- This topic has 1 ответ, 2 участника, and was last updated 16 years, 4 months назад by
.
-
Сообщения
-
info.txt logfile of random’s system information tool 1.06 2009-05-08 23:41:33
======Uninstall list======
—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNNMP.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
3D Snowy Cottage Full Screen Saver—>»C:PROGRA~1Freeze.com3D Snowy Cottage FullUNINSTAL.EXE»
ACDSee 9 Photo Manager—>MsiExec.exe /X{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238}
Adobe Acrobat 5.0—>C:WINDOWSISUNINST.EXE -f»C:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.isu» -c»C:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.dll»
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 7.0—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70001000000}
ASUS WLAN Card Utilities/Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime�9�1Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{8F722FA9-B994-4C9B-B292-FD32D6206EDF}SETUP.EXE» -l0x19
ASUSDVD—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}Setup.exe» -uninstall
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATK0100 ACPI UTILITY—>C:WINDOWSATK0100XPunin.exe
avast! Antivirus—>C:Program FilesAlwil SoftwareAvast4aswRunDll.exe «C:Program FilesAlwil SoftwareAvast4Setupsetiface.dll»,RunSetup
BisonCam—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{4A57592C-FF92-4083-97A9-92783BD5AFB4}setup.exe» -l0x9
Bluetooth Stack for Windows by Toshiba—>MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Combined Community Codec Pack 2007-07-22—>»C:Program FilesCombined Community Codec Packunins001.exe»
CursorXP—>C:Program FilesCursorXPCurXPUtil.exe -u
DivX Player—>C:Program FilesDivXDivXPlayerUninstall.exe /PLAYER
DivX—>C:Program FilesDivXDivXCodecUninstall.exe /CODEC
Download Master version 5.5.3.1131—>»C:Program FilesDownload Masterunins000.exe»
Dream Render 2.20—>»C:Program FilesDreamRenderunins000.exe»
Google Toolbar for Internet Explorer—>»C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarManager_BDA1448D3D255554.exe» /uninstall
Google Toolbar for Internet Explorer—>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HashTab 1.14—>C:WINDOWSsystem32htdel.bat
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Indeo® XP Software—>C:WINDOWSIsUninst.exe -f»C:Program FilesLigosIndeoUninstXP.isu»
K-Lite Codec Pack 2.25 Basic—>»C:Program FilesK-Lite Codec Packunins000.exe»
LClock—>C:Program FilesLClockUninstall.exe
Light Alloy 4.1—>C:Program FilesLight Alloyuninst.exe
Medi@Show—>C:WINDOWSIsUninst.exe -f»C:Program FilesCyberLinkMediaShowUninst.isu»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1—>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Movavi Video Converter 6—>MsiExec.exe /I{C97AEFDE-1DA4-4B46-BE1F-44F66DD4DFF3}
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 8—>MsiExec.exe /X{E2C00C8C-3D0C-40DF-BC67-44321C9E1049}
Nero Suite—>C:Program FilesCommon FilesNeroUninstallSetupx.exe /uninstall ExtraUninstallID=»»
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver—>MsiExec.exe /X{11964613-805F-432D-A12B-169554B793E7}
Nokia PC Suite—>C:Documents and SettingsAll UsersApplication DataInstallations{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}Nokia_PC_Suite_6_84_10_3_EA.exe
Nokia PC Suite—>MsiExec.exe /I{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}
Opera 9.26—>MsiExec.exe /X{FB706A00-C234-4716-AB1F-27DCB192C664}
PC Connectivity Solution—>MsiExec.exe /I{99A40651-0BC2-4095-8F9A-A40FAB224FEF}
PowerDirector—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{CB099890-1D5F-11D5-9EA9-0050BAE317E1}Setup.exe» -uninstall
save2pc Light 3.23—>»C:Program FilesFDRLabsave2pcunins000.exe»
Soft Data Fax Modem with SmartCP—>C:Program FilesCONEXANTCNXT_MODEM_PCI_VEN_1039&DEV_7013&SUBSYS_C0131631HXFSETUP.EXE -U -IAsuSISK.inf
TuneUp Utilities 2008—>MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Unlocker 1.8.7—>C:Program FilesUnlockeruninst.exe
VCRedistSetup—>MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Vit Registry Fix 8.1 (remove only)—>C:Program FilesVITSOFTVit Registry FixUninstall.exe
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Yahoo! Toolbar—>C:PROGRA~1Yahoo!Commonunyt.exe
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Дополнительные аплеты панели управления—>rundll32.exe advpack.dll,LaunchINFSection CPLDAPU.inf,uninstall
Пакет драйверов Windows — Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccswpddri_044C8712DB44F83D9DE6C376991EE9254E0A69E4pccswpddriver.inf
Пакет драйверов Windows — Nokia Modem (02/15/2007 3.1)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293Bpccs_bluetooth.inf
Пакет драйверов Windows — Nokia Modem (02/15/2007 3.1)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccs_bluet_F12A08B6F776984A95553486F64C541356F86E38pccs_bluetooth.inf
Пакет драйверов Windows — Nokia Modem (05/24/2007 6.84.0.1)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108nokbtmdm.inf
Проигрыватель Windows Media 10—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
Яндекс.Бар для Internet Explorer 4.1.0—>»C:Program FilesYandexYandexBarIEunins000.exe»======Security center information======
AV: avast! antivirus 4.8.1335 [VPS 090507-0]
======System event log======
Computer Name: ALENA
Event Code: 7
Message: Неверный блок на устройстве DeviceCdRom0.Record Number: 31563
Source Name: Cdrom
Time Written: 20090328022529.000000+300
Event Type: ошибка
User:Computer Name: ALENA
Event Code: 7
Message: Неверный блок на устройстве DeviceCdRom0.Record Number: 31562
Source Name: Cdrom
Time Written: 20090328022527.000000+300
Event Type: ошибка
User:Computer Name: ALENA
Event Code: 7
Message: Неверный блок на устройстве DeviceCdRom0.Record Number: 31561
Source Name: Cdrom
Time Written: 20090328022526.000000+300
Event Type: ошибка
User:Computer Name: ALENA
Event Code: 7
Message: Неверный блок на устройстве DeviceCdRom0.Record Number: 31560
Source Name: Cdrom
Time Written: 20090328022524.000000+300
Event Type: ошибка
User:Computer Name: ALENA
Event Code: 7
Message: Неверный блок на устройстве DeviceCdRom0.Record Number: 31559
Source Name: Cdrom
Time Written: 20090328022523.000000+300
Event Type: ошибка
User:=====Application event log=====
Computer Name: ALENA
Event Code: 4
Message: The LightScribe Service started successfully.Record Number: 4026
Source Name: LightScribeService
Time Written: 20080928152959.000000+360
Event Type: информация
User:Computer Name: ALENA
Event Code: 102
Message: wuaueng.dll (2272) SUS20ClientDataStore: Ядро базы данных запустило новый экземпляр (0).Record Number: 4025
Source Name: ESENT
Time Written: 20080928152758.000000+360
Event Type: информация
User:Computer Name: ALENA
Event Code: 100
Message: wuauclt (2272) Ядро базы данных 5.01.2600.2180 запущено.Record Number: 4024
Source Name: ESENT
Time Written: 20080928152758.000000+360
Event Type: информация
User:Computer Name: ALENA
Event Code: 1524
Message: Windows не удалось выгрузить файл классов из реестра — он используется другими приложениями или службами. Файл будет выгружен когда он не будет использоваться.Record Number: 4023
Source Name: Userenv
Time Written: 20080928152757.000000+360
Event Type: предупреждение
User: ALENAАленаComputer Name: ALENA
Event Code: 1002
Message: Зависшее приложение ACDSee9.exe, версия 9.0.108.1, зависший модуль hungapp, версия 0.0.0.0, адрес 0x00000000.Record Number: 4022
Source Name: Application Hang
Time Written: 20080928152143.000000+360
Event Type: ошибка
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%system32WBEM;C:Program FilesPC Connectivity Solution
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 36 Stepping 2, AuthenticAMD
«PROCESSOR_REVISION»=2402
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Алена at 2009-05-08 23:39:46
Microsoft Windows XP Professional Service Pack 3
System drive C: has 18 GB (31%) free of 58 GB
Total RAM: 1023 MB (49% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:41:30, on 08.05.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20900)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSExplorer.EXE
C:Program FilesASUSWLAN Card UtilitiesCenter.exe
C:WINDOWSATK0100HControl.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesUnlockerUnlockerAssistant.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesDownload Masterdmaster.exe
C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe
C:Program FilesFire Heartfireheart.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesCursorXPCursorXP.exe
C:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe
C:Program FilesToshibaBluetooth Toshiba StackTosA2dp.exe
C:Program FilesToshibaBluetooth Toshiba StackTosBtHsp.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesToshibaBluetooth Toshiba StacktosOBEX.exe
C:Program FilesToshibaBluetooth Toshiba StacktosBtProc.exe
C:WINDOWSsystem32ASWLSVC.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:Program FilesNeroNero8Nero BackItUpNBService.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesCommon FilesNeroLibNMIndexingService.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSATK0100ATKOSD.exe
C:DOCUME~1DA19~1LOCALS~1Tempsetup2.exe
C:Program FilesOperaOpera.exe
C:Documents and SettingsАленаРабочий столRSIT.exe
C:Program Filestrend microАлена.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: Yahoo! Toolbar Helper — {02478D38-C3F9-4EFB-9B51-7695ECA05670} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — C:Program FilesDownload Masterdmbar.dll
O3 — Toolbar: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O3 — Toolbar: @msdxmLC.dll,-1@1033,&Радио — {8E718888-423F-11D2-876E-00A0C9082467} — C:WINDOWSsystem32msdxm.ocx
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O4 — HKLM..Run: [Control Center] C:Program FilesASUSWLAN Card UtilitiesCenter.exe
O4 — HKLM..Run: [HControl] C:WINDOWSATK0100HControl.exe
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [NBKeyScan] «C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe»
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [UnlockerAssistant] «C:Program FilesUnlockerUnlockerAssistant.exe»
O4 — HKLM..Run: [Vistadrv] C:WINDOWSXPLifeProgramsXPDrivevsdrv.exe
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [WiniBlueSoft] C:Program FilesWiniBlueSoft SoftwareWiniBlueSoftWiniBlueSoft.exe -min
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [Download Master] C:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe» ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 — HKCU..Run: [Fire Heart] C:Program FilesFire Heartfireheart.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [CursorXP] «C:Program FilesCursorXPCursorXP.exe» -s
O4 — HKCU..Run: [setup2.exe] C:WINDOWSsystem32setup2.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..Run: [LClock] C:Program FilesLClockLClock.exe (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘Default user’)
O4 — Global Startup: Adobe Reader Speed Launch.lnk = ?
O4 — Global Startup: Bluetooth Manager.lnk = ?
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 — DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) — C:Program FilesYahoo!Commonyinsthelper.dll
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 — HKLMSystemCCSServicesTcpip..{51DEFC22-8591-47D5-8B8C-5FA637A43561}: NameServer = 85.255.116.149 85.255.112.169
O17 — HKLMSystemCCSServicesTcpip..{A45E0529-1366-4639-A46D-75760B3BE57F}: NameServer = 212.120.160.130,212.120.160.139
O18 — Filter: x-sdch — {B1759355-3EEC-4C1E-B0F1-B719FE26E377} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O23 — Service: ASWLSVC — Unknown owner — C:WINDOWSsystem32ASWLSVC.exe
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Nero BackItUp Scheduler 3 — Nero AG — C:Program FilesNeroNero8Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: TuneUp Drive Defrag Service (TuneUp.Defrag) — TuneUp Software GmbH — C:WINDOWSSystem32TuneUpDefragService.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 10971 bytes======Scheduled tasks folder======
C:WINDOWStasks1-Click Maintenance.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2006-10-26 440384][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2004-09-01 58528][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2007-07-20 152064][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-05-03 259696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll [2009-05-01 668656][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll [2009-05-03 470512][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-03-19 3697440]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — C:Program FilesDownload Masterdmbar.dll [2007-11-26 180224]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} — Yahoo! Toolbar — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2006-10-26 440384]
{8E718888-423F-11D2-876E-00A0C9082467} — @msdxmLC.dll,-1@1033,&Радио — C:WINDOWSsystem32msdxm.ocx [2000-09-06 845584]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-05-03 259696][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Control Center»=C:Program FilesASUSWLAN Card UtilitiesCenter.exe [2005-06-15 1623040]
«HControl»=C:WINDOWSATK0100HControl.exe [2006-10-14 110592]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-02-06 81000]
«NBKeyScan»=C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe [2007-12-03 2213160]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2007-06-18 271360]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2005-07-22 81920]
«UnlockerAssistant»=C:Program FilesUnlockerUnlockerAssistant.exe [2008-05-02 15872]
«Vistadrv»=C:WINDOWSXPLifeProgramsXPDrivevsdrv.exe [2006-07-30 121089]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2006-01-12 155648]
«WiniBlueSoft»=C:Program FilesWiniBlueSoft SoftwareWiniBlueSoftWiniBlueSoft.exe -min [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-12-01 37376]
«Download Master»=C:Program FilesDownload Masterdmaster.exe [2008-01-25 3280896]
«IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe [2007-12-13 1688872]
«Fire Heart»=C:Program FilesFire Heartfireheart.exe [2007-05-02 1677824]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-04-04 68856]
«CursorXP»=C:Program FilesCursorXPCursorXP.exe [2005-01-19 128000]
«setup2.exe»=C:WINDOWSsystem32setup2.exe [2009-05-08 1097216][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDevice Detector]
DevDetect.exe -autorun [][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:Program FilesCommon FilesNeroLibNeroCheck.exe [2007-03-01 153136][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRemoteControl]
C:Program FilesASUSTekASUSDVDPDVDServ.exe [2005-01-12 32768][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-04-04 68856][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregWinampAgent]
C:Program FilesWinampwinampa.exe [2007-02-14 35328][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Adobe Reader Speed Launch.lnk]
C:WINDOWSInstaller{AC76BA86-7AD7-1033-7B44-A70001000000}SC_Reader.exe [2009-03-27 25214]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Adobe Reader Speed Launch.lnk — C:WINDOWSInstaller{AC76BA86-7AD7-1033-7B44-A70001000000}SC_Reader.exe
Bluetooth Manager.lnk — C:Program FilesToshibaBluetooth Toshiba StackTosBtMng1.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2005-12-20 48128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32wpdshserviceobj.dll [2007-06-18 133632][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«InstallVisualStyle»=C:WINDOWSResourcesThemesZuneZune.msstyles
«InstallTheme»=C:WINDOWSResourcesThemesZune.theme[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesNeroNero8Nero ShowTimeShowTime.exe»=»C:Program FilesNeroNero8Nero ShowTimeShowTime.exe:*:Disabled:Nero ShowTime»
«C:Documents and SettingsАленаРабочий столeMuleemule.exe»=»C:Documents and SettingsАленаРабочий столeMuleemule.exe:*:Disabled:eMule»
«C:Program FilesNeroNero8Nero HomeNeroHome.exe»=»C:Program FilesNeroNero8Nero HomeNeroHome.exe:*:Enabled:Nero Home»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2D]
shellAutoRuncommand — D:setupSNK.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{23536d90-cabe-11dd-bca0-0018f340732a}]
shellAutoRuncommand — bsvvez.exe
shellexplorecommand — bsvvez.exe
shellopencommand — bsvvez.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{39cbc647-4d87-11dd-bba6-0018f340732a}]
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .Recycleddeskinf.pif[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{5cb8dc5e-16c6-11dd-bb53-0018f340732a}]
shellAutoRuncommand — hgqycf.exe
shellexplorecommand — hgqycf.exe
shellopencommand — hgqycf.exe======List of files/folders created in the last 1 months======
2009-12-24 18:31:18 —-A—- C:WINDOWSsystem3213991spambot580z.dll
2009-12-24 17:00:15 —-A—- C:WINDOWSsystem324aa1t5rz9t13497.dll
2009-12-23 22:11:17 —-A—- C:WINDOWSsystem328917spz505.exe
2009-12-21 04:21:59 —-A—- C:WINDOWS363cbackdoo519z99.dll
2009-12-21 01:36:22 —-A—- C:WINDOWSsystem322995back9oor730z.dll
2009-12-19 19:25:12 —-A—- C:WINDOWSsystem3221276szam9ot75f.exe
2009-12-13 00:56:23 —-A—- C:WINDOWS27516spamb9z99.exe
2009-12-05 23:40:04 —-A—- C:WINDOWSsystem321899spambotze55.dll
2009-12-03 03:24:56 —-A—- C:WINDOWSsystem32669f5parse11z6.dll
2009-11-26 03:04:22 —-A—- C:WINDOWSc56vzr9757.exe
2009-11-25 10:07:06 —-A—- C:WINDOWSsystem324b10do9nloade523z5.exe
2009-11-23 04:10:54 —-A—- C:WINDOWS15a9downloader2z12.exe
2009-11-21 06:55:55 —-A—- C:WINDOWSsystem3255z9hacktool7789.dll
2009-11-20 03:42:47 —-A—- C:WINDOWSsystem326493hackzo5lf9.dll
2009-11-19 05:21:31 —-A—- C:WINDOWSsystem32e57z59ef1596.exe
2009-11-18 11:46:52 —-A—- C:WINDOWSsystem32903bspywa5e2z48.dll
2009-11-16 22:21:45 —-A—- C:WINDOWS16954not-a5zirus72d.exe
2009-11-15 23:14:32 —-A—- C:WINDOWSsystem32z92th5eat27696.dll
2009-11-14 13:44:13 —-A—- C:WINDOWSsystem32559449orm59z.exe
2009-11-11 11:10:39 —-A—- C:WINDOWSsystem325356t9ojz9d.exe
2009-11-04 01:59:49 —-A—- C:WINDOWS957zaddware2513.exe
2009-10-27 15:03:56 —-A—- C:WINDOWSz3959ckdoor1362.dll
2009-10-27 11:09:30 —-A—- C:WINDOWS15z9s5eal2490.dll
2009-10-22 23:01:33 —-A—- C:WINDOWSsystem3295380worm3z8.dll
2009-10-21 09:52:14 —-A—- C:WINDOWS25556hackzool794.dll
2009-10-19 06:14:38 —-A—- C:WINDOWS39b5downloade51568z.exe
2009-10-15 08:17:12 —-A—- C:WINDOWSsystem323c39szywar517619.exe
2009-10-09 07:02:35 —-A—- C:WINDOWSsystem3226529wz9m535.dll
2009-10-04 11:24:05 —-A—- C:WINDOWS315dd9znloader1157.dll
2009-09-27 00:41:36 —-A—- C:WINDOWSsystem32507edown5zader2986.dll
2009-09-24 13:20:03 —-A—- C:WINDOWSsystem324565addw9re32z0.dll
2009-09-21 23:04:29 —-A—- C:WINDOWS5959szy195.exe
2009-09-20 09:56:03 —-A—- C:WINDOWSsystem325fb3threat17995z.dll
2009-09-18 08:47:08 —-A—- C:WINDOWSz3704s596bd.exe
2009-09-16 21:26:41 —-A—- C:WINDOWSd36th5eatz993.exe
2009-09-09 03:37:40 —-A—- C:WINDOWS5fe5spy5zre1739.exe
2009-09-06 21:56:48 —-A—- C:WINDOWS230z2vi9u5d4.exe
2009-08-26 13:41:06 —-A—- C:WINDOWS2595wzrm786.exe
2009-08-24 17:23:47 —-A—- C:WINDOWS3250zpar5e1792.dll
2009-08-17 05:57:37 —-A—- C:WINDOWS550virus59z.exe
2009-08-15 15:14:02 —-A—- C:WINDOWSc8zthreat54629.exe
2009-08-14 04:28:35 —-A—- C:WINDOWS541fadd9a5e206z.dll
2009-08-13 06:28:05 —-A—- C:WINDOWS9z444wo5m72a.exe
2009-08-11 14:16:48 —-A—- C:WINDOWSsystem326497spywa5e9z8.dll
2009-08-09 01:12:12 —-A—- C:WINDOWSsystem324da7spzwa9e1155.dll
2009-08-05 14:33:45 —-A—- C:WINDOWSsystem329930zroj725.dll
2009-08-03 23:28:45 —-A—- C:WINDOWSsystem32564fa5dw9re1864z.exe
2009-07-29 02:25:32 —-A—- C:WINDOWS85029pambzt4fc.dll
2009-07-27 08:09:18 —-A—- C:WINDOWSsystem3221591zroj426.dll
2009-07-26 16:04:21 —-A—- C:WINDOWSsystem322z660not-a-virus9935.dll
2009-07-25 13:18:03 —-A—- C:WINDOWS2577threaz22999.dll
2009-07-24 16:13:46 —-A—- C:WINDOWS57f79ir11z8.exe
2009-07-23 12:03:52 —-A—- C:WINDOWSsystem32935hacktooz65b.exe
2009-07-16 20:52:45 —-A—- C:WINDOWS10098sz545b.exe
2009-07-15 02:44:18 —-A—- C:WINDOWS2222zh9eat35441.exe
2009-07-10 08:23:45 —-A—- C:WINDOWSsystem32221d95yzare2389.dll
2009-07-09 04:28:42 —-A—- C:WINDOWSsystem323195not-9-vi5uzcd.dll
2009-07-07 04:50:09 —-A—- C:WINDOWS19c0spywa5e2z02.dll
2009-07-06 19:29:16 —-A—- C:WINDOWS30426noz5a-virus79e.dll
2009-07-05 18:16:16 —-A—- C:WINDOWS69e6thre5t2604z.exe
2009-06-19 23:55:36 —-A—- C:WINDOWS18708z5c9tool59d.exe
2009-06-19 02:36:40 —-A—- C:WINDOWSsystem325d5fsp5zse21009.dll
2009-06-18 11:17:48 —-A—- C:WINDOWS775zvir2991.exe
2009-06-18 00:27:19 —-A—- C:WINDOWS50029sp9mbot3z2.exe
2009-06-17 13:36:43 —-A—- C:WINDOWSsystem3231657spz9bc.exe
2009-06-15 09:31:05 —-A—- C:WINDOWSsystem324938vir2z765.dll
2009-06-15 07:17:16 —-A—- C:WINDOWSsystem322z934not-a-v9ru5191.dll
2009-06-06 06:10:04 —-A—- C:WINDOWSsystem3279a0ba5zdoor2159.dll
2009-06-06 00:10:48 —-A—- C:WINDOWSsystem3259901hacktool124z.dll
2009-06-04 18:41:39 —-A—- C:WINDOWSsystem3279afthiefz985.dll
2009-05-28 22:51:05 —-A—- C:WINDOWS119z7w5rm71b.exe
2009-05-26 04:23:14 —-A—- C:WINDOWSsystem3220914tzoj2d5.exe
2009-05-24 09:56:24 —-A—- C:WINDOWS259d9zief553.exe
2009-05-22 13:39:37 —-A—- C:WINDOWSsystem3258413hacz9ool79c.exe
2009-05-15 11:25:31 —-A—- C:WINDOWS2c9aspywaz51243.dll
2009-05-13 20:26:39 —-A—- C:WINDOWSsystem325a27sp9rse513z.exe
2009-05-13 12:30:32 —-A—- C:WINDOWS39fd5iz2726.exe
2009-05-11 23:50:07 —-A—- C:WINDOWSsystem3220983not-a-vir5s2zd.exe
2009-05-08 23:39:47 —-D—- C:Program Filestrend micro
2009-05-08 23:39:46 —-D—- C:rsit
2009-05-08 23:21:06 —-A—- C:WINDOWSsystem325z975acktoo91ae.dll
2009-05-08 22:48:11 —-A—- C:WINDOWSsystem327952bac5doo9z900.dll
2009-05-08 22:48:11 —-A—- C:WINDOWSsystem325f15tzief1914.dll
2009-05-08 22:48:11 —-A—- C:WINDOWSsystem323ae5st9zl811.exe
2009-05-08 22:48:11 —-A—- C:WINDOWS36zfaddwa5e2049.exe
2009-05-08 22:48:11 —-A—- C:WINDOWS31500zac9tool784.dll
2009-05-08 22:48:11 —-A—- C:WINDOWS3059zspy199.exe
2009-05-08 22:48:11 —-A—- C:WINDOWS2bzfd5w9loader1843.dll
2009-05-08 22:48:11 —-A—- C:WINDOWS137bszywa5e2963.dll
2009-05-08 22:48:11 —-A—- C:WINDOWS108z9hie5745.exe
2009-05-08 22:48:10 —-A—- C:WINDOWSsystem32z8031no5-a9virus4f1.dll
2009-05-08 22:48:10 —-A—- C:WINDOWSsystem326a74sp9r5ez86.exe
2009-05-08 22:48:10 —-A—- C:WINDOWSsystem324zec5teal915.exe
2009-05-08 22:48:10 —-A—- C:WINDOWSsystem3231599hief50z.dll
2009-05-08 22:48:10 —-A—- C:WINDOWSsystem322z792s5y39d.exe
2009-05-08 22:48:10 —-A—- C:WINDOWSsystem3219248notza-5irus1b9.exe
2009-05-08 22:48:10 —-A—- C:WINDOWSsystem32146addzar51529.dll
2009-05-08 22:48:10 —-A—- C:WINDOWSsystem321385threat9z16.exe
2009-05-08 22:48:10 —-A—- C:WINDOWSsystem32132195r2456z.exe
2009-05-08 22:48:10 —-A—- C:WINDOWS95525worm4z5.dll
2009-05-08 22:48:10 —-A—- C:WINDOWS87959ot-a-vi5zs5ab.dll
2009-05-08 22:48:10 —-A—- C:WINDOWS7545sz9rse2454.dll
2009-05-08 22:48:10 —-A—- C:WINDOWS4dfc9ddware570z.exe
2009-05-08 22:48:10 —-A—- C:WINDOWS296dbazkdoor2453.exe
2009-05-08 22:48:10 —-A—- C:WINDOWS2785ztro92cd.exe
2009-05-08 22:48:10 —-A—- C:WINDOWS19zwormc5.dll
2009-05-08 22:48:10 —-A—- C:WINDOWS19191hackto5l8cz.exe
2009-05-08 22:48:09 —-A—- C:WINDOWSz495backdo5r16769.exe
2009-05-08 22:48:09 —-A—- C:WINDOWSsystem3295cbbackdoor3258z.exe
2009-05-08 22:48:09 —-A—- C:WINDOWSsystem3293118viz5s3ee.exe
2009-05-08 22:48:09 —-A—- C:WINDOWSsystem3273349pazbot51b.dll
2009-05-08 22:48:09 —-A—- C:WINDOWSsystem326c93steaz18825.dll
2009-05-08 22:48:09 —-A—- C:WINDOWSsystem325188spz9se2835.exe
2009-05-08 22:48:09 —-A—- C:WINDOWSsystem3215z99sp9mbot691.dll
2009-05-08 22:48:09 —-A—- C:WINDOWSef4bzckdoo926155.dll
2009-05-08 22:48:09 —-A—- C:WINDOWS95069pzmbo55fb.dll
2009-05-08 22:48:09 —-A—- C:WINDOWS6d57thi9f309z5.dll
2009-05-08 22:48:09 —-A—- C:WINDOWS693zsteal6185.exe
2009-05-08 22:48:09 —-A—- C:WINDOWS5a53addwarez69.exe
2009-05-08 22:48:09 —-A—- C:WINDOWS49z5thief293.exe
2009-05-08 22:48:09 —-A—- C:WINDOWS3zfbs95rse1711.exe
2009-05-08 22:48:09 —-A—- C:WINDOWS29850szam5ot9ce.dll
2009-05-08 22:48:09 —-A—- C:WINDOWS218zvi5us5c9.exe
2009-05-08 22:48:09 —-A—- C:WINDOWS21891szyb5.exe
2009-05-08 22:48:09 —-A—- C:WINDOWS159955orm593z.exe
2009-05-08 22:48:08 —-A—- C:WINDOWSz589sparse1022.dll
2009-05-08 22:48:08 —-A—- C:WINDOWSsystem32z195downloa5er1041.exe
2009-05-08 22:48:08 —-A—- C:WINDOWSsystem322z9605py4f7.exe
2009-05-08 22:48:08 —-A—- C:WINDOWSsystem322699spywa5e17z99.dll
2009-05-08 22:48:08 —-A—- C:WINDOWSsystem32155zs9y5are1481.exe
2009-05-08 22:48:08 —-A—- C:WINDOWSc6addw9re2576z.exe
2009-05-08 22:48:08 —-A—- C:WINDOWS78b1zi528629.exe
2009-05-08 22:48:08 —-A—- C:WINDOWS5f47zhr5at28639.dll
2009-05-08 22:48:08 —-A—- C:WINDOWS4ed959ezl3089.dll
2009-05-08 22:48:08 —-A—- C:WINDOWS43c59ackdoor2575z.exe
2009-05-08 22:48:08 —-A—- C:WINDOWS3d67backdozr1549.dll
2009-05-08 22:48:08 —-A—- C:WINDOWS21f2t59ef75z.exe
2009-05-08 22:48:08 —-A—- C:WINDOWS14123nzt-a-viru59cd.exe
2009-05-08 22:48:07 —-A—- C:WINDOWSsystem32setup2.exe
2009-05-08 22:48:07 —-A—- C:WINDOWSsystem322538dow5loadez495.exe
2009-05-08 22:48:07 —-A—- C:WINDOWS5ffasp5zare393.dll
2009-05-07 18:46:13 —-A—- C:WINDOWS175z9worm580.exe
2009-05-04 20:42:41 —-N—- C:WINDOWSUNNMP.exe
2009-05-04 20:40:15 —-A—- C:WINDOWSsystem32NeroCheck.exe
2009-05-04 20:38:28 —-N—- C:WINDOWSsystem32msxml3a.dll
2009-05-04 20:37:37 —-D—- C:Documents and SettingsAll UsersApplication DataAhead
2009-05-04 20:37:34 —-N—- C:WINDOWSsystem32picn20.dll
2009-05-04 20:37:34 —-A—- C:WINDOWSsystem32TwnLib20.dll
2009-05-04 20:37:23 —-D—- C:Program FilesCommon FilesAhead
2009-04-27 19:00:57 —-A—- C:WINDOWSsystem32z6525o9mf.exe
2009-04-23 01:33:22 —-A—- C:WINDOWSsystem32a05zhief3919.exe
2009-04-20 12:32:56 —-A—- C:WINDOWS13391spa5boz38.exe
2009-04-14 05:24:26 —-A—- C:WINDOWS22125wor9zb.dll
2009-04-13 11:15:34 —-A—- C:WINDOWS57z9th5ef3009.dll======List of files/folders modified in the last 1 months======
2009-05-08 23:39:47 —-AD—- C:Program Files
2009-05-08 23:30:09 —-D—- C:WINDOWSTemp
2009-05-08 22:48:11 —-D—- C:WINDOWSsystem32
2009-05-08 22:48:11 —-D—- C:WINDOWS
2009-05-07 22:14:20 —-A—- C:WINDOWSSchedLgU.Txt
2009-05-07 21:33:40 —-A—- C:WINDOWSNeroDigital.ini
2009-05-04 20:45:39 —-SHD—- C:WINDOWSInstaller
2009-05-04 20:42:21 —-D—- C:Program FilesAhead
2009-05-04 20:39:31 —-D—- C:Program FilesCommon FilesNero
2009-05-04 20:37:23 —-AD—- C:Program FilesCommon Files
2009-05-04 18:39:02 —-D—- C:WINDOWSsystem32CatRoot2
2009-04-30 20:42:58 —-A—- C:WINDOWSWirelessFTP.INI
2009-04-30 20:38:04 —-D—- C:WINDOWSsystem32drivers
2009-04-29 20:52:14 —-RSD—- C:WINDOWSassembly======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2009-02-06 26944]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2009-02-06 114768]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2009-02-06 51376]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:WINDOWSSystem32Driverstosrfcom.sys [2004-10-04 62799]
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2009-02-06 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2009-02-06 94032]
R2 irda;ИК-протокол IrDA; C:WINDOWSsystem32DRIVERSirda.sys [2008-05-15 88192]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:WINDOWSsystem32DRIVERSmdc8021x.sys [2008-03-21 15781]
R2 mdmxsdk;mdmxsdk; C:WINDOWSsystem32DRIVERSmdmxsdk.sys [2004-03-17 13059]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2008-11-28 62848]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2005-07-26 3644032]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-12-01 60800]
R3 ASNDIS5;ASNDIS5 Protocol Driver; ??C:WINDOWSsystem32ASNDIS5.SYS []
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2009-02-06 23152]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2005-12-20 1419264]
R3 Cam5603D;BisonCam, NB Pro; C:WINDOWSSystem32DriversBisonCam.sys [2005-08-28 510592]
R3 CmBatt;Драйвер AC-адаптера блока питания (Майкрософт); C:WINDOWSsystem32DRIVERSCmBatt.sys [2008-12-01 13952]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 HSF_DPV;HSF_DPV; C:WINDOWSsystem32DRIVERSHSF_DPV.sys [2005-06-22 1034752]
R3 HSFHWSIS;HSFHWSIS; C:WINDOWSsystem32DRIVERSHSFHWSIS.sys [2005-06-22 216320]
R3 irsir;Драйвер для инфракрасного последовательного порта Microsoft; C:WINDOWSsystem32DRIVERSirsir.sys [2008-05-15 18688]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-12-01 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:WINDOWSsystem32DRIVERSATKACPI.sys [2005-02-18 5632]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-12-01 61824]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2003-07-01 9856]
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2008-05-15 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2008-04-15 5888]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtnicxp.sys [2007-11-20 104320]
R3 sdbus;sdbus; C:WINDOWSsystem32DRIVERSsdbus.sys [2008-04-15 79232]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:WINDOWSsystem32DRIVERStosporte.sys [2005-03-30 47230]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:WINDOWSSystem32Driverstosrfbd.sys [2005-07-04 98176]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:WINDOWSSystem32Driverstosrfbnp.sys [2004-07-08 36531]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:WINDOWSsystem32DRIVERSTosrfhid.sys [2005-06-27 53504]
R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:WINDOWSsystem32DRIVERStosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:WINDOWSSystem32Driverstosrfusb.sys [2004-12-21 34816]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-11-19 30336]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-11-19 17152]
R3 winachsf;winachsf; C:WINDOWSsystem32DRIVERSHSF_CNXT.sys [2005-06-22 716416]
S3 BCM43XX;Драйвер сетевого адаптера ASUS 802.11; C:WINDOWSsystem32DRIVERSbcmwl5.sys [2005-02-11 371712]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-05-15 17024]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-05-15 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-05-15 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-12-01 10880]
S3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversnmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversnmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:WINDOWSsystem32driversnmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:WINDOWSsystem32driversnmwcdcm.sys [2007-02-22 12288]
S3 sffdisk;Драйвер класса SFF Storage; C:WINDOWSsystem32DRIVERSsffdisk.sys [2008-04-15 11904]
S3 sffp_sd;Драйвер протокола SFF Storage для SDBus; C:WINDOWSsystem32DRIVERSsffp_sd.sys [2008-04-15 11008]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-15 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-15 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:WINDOWSsystem32driversToshidpt.sys [2002-10-16 2851]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:WINDOWSsystem32driversTosRfSnd.sys [2005-04-06 50048]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-15 26368]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-05-15 19200]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2007-06-18 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2007-06-18 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASWLSVC;ASWLSVC; C:WINDOWSsystem32ASWLSVC.exe [2004-05-06 496640]
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-02-06 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2005-12-20 405504]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-02-06 138680]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2006-04-24 73728]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:Program FilesNeroNero8Nero BackItUpNBService.exe [2007-12-03 869672]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-02-06 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-02-06 352920]
R3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesNeroLibNMIndexingService.exe [2007-12-13 447784]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2007-06-15 300544]
S2 UxTuneUp;TuneUp Theme Extension; C:WINDOWSSystem32svchost.exe [2008-04-15 14336]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-05-03 182768]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:WINDOWSSystem32TuneUpDefragService.exe [2008-06-20 306432]
S3 UMWdf;Компонент драйверов пользовательского режима Windows; C:WINDOWSsystem32wdfmgr.exe [2004-08-10 38912]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media Playerwmpnetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
EOF
Здравствуйте, добро пожаловать на Spyware-ru форум.
Судя по логу вы подключали к компьютеру флешку заражённую autorun.inf трояном.
Прочитайте эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов.* Отключите ваш антивирус.
* Скачайте и запустите Flash_Disinfector.
* По требованию программы вставьте ваш флэш диск или подключите другие внешние устройства хранения информации.Примечание: запускайте программу столько раз, сколько нужно чтобы очистить все ваши подключаемые диски.
Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите OTMoveIt3 и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:reg
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
"WiniBlueSoft"=-
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
"setup2.exe"=-
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{23536d90-cabe-11dd-bca0-0018f340732a}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{39cbc647-4d87-11dd-bba6-0018f340732a}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{5cb8dc5e-16c6-11dd-bb53-0018f340732a}]
:files
C:Program FilesWiniBlueSoft Software
C:WINDOWSsystem3213991spambot580z.dll
C:WINDOWSsystem324aa1t5rz9t13497.dll
C:WINDOWSsystem328917spz505.exe
C:WINDOWS363cbackdoo519z99.dll
C:WINDOWSsystem322995back9oor730z.dll
C:WINDOWSsystem3221276szam9ot75f.exe
C:WINDOWS27516spamb9z99.exe
C:WINDOWSsystem321899spambotze55.dll
C:WINDOWSsystem32669f5parse11z6.dll
C:WINDOWSc56vzr9757.exe
C:WINDOWSsystem324b10do9nloade523z5.exe
C:WINDOWS15a9downloader2z12.exe
C:WINDOWSsystem3255z9hacktool7789.dll
C:WINDOWSsystem326493hackzo5lf9.dll
C:WINDOWSsystem32e57z59ef1596.exe
C:WINDOWSsystem32903bspywa5e2z48.dll
C:WINDOWS16954not-a5zirus72d.exe
C:WINDOWSsystem32z92th5eat27696.dll
C:WINDOWSsystem32559449orm59z.exe
C:WINDOWSsystem325356t9ojz9d.exe
C:WINDOWS957zaddware2513.exe
C:WINDOWSz3959ckdoor1362.dll
C:WINDOWS15z9s5eal2490.dll
C:WINDOWSsystem3295380worm3z8.dll
C:WINDOWS25556hackzool794.dll
C:WINDOWS39b5downloade51568z.exe
C:WINDOWSsystem323c39szywar517619.exe
C:WINDOWSsystem3226529wz9m535.dll
C:WINDOWS315dd9znloader1157.dll
C:WINDOWSsystem32507edown5zader2986.dll
C:WINDOWSsystem324565addw9re32z0.dll
C:WINDOWS5959szy195.exe
C:WINDOWSsystem325fb3threat17995z.dll
C:WINDOWSz3704s596bd.exe
C:WINDOWSd36th5eatz993.exe
C:WINDOWS5fe5spy5zre1739.exe
C:WINDOWS230z2vi9u5d4.exe
C:WINDOWS2595wzrm786.exe
C:WINDOWS3250zpar5e1792.dll
C:WINDOWS550virus59z.exe
C:WINDOWSc8zthreat54629.exe
C:WINDOWS541fadd9a5e206z.dll
C:WINDOWS9z444wo5m72a.exe
C:WINDOWSsystem326497spywa5e9z8.dll
C:WINDOWSsystem324da7spzwa9e1155.dll
C:WINDOWSsystem329930zroj725.dll
C:WINDOWSsystem32564fa5dw9re1864z.exe
C:WINDOWS85029pambzt4fc.dll
C:WINDOWSsystem3221591zroj426.dll
C:WINDOWSsystem322z660not-a-virus9935.dll
C:WINDOWS2577threaz22999.dll
C:WINDOWS57f79ir11z8.exe
C:WINDOWSsystem32935hacktooz65b.exe
C:WINDOWS10098sz545b.exe
C:WINDOWS2222zh9eat35441.exe
C:WINDOWSsystem32221d95yzare2389.dll
C:WINDOWSsystem323195not-9-vi5uzcd.dll
C:WINDOWS19c0spywa5e2z02.dll
C:WINDOWS30426noz5a-virus79e.dll
C:WINDOWS69e6thre5t2604z.exe
C:WINDOWS18708z5c9tool59d.exe
C:WINDOWSsystem325d5fsp5zse21009.dll
C:WINDOWS775zvir2991.exe
C:WINDOWS50029sp9mbot3z2.exe
C:WINDOWSsystem3231657spz9bc.exe
C:WINDOWSsystem324938vir2z765.dll
C:WINDOWSsystem322z934not-a-v9ru5191.dll
C:WINDOWSsystem3279a0ba5zdoor2159.dll
C:WINDOWSsystem3259901hacktool124z.dll
C:WINDOWSsystem3279afthiefz985.dll
C:WINDOWS119z7w5rm71b.exe
C:WINDOWSsystem3220914tzoj2d5.exe
C:WINDOWS259d9zief553.exe
C:WINDOWSsystem3258413hacz9ool79c.exe
C:WINDOWS2c9aspywaz51243.dll
C:WINDOWSsystem325a27sp9rse513z.exe
C:WINDOWS39fd5iz2726.exe
C:WINDOWSsystem3220983not-a-vir5s2zd.exe
C:WINDOWSsystem325z975acktoo91ae.dll
C:WINDOWSsystem327952bac5doo9z900.dll
C:WINDOWSsystem325f15tzief1914.dll
C:WINDOWSsystem323ae5st9zl811.exe
C:WINDOWS36zfaddwa5e2049.exe
C:WINDOWS31500zac9tool784.dll
C:WINDOWS3059zspy199.exe
C:WINDOWS2bzfd5w9loader1843.dll
C:WINDOWS137bszywa5e2963.dll
C:WINDOWS108z9hie5745.exe
C:WINDOWSsystem32z8031no5-a9virus4f1.dll
C:WINDOWSsystem326a74sp9r5ez86.exe
C:WINDOWSsystem324zec5teal915.exe
C:WINDOWSsystem3231599hief50z.dll
C:WINDOWSsystem322z792s5y39d.exe
C:WINDOWSsystem3219248notza-5irus1b9.exe
C:WINDOWSsystem32146addzar51529.dll
C:WINDOWSsystem321385threat9z16.exe
C:WINDOWSsystem32132195r2456z.exe
C:WINDOWS95525worm4z5.dll
C:WINDOWS87959ot-a-vi5zs5ab.dll
C:WINDOWS7545sz9rse2454.dll
C:WINDOWS4dfc9ddware570z.exe
C:WINDOWS296dbazkdoor2453.exe
C:WINDOWS2785ztro92cd.exe
C:WINDOWS19zwormc5.dll
C:WINDOWS19191hackto5l8cz.exe
C:WINDOWSz495backdo5r16769.exe
C:WINDOWSsystem3295cbbackdoor3258z.exe
C:WINDOWSsystem3293118viz5s3ee.exe
C:WINDOWSsystem3273349pazbot51b.dll
C:WINDOWSsystem326c93steaz18825.dll
C:WINDOWSsystem325188spz9se2835.exe
C:WINDOWSsystem3215z99sp9mbot691.dll
C:WINDOWSef4bzckdoo926155.dll
C:WINDOWS95069pzmbo55fb.dll
C:WINDOWS6d57thi9f309z5.dll
C:WINDOWS693zsteal6185.exe
C:WINDOWS5a53addwarez69.exe
C:WINDOWS49z5thief293.exe
C:WINDOWS3zfbs95rse1711.exe
C:WINDOWS29850szam5ot9ce.dll
C:WINDOWS218zvi5us5c9.exe
C:WINDOWS21891szyb5.exe
C:WINDOWS159955orm593z.exe
C:WINDOWSz589sparse1022.dll
C:WINDOWSsystem32z195downloa5er1041.exe
C:WINDOWSsystem322z9605py4f7.exe
C:WINDOWSsystem322699spywa5e17z99.dll
C:WINDOWSsystem32155zs9y5are1481.exe
C:WINDOWSc6addw9re2576z.exe
C:WINDOWS78b1zi528629.exe
C:WINDOWS5f47zhr5at28639.dll
C:WINDOWS4ed959ezl3089.dll
C:WINDOWS43c59ackdoor2575z.exe
C:WINDOWS3d67backdozr1549.dll
C:WINDOWS21f2t59ef75z.exe
C:WINDOWS14123nzt-a-viru59cd.exe
C:WINDOWSsystem32setup2.exe
C:WINDOWSsystem322538dow5loadez495.exe
C:WINDOWS5ffasp5zare393.dll
C:WINDOWS175z9worm580.exe
C:WINDOWSsystem32z6525o9mf.exe
C:WINDOWSsystem32a05zhief3919.exe
C:WINDOWS13391spa5boz38.exe
C:WINDOWS22125wor9zb.dll
C:WINDOWS57z9th5ef3009.dll
:Commands
[emptytemp]
[start explorer]
[Reboot]Проверьте вставленный скрипт, если слева перед директивами появились пробелы, то удалите их, скрипт должен выглядеть так же как в сообщении. Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMoveItMovedFiles.Вставьте в ваше ответное сообщение содержимое этого лога. И приложите свежий RSIT лог.
- Для ответа в этой теме необходимо авторизоваться.
