• Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы

SPYWARE-RU.COM
Меню
  • Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы
В начало › Последствия удаления порнобаннера uacontroller.com
Adguard
 

Последствия удаления порнобаннера uacontroller.com

Удаление вирусов и троянов. Защита компьютера. › Помощь в удалении вирусов, троянов, рекламы и других зловредов › Последствия удаления порнобаннера uacontroller.com

  • This topic has 7 ответов, 3 участника, and was last updated 15 years, 9 months назад by Admin.
Просмотр 8 сообщений - с 1 по 8 (из 8 всего)
  • Автор
    Сообщения
  • 6 января, 2010 в 9:45 пп #17717
    Irin
    Participant
    • Темы:1
    • Сообщений:4
    • ☆

    Здравствуйте! Очень надеюсь на вашу помощь и совет! 🙂

    После переписки «В Контакте», появился баннер на весь экран, с примерно следующей информацией (номер для СМС был другой): УВЕДОМЛЕНИЕ ОБ НЕОБХОДИМОСТИ ОПЛАТЫ
    Вам был предоставлен пробный (1 часовой) бесплатный доступ к просмотру эротического видео
    Напоминаем что,соглашаясь с правилами предоставления пробного бесплатного доступа,вы,согласно пользовательскому соглашению,обязались оплатить полный месячный доступ,в течение 1 часа с момента предоставления пробного бесплатного доступа.! часовой срок с момента предоставления пробного бесплатного доступа истек
    Уведомление будет появлятся до тех пор,пока не будет произведена оплата
    чтобы произвести оплату,необходимо отправить смс
    с текстом 590900000 на номер 9691
    ввести полученный код (там окошечко для ввода)
    Внимание!Отказ от оплаты и любые действия связанные с попыткой обмануть систему могут нанести вред вашему компьютеру и привести к потере важной информации
    Сопровождение: uacontroller.com
    Окно не давало выполнить ни одну задачу, диспетчер задач был также неактивен. После перезагрузки компьютера и восстановления системы с более ранней точки (03.01.10 (казус случился 06.01.10)), все встало на свои места, вроде все работает. Но волнуют последствия действия вируса.
    Выкладываю результат санирования программой RSIT по Вашему совету:

    info.txt logfile of random’s system information tool 1.06 2010-01-06 23:30:10

    ======Uninstall list======

    —>MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
    —>C:Program FilesCommon FilesRealUpdate_OBr1puninst.exe RealNetworks|RealPlayer|6.0
    —>C:Program FilesDivXDivXConverterUninstall.exe /CONVERTER
    —>msiexec /package {90120000-0016-0000-0000-0000000FF1CE} /uninstall {C5060182-C90D-4314-9AE9-5C0DCF8FD1EF}
    —>msiexec /package {90120000-001B-0000-0000-0000000FF1CE} /uninstall {3520B304-0EF8-475D-8C52-47ABCCC75FC6}
    —>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
    µTorrent—>»C:Program FilesuTorrentuninstall.exe»
    ABBYY Lingvo 10 Multilingual Dictionary—>MsiExec.exe /I{AA10000A-C75E-487C-88FC-37AA1AACFB60}
    Acrobat.com—>MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
    Adobe AIR—>C:Program FilesCommon FilesAdobe AIRVersions1.0ResourcesAdobe AIR Updater.exe -arp:uninstall
    Adobe AIR—>MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
    Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
    Adobe Photoshop CS—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EFB21DE7-8C19-4A88-BB28-A766E16493BC}setup.exe» -l0x9
    Adobe Reader 9—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
    Adobe Shockwave Player 11—>C:WINDOWSsystem32adobeSHOCKW~1UNWISE.EXE C:WINDOWSsystem32AdobeSHOCKW~1Install.log
    Alien Skin Eye Candy 5 Nature—>C:PROGRA~1AdobePHOTOS~1Plug-InsALIENS~1EYECAN~1Unwise32.exe C:PROGRA~1AdobePHOTOS~1Plug-InsALIENS~1EYECAN~1INSTALL.LOG
    Alky for Applications (Windows XP)—>MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
    Aml Maple v1.92—>C:Program FilesAmlMapleuninstall.cmd
    AnVir Task Manager—>»C:Program FilesAnVir Task ManagerAnVir.exe» Uninstall
    Any Video Converter 2.7.0—>»C:Program FilesAny Video Converterunins000.exe»
    Apple Mobile Device Support—>MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
    Apple Software Update—>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ASIO4ALL—>C:Program FilesASIO4ALL v2uninstall.exe
    avast! Antivirus—>C:Program FilesAlwil SoftwareAvast4aswRunDll.exe «C:Program FilesAlwil SoftwareAvast4Setupsetiface.dll»,RunSetup
    Behold TV v5.02—>C:Program FilesBeholdTVBhUninst.exe
    Bonjour—>MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Borland Database Engine—>C:WINDOWSuninst.exe -f»C:Program FilesBorlandBDEDeIsL1.isu» -c»C:Program FilesBorlandBDE_ISREG32.DLL»
    CCleaner (remove only)—>»C:Program FilesCCleaneruninst.exe»
    CEP — Color Enable Package—>»C:Program FilesEA GAMESzCEP_Uninstallerunins000.exe»
    CommFort 3.20—>»C:Program FilesCommFortunins000.exe»
    Common Trioris—>C:Program FilesCommon Triorisuninstall.exe
    Creative DVD Audio Plugin for Audigy Series—>»C:Program FilesCreativeCTDPluginCTUIDVD.exe » -u
    Delta—>C:Program FilesInstallShield Installation Information{A4810699-E859-43A6-8F40-1743873E72AB}setup.exe -runfromtemp -l0x0009 -removeonly
    DivX Codec—>C:Program FilesDivXDivXCodecUninstall.exe /CODEC
    DivX Converter—>C:Program FilesDivXDivXConverterUninstall.exe /CONVERTER
    DivX Plus DirectShow Filters—>C:Program FilesDivXDivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player—>C:Program FilesDivXDivXWebPlayerUninstall.exe /PLUGIN
    Download Master version 5.5.14.1175—>»C:Program FilesDownload Masterunins000.exe»
    DUTraffic—>»C:Program FilesSafHouseDUTrafficunins000.exe»
    EZdrummer—>MsiExec.exe /I{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}
    EZXCocktail—>MsiExec.exe /I{147567F0-8575-4BE0-B5B3-62706C67FA5A}
    EZXDfh—>MsiExec.exe /I{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}
    FileMenu Tools 5.4.1—>»C:Program FilesFileMenu Toolsunins000.exe»
    FreeRIP v2.941—>»C:Program FilesFreeRIP2unins000.exe»
    GOTOVIMDOMA—>C:Program FilesGOTOVIMDOMAuninstall.exe
    HashTab 1.14—>C:WINDOWSsystem32htdel.bat
    HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
    IBM Lotus Organizer 6 — English—>MsiExec.exe /I{4F726761-6E69-7A65-7236-2E31302D0409}
    IconPackager—>C:PROGRA~1StardockOBJECT~1ICONPA~1iconpackager.exe /uninstallwise
    InterActual Player—>C:Program FilesInterActualInterActual Playerinuninst.exe
    InterVideo WinDVD 6—>»C:Program FilesInstallShield Installation Information{6ACA2FD2-4C4A-42F3-AFB5-7B433BBDF6DB}setup.exe» REMOVEALL
    IrfanView (remove only)—>C:Program FilesIrfanViewiv_uninstall.exe
    iTunes—>MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
    iZotope Ozone 3—>»C:Program FilesiZotopeOzone 3unins000.exe»
    Java(TM) 6 Update 12—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
    JMicron JMB36X Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}setup.exe» -l0x19 -removeonly
    K-Lite Codec Pack 4.5.3 (Full)—>»C:Program FilesK-Lite Codec Packunins000.exe»
    LG MC USB Modem driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6059C682-4C5F-4106-8487-943E98225D3B}setup.exe» -l0x19 -removeonly
    LG PC Suite II—>C:Program FilesInstallShield Installation Information{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}setup.exe -runfromtemp -l0x0019 -removeonly
    LG USB Modem driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime100Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{C3ABE126-2BB2-4246-BFE1-6797679B3579}setup.exe» -l0x19 LG -removeonly
    Light Alloy 4.4 (build 794)—>C:Program FilesLight Alloyuninst.exe
    Lizardtech DjVu Control—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{105CFC7C-6992-11D5-BD9D-000102C10FD8}Setup.exe» -l0x9
    MemInfo (remove only)—>»C:Program FilesMemInfouninstall.exe»
    Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
    Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1—>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
    Microsoft Office Excel 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall EXCEL /dll OSETUP.DLL
    Microsoft Office Excel 2007—>MsiExec.exe /X{90120000-0016-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
    Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
    Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
    Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
    Microsoft Office Word 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall WORD /dll OSETUP.DLL
    Microsoft Office Word 2007—>MsiExec.exe /X{90120000-001B-0000-0000-0000000FF1CE}
    Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
    Microsoft Silverlight—>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    MobileMe Control Panel—>MsiExec.exe /I{44A91B04-3D0C-47F9-B644-7F682869AFF3}
    Monkey’s Audio—>»C:Program FilesMonkey’s Audiounins000.exe»
    Mozilla Firefox (3.0.14)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
    MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    My Search Bar—>rundll32 C:PROGRA~1MyWaymyBar1.binmybar.dll,O
    Nero 8 Micro v8.1.1.0—>»C:Program FilesNerounins000.exe»
    NevoSoft Magic Farm (remove only)—>»C:ИгрыMagic Farmuninstall.exe»
    Norton PartitionMagic 8.0—>C:PROGRA~1COMMON~1INSTAL~1Driver9INTEL3~1IDriver.exe /M{21DBBDD6-93A5-4326-9A04-C9A5C9148502}
    Online TV Player 4—>»C:Program FilesOnline TV Player 4unins000.exe»
    Opera 9.26—>MsiExec.exe /X{FB706A00-C234-4716-AB1F-27DCB192C664}
    Organizer Conversion Utility—>C:PROGRA~1COMMON~1RandSyncSetupHelper.exe /L «EN» /C «OrUpgrd»
    Punto Switcher 2.95—>C:Program FilesPunto Switcheruninstall.exe
    QuickTime—>MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
    RealPlayer—>C:Program FilesCommon FilesRealUpdate_OBr1puninst.exe RealNetworks|RealPlayer|6.0
    Reg Organizer 4.10—>»C:Program FilesReg Organizerunins000.exe»
    Reg Organizer 5.0—>»C:Program FilesReg Organizerunins002.exe»
    Search Assistant — My Search—>rundll32 C:PROGRA~1MyWaySrchAstt1.binmysrchas.dll,O
    Skype web features—>MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
    Skype™ 4.1—>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    Smart-X7 7.80—>C:Program FilesA4TechMouseUninst32.exe
    Sonic ReelDVD—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E265B87E-C3E5-4338-9889-1579581BF280}Setup.exe» -l0x9
    Sony Ericsson Device Data—>MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
    Sony Ericsson Drivers—>MsiExec.exe /I{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}
    Sony Ericsson PC Suite—>C:WINDOWSInstaller{D6BF6477-8369-489F-8DE6-3731F4B88560}Setup.exe /uninstall
    Sony Ericsson PC Suite—>MsiExec.exe /I{25BEC3AB-5CD4-481D-9143-215C1BBB189E}
    Sony Noise Reduction Plug-In 2.0h—>MsiExec.exe /X{06A1BE8A-4CA4-4A39-B9E4-E815AA8FE05C}
    Sony Sound Forge 9.0—>MsiExec.exe /X{4AEA9A23-D627-4699-8A0F-FC474308C2E6}
    Steinberg Nuendo v3.2.0.1128—>C:PROGRA~1STEINB~1NUENDO~1UNWISE.EXE C:PROGRA~1STEINB~1NUENDO~1INSTALL.LOG
    StrongDC++ sqlite r(352)—>»C:Program FilesStrongDC++ sqliteunins000.exe»
    SyncroSoft Emu (Remove only)—>C:Program FilesSyncroSoftPosH2OUninst.exe
    Syncrosoft’s License Control—>C:PROGRA~1SYNCRO~1UNWISE.EXE C:PROGRA~1SYNCRO~1INSTALL.LOG
    The Sims™ 2 Collection—>C:Program FilesInstallShield Installation Information{89DA7713-9582-4EA2-870A-A1B74301C765}setup.exe -runfromtemp -l0x0019 -removeonly
    VC80CRTRedist — 8.0.50727.762—>MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
    Windows Sidebar—>»C:Program FilesWindows Sidebarunins000.exe»
    WinFast(R) Display Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime100Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F69FD33C-8815-46BF-9134-A643DE68F3C0}setup.exe» -l0x19 -removeonly
    Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
    Бесконечное путешествие—>C:WINDOWSIsUninstR.Exe -fC:PROGRA~1Snowball.ruLONGES~1DeIsL1.isu -cC:PROGRA~1Snowball.ruLONGES~1TLJ_RE~1.DLL
    Веселая ферма 3—>C:Program FilesAlawarВеселая ферма 3Uninstall.exe
    Дополнительные аплеты панели управления—>rundll32.exe advpack.dll,LaunchINFSection CPLDAPU.inf,uninstall
    Из первых рук. Пропавшая Венера—>C:Program FilesGames.Mail.RuИз первых рук. Пропавшая ВенераUninstall.exe
    Кодировщик Windows Media 9 Series—>msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Кодировщик Windows Media 9 Series—>MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Кулинарный Блокнот 0.6 beta 1—>»C:Program FilesКулинарный Блокнотunins000.exe»
    Русификатор для Reg Organizer 4.0—>»C:Program FilesReg Organizerunins001.exe»
    Телефонный справочник Кингисеппского р-на—>C:Program FilesТелефонный справочник Кингисеппского р-наuninstall.exe
    Яндекс.Бар 4.2 для Internet Explorer—>MsiExec.exe /X{6740F9E3-1353-47DD-9765-BA49FC4C3479}

    ======Security center information======

    AV: avast! antivirus 4.8.1368 [VPS 100106-1]

    ======System event log======

    Computer Name: WIN7XP
    Event Code: 7036
    Message: Служба «Телефония» перешла в состояние Работает.

    Record Number: 10460
    Source Name: Service Control Manager
    Time Written: 20091104153500.000000+180
    Event Type: информация
    User:

    Computer Name: WIN7XP
    Event Code: 7036
    Message: Служба «Служба сетевого расположения (NLA)» перешла в состояние Работает.

    Record Number: 10459
    Source Name: Service Control Manager
    Time Written: 20091104153500.000000+180
    Event Type: информация
    User:

    Computer Name: WIN7XP
    Event Code: 7035
    Message: Служба «aswRdr» успешно отправила управляющий элемент «запустить».

    Record Number: 10458
    Source Name: Service Control Manager
    Time Written: 20091104153500.000000+180
    Event Type: информация
    User: NT AUTHORITYSYSTEM

    Computer Name: WIN7XP
    Event Code: 7036
    Message: Служба «Служба обнаружения SSDP» перешла в состояние Работает.

    Record Number: 10457
    Source Name: Service Control Manager
    Time Written: 20091104153500.000000+180
    Event Type: информация
    User:

    Computer Name: WIN7XP
    Event Code: 7035
    Message: Служба «Служба обнаружения SSDP» успешно отправила управляющий элемент «запустить».

    Record Number: 10456
    Source Name: Service Control Manager
    Time Written: 20091104153500.000000+180
    Event Type: информация
    User: NT AUTHORITYSYSTEM

    =====Application event log=====

    Computer Name: WIN7XP
    Event Code: 1001
    Message: Checking file system on H:
    The type of the file system is NTFS.
    Volume label is THRASH.

    One of your disks needs to be checked for consistency. You
    may cancel the disk check, but it is strongly recommended
    that you continue.
    Windows will now check the disk.
    Windows has checked the file system and found no problems.

    31053613 KB total disk space.
    120 KB in 56 files.
    28 KB in 34 indexes.
    0 KB in bad sectors.
    67005 KB in use by the system.
    65536 KB occupied by the log file.
    30986460 KB available on disk.

    4096 bytes in each allocation unit.
    7763403 total allocation units on disk.
    7746615 allocation units available on disk.

    Internal Info:
    70 00 00 00 65 00 00 00 94 00 00 00 00 00 00 00 p…e………..
    01 00 00 00 00 00 00 00 0b 00 00 00 00 00 00 00 …………….
    24 fd 3d 00 00 00 00 00 e6 e8 49 00 00 00 00 00 $.=…….I…..
    32 24 45 00 00 00 00 00 00 00 00 00 00 00 00 00 2$E………….
    00 00 00 00 00 00 00 00 7e 6d 67 07 00 00 00 00 ……..~mg…..
    90 51 56 8b 00 00 00 00 30 40 07 00 38 00 00 00 .QV…..0@..8…
    00 00 00 00 00 e0 01 00 00 00 00 00 22 00 00 00 …………»…

    Record Number: 181
    Source Name: Winlogon
    Time Written: 20090220104100.000000+180
    Event Type: информация
    User:

    Computer Name: WIN7XP
    Event Code: 1
    Message:
    Record Number: 180
    Source Name: Bonjour Service
    Time Written: 20090219125606.000000+180
    Event Type: информация
    User:

    Computer Name: WIN7XP
    Event Code: 1001
    Message: Checking file system on H:
    The type of the file system is NTFS.
    Volume label is THRASH.

    One of your disks needs to be checked for consistency. You
    may cancel the disk check, but it is strongly recommended
    that you continue.
    Windows will now check the disk.
    Cleaning up 1 unused index entries from index $SII of file 0x9.
    Cleaning up 1 unused index entries from index $SDH of file 0x9.
    Cleaning up 1 unused security descriptors.

    31053613 KB total disk space.
    120 KB in 55 files.
    28 KB in 34 indexes.
    0 KB in bad sectors.
    67005 KB in use by the system.
    65536 KB occupied by the log file.
    30986460 KB available on disk.

    4096 bytes in each allocation unit.
    7763403 total allocation units on disk.
    7746615 allocation units available on disk.

    Internal Info:
    70 00 00 00 64 00 00 00 91 00 00 00 00 00 00 00 p…d………..
    01 00 00 00 00 00 00 00 0c 00 00 00 00 00 00 00 …………….
    24 fd 3d 00 00 00 00 00 32 24 45 00 00 00 00 00 $.=…..2$E…..
    9a ad 4e 00 00 00 00 00 00 00 00 00 00 00 00 00 ..N………….
    00 00 00 00 00 00 00 00 8c 94 6e 07 00 00 00 00 ……….n…..
    90 51 56 8b 00 00 00 00 30 40 07 00 37 00 00 00 .QV…..0@..7…
    00 00 00 00 00 e0 01 00 00 00 00 00 22 00 00 00 …………»…

    Record Number: 179
    Source Name: Winlogon
    Time Written: 20090219125533.000000+180
    Event Type: информация
    User:

    Computer Name: WIN7XP
    Event Code: 4097
    Message: Приложение C:Program FilesMozilla Firefoxfirefox.exe вызвало ошибку
    Ошибка в 18/02/2009 @ 23:56:39.109
    Вызвано исключение c0000005 по адресу 00000002 ()

    Record Number: 178
    Source Name: DrWatson
    Time Written: 20090218222639.000000+180
    Event Type: информация
    User:

    Computer Name: WIN7XP
    Event Code: 1000
    Message: Ошибка приложения firefox.exe, версия 1.9.0.3071, модуль unknown, версия 0.0.0.0, адрес 0x00000002.

    Record Number: 177
    Source Name: Application Error
    Time Written: 20090218222637.000000+180
    Event Type: ошибка
    User:

    ======Environment variables======

    «ComSpec»=%SystemRoot%system32cmd.exe
    «Path»=C:Program FilesMozilla Firefox;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:Program FilesAlky for ApplicationsLibraries;C:Program FilesCommon FilesiZotopeRuntimes;C:Program FilesCommon FilesTeleca Shared;C:Program FilesQuickTimeQTSystem
    «windir»=%SystemRoot%
    «FP_NO_HOST_CHECK»=NO
    «OS»=Windows_NT
    «PROCESSOR_ARCHITECTURE»=x86
    «PROCESSOR_LEVEL»=6
    «PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 11, GenuineIntel
    «PROCESSOR_REVISION»=0f0b
    «NUMBER_OF_PROCESSORS»=2
    «PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    «TEMP»=%SystemRoot%TEMP
    «TMP»=%SystemRoot%TEMP
    «CLASSPATH»=.;C:Program FilesJavajre6libextQTJava.zip
    «QTJAVA»=C:Program FilesJavajre6libextQTJava.zip

    EOF


    Logfile of random’s system information tool 1.06 (written by random/random)
    Run by Yura at 2010-01-06 23:29:59
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 19 GB (38%) free of 50 GB
    Total RAM: 2047 MB (69% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:30:08, on 06.01.2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20900)
    Boot mode: Normal

    Running processes:
    C:WINDOWSSystem32smss.exe
    C:WINDOWSsystem32winlogon.exe
    C:WINDOWSsystem32services.exe
    C:WINDOWSsystem32lsass.exe
    C:WINDOWSsystem32svchost.exe
    C:WINDOWSSystem32svchost.exe
    C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
    C:Program FilesAlwil SoftwareAvast4ashServ.exe
    C:WINDOWSExplorer.EXE
    C:WINDOWSsystem32spoolsv.exe
    C:WINDOWSsystem32nvsvc32.exe
    C:WINDOWSsystem32svchost.exe
    C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
    C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
    C:WINDOWSsystem32ctfmon.exe
    C:Program FilesCommon FilesTeleca SharedGeneric.exe
    C:Program FilesSony EricssonMobile2Mobile Phone Monitorepmworker.exe
    C:Program FilesA4TechMouseAmoumain.exe
    C:WINDOWSSystem32DeltaIITray.exe
    C:PROGRA~1ALWILS~1Avast4ashDisp.exe
    C:Program FilesSyncroSoftPosH2Ocledx.exe
    C:Program FilesWindows Sidebarsidebar.exe
    C:Program FilesPunto Switcherps.exe
    C:Program FilesAnVir Task ManagerAnVir.exe
    C:Program FilesWindows Sidebarsidebar.exe
    C:Program FilesMemInfomeminfo.exe
    C:Program FilesOperaOpera.exe
    C:Program FilesSafHouseDUTrafficDUTraffic.exe
    C:Program FilesDownload Masterdmaster.exe
    C:Documents and SettingsYuraМои документыDownloadПрограммыRSIT.exe
    C:Program Filestrend microYura.exe

    R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
    R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.yandex.ru/?clid=128836
    R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.yandex.ru/?clid=128836
    R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
    R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=48988
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mail.ru
    R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.yandex.ru/?clid=128836
    R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://www.yandex.ru/?clid=128836
    R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
    R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
    R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
    R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
    R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
    O2 — BHO: MyWay Search Assistant BHO — {04079851-5845-4dea-848C-3ECD647AA554} — C:Program FilesMyWaySrchAstt1.binMYSRCHAS.DLL
    O2 — BHO: myBar BHO — {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} — C:Program FilesMyWaymyBar1.binMYBAR.DLL
    O2 — BHO: RealPlayer Download and Record Plugin for Internet Explorer — {3049C3E9-B461-4BC5-8870-4C09146192CA} — C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll
    O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~2dmiehlp.dll
    O2 — BHO: script helper for ie — {D8E5BD9A-DC14-415d-99CC-BE4ABA0A1DA6} — C:Program FilesGOTOVIMDOMAiejsloader.dll
    O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
    O2 — BHO: script helper for ie — {E14019C8-267A-4f6e-B5EB-48B6D85D41BF} — C:Program FilesCommon Triorisjsloader.dll
    O2 — BHO: JQSIEStartDetectorImpl Class — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
    O2 — BHO: HG Timer — {EEAF2BDB-899C-4EC8-916E-7A49C8018B4E} — C:Program FilesCommon TriorishgBHO.dll
    O3 — Toolbar: My &Search Bar — {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} — C:Program FilesMyWaymyBar1.binMYBAR.DLL
    O3 — Toolbar: Gotovim-Doma.ru toolbar — {788400C4-31F6-4d9f-BAFF-D289627600A8} — C:Program FilesGOTOVIMDOMAietoolbar.dll
    O4 — HKLM..Run: [WheelMouse] C:Program FilesA4TechMouseAmoumain.exe
    O4 — HKLM..Run: [M-Audio Taskbar Icon] C:WINDOWSSystem32DeltaIITray.exe
    O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
    O4 — HKLM..Run: [H2O] C:Program FilesSyncroSoftPosH2Ocledx.exe
    O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
    O4 — HKLM..Run: [Vistadrv] C:WINDOWSXPLifeProgramsXPDrivevsdrv.exe
    O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autorun
    O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherps.exe HideIcon
    O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
    O4 — HKCU..Run: [AnVir Task Manager] «C:Program FilesAnVir Task ManagerAnVir.exe» Minimized
    O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..Run: [KillCopy] «C:WINDOWSsystem32killcopy.exe» /kcresume /startup (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..Run: [Aml Maple] C:Program FilesAmlMapleAmlMaple.exe (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..Run: [Sidebar] C:Program FilesWindows SidebarInstall.exe /verysilent (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
    O4 — HKUSS-1-5-20..RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘NETWORK SERVICE’)
    O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
    O4 — HKUSS-1-5-18..RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘SYSTEM’)
    O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
    O4 — HKUS.DEFAULT..RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘Default user’)
    O4 — Startup: MemInfo.lnk = C:Program FilesMemInfomeminfo.exe
    O8 — Extra context menu item: &Search — http://speedbar.myway.com/menusearch.html?p=MG2
    O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
    O8 — Extra context menu item: Translate with Lingvo — res://C:Program FilesABBYY Lingvo 10 Multilingual DictionaryLingvo.exe/3000
    O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
    O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
    O8 — Extra context menu item: Передать на удаленную закачку DM — C:Program FilesDownload Masterremdown.htm
    O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
    O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
    O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
    O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O17 — HKLMSystemCCSServicesTcpip..{59CB01D6-5F28-4198-9FF4-B24AB92B17D1}: NameServer = 192.168.56.1,192.168.200.2
    O17 — HKLMSystemCCSServicesTcpip..{65168404-4946-426C-B59C-4CF71C737983}: NameServer = 91.211.44.6 91.204.136.6
    O17 — HKLMSystemCCSServicesTcpip..{8DB621EB-009E-4E59-933A-3C5F0F50AA2B}: NameServer = 192.168.56.1,192.168.200.2
    O18 — Protocol: base64 — {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} — C:Program FilesCommon Trioristdataprotocol.dll
    O18 — Protocol: chrome — {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} — C:Program FilesCommon Trioristdataprotocol.dll
    O18 — Protocol: prox — {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} — C:Program FilesCommon Trioristdataprotocol.dll
    O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
    O23 — Service: Adobe LM Service — Unknown owner — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
    O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
    O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
    O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
    O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
    O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
    O23 — Service: Фоновая интеллектуальная служба передачи (BITS) (BITS) — Unknown owner — C:WINDOWS
    O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
    O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
    O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
    O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
    O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
    O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
    O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
    O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
    O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
    O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

    —
    End of file — 10964 bytes

    ======Scheduled tasks folder======

    C:WINDOWStasksAppleSoftwareUpdate.job
    C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-1957994488-1060284298-1801674531-1004Core.job
    C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-1957994488-1060284298-1801674531-1004UA.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{04079851-5845-4dea-848C-3ECD647AA554}]
    MyWay Search Assistant BHO — C:Program FilesMyWaySrchAstt1.binMYSRCHAS.DLL [2009-03-11 81920]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}]
    myBar BHO — C:Program FilesMyWaymyBar1.binMYBAR.DLL [2009-03-11 241664]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer — C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll [2009-02-15 304736]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
    IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~2dmiehlp.dll [2009-04-16 158208]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D8E5BD9A-DC14-415d-99CC-BE4ABA0A1DA6}]
    WitBHO Class — C:Program FilesGOTOVIMDOMAiejsloader.dll [2009-11-11 217600]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-02-15 35840]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E14019C8-267A-4f6e-B5EB-48B6D85D41BF}]
    WitBHO Class — C:Program FilesCommon Triorisjsloader.dll [2009-11-11 221920]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-02-15 73728]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{EEAF2BDB-899C-4EC8-916E-7A49C8018B4E}]
    Hgch Class — C:Program FilesCommon TriorishgBHO.dll [2009-11-11 93408]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
    {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} — My &Search Bar — C:Program FilesMyWaymyBar1.binMYBAR.DLL [2009-03-11 241664]
    {788400C4-31F6-4d9f-BAFF-D289627600A8} — Gotovim-Doma.ru toolbar — C:Program FilesGOTOVIMDOMAietoolbar.dll [2009-11-11 122368]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
    «WheelMouse»=C:Program FilesA4TechMouseAmoumain.exe [2006-12-26 196608]
    «M-Audio Taskbar Icon»=C:WINDOWSSystem32DeltaIITray.exe [2008-03-03 236040]
    «avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-11-25 81000]
    «H2O»=C:Program FilesSyncroSoftPosH2Ocledx.exe [2007-12-11 307200]
    «»= []
    «NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2008-10-07 13574144]
    «Vistadrv»=C:WINDOWSXPLifeProgramsXPDrivevsdrv.exe [2006-07-30 121089]

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
    «Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-11-23 1250304]
    «Punto Switcher»=C:Program FilesPunto Switcherps.exe [2007-11-14 201728]
    «ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2009-01-22 37376]
    «AnVir Task Manager»=C:Program FilesAnVir Task ManagerAnVir.exe [2009-12-17 3161312]

    C:Documents and SettingsYuraГлавное менюПрограммыАвтозагрузка
    MemInfo.lnk — C:Program FilesMemInfomeminfo.exe

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
    WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32wpdshserviceobj.dll [2007-06-18 133632]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
    «dontdisplaylastusername»=0
    «legalnoticecaption»=
    «legalnoticetext»=
    «shutdownwithoutlogon»=1
    «undockwithoutlogon»=1
    «InstallVisualStyle»=C:WINDOWSResourcesThemesZuneZune.msstyles
    «InstallTheme»=C:WINDOWSResourcesThemesZune.theme

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
    «NoDriveTypeAutoRun»=145
    «ForceClassicControlPanel»=1

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
    «NoDriveTypeAutoRun»=

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
    «%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
    «%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
    «C:Program FilesCommFortCommFort.exe»=»C:Program FilesCommFortCommFort.exe:*:Enabled:CommFort»
    «C:Program FilesuTorrentutorrent.exe»=»C:Program FilesuTorrentutorrent.exe:*:Enabled:µTorrent»
    «C:Program FilesCorelDVD9WinDVD.exe»=»C:Program FilesCorelDVD9WinDVD.exe:*:Enabled:WinDVD»
    «C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»
    «C:Program FilesOperaOpera.exe»=»C:Program FilesOperaOpera.exe:*:Enabled:Opera Internet Browser»
    «C:Program FilesInterVideoDVD6WinDVD.exe»=»C:Program FilesInterVideoDVD6WinDVD.exe:*:Disabled:WinDVD»
    «C:Program FilesOnline TV Player 4TVPlayer.exe»=»C:Program FilesOnline TV Player 4TVPlayer.exe:*:Enabled:TVPlayer»
    «C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
    «C:Program FilesSkypePlugin ManagerskypePM.exe»=»C:Program FilesSkypePlugin ManagerskypePM.exe:*:Enabled:Skype Extras Manager»
    «C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
    «%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
    «%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{0db22f56-0289-11de-9f7a-001d60c379a8}]
    shellAutoRuncommand — RavMon.exe
    shellexplorecommand — RavMon.exe -e
    shellopencommand — RavMon.exe

    ======List of files/folders created in the last 1 months======

    2010-01-06 23:30:00 —-D—- C:Program Filestrend micro
    2010-01-06 23:29:59 —-D—- C:rsit
    2010-01-02 15:49:18 —-D—- C:Новая папка
    2010-01-02 01:41:03 —-D—- C:Program FilesCommon Trioris
    2010-01-02 01:40:41 —-D—- C:Program FilesGOTOVIMDOMA
    2009-12-17 15:10:15 —-A—- C:WINDOWSIsUninstR.Exe
    2009-12-17 15:04:34 —-D—- C:Program FilesSnowball.ru
    2009-12-17 15:04:14 —-A—- C:WINDOWSIsUninst.exe

    ======List of files/folders modified in the last 1 months======

    2010-01-06 23:30:00 —-AD—- C:Program Files
    2010-01-06 23:29:40 —-D—- C:WINDOWSPrefetch
    2010-01-06 22:59:36 —-D—- C:WINDOWSTemp
    2010-01-06 22:52:41 —-D—- C:WINDOWSsystem32config
    2010-01-06 22:52:27 —-D—- C:WINDOWSsystem32wbem
    2010-01-06 22:52:27 —-D—- C:WINDOWSRegistration
    2010-01-06 22:52:09 —-D—- C:Documents and SettingsYuraApplication DatauTorrent
    2010-01-06 22:52:05 —-D—- C:Program FilesMozilla Firefox
    2010-01-06 22:51:12 —-A—- C:WINDOWSSchedLgU.Txt
    2010-01-06 22:51:02 —-D—- C:WINDOWSsystem32Restore
    2010-01-04 02:11:48 —-D—- C:Program FilesBeholdTV
    2010-01-03 16:46:03 —-A—- C:WINDOWSwinamp.ini
    2010-01-03 16:25:09 —-D—- C:Program FilesBonjour
    2010-01-03 16:23:52 —-D—- C:Program FilesDownloads
    2010-01-02 01:41:08 —-D—- C:Program FilesOpera
    2009-12-29 22:41:29 —-D—- C:Program FilesReg Organizer
    2009-12-29 22:41:23 —-D—- C:Program FilesAnVir Task Manager
    2009-12-29 22:15:24 —-SD—- C:WINDOWSTasks
    2009-12-25 12:52:09 —-D—- C:Documents and SettingsYuraApplication DataAdobe
    2009-12-25 12:52:09 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
    2009-12-24 15:09:38 —-D—- C:WINDOWSsystem32CatRoot2
    2009-12-22 22:09:13 —-SD—- C:Documents and SettingsYuraApplication DataMicrosoft
    2009-12-18 11:41:36 —-D—- C:Documents and SettingsYuraApplication DataSkype
    2009-12-18 11:41:28 —-D—- C:Documents and SettingsYuraApplication DataskypePM
    2009-12-18 11:38:00 —-D—- C:WINDOWS

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2009-11-25 27408]
    R1 Amfilter;A4Tech Mouse Filter Driver; C:WINDOWSsystem32DRIVERSAmfilter.sys [2006-12-16 8704]
    R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2009-11-25 114768]
    R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2009-11-25 48560]
    R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
    R1 PQNTDrv;PQNTDrv; C:WINDOWSsystem32driversPQNTDrv.sys [2004-05-05 4228]
    R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2009-11-25 20560]
    R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2009-11-25 94160]
    R2 PMEM;PMEM; ??C:WINDOWSsystem32driverspmemnt.sys []
    R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2008-11-28 62848]
    R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:WINDOWSsystem32DRIVERSAmusbprt.sys [2006-12-16 13824]
    R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2009-01-22 60800]
    R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2009-11-25 23120]
    R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:WINDOWSsystem32DRIVERSl151x86.sys [2007-11-01 36864]
    R3 CLEDX;Team H2O CLEDX service; C:WINDOWSsystem32DRIVERScledx.sys [2005-05-09 33792]
    R3 DELTAII;Service for M-Audio Delta Driver (WDM); C:WINDOWSsystem32DRIVERSdeltaII.sys [2008-03-03 302728]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:WINDOWSsystem32DRIVERSGEARAspiWDM.sys [2008-04-17 15464]
    R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
    R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2006-02-26 5810]
    R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2009-01-22 61824]
    R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2008-10-07 6133856]
    R3 SAA713x;Behold TV WDM Capture (SAA713x); C:WINDOWSsystem32DRIVERSsaa713x.sys [2007-12-25 217352]
    R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-24 30336]
    R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-05-15 59520]
    R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-05-15 20608]
    S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:WINDOWSsystem32DRIVERSadusbser.sys [2006-10-23 93440]
    S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-05-15 17024]
    S3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2009-01-22 12160]
    S3 MPE;BDA MPE фильтр; C:WINDOWSsystem32DRIVERSMPE.sys [2008-05-15 15232]
    S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-05-15 5504]
    S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-05-15 85248]
    S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-05-15 10880]
    S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:WINDOWSsystem32DRIVERSs115bus.sys [2007-04-23 83208]
    S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:WINDOWSsystem32DRIVERSs115mdfl.sys [2007-04-23 15112]
    S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:WINDOWSsystem32DRIVERSs115mdm.sys [2007-04-23 108680]
    S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:WINDOWSsystem32DRIVERSs115mgmt.sys [2007-04-23 100488]
    S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:WINDOWSsystem32DRIVERSs115obex.sys [2007-04-23 98568]
    S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:WINDOWSsystem32DRIVERSs116bus.sys [2007-04-03 83336]
    S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:WINDOWSsystem32DRIVERSs116mdfl.sys [2007-04-03 15112]
    S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:WINDOWSsystem32DRIVERSs116mdm.sys [2007-04-03 108680]
    S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:WINDOWSsystem32DRIVERSs116mgmt.sys [2007-04-03 100488]
    S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:WINDOWSsystem32DRIVERSs116nd5.sys [2007-04-03 23176]
    S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:WINDOWSsystem32DRIVERSs116obex.sys [2007-04-03 98696]
    S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:WINDOWSsystem32DRIVERSs116unic.sys [2007-04-03 99080]
    S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:WINDOWSsystem32DRIVERSs125bus.sys [2007-04-24 83336]
    S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:WINDOWSsystem32DRIVERSs125mdfl.sys [2007-04-24 15112]
    S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:WINDOWSsystem32DRIVERSs125mdm.sys [2007-04-24 108680]
    S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:WINDOWSsystem32DRIVERSs125mgmt.sys [2007-04-24 100488]
    S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:WINDOWSsystem32DRIVERSs125obex.sys [2007-04-24 98696]
    S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-05-15 11136]
    S3 SONYPVU1;Драйвер Sony USB фильтра (SONYPVU1); C:WINDOWSsystem32DRIVERSSONYPVU1.SYS [2008-05-15 7552]
    S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-05-15 15232]
    S3 usbbus;LGE Mobile Composite USB Device; C:WINDOWSsystem32DRIVERSlgusbbus.sys [2008-11-11 13056]
    S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-11-19 32384]
    S3 UsbDiag;LGE Mobile USB Serial Port; C:WINDOWSsystem32DRIVERSlgusbdiag.sys [2008-11-11 19968]
    S3 USBModem;LGE Mobile USB Modem; C:WINDOWSsystem32DRIVERSlgusbmodem.sys [2008-11-11 24832]
    S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-05-15 25856]
    S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-05-15 15104]
    S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-05-15 26368]
    S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-05-15 19200]
    S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2007-06-18 77568]
    S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2007-06-18 82944]
    S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-11-25 18752]
    R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-11-25 138680]
    R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2008-10-07 163908]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-11-25 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-11-25 352920]
    S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2009-03-11 68096]
    S3 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2008-11-07 132424]
    S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
    S3 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-12-12 238888]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
    S3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2009-01-06 536872]
    S3 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-02-15 152984]
    S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media Playerwmpnetwk.exe [2006-10-18 913408]
    S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]

    EOF


    Заранее спасибо! 🙂

    7 января, 2010 в 9:35 дп #27753
    Larry77
    Participant
    • Темы:1
    • Сообщений:4
    • ☆

    можно вопрос — а как Вам удалось восстановить с более ранней точки — ведь экран программы system restore тоже закрыт этим баннером?

    7 января, 2010 в 6:23 пп #27754
    Irin
    Participant
    • Темы:1
    • Сообщений:4
    • ☆

    Через меню Пуск — Все программы — Стандартные — Служебные — Восстановление системы
    Вот как-то так

    7 января, 2010 в 6:29 пп #27755
    Larry77
    Participant
    • Темы:1
    • Сообщений:4
    • ☆

    замечательно, спасибо — но восстановление системы — это вызов программки system restore, весь рабочий экран которой закрывается баннером и ничего нельзя нажать. Если способ это сделать? Как это Вам удалось?

    8 января, 2010 в 11:09 дп #27756
    Irin
    Participant
    • Темы:1
    • Сообщений:4
    • ☆

    Сразу после перезагрузки машины есть возможность открыть только одно окно поверх этого баннера (по крайней мере, так было у меня). При открытии других окон, проклятый баннер снова оказывается сверху. Клавиша F8 не реагировала, поэтому откат производился вышеуказанным способом. Попробуйте! 😀

    8 января, 2010 в 6:33 пп #27752
    Admin
    Keymaster
    • Темы:40
    • Сообщений:5676
    • ☆☆☆☆☆

    Здравствуйте, добро пожаловать на Spyware-ru форум.

    Лог выглядит нормально.
    Для дополнительной проверки прочитайте описание программы Malwarebytes Anti-malware (MBAM).
    Скачайте и выполните сканирование вашего компьютера. Удалите всё что будет найдено. В конце работы будет показан лог.
    Вставьте содержимое этого лога в ваше следующее сообщение.

    9 января, 2010 в 2:16 пп #27757
    Irin
    Participant
    • Темы:1
    • Сообщений:4
    • ☆

    Malwarebytes’ Anti-Malware 1.44
    Версия базы данных: 3526
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 7.0.5730.13

    09.01.2010 17:10:45
    mbam-log-2010-01-09 (17-10-45).txt

    Тип проверки: Полная (C:|D:|E:|F:|G:|H:|J:|K:|)
    Проверено объектов: 295774
    Прошло времени: 1 hour(s), 26 minute(s), 17 second(s)

    Заражено процессов в памяти: 0
    Заражено модулей в памяти: 0
    Заражено ключей реестра: 37
    Заражено значений реестра: 3
    Заражено параметров реестра: 2
    Заражено папок: 15
    Заражено файлов: 39

    Заражено процессов в памяти:
    (Вредоносные программы не обнаружены)

    Заражено модулей в памяти:
    (Вредоносные программы не обнаружены)

    Заражено ключей реестра:
    HKEY_CLASSES_ROOTCLSID{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTTypeLib{0494d0d0-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTInterface{0494d0d4-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTInterface{0494d0d6-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTInterface{0494d0da-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTInterface{0494d0dc-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{014da6cd-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{0494d0d1-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{0494d0d1-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtSettings{0494d0d1-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0494d0d1-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{0494d0d2-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{0494d0d3-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{0494d0d5-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{0494d0d7-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtSettings{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{0494d0db-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTTypeLib{a04d524d-d4d6-4230-975f-648f8a658d4f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTInterface{39ae719a-b3ae-4711-8143-65cd1f97dc7c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTInterface{bbe36a96-c9c4-492f-a5e2-c0a9e6db687b} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{825e5863-834c-4c9e-861a-5402fb2fa854} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTTypeLib{d6c8acd0-c524-4dd9-87be-84e6e01fee63} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTInterface{25642628-2705-43d4-adde-68922c0e6ba7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTInterface{2564262a-2705-43d4-adde-68922c0e6ba7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{25642629-2705-43d4-adde-68922c0e6ba7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{465bb38f-2b83-43e1-bde1-5f413d014350} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{d6c8acd2-c524-4dd9-87be-84e6e01fee63} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTTypeLib{04079850-5845-4dea-848c-3ecd647aa554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{04079851-5845-4dea-848c-3ecd647aa554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{04079851-5845-4dea-848c-3ecd647aa554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtSettings{04079851-5845-4dea-848c-3ecd647aa554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{04079851-5845-4dea-848c-3ecd647aa554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREVkontakte (Trojan.Fkantakte) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMyWay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREFun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Заражено значений реестра:
    HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerToolbarWebBrowser{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorerforceclassiccontrolpanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.

    Заражено параметров реестра:
    HKEY_LOCAL_MACHINESystemCurrentControlSetServicesBITSImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%system32svchost.exe -k netsvcs) Good: (%SystemRoot%System32svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESystemCurrentControlSetServiceswuauservImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%system32svchost.exe -k netsvcs) Good: (%SystemRoot%System32svchost.exe -k netsvcs) -> Quarantined and deleted successfully.

    Заражено папок:
    C:Program FilesFunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesFunWebProductsMyWay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesFunWebProductsMyWayCache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesFunWebProductsPopSwatr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesFunWebProductsPopSwatrHistory (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBar1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarCache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarHistory (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarSettings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaySrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaySrchAstt1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaySrchAsttCache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaySrchAsttSettings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Заражено файлов:
    C:Program FilesMyWaymyBar1.binMYBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesSteinbergNuendo 3UNWISE.EXE (Malware.Packer.Morphine) -> Not selected for removal.
    K:Distribinterneticqmiranda.5.1Miranda_LEM_PackPluginsautorun.dll (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
    K:DistribmultimediaplayersDVDWin DVD-7Keymaker.exe (Trojan.Downloader) -> Not selected for removal.
    K:DistribmultimediaplayersvideoBSPlayer Pro v2.22.952keygen.exe (Trojan.Downloader) -> Not selected for removal.
    K:Distribmultimediaобраб.аудиоSound forgeSound Forge v8.0keygen.exe (Trojan.Downloader) -> Not selected for removal.
    K:Distribmultimediaобраб.аудиоSound forgeSSF-9.0RusSound_Forge_9.0a_Build_297crackKeygen.exe (Trojan.Downloader) -> Not selected for removal.
    K:DistribчасыClockAnalogue Vista Clock 1.07 + SkinsSkinsClassicSkinpack.exe (Trojan.Downloader) -> Not selected for removal.
    K:DistribTotal Commander 7.02PluginsarcDefault.sfx (Malware.Packer) -> Not selected for removal.
    K:DistribTotal Commander 7.02UtilsfitWfitW.exe (Malware.Packer) -> Not selected for removal.
    K:System Volume Information_restore{A9BFFF76-3A6E-4C9D-A776-644D98A88844}RP280A0062100.exe (Malware.Packer) -> Quarantined and deleted successfully.
    C:Program FilesFunWebProductsMyWayCacheCursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesFunWebProductsMyWayCacheSmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesFunWebProductsPopSwatrHistorynotallow (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBar1.binMWHTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBar1.binMY2NS.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBar1.binMYPOPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBar1.binMYWAYPLUGINPROXY.CLASS (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBar1.binNPMYWAY.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBar1.binPARTNER.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBar1.binPARTNER2.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarCache0E6C67D (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarCache0E6CDC1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarCache0E6CEF9.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarCache0E6D0DE.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarCache0E6D245.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarCache0E6D37D.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarCache0E6D4A6.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarCache0E6D5C0.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarCache0E6D6D9.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarCachefiles.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarHistorysearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaymyBarSettingsprevcfg.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaySrchAstt1.binMYSRCHAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaySrchAstt1.binPARTNER.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaySrchAsttCache0D5FB6B (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaySrchAsttCachefiles.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Program FilesMyWaySrchAsttSettingsprevcfg.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:Documents and SettingsYuraApplication Datawiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.

    21 января, 2010 в 7:48 пп #27758
    Admin
    Keymaster
    • Темы:40
    • Сообщений:5676
    • ☆☆☆☆☆

    Как сейчас работает компьютер ?

  • Автор
    Сообщения
Просмотр 8 сообщений - с 1 по 8 (из 8 всего)
  • Для ответа в этой теме необходимо авторизоваться.
Войти

Добро пожаловать

На нашем сайте размещены инструкции и программы, которые помогут вам абсолютно бесплатно и самостоятельно удалить навязчивую рекламу, вирусы и трояны.

Поиск

Последние темы

  • Странность в Malwebytes опубликовано Artem225
    5 years, 12 months назад
  • SUSPICIOUS.FakedMBR.1 что делать, помогите!!! опубликовано White
    6 years назад
  • Помогите пожалуйста вирус замучил. опубликовано dimazons1233211
    6 years, 2 months назад
  • Замучила реклама опубликовано Данила Беспятов
    6 years, 3 months назад
  • Замучила реклама опубликовано Марк
    6 years назад
  • Вирус S1.video.ru.net опубликовано ludovik
    6 years, 5 months назад
  • Чертов Safe Finder!!!! опубликовано kosta savo
    6 years, 2 months назад
  • ESET блокирует неизвестный сайт , вход на который не осуществлялся. опубликовано trollhamaren
    6 years, 7 months назад

СПАЙВАРЕ РУ

  • О Спайваре Ру
  • Контакты
  • Реклама на сайте
  • Политика конфиденциальности
  • Правила использования

Нужна помощь?

Задайте свой вопрос прямо сейчас кликнув по следующей ссылке Задать вопрос.

Или обратитесь на наш форум, где команда Spyware-ru поможет вам. Узнайте, как попросить о помощи здесь.

Ссылки

  • Инструкции
  • Скачать программы
  • Помощь в удалении вирусов
  • Как вылечить компьютер
Copyright © 2008 - 2024 Spyware-RU.com (en)