЙСТА

Удаление вирусов и троянов. Защита компьютера. › Помощь в удалении вирусов, троянов, рекламы и других зловредов › ПОМОГИТЕ УДАЛИТЬ ТРОЯН, ПОЖАЛУЙСТА

  • This topic has 4 ответа, 2 участника, and was last updated 16 years, 6 months назад by Admin.
Просмотр 5 сообщений - с 1 по 5 (из 5 всего)
  • Автор
    Сообщения
  • 8 января, 2009 в 11:13 дп #16097
    Аноним
    Гость
    • Темы:532
    • Сообщений:1553
    • ☆☆☆☆☆

    Добрый день!у меня вот такая проблема с компом: запустила антивирус(BitDefender)на сканированиеи в результате один троян был найден в Documents and Settings и удален, а второй был найден в Program Files, и после этого сразу ативирус вылетает и все, я самостоятеьно нашла папку просканировав отдельно каждую папку в Program Files и попыталась ее просто удалить, она не удаляется, кстати папка называется Seekeen, пишет что пиложение используется удалить невозможно.После этого я попала на ваш форум и сделала все как написано, вот результаты програмы RSIT:
    Содержание файла info:
    info.txt logfile of random’s system information tool 1.05 2009-01-08 13:52:43

    ======Uninstall list======

    —>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
    2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    ACDSee 6.0 PowerPack—>MsiExec.exe /I{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}
    Acronis Disk Director Suite—>MsiExec.exe /X{2300EE96-0A41-4FAB-BD03-989EC44577A0}
    Adobe Common File Installer—>MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
    Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
    Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
    Adobe Help Center 1.0—>MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
    Adobe Photoshop CS2—>msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
    Adobe Reader 9 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A90000000001}
    Adobe Stock Photos 1.0—>MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
    Adobe® Photoshop® Album Starter Edition 3.0—>MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
    Apple Mobile Device Support—>MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
    Apple Software Update—>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ATI — Утилита деинсталляции—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
    ATI Catalyst Control Center—>MsiExec.exe /I{F08DAD55-0EB9-46FD-B083-6AC2B3B816B7}
    ATI Control Panel—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0BEDBD4E-2D34-47B5-9973-57E62B29307C}setup.exe»
    ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
    ATI HYDRAVISION—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{083F79E4-6FE9-46FB-A6C6-4F8862742947}setup.exe»
    Autodesk DWF Viewer—>C:PROGRA~1AutodeskAUTODE~1Setup.exe /remove
    BitDefender Free Edition v10—>MsiExec.exe /I{CEFC581D-BEAE-4F75-989E-BD931970D8AD}
    Bonjour—>MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    CCleaner (remove only)—>»C:Program FilesCCleaneruninst.exe»
    eMule—>»C:Program FileseMuleUninstall.exe»
    EPSON PhotoQuicker3.4—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{8A793FC6-6DF5-11DD-BB6A-00018021113F}setup.exe» -l0x19 uninst
    EPSON PRINT Image Framer Tool2.1—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{71EFC711-33D6-4E1F-A38C-7D281E92EFF8}setup.exe» -l0x19 anything
    EPSON Printer Software—>C:WINDOWSSystem32spoolDRIVERSW32X863EPUPDATE.EXE /r
    FixPack—>C:WINDOWSiun6002.exe «C:Program FilesInfogrames InteractiveCivilization IIIConquestsirunin.ini»
    free-downloads.net Toolbar—>C:PROGRA~1FREE-D~1.NETUNWISE.EXE C:PROGRA~1FREE-D~1.NETINSTALL.LOG
    Google Планета Земля—>MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
    HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
    iTunes—>MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
    K-Lite Codec Pack 3.9.5 (Full)—>»C:Program FilesK-Lite Codec Packunins000.exe»
    Mail.Ru Агент 5.2 (сборка 2415, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
    Microsoft .NET Framework 1.1 Hotfix (KB928366)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WINDOWSMicrosoft.NETFrameworkv1.1.4322UpdatesM928366M928366Uninstall.msp»
    Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0install.exe
    Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
    Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
    Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
    Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
    Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
    Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
    Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
    Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
    Microsoft SQL Server 2005 Compact Edition [ENU]—>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Mozilla Firefox (3.0.5)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
    MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    My-Tool Toolbar—>C:PROGRA~1My-ToolUNWISE.EXE C:PROGRA~1My-ToolINSTALL.LOG
    Nero 6 Ultra Edition—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
    Nokia Connectivity Cable Driver—>MsiExec.exe /X{6882DD11-33B8-4DEA-8305-7E765BF74BD3}
    Nokia Lifeblog 2.1—>MsiExec.exe /I{EE565795-2776-415A-B31C-EB3A8D7C6FA4}
    Nokia MTP driver—>MsiExec.exe /I{59359B3D-ABE7-46BF-AB55-43B67A64DC68}
    Nokia N73 highlights—>MsiExec.exe /I{02B71D92-A84B-4DFB-9A10-D12BB01AC1F2}
    Nokia Nseries Skin for Microsoft Windows Media Player—>MsiExec.exe /I{73E30715-9EC4-4DAE-BE67-64500AEB8012}
    Nokia PC Connectivity Solution—>MsiExec.exe /I{0D80391C-0A72-43BB-9BC2-143F63CC111D}
    Nokia PC Suite—>MsiExec.exe /I{531317A5-586A-4E36-87C1-CA823447B375}
    Nokia themes for your device—>MsiExec.exe /I{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8}
    Norton WinDoctor 2007—>C:Program FilesNorton WinDoctor 2007Uninstal.exe
    Opera 9.63—>MsiExec.exe /X{2C0CD17D-0B06-4700-83FA-7344B868B0A2}
    PIF DESIGNER2.1—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E9A9692C-E747-4E31-B7C0-39C6BA4B2AED}setup.exe» -l0x19 anything
    PowerDVD—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}Setup.exe» -uninstall
    QIP 2005 8080—>»C:Program FilesQIPunins000.exe»
    QuickTime—>MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
    Realtek AC’97 Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}setup.exe» -l0x19 -removeonly
    REALTEK GbE & FE Ethernet PCI NIC Driver—>C:Program FilesInstallShield Installation Information{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}setup.exe -runfromtemp -l0x0019 -removeonly
    RegCure 1.5.0.0—>C:Program FilesRegCureuninst.exe
    Security Update for 2007 Microsoft Office System (KB951550)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951944)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB958439)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
    Security Update for CAPICOM (KB931906)—>MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)—>MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Microsoft Office Excel 2007 (KB958437)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
    Security Update for Microsoft Office OneNote 2007 (KB950130)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office Publisher 2007 (KB950114)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB954326)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office system 2007 (KB956828)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
    Security Update for Microsoft Office Word 2007 (KB956358)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
    Seekeen 1.0 build 132—>C:Program FilesSeekeenuninstall.exe
    SmartShopper—>C:Program FilesSmart-ShopperUninst.exe
    SpeedFan (remove only)—>»C:Program FilesSpeedFanuninstall.exe»
    Spelling Dictionaries Support For Adobe Reader 9—>MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
    Total Commander 7.02 cyrax pack—>»C:Program Filestotalcmdunins000.exe»
    Update for Microsoft Office Outlook 2007 (KB952142)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
    Update for Office 2007 (KB946691)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Outlook 2007 Junk Email Filter (kb958619)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}
    Winamp—>»C:Program FilesWinampUninstWA.exe»
    Windows Driver Package — Nokia Modem (06/12/2006 6.81.0.21)—>C:PROGRA~1DIFXD6ACC4BE676423A2B130B78A4B627FC457D98997dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_62A340731F8930057B44B8864F236850B0D49D65nokbtmdm.inf
    Windows Live Messenger—>MsiExec.exe /X{087B2CCA-0F1C-4434-B7C6-6B5E0EFD31BC}
    Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
    Windows XP Service Pack 3—>»C:WINDOWS$NtServicePackUninstall$spuninstspuninst.exe»
    WinRAR archiver—>C:Program FilesWinRARuninstall.exe
    Баланс счёта 2.1—>C:Program FilesMeGaNeTБаланс счётаUninstall.exe
    Интернет помощник MyCentria—>C:Program FilesMyCentriaMyCentriaUninstall.exe
    Исправление для Windows XP (KB932716-v2)—>»C:WINDOWS$NtUninstallKB932716-v2$spuninstspuninst.exe»
    Исправление для Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
    Обновление безопасности для Windows Internet Explorer 7 (KB938127)—>»C:WINDOWSie7updatesKB938127-IE7spuninstspuninst.exe»
    Обновление безопасности для Windows Internet Explorer 7 (KB950759)—>»C:WINDOWSie7updatesKB950759-IE7spuninstspuninst.exe»
    Обновление безопасности для Windows Internet Explorer 7 (KB953838)—>»C:WINDOWSie7updatesKB953838-IE7spuninstspuninst.exe»
    Обновление безопасности для Windows Internet Explorer 7 (KB956390)—>»C:WINDOWSie7updatesKB956390-IE7spuninstspuninst.exe»
    Обновление безопасности для Windows Internet Explorer 7 (KB958215)—>»C:WINDOWSie7updatesKB958215-IE7spuninstspuninst.exe»
    Обновление безопасности для Windows Internet Explorer 7 (KB960714)—>»C:WINDOWSie7updatesKB960714-IE7spuninstspuninst.exe»
    Обновление безопасности для Windows XP — (KB923689)—>»C:WINDOWS$NtUninstallKB923689$spuninstspuninst.exe»
    Обновление безопасности для Windows XP — (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB923789)—>C:WINDOWSsystem32MacroMedFlashgenuinst.exe C:WINDOWSsystem32MacroMedFlashKB923789.inf
    Обновление безопасности для Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB950759)—>»C:WINDOWS$NtUninstallKB950759$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB950760)—>»C:WINDOWS$NtUninstallKB950760$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB951376)—>»C:WINDOWS$NtUninstallKB951376$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB954211)—>»C:WINDOWS$NtUninstallKB954211$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB954459)—>»C:WINDOWS$NtUninstallKB954459$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB956391)—>»C:WINDOWS$NtUninstallKB956391$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB956841)—>»C:WINDOWS$NtUninstallKB956841$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB957095)—>»C:WINDOWS$NtUninstallKB957095$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
    Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
    Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
    Обновление для Windows XP (KB942763)—>»C:WINDOWS$NtUninstallKB942763$spuninstspuninst.exe»
    Обновление для Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
    Обновление для Windows XP (KB951978)—>»C:WINDOWS$NtUninstallKB951978$spuninstspuninst.exe»
    Обновление для Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
    Русификатор PowerDVD 5.0 (только удаление)—>»C:Program FilesCyberLinkPowerDVDrus_uninstall.exe»

    ======Security center information======

    AV: Bitdefender Antivirus

    System event log

    Computer Name: LARISA
    Event Code: 18
    Message: Все готово к установке: следующие обновления загружены и готовы к установке. Установка обновлений будет выполнена по расписанию 31 декабря 2008 г. в 3:00:
    — Обновление безопасности для Outlook 2002 (KB905649)
    — Обновление системы безопасности для Microsoft Publisher 2002 (KB950129)
    — Обновление системы безопасности для Microsoft Office XP (KB953405)
    — Обновление Office XP: KB837253
    — Обновление Office XP — KB833858
    — Обновление системы безопасности для Microsoft Office XP (KB921596)

    Record Number: 37983
    Source Name: Windows Update Agent
    Time Written: 20081230135510.000000+180
    Event Type: информация
    User:

    Computer Name: LARISA
    Event Code: 18
    Message: Все готово к установке: следующие обновления загружены и готовы к установке. Установка обновлений будет выполнена по расписанию 31 декабря 2008 г. в 3:00:
    — Обновление безопасности для Outlook 2002 (KB905649)
    — Обновление системы безопасности для Microsoft Publisher 2002 (KB950129)
    — Обновление системы безопасности для Microsoft Office XP (KB953405)
    — Обновление Office XP: KB837253
    — Обновление Office XP — KB833858

    Record Number: 37982
    Source Name: Windows Update Agent
    Time Written: 20081230135504.000000+180
    Event Type: информация
    User:

    Computer Name: LARISA
    Event Code: 18
    Message: Все готово к установке: следующие обновления загружены и готовы к установке. Установка обновлений будет выполнена по расписанию 31 декабря 2008 г. в 3:00:
    — Обновление безопасности для Outlook 2002 (KB905649)
    — Обновление системы безопасности для Microsoft Publisher 2002 (KB950129)
    — Обновление системы безопасности для Microsoft Office XP (KB953405)
    — Обновление Office XP: KB837253

    Record Number: 37981
    Source Name: Windows Update Agent
    Time Written: 20081230135504.000000+180
    Event Type: информация
    User:

    Computer Name: LARISA
    Event Code: 18
    Message: Все готово к установке: следующие обновления загружены и готовы к установке. Установка обновлений будет выполнена по расписанию 31 декабря 2008 г. в 3:00:
    — Обновление безопасности для Outlook 2002 (KB905649)
    — Обновление системы безопасности для Microsoft Publisher 2002 (KB950129)
    — Обновление системы безопасности для Microsoft Office XP (KB953405)

    Record Number: 37980
    Source Name: Windows Update Agent
    Time Written: 20081230135453.000000+180
    Event Type: информация
    User:

    Computer Name: LARISA
    Event Code: 18
    Message: Все готово к установке: следующие обновления загружены и готовы к установке. Установка обновлений будет выполнена по расписанию 31 декабря 2008 г. в 3:00:
    — Обновление безопасности для Outlook 2002 (KB905649)
    — Обновление системы безопасности для Microsoft Publisher 2002 (KB950129)

    Record Number: 37979
    Source Name: Windows Update Agent
    Time Written: 20081230135430.000000+180
    Event Type: информация
    User:

    Application event log

    Computer Name: LARISA
    Event Code: 1
    Message:
    Record Number: 1009
    Source Name: Bonjour Service
    Time Written: 20080824170308.000000+240
    Event Type: информация
    User:

    Computer Name: LARISA
    Event Code: 105
    Message: The service was started.

    Record Number: 1008
    Source Name: ATI Smart
    Time Written: 20080824170304.000000+240
    Event Type: информация
    User:

    Computer Name: LARISA
    Event Code: 1800
    Message: Служба центра обеспечения безопасности Windows запущена.

    Record Number: 1007
    Source Name: SecurityCenter
    Time Written: 20080824092107.000000+240
    Event Type: информация
    User:

    Computer Name: LARISA
    Event Code: 1
    Message:
    Record Number: 1006
    Source Name: Bonjour Service
    Time Written: 20080824092106.000000+240
    Event Type: информация
    User:

    Computer Name: LARISA
    Event Code: 105
    Message: The service was started.

    Record Number: 1005
    Source Name: ATI Smart
    Time Written: 20080824092101.000000+240
    Event Type: информация
    User:

    ======Environment variables======

    «ComSpec»=%SystemRoot%system32cmd.exe
    «Path»=C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:Program FilesATI TechnologiesATI Control Panel;C:Program FilesATI TechnologiesATI.ACE;C:Program FilesCommon FilesAdobeAGL;C:Program FilesCommon FilesTeleca Shared;C:Program FilesQuickTimeQTSystem
    «windir»=%SystemRoot%
    «FP_NO_HOST_CHECK»=NO
    «OS»=Windows_NT
    «PROCESSOR_ARCHITECTURE»=x86
    «PROCESSOR_LEVEL»=6
    «PROCESSOR_IDENTIFIER»=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
    «PROCESSOR_REVISION»=0a00
    «NUMBER_OF_PROCESSORS»=1
    «PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    «TEMP»=%SystemRoot%TEMP
    «TMP»=%SystemRoot%TEMP
    «CLASSPATH»=.;C:Program FilesQuickTimeQTSystemQTJava.zip
    «QTJAVA»=C:Program FilesQuickTimeQTSystemQTJava.zip

    EOF

    Содержание файла log:
    Logfile of random’s system information tool 1.05 (written by random/random)
    Run by Lord at 2009-01-08 13:53:42
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 13 GB (49%) free of 27 GB
    Total RAM: 2047 MB (78% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:53:43, on 08.01.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:WINDOWSSystem32smss.exe
    C:WINDOWSsystem32winlogon.exe
    C:WINDOWSsystem32services.exe
    C:WINDOWSsystem32lsass.exe
    C:WINDOWSsystem32Ati2evxx.exe
    C:WINDOWSsystem32svchost.exe
    C:WINDOWSSystem32svchost.exe
    C:WINDOWSsystem32Ati2evxx.exe
    C:WINDOWSsystem32spoolsv.exe
    C:Program FilesATI TechnologiesATI.ACEcli.exe
    C:Program FilesSoftwinBitDefender10bdagent.exe
    C:Program FilesWinampwinampa.exe
    C:Program FilesiTunesiTunesHelper.exe
    C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
    C:WINDOWSSOUNDMAN.EXE
    C:WINDOWSsystem32ctfmon.exe
    C:WINDOWSsystem32svchost.exe
    C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
    C:Program FilesBonjourmDNSResponder.exe
    C:Program FilesCommon FilesEPSONEBAPISAgent2.exe
    C:WINDOWSsystem32svchost.exe
    C:Program FilesCommon FilesSoftwinBitDefender Communicatorxcommsvr.exe
    C:Program FilesCommon FilesSoftwinBitDefender Scan Serverbdss.exe
    C:Program FilesCommon FilesSoftwinBitDefender Update Servicelivesrv.exe
    C:Program FilesSoftwinBitDefender10vsserv.exe
    C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe
    C:Program FilesiPodbiniPodService.exe
    C:Program FilesSeekeenseekeen.exe
    C:WINDOWSexplorer.exe
    C:Program FilesSoftwinBitDefender10bdmcon.exe
    C:Program FilesOperaopera.exe
    C:Documents and SettingsLordРабочий столRSIT.exe
    C:Program Filestrend microLord.exe

    R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
    R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
    R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
    R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
    R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
    R3 — URLSearchHook: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — (no file)
    R3 — URLSearchHook: free-downloads.net Toolbar — {ecdee021-0d17-467f-a1ff-c7a115230949} — C:Program Filesfree-downloads.nettbfree.dll
    R3 — URLSearchHook: My-Tool Toolbar — {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} — C:Program FilesMy-TooltbMy-0.dll
    O2 — BHO: My-Tool Toolbar — {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} — C:Program FilesMy-TooltbMy-0.dll
    O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
    O2 — BHO: Smart-Shopper — {4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} — C:Program FilesSmart-ShopperBin2.5.1Smrt-Shpr.dll
    O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
    O2 — BHO: (no name) — {7E853D72-626A-48EC-A868-BA8D5E23E045} — (no file)
    O2 — BHO: free-downloads.net Toolbar — {ecdee021-0d17-467f-a1ff-c7a115230949} — C:Program Filesfree-downloads.nettbfree.dll
    O2 — BHO: (no name) — {FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86} — (no file)
    O3 — Toolbar: free-downloads.net Toolbar — {ecdee021-0d17-467f-a1ff-c7a115230949} — C:Program Filesfree-downloads.nettbfree.dll
    O3 — Toolbar: My-Tool Toolbar — {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} — C:Program FilesMy-TooltbMy-0.dll
    O4 — HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
    O4 — HKLM..Run: [ATICCC] «C:Program FilesATI TechnologiesATI.ACEcli.exe» runtime
    O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
    O4 — HKLM..Run: [OSSelectorReinstall] C:Program FilesCommon FilesAcronisAcronis Disk Directoross_reinstall.exe
    O4 — HKLM..Run: [BDMCon] «C:Program FilesSoftwinBitDefender10bdmcon.exe» /reg
    O4 — HKLM..Run: [BDAgent] «C:Program FilesSoftwinBitDefender10bdagent.exe»
    O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
    O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
    O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
    O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeqttask.exe» -atboottime
    O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
    O4 — HKLM..Run: [GrooveMonitor] «C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
    O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
    O4 — HKLM..Run: [PCSuiteTrayApplication] C:PROGRA~1NokiaNOKIAP~1LAUNCH~1.EXE -startup
    O4 — HKLM..Run: [Adobe Photo Downloader] «C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe»
    O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
    O4 — HKCU..Run: [PcSync] C:Program FilesNokiaNokia PC Suite 6PcSync2.exe /NoDialog
    O4 — HKCU..PoliciesExplorerRun: [NT Printing Services6] dllhosts.exe
    O4 — HKCU..PoliciesExplorerRun: [Windows Printing Driver] doskeys.exe
    O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
    O4 — HKUSS-1-5-18..Run: [] (User ‘SYSTEM’)
    O4 — HKUSS-1-5-18..Run: [ATICCC] «C:Program FilesATI TechnologiesATI.ACEcli.exe» runtime (User ‘SYSTEM’)
    O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
    O4 — Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
    O4 — Global Startup: ATI CATALYST System Tray.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
    O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
    O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
    O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
    O9 — Extra button: SmartShopper — Compare product prices — {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} — C:Program FilesSmart-ShopperBin2.5.1Smrt-Shpr.dll
    O9 — Extra button: SmartShopper — Compare travel rates — {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} — C:Program FilesSmart-ShopperBin2.5.1Smrt-Shpr.dll
    O9 — Extra button: (no name) — {53F6FCCD-9E22-4d71-86EA-6E43136192AB} — (no file)
    O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
    O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
    O9 — Extra button: (no name) — {925DAB62-F9AC-4221-806A-057BFB1014AA} — (no file)
    O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
    O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O16 — DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) — C:Program FilesYahoo!Commonyinsthelper.dll
    O17 — HKLMSystemCCSServicesTcpip..{660FB92A-4304-4EB3-9153-5CAA9F813B14}: NameServer = 213.234.192.8 85.21.192.3
    O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
    O21 — SSODL: UpdateCheck — {DD4067E5-DC1F-41DC-8468-3B42B59F353A} — (no file)
    O23 — Service: ArcSoft Connect Daemon (ACDaemon) — — (no file)
    O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
    O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
    O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
    O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
    O23 — Service: BitDefender Scan Server (bdss) — Unknown owner — C:Program FilesCommon FilesSoftwinBitDefender Scan Serverbdss.exe
    O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
    O23 — Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) — SEIKO EPSON CORPORATION — C:Program FilesCommon FilesEPSONEBAPISAgent2.exe
    O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
    O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
    O23 — Service: BitDefender Desktop Update Service (LIVESRV) — SOFTWIN S.R.L. — C:Program FilesCommon FilesSoftwinBitDefender Update Servicelivesrv.exe
    O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
    O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
    O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
    O23 — Service: Seekeen Service — Unknown owner — C:Program FilesSeekeenseekeen.exe
    O23 — Service: ServiceLayer — Nokia. — C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe
    O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
    O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
    O23 — Service: BitDefender Virus Shield (VSSERV) — SOFTWIN S.R.L. — C:Program FilesSoftwinBitDefender10vsserv.exe
    O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe
    O23 — Service: BitDefender Communicator (XCOMM) — SOFTWIN S.R.L — C:Program FilesCommon FilesSoftwinBitDefender Communicatorxcommsvr.exe

    —
    End of file — 10803 bytes

    ======Scheduled tasks folder======

    C:WINDOWStasksPCConfidential.job
    C:WINDOWStasksRegCure Program Check.job
    C:WINDOWStasksRegCure.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}]
    My-Tool Toolbar — C:Program FilesMy-TooltbMy-0.dll [2008-06-24 1568792]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}]
    Smart-Shopper — C:Program FilesSmart-ShopperBin2.5.1Smrt-Shpr.dll [2008-10-07 1172952]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{ecdee021-0d17-467f-a1ff-c7a115230949}]
    free-downloads.net Toolbar — C:Program Filesfree-downloads.nettbfree.dll [2008-02-14 1555480]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86}]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
    {ecdee021-0d17-467f-a1ff-c7a115230949} — free-downloads.net Toolbar — C:Program Filesfree-downloads.nettbfree.dll [2008-02-14 1555480]
    {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} — My-Tool Toolbar — C:Program FilesMy-TooltbMy-0.dll [2008-06-24 1568792]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
    «ATIPTA»=C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe [2004-11-24 344064]
    «ATICCC»=C:Program FilesATI TechnologiesATI.ACEcli.exe [2004-11-24 32768]
    «NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
    «OSSelectorReinstall»=C:Program FilesCommon FilesAcronisAcronis Disk Directoross_reinstall.exe [2005-11-30 1558037]
    «BDMCon»=C:Program FilesSoftwinBitDefender10bdmcon.exe [2007-04-02 290816]
    «BDAgent»=C:Program FilesSoftwinBitDefender10bdagent.exe [2007-03-26 69632]
    «MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2008-12-10 4428472]
    «Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2008-06-12 34672]
    «WinampAgent»=C:Program FilesWinampwinampa.exe [2008-08-04 36352]
    «QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2008-11-04 413696]
    «iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2008-11-20 290088]
    «GrooveMonitor»=C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2007-08-24 33648]
    «SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-16 577536]
    «PCSuiteTrayApplication»=C:PROGRA~1NokiaNOKIAP~1LAUNCH~1.EXE [2006-06-15 229376]
    «Adobe Photo Downloader»=C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe [2005-06-06 57344]

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
    «CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
    «PcSync»=C:Program FilesNokiaNokia PC Suite 6PcSync2.exe [2006-06-27 1449984]

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun]
    «NT Printing Services6″=C:WINDOWSsystem32dllhosts.exe [2009-01-04 52224]
    «Windows Printing Driver»=C:WINDOWSsystem32doskeys.exe [2004-08-30 366080]

    C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
    ATI CATALYST System Tray.lnk — C:Program FilesATI TechnologiesATI.ACECLI.exe

    C:Documents and SettingsLordГлавное менюПрограммыАвтозагрузка
    Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
    C:WINDOWSsystem32Ati2evxx.dll [2004-11-24 94208]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
    UpdateCheck — {DD4067E5-DC1F-41DC-8468-3B42B59F353A}

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
    «{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
    «dontdisplaylastusername»=0
    «legalnoticecaption»=
    «legalnoticetext»=
    «shutdownwithoutlogon»=1
    «undockwithoutlogon»=1

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
    «NoDriveTypeAutoRun»=145

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
    «%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
    «C:Program FilesMail.RuAgentmagent.exe»=»C:Program FilesMail.RuAgentmagent.exe:*:Enabled:Mail.Ru Агент»
    «C:Program FilesQIPqip.exe»=»C:Program FilesQIPqip.exe:*:Enabled:Quiet Internet Pager»
    «C:Program FilestotalcmdTOTALCMD.EXE»=»C:Program FilestotalcmdTOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows»
    «C:Program FileseMuleemule.exe»=»C:Program FileseMuleemule.exe:*:Enabled:eMule»
    «C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
    «%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
    «C:Program FilesOperaOpera.exe»=»C:Program FilesOperaOpera.exe:*:Enabled:Opera Internet Browser»
    «C:Program FilesWindows LiveMessengermsnmsgr.exe»=»C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger»
    «C:Program FilesWindows LiveMessengerlivecall.exe»=»C:Program FilesWindows LiveMessengerlivecall.exe:*:Enabled:Windows Live Messenger (Phone)»
    «C:Program FilesWinamp RemotebinOrb.exe»=»C:Program FilesWinamp RemotebinOrb.exe:*:Enabled:Orb»
    «C:Program FilesWinamp RemotebinOrbTray.exe»=»C:Program FilesWinamp RemotebinOrbTray.exe:*:Enabled:OrbTray»
    «C:Program FilesWinamp RemotebinOrbStreamerClient.exe»=»C:Program FilesWinamp RemotebinOrbStreamerClient.exe:*:Enabled:Orb Stream Client»
    «C:Program FilesKodakKodak EasyShare softwarebinEasyShare.exe»=»C:Program FilesKodakKodak EasyShare softwarebinEasyShare.exe:*:Enabled:EasyShare»
    «C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
    «C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»
    «C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
    «C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
    «C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
    «%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
    «%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
    «C:Program FilesWindows LiveMessengermsnmsgr.exe»=»C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger»
    «C:Program FilesWindows LiveMessengerlivecall.exe»=»C:Program FilesWindows LiveMessengerlivecall.exe:*:Enabled:Windows Live Messenger (Phone)»

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2291ac5b-d993-11dd-b142-00001e000909}]
    shellopencommand — rundll32.exe .\metscax.dll,InstallM

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{449791d0-3e2c-11dd-ae21-00001e000909}]
    shellopencommand — rundll32.exe .\toolhdlp.dll,InstallM

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{777b9ef2-d71f-11dd-b13a-00001e000909}]
    shellopencommand — rundll32.exe .\miwefilt.dll,InstallM

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{8465f7be-cd35-11dd-b113-00001e000909}]
    shellopencommand — rundll32.exe .\kbdinmcl.dll,InstallM

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b1f8cd46-49ff-11dd-ae6d-00001e000909}]
    shellopencommand — rundll32.exe .\dddml.dll,InstallM

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c9cdc8f0-52f4-11dd-ae8a-00001e000909}]
    shellopencommand — rundll32.exe .\ginmm.dll,InstallM

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{d67b905e-5a80-11dd-aeb2-00001e000909}]
    shellopencommand — rundll32.exe .\ieul.dll,InstallM

    ======List of files/folders created in the last 1 months======

    2009-01-08 13:52:31 —-D—- C:rsit
    2009-01-08 13:52:31 —-D—- C:Program Filestrend micro
    2009-01-05 15:46:01 —-D—- C:Documents and SettingsLordApplication DataNokia Multimedia Player
    2009-01-05 15:24:57 —-D—- C:Documents and SettingsLordApplication DataNokia
    2009-01-05 15:24:57 —-D—- C:Documents and SettingsLordApplication DataDatalayer
    2009-01-05 14:58:38 —-D—- C:Documents and SettingsLordApplication DataAdobeAUM
    2009-01-05 14:41:05 —-D—- C:Program FilesDIFX
    2009-01-05 14:40:29 —-D—- C:Program FilesCommon FilesNokia
    2009-01-05 14:40:12 —-D—- C:Documents and SettingsLordApplication DataPC Suite
    2009-01-05 14:40:12 —-D—- C:Documents and SettingsAll UsersApplication DataPC Suite
    2009-01-05 14:40:08 —-D—- C:Program FilesCommon FilesPCSuite
    2009-01-05 14:40:02 —-A—- C:WINDOWSsystem32nmwcdlog.dll
    2009-01-05 14:40:02 —-A—- C:WINDOWSsystem32nmwcdcocls.dll
    2009-01-05 14:39:51 —-A—- C:WINDOWSsystem32nmwcdcls.dll
    2009-01-05 14:39:50 —-D—- C:Program FilesNokia
    2009-01-05 14:39:43 —-D—- C:Documents and SettingsAll UsersApplication DataDownloaded Installations
    2009-01-04 19:22:13 —-A—- C:WINDOWSsystem32AutoPartNt.exe
    2009-01-04 14:23:27 —-A—- C:WINDOWSsystem32doskeys.exe
    2009-01-04 14:23:23 —-A—- C:WINDOWSsystem32gh14rs.txt
    2009-01-04 14:23:23 —-A—- C:WINDOWSsystem32dllhosts.exe
    2009-01-04 14:21:13 —-D—- C:Program FilesMy-Tool
    2009-01-04 12:57:06 —-A—- C:WINDOWSsystem32RtNicProp32.dll
    2009-01-04 12:57:05 —-D—- C:WINDOWSOPTIONS
    2009-01-04 12:57:05 —-D—- C:Program FilesRealtek
    2009-01-04 12:56:54 —-D—- C:Documents and SettingsLordApplication DataInstallShield
    2009-01-04 12:53:17 —-D—- C:Documents and SettingsLordApplication DataWinRAR
    2009-01-04 12:47:57 —-D—- C:Program FilesRealtek AC97
    2009-01-04 03:00:31 —-D—- C:Program FilesMicrosoft CAPICOM 2.1.0.2
    2009-01-03 22:42:50 —-A—- C:WINDOWSsystem32msonpmon.dll
    2009-01-03 22:39:47 —-D—- C:Program FilesMicrosoft Works
    2009-01-03 22:39:34 —-D—- C:Program FilesMSBuild
    2009-01-03 22:39:04 —-D—- C:Program FilesMicrosoft Visual Studio
    2009-01-03 22:39:04 —-D—- C:Program FilesCommon FilesDESIGNER
    2009-01-03 22:38:09 —-D—- C:Program FilesMicrosoft.NET
    2009-01-03 22:35:11 —-D—- C:Program FilesMicrosoft Visual Studio 8
    2009-01-03 22:34:00 —-D—- C:Documents and SettingsAll UsersApplication DataMicrosoft Help
    2009-01-03 22:33:12 —-RHD—- C:MSOCache
    2009-01-03 19:35:33 —-D—- C:Documents and SettingsAll UsersApplication DataWinferno
    2009-01-03 19:31:03 —-A—- C:WINDOWSsystem32CapiCom.dll
    2009-01-03 19:30:50 —-D—- C:Program FilesSeekeen
    2009-01-03 19:30:47 —-D—- C:Documents and SettingsLordApplication DataSmart-Shopper
    2009-01-03 19:30:46 —-D—- C:Program FilesSmart-Shopper
    2009-01-03 17:59:26 —-D—- C:WINDOWSsystem32NtmsData
    2009-01-02 17:01:29 —-A—- C:WINDOWSsystem32GEARAspi.dll
    2009-01-02 17:01:09 —-D—- C:Program FilesiPod
    2009-01-02 17:01:06 —-D—- C:Program FilesiTunes
    2009-01-02 17:01:06 —-D—- C:Documents and SettingsAll UsersApplication Data{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2009-01-02 17:00:50 —-D—- C:Program FilesBonjour
    2009-01-02 16:59:59 —-D—- C:Program FilesQuickTime
    2009-01-02 16:58:52 —-D—- C:Program FilesApple Software Update
    2009-01-02 16:18:08 —-D—- C:Program FilesCommon FilesApple
    2009-01-01 18:34:52 —-D—- C:Documents and SettingsLordApplication DataSkinux
    2009-01-01 18:32:17 —-D—- C:Documents and SettingsLordApplication DataArcSoft
    2009-01-01 18:32:15 —-D—- C:Documents and SettingsAll UsersApplication DataArcSoft
    2009-01-01 18:31:49 —-D—- C:Program FilesCommon FilesArcSoft
    2009-01-01 18:31:49 —-D—- C:Program FilesArcSoft
    2009-01-01 18:26:53 —-HDC—- C:WINDOWS$NtUninstallKB932716-v2$
    2009-01-01 18:26:25 —-N—- C:WINDOWSsystem32imapi2fs.dll
    2009-01-01 18:26:25 —-N—- C:WINDOWSsystem32imapi2.dll
    2009-01-01 18:26:21 —-D—- C:Program FilesKodak
    2009-01-01 18:21:00 —-D—- C:Documents and SettingsAll UsersApplication DataKodak
    2008-12-30 18:13:10 —-D—- C:Documents and SettingsAll UsersApplication DataAlawarWrapper
    2008-12-27 00:12:19 —-A—- C:WINDOWSsystem32muweb.dll
    2008-12-27 00:12:19 —-A—- C:WINDOWSsystem32mucltui.dll.mui
    2008-12-27 00:12:19 —-A—- C:WINDOWSsystem32mucltui.dll
    2008-12-25 21:01:25 —-A—- C:WINDOWSsystem32d3dx9_32.dll
    2008-12-25 21:00:55 —-D—- C:Program FilesMicrosoft SQL Server Compact Edition
    2008-12-25 21:00:36 —-D—- C:Program FilesWindows Live Toolbar
    2008-12-25 20:57:16 —-SHDC—- C:Program FilesCommon FilesWindowsLiveInstaller
    2008-12-25 20:57:07 —-D—- C:Program FilesWindows Live
    2008-12-25 20:56:56 —-D—- C:Documents and SettingsAll UsersApplication DataWLInstaller
    2008-12-25 20:56:44 —-D—- C:Program FilesMyCentria
    2008-12-11 00:37:45 —-HDC—- C:WINDOWS$NtUninstallKB955839$
    2008-12-11 00:37:21 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
    2008-12-11 00:37:16 —-HDC—- C:WINDOWS$NtUninstallKB954600$
    2008-12-11 00:37:10 —-HDC—- C:WINDOWS$NtUninstallKB956802$
    2008-12-10 00:25:22 —-D—- C:Documents and SettingsLordApplication DataMra

    ======List of files/folders modified in the last 1 months======

    2009-01-08 13:53:00 —-D—- C:WINDOWSPrefetch
    2009-01-08 13:52:31 —-RD—- C:Program Files
    2009-01-08 13:45:13 —-D—- C:WINDOWSTemp
    2009-01-08 12:32:41 —-A—- C:WINDOWSSchedLgU.Txt
    2009-01-07 17:35:39 —-A—- C:WINDOWSNeroDigital.ini
    2009-01-07 12:04:26 —-D—- C:Program FileseMule
    2009-01-06 22:24:52 —-D—- C:Program FilesMozilla Firefox
    2009-01-06 22:00:20 —-D—- C:WINDOWSsystem32CatRoot2
    2009-01-06 11:17:05 —-D—- C:Documents and SettingsLordApplication DatauTorrent
    2009-01-05 15:54:17 —-SHD—- C:WINDOWSInstaller
    2009-01-05 15:54:15 —-D—- C:Program FilesOpera
    2009-01-05 15:24:52 —-D—- C:WINDOWSsystem32drivers
    2009-01-05 15:24:15 —-D—- C:WINDOWSsystem32
    2009-01-05 14:58:37 —-D—- C:Documents and SettingsLordApplication DataAdobe
    2009-01-05 14:57:47 —-HD—- C:WINDOWSinf
    2009-01-05 14:43:40 —-RSD—- C:WINDOWSFonts
    2009-01-05 14:43:39 —-D—- C:Program FilesAdobe
    2009-01-05 14:43:39 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
    2009-01-05 14:43:18 —-D—- C:WINDOWSDownloaded Installations
    2009-01-05 14:41:03 —-DC—- C:WINDOWSsystem32DRVSTORE
    2009-01-05 14:40:29 —-D—- C:Program FilesCommon Files
    2009-01-04 21:22:49 —-D—- C:WINDOWSMinidump
    2009-01-04 14:26:33 —-A—- C:WINDOWSsystem32rar.exe
    2009-01-04 14:16:18 —-SD—- C:Documents and SettingsLordApplication DataMicrosoft
    2009-01-04 13:11:45 —-D—- C:WINDOWSsystem32wbem
    2009-01-04 13:11:45 —-AC—- C:WINDOWSsystem32PerfStringBackup.INI
    2009-01-04 12:57:05 —-HD—- C:Program FilesInstallShield Installation Information
    2009-01-04 12:53:33 —-D—- C:Program FilesWinRAR
    2009-01-04 12:48:20 —-RSHDC—- C:WINDOWSsystem32dllcache
    2009-01-04 03:02:24 —-D—- C:WINDOWSsystem32CatRoot
    2009-01-04 02:59:41 —-RSD—- C:WINDOWSassembly
    2009-01-03 23:23:21 —-D—- C:Program FilesCommon FilesMicrosoft Shared
    2009-01-03 23:23:18 —-D—- C:WINDOWSWinSxS
    2009-01-03 23:07:21 —-D—- C:Program FilesSpeedFan
    2009-01-03 23:00:33 —-A—- C:WINDOWSwin.ini
    2009-01-03 22:46:17 —-D—- C:WINDOWSShellNew
    2009-01-03 22:46:03 —-D—- C:Program FilesCommon FilesSystem
    2009-01-03 22:42:28 —-D—- C:WINDOWSsystem32config
    2009-01-03 22:39:21 —-D—- C:Program FilesMicrosoft Office
    2009-01-03 22:38:09 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
    2009-01-03 19:45:29 —-SD—- C:WINDOWSTasks
    2009-01-03 17:54:18 —-D—- C:WINDOWSDebug
    2009-01-02 16:59:58 —-D—- C:Documents and SettingsAll UsersApplication DataApple Computer
    2009-01-02 15:56:32 —-D—- C:Program FilesWinamp
    2009-01-01 19:16:38 —-D—- C:WINDOWSMicrosoft.NET
    2009-01-01 18:42:52 —-D—- C:WINDOWSHelp
    2009-01-01 18:27:47 —-D—- C:Program FilesInternet Explorer
    2008-12-30 13:46:58 —-D—- C:Program FilesMessenger
    2008-12-30 10:25:18 —-D—- C:Program FilesYahoo!
    2008-12-27 13:44:47 —-A—- C:WINDOWSwinamp.ini
    2008-12-27 01:42:31 —-D—- C:WINDOWSsystem32DirectX
    2008-12-25 22:55:59 —-D—- C:Program FilesCCleaner
    2008-12-25 20:59:01 —-D—- C:WINDOWSpchealth
    2008-12-20 14:04:30 —-HD—- C:WINDOWS$hf_mig$
    2008-12-13 19:44:23 —-D—- C:Program FilesCommon FilesAdobe
    2008-12-13 09:39:09 —-A—- C:WINDOWSsystem32mshtml.dll
    2008-12-10 02:24:37 —-A—- C:WINDOWSsystem32MRT.exe
    2008-12-10 00:28:29 —-D—- C:Program FilesMail.Ru
    2008-12-10 00:26:56 —-D—- C:Program FilesQIP

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK7;Драйвер AMD K7 процессора; C:WINDOWSsystem32DRIVERSamdk7.sys [2008-04-14 41984]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2007-04-25 4030144]
    R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2004-11-24 872960]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:WINDOWSsystem32DRIVERSGEARAspiWDM.sys [2008-04-17 15464]
    R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-13 10368]
    R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2004-08-18 12160]
    R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2008-06-18 9856]
    R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtnicxp.sys [2008-10-30 117120]
    R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-13 30208]
    R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-13 59520]
    R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-04-13 17152]
    S3 bdfdll;bdfdll; ??C:Program FilesSoftwinBitDefender10bdfdll.sys []
    S3 BDFsDrv;BDFsDrv; ??C:Program FilesSoftwinBitDefender10bdfsdrv.sys []
    S3 BDRsDrv;BDRsDrv; ??C:Program FilesSoftwinBitDefender10bdrsdrv.sys []
    S3 Nokia USB Generic;Nokia USB Generic; C:WINDOWSsystem32driversnmwcdc.sys [2006-05-29 8704]
    S3 Nokia USB Modem;Nokia USB Modem; C:WINDOWSsystem32driversnmwcdcm.sys [2006-05-29 13312]
    S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:WINDOWSsystem32driversnmwcd.sys [2006-05-29 127488]
    S3 Nokia USB Port;Nokia USB Port; C:WINDOWSsystem32driversnmwcdcj.sys [2006-05-29 13312]
    S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-04 20992]
    S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:WINDOWSsystem32DRIVERSs125bus.sys [2007-04-24 83336]
    S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:WINDOWSsystem32DRIVERSs125mdfl.sys [2007-04-24 15112]
    S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:WINDOWSsystem32DRIVERSs125mdm.sys [2007-04-24 108680]
    S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:WINDOWSsystem32DRIVERSs125mgmt.sys [2007-04-24 100488]
    S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:WINDOWSsystem32DRIVERSs125obex.sys [2007-04-24 98696]
    S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-13 32128]
    S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-13 15104]
    S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
    S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2008-11-07 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2004-11-24 425984]
    R2 bdss;BitDefender Scan Server; C:Program FilesCommon FilesSoftwinBitDefender Scan Serverbdss.exe [2007-01-19 81920]
    R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-08-29 238888]
    R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:Program FilesCommon FilesEPSONEBAPISAgent2.exe [2002-07-17 94208]
    R2 LIVESRV;BitDefender Desktop Update Service; C:Program FilesCommon FilesSoftwinBitDefender Update Servicelivesrv.exe [2008-10-27 278528]
    R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
    R2 VSSERV;BitDefender Virus Shield; C:Program FilesSoftwinBitDefender10vsserv.exe [2007-10-24 462848]
    R2 XCOMM;BitDefender Communicator; C:Program FilesCommon FilesSoftwinBitDefender Communicatorxcommsvr.exe [2006-11-09 86016]
    R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2008-11-20 536872]
    R3 ServiceLayer;ServiceLayer; C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe [2006-06-05 174080]
    S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2004-11-24 516096]
    S2 Seekeen Service;Seekeen Service; C:Program FilesSeekeenseekeen.exe [2008-12-09 4608]
    S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-07-05 72704]
    S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2007-08-24 68464]
    S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
    S3 usnjsvc;Служба Messenger Sharing Folders USN Journal Reader; C:Program FilesWindows LiveMessengerusnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:Program FilesWindows LiveinstallerWLSetupSvc.exe [2007-10-25 266240]

    EOF

    8 января, 2009 в 3:38 пп #20953
    Admin
    Keymaster
    • Темы:40
    • Сообщений:5676
    • ☆☆☆☆☆

    Здравствуйте, добро пожаловать на Spyware-ru форум.

    Судя по логу, ваш компьютер заражён несколькими троянам, включая autorun.inf троян.

    Прочитайте эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов. Скачайте и запустите Flash_Disinfector, не забудьте при этом по требованию программы вставить ваш флэш диск или подключить другие внешние устройства хранения информации.

    Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
    Запустите программу и в большое поле ввода (заголовок этого поля выделено желтым цветом) скопируйте следующий текст.

    :Processes
    
explorer.exe
    

    
:services
    
Seekeen Service
    

    
:reg
    
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}]
    

    
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun]
    
"NT Printing Services6"=-
    
"Windows Printing Driver"=-
    

    
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
    
"UpdateCheck"=-
    

    
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2291ac5b-d993-11dd-b142-00001e000909}]
    
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{449791d0-3e2c-11dd-ae21-00001e000909}]
    
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{777b9ef2-d71f-11dd-b13a-00001e000909}]
    
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{8465f7be-cd35-11dd-b113-00001e000909}]
    
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b1f8cd46-49ff-11dd-ae6d-00001e000909}]
    
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c9cdc8f0-52f4-11dd-ae8a-00001e000909}]
    
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{d67b905e-5a80-11dd-aeb2-00001e000909}]
    

    
:files
    
C:WINDOWSsystem32doskeys.exe
    
C:WINDOWSsystem32gh14rs.txt
    
C:WINDOWSsystem32dllhosts.exe
    
c:Program FilesMy-Tool
    
c:Program FilesSeekeen
    

    
:Commands
    
[emptytemp]
    
[start explorer]
    
[Reboot]

    Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
    По-завершении работы программы должен будет показан лог, вставьте его в ваш ответ.
    Так же к ответу приложите свежий RSIT лог.

    9 января, 2009 в 8:47 дп #20954
    Аноним
    Гость
    • Темы:532
    • Сообщений:1553
    • ☆☆☆☆☆

    Здравствуйте!Сделала все как вы сказали, вот лог программы OTMoveIt3:

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== SERVICES/DRIVERS ==========
    Service Seekeen Service stopped successfully.
    Service Seekeen Service deleted successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}\ deleted successfully.
    Registry value HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun\NT Printing Services6 deleted successfully.
    Registry value HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun\Windows Printing Driver deleted successfully.
    Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad\UpdateCheck deleted successfully.
    Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2291ac5b-d993-11dd-b142-00001e000909}\ deleted successfully.
    Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{449791d0-3e2c-11dd-ae21-00001e000909}\ deleted successfully.
    Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{777b9ef2-d71f-11dd-b13a-00001e000909}\ deleted successfully.
    Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{8465f7be-cd35-11dd-b113-00001e000909}\ deleted successfully.
    Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b1f8cd46-49ff-11dd-ae6d-00001e000909}\ deleted successfully.
    Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c9cdc8f0-52f4-11dd-ae8a-00001e000909}\ deleted successfully.
    Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{d67b905e-5a80-11dd-aeb2-00001e000909}\ deleted successfully.
    ========== FILES ==========
    File/Folder C:WINDOWSsystem32doskeys.exe not found.
    C:WINDOWSsystem32gh14rs.txt moved successfully.
    File move failed. C:WINDOWSsystem32dllhosts.exe scheduled to be moved on reboot.
    c:Program FilesMy-Tool moved successfully.
    c:Program FilesSeekeen moved successfully.
    ========== COMMANDS ==========
    File delete failed. C:DOCUME~1LordLOCALS~1TempPerflib_Perfdata_160.dat scheduled to be deleted on reboot.
    File delete failed. C:DOCUME~1LordLOCALS~1TempPerflib_Perfdata_58c.dat scheduled to be deleted on reboot.
    User’s Temp folder emptied.
    User’s Temporary Internet Files folder emptied.
    User’s Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    Windows Temp folder emptied.
    FireFox cache emptied.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps009adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps009md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps009url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps009w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps009wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps008adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps008md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps008url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps008w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps008wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps007adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps007md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps007url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps007w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps007wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps006adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps006md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps006url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps006w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps006wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps005adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps005md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps005url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps005w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps005wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps004adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps004md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps004url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps004w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps004wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps003adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps003md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps003url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps003w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps003wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps001adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps001md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps001url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps001w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps001wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps000adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps000md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps000url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps000w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps000wb.vx scheduled to be deleted on reboot.
    Opera cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 01092009_113832

    Files moved on Reboot…
    C:WINDOWSsystem32dllhosts.exe moved successfully.
    File C:DOCUME~1LordLOCALS~1TempPerflib_Perfdata_160.dat not found!
    File C:DOCUME~1LordLOCALS~1TempPerflib_Perfdata_58c.dat not found!
    C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps009adoc.bx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps009md.dat moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps009url.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps009w.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps009wb.vx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps008adoc.bx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps008md.dat moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps008url.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps008w.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps008wb.vx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps007adoc.bx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps007md.dat moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps007url.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps007w.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps007wb.vx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps006adoc.bx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps006md.dat moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps006url.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps006w.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps006wb.vx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps005adoc.bx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps005md.dat moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps005url.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps005w.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps005wb.vx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps004adoc.bx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps004md.dat moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps004url.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps004w.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps004wb.vx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps003adoc.bx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps003md.dat moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps003url.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps003w.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps003wb.vx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps001adoc.bx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps001md.dat moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps001url.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps001w.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps001wb.vx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps000adoc.bx moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps000md.dat moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps000url.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps000w.ax moved successfully.
    C:Documents and SettingsLordLocal SettingsApplication DataOperaOperaProfilevps000wb.vx moved successfully.

    и вот свежий лог программы RSIT:

    Logfile of random’s system information tool 1.05 (written by random/random)
    Run by Lord at 2009-01-09 11:46:37
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 13 GB (50%) free of 27 GB
    Total RAM: 2047 MB (80% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:46:40, on 09.01.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:WINDOWSSystem32smss.exe
    C:WINDOWSsystem32winlogon.exe
    C:WINDOWSsystem32services.exe
    C:WINDOWSsystem32lsass.exe
    C:WINDOWSsystem32Ati2evxx.exe
    C:WINDOWSsystem32svchost.exe
    C:WINDOWSSystem32svchost.exe
    C:WINDOWSsystem32Ati2evxx.exe
    C:WINDOWSExplorer.EXE
    C:WINDOWSsystem32spoolsv.exe
    C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
    C:Program FilesBonjourmDNSResponder.exe
    C:Program FilesATI TechnologiesATI.ACEcli.exe
    C:Program FilesCommon FilesEPSONEBAPISAgent2.exe
    C:Program FilesSoftwinBitDefender10bdmcon.exe
    C:Program FilesSoftwinBitDefender10bdagent.exe
    C:Program FilesWinampwinampa.exe
    C:WINDOWSsystem32svchost.exe
    C:Program FilesiTunesiTunesHelper.exe
    C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
    C:WINDOWSSOUNDMAN.EXE
    C:WINDOWSsystem32ctfmon.exe
    C:Program FilesATI TechnologiesATI.ACECLI.exe
    C:PROGRA~1COMMON~1NokiaMPAPIMPAPI3s.exe
    C:Program FilesCommon FilesSoftwinBitDefender Communicatorxcommsvr.exe
    C:Program FilesCommon FilesSoftwinBitDefender Update Servicelivesrv.exe
    C:Program FilesCommon FilesSoftwinBitDefender Scan Serverbdss.exe
    C:Program FilesSoftwinBitDefender10vsserv.exe
    C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe
    C:Program FilesiPodbiniPodService.exe
    C:WINDOWSsystem32wuauclt.exe
    C:Program FilesOperaopera.exe
    C:Documents and SettingsLordРабочий столRSIT.exe
    C:Program Filestrend microLord.exe

    R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
    R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
    R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
    R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
    R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
    R3 — URLSearchHook: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — (no file)
    R3 — URLSearchHook: free-downloads.net Toolbar — {ecdee021-0d17-467f-a1ff-c7a115230949} — C:Program Filesfree-downloads.nettbfree.dll
    R3 — URLSearchHook: My-Tool Toolbar — {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} — C:Program FilesMy-TooltbMy-0.dll (file missing)
    O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
    O2 — BHO: Smart-Shopper — {4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} — C:Program FilesSmart-ShopperBin2.5.1Smrt-Shpr.dll
    O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
    O2 — BHO: (no name) — {7E853D72-626A-48EC-A868-BA8D5E23E045} — (no file)
    O2 — BHO: free-downloads.net Toolbar — {ecdee021-0d17-467f-a1ff-c7a115230949} — C:Program Filesfree-downloads.nettbfree.dll
    O2 — BHO: (no name) — {FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86} — (no file)
    O3 — Toolbar: free-downloads.net Toolbar — {ecdee021-0d17-467f-a1ff-c7a115230949} — C:Program Filesfree-downloads.nettbfree.dll
    O3 — Toolbar: My-Tool Toolbar — {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} — C:Program FilesMy-TooltbMy-0.dll (file missing)
    O4 — HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
    O4 — HKLM..Run: [ATICCC] «C:Program FilesATI TechnologiesATI.ACEcli.exe» runtime
    O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
    O4 — HKLM..Run: [OSSelectorReinstall] C:Program FilesCommon FilesAcronisAcronis Disk Directoross_reinstall.exe
    O4 — HKLM..Run: [BDMCon] «C:Program FilesSoftwinBitDefender10bdmcon.exe» /reg
    O4 — HKLM..Run: [BDAgent] «C:Program FilesSoftwinBitDefender10bdagent.exe»
    O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
    O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
    O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
    O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeqttask.exe» -atboottime
    O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
    O4 — HKLM..Run: [GrooveMonitor] «C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
    O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
    O4 — HKLM..Run: [PCSuiteTrayApplication] C:PROGRA~1NokiaNOKIAP~1LAUNCH~1.EXE -startup
    O4 — HKLM..Run: [Adobe Photo Downloader] «C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe»
    O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
    O4 — HKCU..Run: [PcSync] C:Program FilesNokiaNokia PC Suite 6PcSync2.exe /NoDialog
    O4 — HKCU..PoliciesExplorerRun: [NT Printing Services6] dllhosts.exe
    O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
    O4 — HKUSS-1-5-18..Run: [] (User ‘SYSTEM’)
    O4 — HKUSS-1-5-18..Run: [ATICCC] «C:Program FilesATI TechnologiesATI.ACEcli.exe» runtime (User ‘SYSTEM’)
    O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
    O4 — Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
    O4 — Global Startup: ATI CATALYST System Tray.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
    O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
    O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
    O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
    O9 — Extra button: SmartShopper — Compare product prices — {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} — C:Program FilesSmart-ShopperBin2.5.1Smrt-Shpr.dll
    O9 — Extra button: SmartShopper — Compare travel rates — {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} — C:Program FilesSmart-ShopperBin2.5.1Smrt-Shpr.dll
    O9 — Extra button: (no name) — {53F6FCCD-9E22-4d71-86EA-6E43136192AB} — (no file)
    O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
    O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
    O9 — Extra button: (no name) — {925DAB62-F9AC-4221-806A-057BFB1014AA} — (no file)
    O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
    O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O16 — DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) — C:Program FilesYahoo!Commonyinsthelper.dll
    O17 — HKLMSystemCCSServicesTcpip..{660FB92A-4304-4EB3-9153-5CAA9F813B14}: NameServer = 213.234.192.8 85.21.192.3
    O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
    O23 — Service: ArcSoft Connect Daemon (ACDaemon) — — (no file)
    O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
    O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
    O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
    O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
    O23 — Service: BitDefender Scan Server (bdss) — Unknown owner — C:Program FilesCommon FilesSoftwinBitDefender Scan Serverbdss.exe
    O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
    O23 — Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) — SEIKO EPSON CORPORATION — C:Program FilesCommon FilesEPSONEBAPISAgent2.exe
    O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
    O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
    O23 — Service: BitDefender Desktop Update Service (LIVESRV) — SOFTWIN S.R.L. — C:Program FilesCommon FilesSoftwinBitDefender Update Servicelivesrv.exe
    O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
    O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
    O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
    O23 — Service: ServiceLayer — Nokia. — C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe
    O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
    O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
    O23 — Service: BitDefender Virus Shield (VSSERV) — SOFTWIN S.R.L. — C:Program FilesSoftwinBitDefender10vsserv.exe
    O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe
    O23 — Service: BitDefender Communicator (XCOMM) — SOFTWIN S.R.L — C:Program FilesCommon FilesSoftwinBitDefender Communicatorxcommsvr.exe

    —
    End of file — 10640 bytes

    ======Scheduled tasks folder======

    C:WINDOWStasksPCConfidential.job
    C:WINDOWStasksRegCure Program Check.job
    C:WINDOWStasksRegCure.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}]
    Smart-Shopper — C:Program FilesSmart-ShopperBin2.5.1Smrt-Shpr.dll [2008-10-07 1172952]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{ecdee021-0d17-467f-a1ff-c7a115230949}]
    free-downloads.net Toolbar — C:Program Filesfree-downloads.nettbfree.dll [2008-02-14 1555480]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86}]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
    {ecdee021-0d17-467f-a1ff-c7a115230949} — free-downloads.net Toolbar — C:Program Filesfree-downloads.nettbfree.dll [2008-02-14 1555480]
    {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} — My-Tool Toolbar — C:Program FilesMy-TooltbMy-0.dll []

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
    «ATIPTA»=C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe [2004-11-24 344064]
    «ATICCC»=C:Program FilesATI TechnologiesATI.ACEcli.exe [2004-11-24 32768]
    «NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
    «OSSelectorReinstall»=C:Program FilesCommon FilesAcronisAcronis Disk Directoross_reinstall.exe [2005-11-30 1558037]
    «BDMCon»=C:Program FilesSoftwinBitDefender10bdmcon.exe [2007-04-02 290816]
    «BDAgent»=C:Program FilesSoftwinBitDefender10bdagent.exe [2007-03-26 69632]
    «MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2008-12-10 4428472]
    «Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2008-06-12 34672]
    «WinampAgent»=C:Program FilesWinampwinampa.exe [2008-08-04 36352]
    «QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2008-11-04 413696]
    «iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2008-11-20 290088]
    «GrooveMonitor»=C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2007-08-24 33648]
    «SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-16 577536]
    «PCSuiteTrayApplication»=C:PROGRA~1NokiaNOKIAP~1LAUNCH~1.EXE [2006-06-15 229376]
    «Adobe Photo Downloader»=C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe [2005-06-06 57344]

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
    «CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
    «PcSync»=C:Program FilesNokiaNokia PC Suite 6PcSync2.exe [2006-06-27 1449984]

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun]
    «NT Printing Services6″=dllhosts.exe []

    C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
    ATI CATALYST System Tray.lnk — C:Program FilesATI TechnologiesATI.ACECLI.exe

    C:Documents and SettingsLordГлавное менюПрограммыАвтозагрузка
    Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
    C:WINDOWSsystem32Ati2evxx.dll [2004-11-24 94208]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
    «{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
    «dontdisplaylastusername»=0
    «legalnoticecaption»=
    «legalnoticetext»=
    «shutdownwithoutlogon»=1
    «undockwithoutlogon»=1

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
    «NoDriveTypeAutoRun»=36
    «NoDriveAutoRun»=FFFFFFFF

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
    «%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
    «C:Program FilesMail.RuAgentmagent.exe»=»C:Program FilesMail.RuAgentmagent.exe:*:Enabled:Mail.Ru Агент»
    «C:Program FilesQIPqip.exe»=»C:Program FilesQIPqip.exe:*:Enabled:Quiet Internet Pager»
    «C:Program FilestotalcmdTOTALCMD.EXE»=»C:Program FilestotalcmdTOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows»
    «C:Program FileseMuleemule.exe»=»C:Program FileseMuleemule.exe:*:Enabled:eMule»
    «C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
    «%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
    «C:Program FilesOperaOpera.exe»=»C:Program FilesOperaOpera.exe:*:Enabled:Opera Internet Browser»
    «C:Program FilesWindows LiveMessengermsnmsgr.exe»=»C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger»
    «C:Program FilesWindows LiveMessengerlivecall.exe»=»C:Program FilesWindows LiveMessengerlivecall.exe:*:Enabled:Windows Live Messenger (Phone)»
    «C:Program FilesWinamp RemotebinOrb.exe»=»C:Program FilesWinamp RemotebinOrb.exe:*:Enabled:Orb»
    «C:Program FilesWinamp RemotebinOrbTray.exe»=»C:Program FilesWinamp RemotebinOrbTray.exe:*:Enabled:OrbTray»
    «C:Program FilesWinamp RemotebinOrbStreamerClient.exe»=»C:Program FilesWinamp RemotebinOrbStreamerClient.exe:*:Enabled:Orb Stream Client»
    «C:Program FilesKodakKodak EasyShare softwarebinEasyShare.exe»=»C:Program FilesKodakKodak EasyShare softwarebinEasyShare.exe:*:Enabled:EasyShare»
    «C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
    «C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»
    «C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
    «C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
    «C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
    «%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
    «%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
    «C:Program FilesWindows LiveMessengermsnmsgr.exe»=»C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger»
    «C:Program FilesWindows LiveMessengerlivecall.exe»=»C:Program FilesWindows LiveMessengerlivecall.exe:*:Enabled:Windows Live Messenger (Phone)»

    ======List of files/folders created in the last 1 months======

    2009-01-09 00:01:09 —-D—- C:_OTMoveIt
    2009-01-08 21:40:20 —-RASHD—- C:autorun.inf
    2009-01-08 13:52:31 —-D—- C:rsit
    2009-01-08 13:52:31 —-D—- C:Program Filestrend micro
    2009-01-05 15:46:01 —-D—- C:Documents and SettingsLordApplication DataNokia Multimedia Player
    2009-01-05 15:24:57 —-D—- C:Documents and SettingsLordApplication DataNokia
    2009-01-05 15:24:57 —-D—- C:Documents and SettingsLordApplication DataDatalayer
    2009-01-05 14:58:38 —-D—- C:Documents and SettingsLordApplication DataAdobeAUM
    2009-01-05 14:41:05 —-D—- C:Program FilesDIFX
    2009-01-05 14:40:29 —-D—- C:Program FilesCommon FilesNokia
    2009-01-05 14:40:12 —-D—- C:Documents and SettingsLordApplication DataPC Suite
    2009-01-05 14:40:12 —-D—- C:Documents and SettingsAll UsersApplication DataPC Suite
    2009-01-05 14:40:08 —-D—- C:Program FilesCommon FilesPCSuite
    2009-01-05 14:40:02 —-A—- C:WINDOWSsystem32nmwcdlog.dll
    2009-01-05 14:40:02 —-A—- C:WINDOWSsystem32nmwcdcocls.dll
    2009-01-05 14:39:51 —-A—- C:WINDOWSsystem32nmwcdcls.dll
    2009-01-05 14:39:50 —-D—- C:Program FilesNokia
    2009-01-05 14:39:43 —-D—- C:Documents and SettingsAll UsersApplication DataDownloaded Installations
    2009-01-04 19:22:13 —-A—- C:WINDOWSsystem32AutoPartNt.exe
    2009-01-04 12:57:06 —-A—- C:WINDOWSsystem32RtNicProp32.dll
    2009-01-04 12:57:05 —-D—- C:WINDOWSOPTIONS
    2009-01-04 12:57:05 —-D—- C:Program FilesRealtek
    2009-01-04 12:56:54 —-D—- C:Documents and SettingsLordApplication DataInstallShield
    2009-01-04 12:53:17 —-D—- C:Documents and SettingsLordApplication DataWinRAR
    2009-01-04 12:47:57 —-D—- C:Program FilesRealtek AC97
    2009-01-04 03:00:31 —-D—- C:Program FilesMicrosoft CAPICOM 2.1.0.2
    2009-01-03 22:42:50 —-A—- C:WINDOWSsystem32msonpmon.dll
    2009-01-03 22:39:47 —-D—- C:Program FilesMicrosoft Works
    2009-01-03 22:39:34 —-D—- C:Program FilesMSBuild
    2009-01-03 22:39:04 —-D—- C:Program FilesMicrosoft Visual Studio
    2009-01-03 22:39:04 —-D—- C:Program FilesCommon FilesDESIGNER
    2009-01-03 22:38:09 —-D—- C:Program FilesMicrosoft.NET
    2009-01-03 22:35:11 —-D—- C:Program FilesMicrosoft Visual Studio 8
    2009-01-03 22:34:00 —-D—- C:Documents and SettingsAll UsersApplication DataMicrosoft Help
    2009-01-03 22:33:12 —-RHD—- C:MSOCache
    2009-01-03 19:35:33 —-D—- C:Documents and SettingsAll UsersApplication DataWinferno
    2009-01-03 19:31:03 —-A—- C:WINDOWSsystem32CapiCom.dll
    2009-01-03 19:30:47 —-D—- C:Documents and SettingsLordApplication DataSmart-Shopper
    2009-01-03 19:30:46 —-D—- C:Program FilesSmart-Shopper
    2009-01-03 17:59:26 —-D—- C:WINDOWSsystem32NtmsData
    2009-01-02 17:01:29 —-A—- C:WINDOWSsystem32GEARAspi.dll
    2009-01-02 17:01:09 —-D—- C:Program FilesiPod
    2009-01-02 17:01:06 —-D—- C:Program FilesiTunes
    2009-01-02 17:01:06 —-D—- C:Documents and SettingsAll UsersApplication Data{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2009-01-02 17:00:50 —-D—- C:Program FilesBonjour
    2009-01-02 16:59:59 —-D—- C:Program FilesQuickTime
    2009-01-02 16:58:52 —-D—- C:Program FilesApple Software Update
    2009-01-02 16:18:08 —-D—- C:Program FilesCommon FilesApple
    2009-01-01 18:34:52 —-D—- C:Documents and SettingsLordApplication DataSkinux
    2009-01-01 18:32:17 —-D—- C:Documents and SettingsLordApplication DataArcSoft
    2009-01-01 18:32:15 —-D—- C:Documents and SettingsAll UsersApplication DataArcSoft
    2009-01-01 18:31:49 —-D—- C:Program FilesCommon FilesArcSoft
    2009-01-01 18:31:49 —-D—- C:Program FilesArcSoft
    2009-01-01 18:26:53 —-HDC—- C:WINDOWS$NtUninstallKB932716-v2$
    2009-01-01 18:26:25 —-N—- C:WINDOWSsystem32imapi2fs.dll
    2009-01-01 18:26:25 —-N—- C:WINDOWSsystem32imapi2.dll
    2009-01-01 18:26:21 —-D—- C:Program FilesKodak
    2009-01-01 18:21:00 —-D—- C:Documents and SettingsAll UsersApplication DataKodak
    2008-12-30 18:13:10 —-D—- C:Documents and SettingsAll UsersApplication DataAlawarWrapper
    2008-12-27 00:12:19 —-A—- C:WINDOWSsystem32muweb.dll
    2008-12-27 00:12:19 —-A—- C:WINDOWSsystem32mucltui.dll.mui
    2008-12-27 00:12:19 —-A—- C:WINDOWSsystem32mucltui.dll
    2008-12-25 21:01:25 —-A—- C:WINDOWSsystem32d3dx9_32.dll
    2008-12-25 21:00:55 —-D—- C:Program FilesMicrosoft SQL Server Compact Edition
    2008-12-25 21:00:36 —-D—- C:Program FilesWindows Live Toolbar
    2008-12-25 20:57:16 —-SHDC—- C:Program FilesCommon FilesWindowsLiveInstaller
    2008-12-25 20:57:07 —-D—- C:Program FilesWindows Live
    2008-12-25 20:56:56 —-D—- C:Documents and SettingsAll UsersApplication DataWLInstaller
    2008-12-25 20:56:44 —-D—- C:Program FilesMyCentria
    2008-12-11 00:37:45 —-HDC—- C:WINDOWS$NtUninstallKB955839$
    2008-12-11 00:37:21 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
    2008-12-11 00:37:16 —-HDC—- C:WINDOWS$NtUninstallKB954600$
    2008-12-11 00:37:10 —-HDC—- C:WINDOWS$NtUninstallKB956802$
    2008-12-10 00:25:22 —-D—- C:Documents and SettingsLordApplication DataMra

    ======List of files/folders modified in the last 1 months======

    2009-01-09 11:45:28 —-D—- C:WINDOWSPrefetch
    2009-01-09 11:41:31 —-D—- C:WINDOWSTemp
    2009-01-09 11:41:22 —-D—- C:WINDOWS
    2009-01-09 11:41:12 —-D—- C:WINDOWSsystem32
    2009-01-09 11:40:05 —-A—- C:WINDOWSSchedLgU.Txt
    2009-01-09 11:38:32 —-RD—- C:Program Files
    2009-01-08 23:32:07 —-D—- C:WINDOWSsystem32CatRoot2
    2009-01-08 15:20:36 —-D—- C:Program FilesSpeedFan
    2009-01-07 17:35:39 —-A—- C:WINDOWSNeroDigital.ini
    2009-01-07 12:04:26 —-D—- C:Program FileseMule
    2009-01-06 22:24:52 —-D—- C:Program FilesMozilla Firefox
    2009-01-06 11:17:05 —-D—- C:Documents and SettingsLordApplication DatauTorrent
    2009-01-05 15:54:17 —-SHD—- C:WINDOWSInstaller
    2009-01-05 15:54:15 —-D—- C:Program FilesOpera
    2009-01-05 15:24:52 —-D—- C:WINDOWSsystem32drivers
    2009-01-05 14:58:37 —-D—- C:Documents and SettingsLordApplication DataAdobe
    2009-01-05 14:57:47 —-HD—- C:WINDOWSinf
    2009-01-05 14:43:40 —-RSD—- C:WINDOWSFonts
    2009-01-05 14:43:39 —-D—- C:Program FilesAdobe
    2009-01-05 14:43:39 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
    2009-01-05 14:43:18 —-D—- C:WINDOWSDownloaded Installations
    2009-01-05 14:41:03 —-DC—- C:WINDOWSsystem32DRVSTORE
    2009-01-05 14:40:29 —-D—- C:Program FilesCommon Files
    2009-01-04 21:22:49 —-D—- C:WINDOWSMinidump
    2009-01-04 14:26:33 —-A—- C:WINDOWSsystem32rar.exe
    2009-01-04 14:16:18 —-SD—- C:Documents and SettingsLordApplication DataMicrosoft
    2009-01-04 13:11:45 —-D—- C:WINDOWSsystem32wbem
    2009-01-04 13:11:45 —-AC—- C:WINDOWSsystem32PerfStringBackup.INI
    2009-01-04 12:57:05 —-HD—- C:Program FilesInstallShield Installation Information
    2009-01-04 12:53:33 —-D—- C:Program FilesWinRAR
    2009-01-04 12:48:20 —-RSHDC—- C:WINDOWSsystem32dllcache
    2009-01-04 03:02:24 —-D—- C:WINDOWSsystem32CatRoot
    2009-01-04 02:59:41 —-RSD—- C:WINDOWSassembly
    2009-01-03 23:23:21 —-D—- C:Program FilesCommon FilesMicrosoft Shared
    2009-01-03 23:23:18 —-D—- C:WINDOWSWinSxS
    2009-01-03 23:00:33 —-A—- C:WINDOWSwin.ini
    2009-01-03 22:46:17 —-D—- C:WINDOWSShellNew
    2009-01-03 22:46:03 —-D—- C:Program FilesCommon FilesSystem
    2009-01-03 22:42:28 —-D—- C:WINDOWSsystem32config
    2009-01-03 22:39:21 —-D—- C:Program FilesMicrosoft Office
    2009-01-03 22:38:09 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
    2009-01-03 19:45:29 —-SD—- C:WINDOWSTasks
    2009-01-03 17:54:18 —-D—- C:WINDOWSDebug
    2009-01-02 16:59:58 —-D—- C:Documents and SettingsAll UsersApplication DataApple Computer
    2009-01-02 15:56:32 —-D—- C:Program FilesWinamp
    2009-01-01 19:16:38 —-D—- C:WINDOWSMicrosoft.NET
    2009-01-01 18:42:52 —-D—- C:WINDOWSHelp
    2009-01-01 18:27:47 —-D—- C:Program FilesInternet Explorer
    2008-12-30 13:46:58 —-D—- C:Program FilesMessenger
    2008-12-30 10:25:18 —-D—- C:Program FilesYahoo!
    2008-12-27 13:44:47 —-A—- C:WINDOWSwinamp.ini
    2008-12-27 01:42:31 —-D—- C:WINDOWSsystem32DirectX
    2008-12-25 22:55:59 —-D—- C:Program FilesCCleaner
    2008-12-25 20:59:01 —-D—- C:WINDOWSpchealth
    2008-12-20 14:04:30 —-HD—- C:WINDOWS$hf_mig$
    2008-12-13 19:44:23 —-D—- C:Program FilesCommon FilesAdobe
    2008-12-13 09:39:09 —-A—- C:WINDOWSsystem32mshtml.dll
    2008-12-10 02:24:37 —-A—- C:WINDOWSsystem32MRT.exe
    2008-12-10 00:28:29 —-D—- C:Program FilesMail.Ru
    2008-12-10 00:26:56 —-D—- C:Program FilesQIP

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK7;Драйвер AMD K7 процессора; C:WINDOWSsystem32DRIVERSamdk7.sys [2008-04-14 41984]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2007-04-25 4030144]
    R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2004-11-24 872960]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:WINDOWSsystem32DRIVERSGEARAspiWDM.sys [2008-04-17 15464]
    R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-13 10368]
    R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2004-08-18 12160]
    R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2008-06-18 9856]
    R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtnicxp.sys [2008-10-30 117120]
    R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-13 30208]
    R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-13 59520]
    R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-04-13 17152]
    S3 bdfdll;bdfdll; ??C:Program FilesSoftwinBitDefender10bdfdll.sys []
    S3 BDFsDrv;BDFsDrv; ??C:Program FilesSoftwinBitDefender10bdfsdrv.sys []
    S3 BDRsDrv;BDRsDrv; ??C:Program FilesSoftwinBitDefender10bdrsdrv.sys []
    S3 Nokia USB Generic;Nokia USB Generic; C:WINDOWSsystem32driversnmwcdc.sys [2006-05-29 8704]
    S3 Nokia USB Modem;Nokia USB Modem; C:WINDOWSsystem32driversnmwcdcm.sys [2006-05-29 13312]
    S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:WINDOWSsystem32driversnmwcd.sys [2006-05-29 127488]
    S3 Nokia USB Port;Nokia USB Port; C:WINDOWSsystem32driversnmwcdcj.sys [2006-05-29 13312]
    S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-04 20992]
    S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:WINDOWSsystem32DRIVERSs125bus.sys [2007-04-24 83336]
    S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:WINDOWSsystem32DRIVERSs125mdfl.sys [2007-04-24 15112]
    S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:WINDOWSsystem32DRIVERSs125mdm.sys [2007-04-24 108680]
    S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:WINDOWSsystem32DRIVERSs125mgmt.sys [2007-04-24 100488]
    S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:WINDOWSsystem32DRIVERSs125obex.sys [2007-04-24 98696]
    S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-13 32128]
    S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-13 15104]
    S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
    S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2008-11-07 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2004-11-24 425984]
    R2 bdss;BitDefender Scan Server; C:Program FilesCommon FilesSoftwinBitDefender Scan Serverbdss.exe [2007-01-19 81920]
    R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-08-29 238888]
    R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:Program FilesCommon FilesEPSONEBAPISAgent2.exe [2002-07-17 94208]
    R2 LIVESRV;BitDefender Desktop Update Service; C:Program FilesCommon FilesSoftwinBitDefender Update Servicelivesrv.exe [2008-10-27 278528]
    R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
    R2 VSSERV;BitDefender Virus Shield; C:Program FilesSoftwinBitDefender10vsserv.exe [2007-10-24 462848]
    R2 XCOMM;BitDefender Communicator; C:Program FilesCommon FilesSoftwinBitDefender Communicatorxcommsvr.exe [2006-11-09 86016]
    R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2008-11-20 536872]
    R3 ServiceLayer;ServiceLayer; C:Program FilesCommon FilesPCSuiteServicesServiceLayer.exe [2006-06-05 174080]
    S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2004-11-24 516096]
    S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-07-05 72704]
    S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2007-08-24 68464]
    S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
    S3 usnjsvc;Служба Messenger Sharing Folders USN Journal Reader; C:Program FilesWindows LiveMessengerusnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:Program FilesWindows LiveinstallerWLSetupSvc.exe [2007-10-25 266240]

    EOF

    9 января, 2009 в 10:35 дп #20955
    Аноним
    Гость
    • Темы:532
    • Сообщений:1553
    • ☆☆☆☆☆

    Благодарю вас за помощь! я еще окончительный результат не знаю, вам виднее по результатам логов, но я потом еще раз просканировала весь компьтер антивирусом, и он смог удалить что-то, а повторное сканирование уже вообще ничего не выявило, да и глюки перестали возникать в работе компа! Благодарю вас еще раз!если у вас будет время скжите пожалуйста ваше мнение по поводу последних логов.))) 🙂

    9 января, 2009 в 3:44 пп #20956
    Admin
    Keymaster
    • Темы:40
    • Сообщений:5676
    • ☆☆☆☆☆

    Практически чисто, но нужно ещё немного подчистить реестр.

    Запустите HijackThis. Кликните Пуск, Выполнить, введите следующее:

    C:Program Filestrend microLord.exe

    Нажмите Enter.
    Кликните по кнопке Do a system scan only.
    Далее отметьте галочкой (слева) следующие строки:

    R3 - URLSearchHook: My-Tool Toolbar - {0e6d7a5d-b560-4d1c-9713-18dd1ade6011} - C:Program FilesMy-TooltbMy-0.dll (file missing)

    Кликните по кнопке Fix checked и подтвердите свои действия выбрав YES.

    Запустите OTMoveIt3 и в большое поле ввода (заголовок этого поля выделено желтым цветом) скопируйте следующий текст.

    :Processes
    
explorer.exe
    

    
:reg
    
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86}]
    

    
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
    
"{0e6d7a5d-b560-4d1c-9713-18dd1ade6011}"=-
    

    
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun]
    
"NT Printing Services6"=-
    

    
:Commands
    
[emptytemp]
    
[start explorer]
    
[Reboot]

    Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
    По-завершении работы программы должен будет показан лог, вставьте его в ваш ответ.
    Так же в ваш ответ вставьте свежий RSIT лог.

  • Автор
    Сообщения
Просмотр 5 сообщений - с 1 по 5 (из 5 всего)
  • Для ответа в этой теме необходимо авторизоваться.
Войти

Добро пожаловать

На нашем сайте размещены инструкции и программы, которые помогут вам абсолютно бесплатно и самостоятельно удалить навязчивую рекламу, вирусы и трояны.

Поиск

Последние темы

  • Странность в Malwebytes опубликовано Artem225
    5 years, 8 months назад
  • SUSPICIOUS.FakedMBR.1 что делать, помогите!!! опубликовано White
    5 years, 9 months назад
  • Помогите пожалуйста вирус замучил. опубликовано dimazons1233211
    5 years, 11 months назад
  • Замучила реклама опубликовано Данила Беспятов
    5 years, 12 months назад
  • Замучила реклама опубликовано Марк
    5 years, 9 months назад
  • Вирус S1.video.ru.net опубликовано ludovik
    6 years, 2 months назад
  • Чертов Safe Finder!!!! опубликовано kosta savo
    5 years, 11 months назад
  • ESET блокирует неизвестный сайт , вход на который не осуществлялся. опубликовано trollhamaren
    6 years, 3 months назад

СПАЙВАРЕ РУ

  • О Спайваре Ру
  • Контакты
  • Реклама на сайте
  • Политика конфиденциальности
  • Правила использования

Нужна помощь?

Задайте свой вопрос прямо сейчас кликнув по следующей ссылке Задать вопрос.

Или обратитесь на наш форум, где команда Spyware-ru поможет вам. Узнайте, как попросить о помощи здесь.

Ссылки

  • Инструкции
  • Скачать программы
  • Помощь в удалении вирусов
  • Как вылечить компьютер
Copyright © 2008 - 2024 Spyware-RU.com (en)