• Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы

SPYWARE-RU.COM
Меню
  • Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы
В начало
Adguard
 

Georgina

  • Профиль
  • Начатые темы
  • Созданные ответы
  • Engagements
  • Избранное

Созданные ответы форума

Просмотр 5 сообщений - с 1 по 5 (из 5 всего)
  • Автор
    Сообщения
  • 19 октября, 2009 в 3:52 пп в ответ на: Помогите избавиться от Антивирус Про 2010! #26088
    Georgina
    Participant
    • Темы:2
    • Сообщений:7
    • ☆

    Да, теперь все в порядке! Все сервисы в панеле управления открываются. Спасибо!!!
    Но при попытке удалить антивирус доктор ВЭБ — комп выдает какое-то предупреждение (принт скрин вставила во вложение).
    Нужно ли удалить те программы, которые были скачены для очистки и сканирования компьютера?

    14 октября, 2009 в 7:04 пп в ответ на: Помогите избавиться от Антивирус Про 2010! #26084
    Georgina
    Participant
    • Темы:2
    • Сообщений:7
    • ☆

    Добрый день!
    Вот лог:
    ComboFix 09-10-13.04 — Sergey 14.10.2009 22:48.1.2 — NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1251.7.1033.18.1022.436 [GMT 4:00]
    Running from: D:ComboFix.exe
    Command switches used :: D:WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
    AV: Doctor Web Anti-Virus *On-access scanning enabled* (Outdated) {3454C8F1-ECBC-4180-A6F4-04632FBA762B}
    AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    e:documents and settingsAll Users.documentssettings
    e:documents and settingsAll Users.documentssettingsdesktop.ini
    e:documents and settingsAll Users.documentssettingsDesktop_.ini
    e:documents and settingsAll UsersApplication Dataatus.lib
    e:documents and settingsAll UsersApplication Dataaxicipiw.com
    e:documents and settingsAll UsersApplication Dataebujyjidu._sy
    e:documents and settingsAll UsersApplication Dataeqojozy.scr
    e:documents and settingsAll UsersApplication Datafaxyh.bat
    e:documents and settingsAll UsersApplication Datavebot._sy
    e:documents and settingsAll UsersApplication Dataydivupero.vbs
    e:documents and settingsAll UsersApplication Datazusidop._sy
    e:documents and settingsAll UsersApplication Datazyranohu.bat
    e:documents and settingsAll UsersDocumentsAdobe PDFDesktop_.ini
    e:documents and settingsAll UsersDocumentsAdobe PDFExtrasDesktop_.ini
    e:documents and settingsAll UsersDocumentsAdobe PDFSettingsDesktop_.ini
    e:documents and settingsAll UsersDocumentsbyzejytyqu._dl
    e:documents and settingsAll UsersDocumentshaxa._sy
    e:documents and settingsAll UsersDocumentsMy MusicДискDesktop_.ini
    e:documents and settingsAll UsersDocumentsMy MusicDesktop_.ini
    e:documents and settingsAll UsersDocumentsMy MusicMy PlaylistsDesktop_.ini
    e:documents and settingsAll UsersDocumentsMy MusicSample MusicDesktop_.ini
    e:documents and settingsAll UsersDocumentsMy MusicSample Playlists00DA27ADesktop_.ini
    e:documents and settingsAll UsersDocumentsMy MusicSample PlaylistsDesktop_.ini
    e:documents and settingsAll UsersDocumentsMy MusicSync Playlists008436ADesktop_.ini
    e:documents and settingsAll UsersDocumentsMy MusicSync PlaylistsDesktop_.ini
    e:documents and settingsAll UsersDocumentsMy PicturesDesktop_.ini
    e:documents and settingsAll UsersDocumentsMy PicturesSample PicturesDesktop_.ini
    e:documents and settingsAll UsersDocumentsMy VideosDesktop_.ini
    e:documents and settingsAll UsersDocumentsqyracuq.vbs
    e:documents and settingsAll UsersDocumentsSettingsDesktop_.ini
    e:documents and settingsSergeyApplication Dataamydy.lib
    e:documents and settingsSergeyApplication Dataixijys.vbs
    e:documents and settingsSergeyApplication Datawiaserva.log
    e:documents and settingsSergeyCookiesnubamerulo.inf
    e:documents and settingsSergeyCookiesvuhupi.dll
    e:documents and settingsSergeyCookiesycefeb.ban
    e:documents and settingsSergeyLocal SettingsApplication Dataajijyt._dl
    e:documents and settingsSergeyLocal SettingsApplication Dataecuva.com
    e:documents and settingsSergeyLocal SettingsApplication Datahadace.bin
    e:documents and settingsSergeyLocal SettingsApplication Datakidajo._dl
    e:documents and settingsSergeyLocal SettingsApplication Dataonolyje.dll
    e:documents and settingsSergeyLocal SettingsApplication Dataqusuci.sys
    e:documents and settingsSergeyLocal SettingsApplication Dataycyl.dl
    e:documents and settingsSergeyLocal SettingsApplication Datayjyqa._sy
    e:documents and settingsSergeyLocal SettingsTemporary Internet Filesabicel.reg
    e:documents and settingsSergeyLocal SettingsTemporary Internet Filesdufinah.sys
    e:documents and settingsSergeyLocal SettingsTemporary Internet Filesduko.sys
    e:documents and settingsSergeyLocal SettingsTemporary Internet Filesmyqer.ban
    e:documents and settingsSergeyLocal SettingsTemporary Internet Filesosare.bat
    e:documents and settingsSergeyLocal SettingsTemporary Internet Filespyzy.lib
    e:documents and settingsSergeyLocal SettingsTemporary Internet Filessarygu.dat
    e:documents and settingsSergeyLocal SettingsTemporary Internet Filesvycy.bat
    e:documents and settingsSergeyStart MenuProgramsStartupikowin32.exe
    e:program filesCommon Filesbawu.exe
    e:program filesCommon Filestekonix.dl
    e:program filesCommon Fileswajyduga._sy
    e:program filesMyCentria
    e:program filesRuPassRuPAss.dll
    e:windowsanapo._sy
    e:windowscewugubej.ban
    e:windowselykuka.inf
    e:windowsfosywo.ban
    e:windowsfygiwul._dl
    e:windowsimulyqetor.bin
    e:windowsluvusugeh.dl
    e:windowsmosuzyf.exe
    e:windowssystem32AutoRun.inf
    e:windowssystem32cowugu.ban
    e:windowssystem32Data
    e:windowssystem32hyjanukuk.reg
    e:windowssystem32oqizivylaj.dl
    e:windowssystem32pyvuwohiwy.bin
    e:windowssystem32tuzijoj.dll
    e:windowssystem32weqyzy.bin
    e:windowssystem32wylyv.dl
    e:windowsucizodetod.pif

    .
    ((((((((((((((((((((((((( Files Created from 2009-09-14 to 2009-10-14 )))))))))))))))))))))))))))))))
    .

    2009-10-14 10:43 . 2009-10-14 10:43

    d

    w- e:windowsLastGood
    2009-10-12 15:08 . 2009-10-12 15:08

    d

    w- e:documents and settingsSergeyApplication DataMalwarebytes
    2009-10-12 15:08 . 2009-09-10 10:54 38224 —-a-w- e:windowssystem32driversmbamswissarmy.sys
    2009-10-12 15:08 . 2009-10-12 15:08

    d

    w- e:documents and settingsAll UsersApplication DataMalwarebytes
    2009-10-12 15:08 . 2009-09-10 10:53 19160 —-a-w- e:windowssystem32driversmbam.sys
    2009-10-12 15:08 . 2009-10-12 15:08

    d

    w- e:program filesMalwarebytes’ Anti-Malware
    2009-10-08 18:49 . 2002-06-05 16:41 313856 —-a-w- e:windowsmauninst.exe
    2009-10-08 18:48 . 2009-10-08 18:48

    d

    w- e:program filesMedia Art
    2009-10-07 17:47 . 2007-09-04 16:56 164352 —-a-w- e:windowssystem32unrar.dll
    2009-10-07 17:46 . 2004-01-25 16:18 217088 —-a-w- e:windowssystem32yv12vfw.dll
    2009-10-07 17:46 . 2008-01-10 12:16 159839 —-a-w- e:windowssystem32xvidvfw.dll
    2009-10-07 17:46 . 2008-01-10 12:15 755027 —-a-w- e:windowssystem32xvidcore.dll
    2009-10-07 17:46 . 2008-07-25 08:34 81920 —-a-w- e:windowssystem32dpl100.dll
    2009-10-07 17:46 . 2008-07-23 16:50 3596288 —-a-w- e:windowssystem32qt-dx331.dll
    2009-10-07 17:46 . 2008-07-25 08:34 683520 —-a-w- e:windowssystem32divx.dll
    2009-10-07 17:46 . 2008-06-12 18:36 7680 —-a-w- e:windowssystem32ff_vfw.dll
    2009-10-07 17:46 . 2009-10-07 17:46

    d

    w- e:program filesK-Lite Codec Pack
    2009-10-07 17:46 . 2009-10-07 17:46

    d

    w- e:documents and settingsSergeyLocal SettingsApplication DataReal
    2009-10-07 11:19 . 2009-04-28 20:20 9200

    w- e:windowssystem32driverscdralw2k.sys
    2009-10-07 11:19 . 2009-04-28 20:20 9072

    w- e:windowssystem32driverscdr4_xp.sys
    2009-10-07 11:19 . 2009-04-28 20:20 129520

    w- e:windowssystem32pxafs.dll
    2009-10-02 18:14 . 2009-10-02 18:15

    d

    w- e:documents and settingsSergeyApplication DataMedia Player Classic
    2009-09-30 17:40 . 2009-09-30 17:40

    d

    w- e:documents and settingsLocalServiceLocal SettingsApplication DataESET
    2009-09-30 16:37 . 2009-09-30 16:37

    d

    w- e:documents and settingsSergeyLocal SettingsApplication DataESET
    2009-09-30 16:35 . 2009-09-30 16:35

    d

    w- e:documents and settingsAll UsersApplication DataESET
    2009-09-30 15:50 . 2009-10-12 15:34

    d

    w- e:program filestrend micro
    2009-09-30 15:50 . 2009-09-30 15:51

    d

    w- E:rsit
    2009-09-30 06:01 . 2009-09-30 06:01 19956 —-a-w- e:windowskalujor.dat
    2009-09-30 06:01 . 2009-09-30 06:01 19763 —-a-w- e:windowssystem32mufe.dat
    2009-09-29 16:31 . 2009-09-29 16:34

    d

    w- E:VKLife

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-10-14 18:53 . 2007-06-03 15:52

    d

    w- e:program filesRuPass
    2009-10-14 18:48 . 2009-07-01 12:10

    d

    w- e:documents and settingsSergeyApplication DatauTorrent
    2009-10-11 10:42 . 2007-05-01 08:38

    d

    w- e:program filesDrWeb
    2009-10-08 03:50 . 2008-10-27 20:53

    d

    w- e:program filesICQToolbar
    2009-10-07 17:45 . 2006-07-22 17:18

    d

    w- e:program filesXviD
    2009-10-07 11:20 . 2007-10-13 14:22

    d

    w- e:program filesWinamp
    2009-09-30 17:33 . 2009-08-10 15:18

    d

    w- e:documents and settingsSergeyApplication DataSkype
    2009-09-30 16:35 . 2007-05-29 12:51

    d

    w- e:program filesESET
    2009-09-30 12:03 . 2009-08-10 15:23

    d

    w- e:documents and settingsSergeyApplication DataskypePM
    2009-09-30 08:15 . 2006-07-28 04:00

    d

    w- e:program filesApollo Versatile Burner
    2009-09-30 06:01 . 2009-09-30 06:01 15799 —-a-w- e:program filesCommon Filesibil.db
    2009-09-29 17:46 . 2009-09-29 17:46 16338 —-a-w- e:documents and settingsSergeyApplication Datavecu.dat
    2009-09-19 06:41 . 2008-03-08 11:46 155444 —-a-w- e:windowshpoins21.dat
    2009-08-10 15:23 . 2009-08-10 15:23 56 —ha-w- e:windowssystem32ezsidmv.dat
    2007-08-31 19:52 . 2007-08-31 19:28 80 —sh—r- e:windowssystem32791A2E0CD2.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
    «{413F641E-1E05-49A1-B066-70692CE31165}»= «e:program filesPochtaRuPochtaBarpochtabar.dll» [2007-07-28 132867]

    [HKEY_CLASSES_ROOTclsid{413f641e-1e05-49a1-b066-70692ce31165}]
    [HKEY_CLASSES_ROOTPochtaBar.PochtaToolBar.1]
    [HKEY_CLASSES_ROOTTypeLib{25736CC3-F79A-4216-9BBC-005F5F8D24B4}]
    [HKEY_CLASSES_ROOTPochtaBar.PochtaToolBar]

    [HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
    «{413F641E-1E05-49A1-B066-70692CE31165}»= «e:program filesPochtaRuPochtaBarpochtabar.dll» [2007-07-28 132867]

    [HKEY_CLASSES_ROOTclsid{413f641e-1e05-49a1-b066-70692ce31165}]
    [HKEY_CLASSES_ROOTPochtaBar.PochtaToolBar.1]
    [HKEY_CLASSES_ROOTTypeLib{25736CC3-F79A-4216-9BBC-005F5F8D24B4}]
    [HKEY_CLASSES_ROOTPochtaBar.PochtaToolBar]

    [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
    «Creative Detector»=»e:program filesCreativeMediaSourceDetectorCTDetect.exe» [2004-12-02 102400]
    «ASUS SmartDoctor»=»c:program filesASUSSmartDoctorSmartDoctor.exe» [2006-02-21 1073152]
    «MSMSGS»=»e:program filesMessengermsmsgs.exe» [2004-08-03 1667584]
    «H/PC Connection Agent»=»e:program filesMicrosoft ActiveSyncwcescomm.exe» [2006-11-13 1289000]
    «uTorrent»=»e:program filesuTorrentuTorrent.exe» [2009-07-14 288048]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
    «UserFaultCheck»=»e:windowssystem32dumprep 0 -u» [X]
    «CTSysVol»=»e:program filesCreativeSBAudigySurround MixerCTSysVol.exe» [2005-02-15 57344]
    «NvCplDaemon»=»e:windowssystem32NvCpl.dll» [2006-02-13 7557120]
    «NvMediaCenter»=»e:windowssystem32NvMcTray.dll» [2006-02-13 86016]
    «mouseElf»=»e:progra~1TWINTO~1MouseElf.EXE» [2004-08-25 192512]
    «DAEMON Tools»=»e:program filesDAEMON Toolsdaemon.exe» [2005-12-10 133016]
    «QuickTime Task»=»e:program filesQuickTimeqttask.exe» [2006-08-11 77824]
    «DECTWinApp»=»e:program filesPanasonicUSB GEARDECTWinApp.exe» [2005-07-26 3211264]
    «HP Software Update»=»e:program filesHPHP Software UpdateHPWuSchd2.exe» [2007-03-11 49152]
    «NexusServer»=»e:program filesCommon FilesGrass ValleyProCoder 3KernelPNXSERVR.exe» [2007-03-26 389120]
    «egui»=»e:program filesESETESET NOD32 Antivirusegui.exe» [2009-05-14 2029640]
    «WinampAgent»=»e:program filesWinampwinampa.exe» [2009-07-01 37888]
    «Malwarebytes Anti-Malware (reboot)»=»e:program filesMalwarebytes’ Anti-Malwarembam.exe» [2009-09-10 1312080]

    [HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
    «CTFMON.EXE»=»e:windowssystem32CTFMON.EXE» [2004-08-04 15360]

    e:documents and settingsAll UsersStart MenuProgramsStartup
    Adobe Reader Speed Launch.lnk — e:program filesAdobeReader 8.0Readerreader_sl.exe [2006-10-23 40048]
    Adobe Reader Synchronizer.lnk — e:program filesAdobeReader 8.0ReaderAdobeCollabSync.exe [2006-10-23 734872]
    Bluetooth Manager.lnk — e:program filesToshibaBluetooth Toshiba StackTosBtMng1.exe [2004-12-21 45056]
    HP Digital Imaging Monitor.lnk — e:program filesHPDigital Imagingbinhpqtra08.exe [2007-3-11 210520]

    [HKLM~startupfolderE:^Documents and Settings^Sergey^Start Menu^Programs^Startup^Adobe Gamma.lnk]
    path=e:documents and settingsSergeyStart MenuProgramsStartupAdobe Gamma.lnk
    backup=e:windowspssAdobe Gamma.lnkStartup

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
    «AntiVirusOverride»=dword:00000001

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
    «e:program filesMicrosoft ActiveSyncrapimgr.exe»= e:program filesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    «e:program filesMicrosoft ActiveSyncwcescomm.exe»= e:program filesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    «e:program filesMicrosoft ActiveSyncWCESMgr.exe»= e:program filesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

    [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
    «26675:TCP»= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    R1 drwebnet;SpIDer Guard boot hook driver for Windows NT;e:windowssystem32driversdrwebnet.sys [01.05.2007 12:38 5856]
    R1 ehdrv;ehdrv;e:windowssystem32driversehdrv.sys [14.05.2009 15:47 107256]
    R1 epfwtdir;epfwtdir;e:windowssystem32driversepfwtdir.sys [14.05.2009 15:49 94360]
    R2 ekrn;ESET Service;e:program filesESETESET NOD32 Antivirusekrn.exe [14.05.2009 15:47 731840]
    R3 genmcmnUSB;USB Scroll Mouse Driver;e:windowssystem32driversgflmouhid.sys [22.07.2006 20:54 6656]
    S2 SPIDER;SpIDer FS Monitor for Windows NT;e:progra~1DrWebspider.sys [01.05.2007 12:38 310992]
    S2 spidernt;SpIDer Guard for Windows NT;e:progra~1DrWebSpiderNT.exe [01.05.2007 12:38 118784]
    S3 PanasonicDECT-USBGEAR;Panasonic USB GEAR Driver;e:windowssystem32driverspccusbdd.sys [25.12.2006 23:40 47712]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    .

    Supplementary Scan

    .
    uStart Page = hxxp://www.yandex.ru/
    IE: &Экспорт в Microsoft Excel — e:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
    IE: Easy-WebPrint Add To Print List — e:program filesCanonEasy-WebPrintResource.dll/RC_AddToList.html
    IE: Easy-WebPrint High Speed Print — e:program filesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
    IE: Easy-WebPrint Preview — e:program filesCanonEasy-WebPrintResource.dll/RC_Preview.html
    IE: Easy-WebPrint Print — e:program filesCanonEasy-WebPrintResource.dll/RC_Print.html
    IE: Найти с помощью Рамблера — e:program filesRambler AssistantramblertoolbarU0.dll/search.htm
    IE: Опубликовать в Дневнике — e:program filesRambler AssistantramblertoolbarU0.dll/planet.htm
    IE: Перевести с помощью словарей Рамблера — e:program filesRambler AssistantramblertoolbarU0.dll/dic.htm
    LSP: %SystemRoot%system32DRWEBSP.DLL
    .
    — — — — ORPHANS REMOVED — — — —

    HKCU-Run-updateMgr — e:program filesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe
    AddRemove-MyCentria — e:program filesMyCentriaMyCentriaUninstall.exe
    AddRemove-QIP2005 — g:qipunqip.exe

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-14 22:54
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .

    LOCKED REGISTRY KEYS


    [HKEY_LOCAL_MACHINEsoftwareClassesCLSID{BEB3C0C7-B648-4257-96D9-B5D024816E27}Version*Version]
    «Version»=hex:d1,32,fe,13,63,f9,de,a3,c1,4d,5a,ee,3d,e8,3f,f4,c4,1e,5e,a0,ce,
    36,bc,17,64,b0,f6,e9,5e,9c,f3,bc,74,47,27,6b,8b,89,a0,db,f1,ec,20,af,83,bb,

    [HKEY_LOCAL_MACHINEsoftwareClassesInterface{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @=»IFlashBroker3″

    [HKEY_LOCAL_MACHINEsoftwareClassesInterface{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}ProxyStubClsid32]
    @=»{00020424-0000-0000-C000-000000000046}»

    [HKEY_LOCAL_MACHINEsoftwareClassesInterface{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}TypeLib]
    @=»{FAB3E735-69C7-453B-A446-B6823C6DF1C9}»
    «Version»=»1.0»

    [HKEY_LOCAL_MACHINEsoftwareMicrosoftWindowsCurrentVersionInstallerUserDataLocalSystemComponentsђ•Ђ|яяяя»•Ђ|ю»Фw*]
    «5E7CEC10DF0760D4F8DAFB12FDC06CCD»=»02:\Software\Adobe\FeatureSubscriptions\DVAAdobeDocMeta\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\Registered»

    [HKEY_LOCAL_MACHINEsoftwareMinnetonka Audio SoftwareSurCode Dolby Digital PremiereVersion*Version]
    «Version»=hex:d1,32,fe,13,63,f9,de,a3,c1,4d,5a,ee,3d,e8,3f,f4,c4,1e,5e,a0,ce,
    36,bc,17,64,b0,f6,e9,5e,9c,f3,bc,74,47,27,6b,8b,89,a0,db,f1,ec,20,af,83,bb,
    .

    DLLs Loaded Under Running Processes


    — — — — — — — > ‘lsass.exe'(916)
    e:windowssystem32DRWEBSP.DLL
    .
    Completion time: 2009-10-14 22:56
    ComboFix-quarantined-files.txt 2009-10-14 18:56

    Pre-Run: 1 846 444 032 bytes free
    Post-Run: 7 889 059 840 bytes free

    WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(2)WINDOWS
    [operating systems]
    c:cmdconsBOOTSECT.DAT=»Microsoft Windows Recovery Console» /cmdcons
    multi(0)disk(0)rdisk(0)partition(2)WINDOWS=»Microsoft Windows XP Professional» /noexecute=optin /fastdetect

    266

    14 октября, 2009 в 6:24 пп в ответ на: Не открываются ярлыки в панеле управления #26330
    Georgina
    Participant
    • Темы:2
    • Сообщений:7
    • ☆

    Да, к этому же. Т. к. проблема может быть не связана с вирусом, решила создать новую тему в этом разделе.

    12 октября, 2009 в 3:36 пп в ответ на: Помогите избавиться от Антивирус Про 2010! #26083
    Georgina
    Participant
    • Темы:2
    • Сообщений:7
    • ☆

    И добавляю новый лог RSIT:
    Logfile of random’s system information tool 1.06 (written by random/random)
    Run by Sergey at 2009-10-12 19:34:00
    Microsoft Windows XP Professional Service Pack 2
    System drive E: has 2 GB (9%) free of 20 GB
    Total RAM: 1022 MB (53% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:34:04, on 12.10.2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    E:WINDOWSSystem32smss.exe
    E:WINDOWSsystem32winlogon.exe
    E:WINDOWSsystem32services.exe
    E:WINDOWSsystem32lsass.exe
    E:WINDOWSsystem32svchost.exe
    E:WINDOWSSystem32svchost.exe
    E:WINDOWSsystem32spoolsv.exe
    E:WINDOWSATKKBService.exe
    E:WINDOWSsystem32CTsvcCDA.EXE
    E:Program FilesESETESET NOD32 Antivirusekrn.exe
    E:WINDOWSsystem32svchost.exe
    E:WINDOWSSystem32svchost.exe
    E:WINDOWSsystem32nvsvc32.exe
    E:WINDOWSSystem32svchost.exe
    E:WINDOWSsystem32svchost.exe
    E:WINDOWSExplorer.EXE
    E:WINDOWSsystem32rundll32.exe
    E:WINDOWSsystem32msiexec.exe
    E:WINDOWSsystem32wuauclt.exe
    E:Program FilesCreativeSBAudigySurround MixerCTSysVol.exe
    E:WINDOWSsystem32RUNDLL32.EXE
    E:PROGRA~1TWINTO~1MouseElf.EXE
    E:Program FilesDAEMON Toolsdaemon.exe
    E:Program FilesQuickTimeqttask.exe
    E:Program FilesPanasonicUSB GEARDECTWinApp.exe
    E:Program FilesHPHP Software UpdateHPWuSchd2.exe
    E:Program FilesCommon FilesGrass ValleyProCoder 3KernelPNXSERVR.exe
    E:Program FilesESETESET NOD32 Antivirusegui.exe
    E:Program FilesWinampwinampa.exe
    E:WINDOWSsystem32ctfmon.exe
    E:Program FilesCreativeMediaSourceDetectorCTDetect.exe
    C:Program FilesASUSSmartDoctorSmartDoctor.exe
    E:Program FilesMessengermsmsgs.exe
    E:Program FilesMicrosoft ActiveSyncwcescomm.exe
    E:Program FilesuTorrentuTorrent.exe
    E:Program FilesTwinTouch LuxeMateEMouse.exe
    E:Program FilesAdobeReader 8.0Readerreader_sl.exe
    E:Program FilesHPDigital Imagingbinhpqtra08.exe
    E:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe
    E:PROGRA~1MICROS~3rapimgr.exe
    E:Program FilesToshibaBluetooth Toshiba StackTosA2dp.exe
    E:Program FilesToshibaBluetooth Toshiba StackTosBtHsp.exe
    E:Program FilesHPDigital ImagingbinhpqSTE08.exe
    E:WINDOWSPCHealthHelpCtrBinariesHelpCtr.exe
    E:Documents and SettingsSergeyDesktopRSIT.exe
    E:WINDOWSPCHealthHelpCtrBinariesHelpSvc.exe
    E:Program Filestrend microSergey.exe

    R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/
    R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
    R3 — URLSearchHook: (no name) — {855F3B16-6D32-4fe6-8A56-BBB695989046} — (no file)
    O2 — BHO: HP Print Enhancer — {0347C33E-8762-4905-BF09-768834316C61} — E:Program FilesHPSmart Web Printinghpswp_printenhancer.dll
    O2 — BHO: HP Print Clips — {053F9267-DC04-4294-A72C-58F732D338C0} — E:Program FilesHPSmart Web Printinghpswp_framework.dll
    O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — E:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
    O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — E:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
    O2 — BHO: RuPass module — {954A0637-9147-4b5e-964E-9F20E58FC29D} — E:Program FilesRuPassRuPass.dll
    O2 — BHO: MyCentria Internet Mate v2.3 — {FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86} — E:PROGRA~1MYCENT~1InfoBarMYCENT~1.DLL (file missing)
    O3 — Toolbar: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — E:Program FilesRambler AssistantramblertoolbarU0.dll
    O3 — Toolbar: Pochta.ru — {413F641E-1E05-49A1-B066-70692CE31165} — E:Program FilesPochtaRuPochtaBarpochtabar.dll
    O3 — Toolbar: Easy-WebPrint — {327C2873-E90D-4c37-AA9D-10AC9BABA46C} — E:Program FilesCanonEasy-WebPrintToolband.dll
    O4 — HKLM..Run: [CTSysVol] E:Program FilesCreativeSBAudigySurround MixerCTSysVol.exe /r
    O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE E:WINDOWSsystem32NvCpl.dll,NvStartup
    O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE E:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
    O4 — HKLM..Run: [mouseElf] E:PROGRA~1TWINTO~1MouseElf.EXE
    O4 — HKLM..Run: [DAEMON Tools] «E:Program FilesDAEMON Toolsdaemon.exe» -lang 1033
    O4 — HKLM..Run: [QuickTime Task] «E:Program FilesQuickTimeqttask.exe» -atboottime
    O4 — HKLM..Run: [DECTWinApp] «E:Program FilesPanasonicUSB GEARDECTWinApp.exe» /S
    O4 — HKLM..Run: [HP Software Update] E:Program FilesHPHP Software UpdateHPWuSchd2.exe
    O4 — HKLM..Run: [NexusServer] «E:Program FilesCommon FilesGrass ValleyProCoder 3KernelPNXSERVR.exe» -SelfLaunch
    O4 — HKLM..Run: [egui] «E:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
    O4 — HKLM..Run: [WinampAgent] «E:Program FilesWinampwinampa.exe»
    O4 — HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
    O4 — HKLM..Run: [Malwarebytes Anti-Malware (reboot)] «E:Program FilesMalwarebytes’ Anti-Malwarembam.exe» /runcleanupscript
    O4 — HKCU..Run: [CTFMON.EXE] E:WINDOWSsystem32ctfmon.exe
    O4 — HKCU..Run: [Creative Detector] E:Program FilesCreativeMediaSourceDetectorCTDetect.exe /R
    O4 — HKCU..Run: [ASUS SmartDoctor] C:Program FilesASUSSmartDoctorSmartDoctor.exe /start
    O4 — HKCU..Run: [MSMSGS] «E:Program FilesMessengermsmsgs.exe» /background
    O4 — HKCU..Run: [updateMgr] E:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe AcRdB7_0_5
    O4 — HKCU..Run: [H/PC Connection Agent] «E:Program FilesMicrosoft ActiveSyncwcescomm.exe»
    O4 — HKCU..Run: [uTorrent] «E:Program FilesuTorrentuTorrent.exe»
    O4 — HKCU..Run: [mswindws] mssql.exe
    O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] E:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] E:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
    O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] E:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
    O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] E:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
    O4 — Global Startup: Adobe Reader Speed Launch.lnk = E:Program FilesAdobeReader 8.0Readerreader_sl.exe
    O4 — Global Startup: Adobe Reader Synchronizer.lnk = E:Program FilesAdobeReader 8.0ReaderAdobeCollabSync.exe
    O4 — Global Startup: Bluetooth Manager.lnk = ?
    O4 — Global Startup: HP Digital Imaging Monitor.lnk = E:Program FilesHPDigital Imagingbinhpqtra08.exe
    O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://E:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
    O8 — Extra context menu item: Easy-WebPrint Add To Print List — res://E:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
    O8 — Extra context menu item: Easy-WebPrint High Speed Print — res://E:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
    O8 — Extra context menu item: Easy-WebPrint Preview — res://E:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
    O8 — Extra context menu item: Easy-WebPrint Print — res://E:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
    O8 — Extra context menu item: Найти с помощью Рамблера — res://E:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
    O8 — Extra context menu item: Опубликовать в Дневнике — res://E:Program FilesRambler AssistantramblertoolbarU0.dll/planet.htm
    O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://E:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
    O9 — Extra button: Create Mobile Favorite — {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — E:PROGRA~1MICROS~3INetRepl.dll
    O9 — Extra button: (no name) — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — E:PROGRA~1MICROS~3INetRepl.dll
    O9 — Extra ‘Tools’ menuitem: Добавить в избранное мобильного устройства… — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — E:PROGRA~1MICROS~3INetRepl.dll
    O9 — Extra button: (no name) — {5067A26B-1337-4436-8AFE-EE169C2DA79F} — E:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
    O9 — Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer — {5067A26B-1337-4436-8AFE-EE169C2DA79F} — E:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
    O9 — Extra button: Альбом клипов HP — {58ECB495-38F0-49cb-A538-10282ABF65E7} — E:Program FilesHPSmart Web Printinghpswp_extensions.dll
    O9 — Extra button: Расширенный выбор HP — {700259D7-1666-479a-93B1-3250410481E8} — E:Program FilesHPSmart Web Printinghpswp_extensions.dll
    O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — E:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
    O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — E:PROGRA~1MICROS~2Office12REFIEBAR.DLL
    O9 — Extra button: ICQ Lite — {B863453A-26C3-4e1f-A54D-A2CD196348E9} — E:Program FilesICQLiteICQLite.exe (file missing)
    O9 — Extra ‘Tools’ menuitem: ICQ Lite — {B863453A-26C3-4e1f-A54D-A2CD196348E9} — E:Program FilesICQLiteICQLite.exe (file missing)
    O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — E:Program FilesICQ6ICQ.exe
    O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — E:Program FilesICQ6ICQ.exe
    O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — E:Program FilesMessengermsmsgs.exe
    O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — E:Program FilesMessengermsmsgs.exe
    O16 — DPF: {33331111-1234-1111-1111-615111193427} — http://www.www2.p0rt2.com/files/epl165bd.cab
    O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — E:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
    O20 — Winlogon Notify: arm32reg — E:Documents and SettingsAll UsersDocumentsSettingsarm32.dll (file missing)
    O23 — Service: Adobe LM Service — Adobe Systems — E:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
    O23 — Service: ATK Keyboard Service (ATKKeyboardService) — ASUSTeK COMPUTER INC. — E:WINDOWSATKKBService.exe
    O23 — Service: Creative Service for CDROM Access — Creative Technology Ltd — E:WINDOWSsystem32CTsvcCDA.EXE
    O23 — Service: ESET HTTP Server (EhttpSrv) — ESET — E:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
    O23 — Service: ESET Service (ekrn) — ESET — E:Program FilesESETESET NOD32 Antivirusekrn.exe
    O23 — Service: NBService — Nero AG — E:Program FilesNeroNero 7Nero BackItUpNBService.exe
    O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — E:WINDOWSsystem32nvsvc32.exe
    O23 — Service: SpIDer Guard for Windows NT (spidernt) — Doctor Web, Ltd. — E:PROGRA~1DrWebSpiderNT.exe
    O23 — Service: stllssvr — MicroVision Development, Inc. — E:Program FilesCommon FilesSureThing Sharedstllssvr.exe
    O24 — Desktop Component 0: (no name) — http://www.onvelo.ru/img/dot.gif

    —
    End of file — 10648 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0347C33E-8762-4905-BF09-768834316C61}]
    HP Print Enhancer — E:Program FilesHPSmart Web Printinghpswp_printenhancer.dll [2007-03-02 1298024]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips — E:Program FilesHPSmart Web Printinghpswp_framework.dll [2007-03-02 177768]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader Link Helper — E:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) — E:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2009-07-15 1586472]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{954A0637-9147-4b5e-964E-9F20E58FC29D}]
    RuPass Class — E:Program FilesRuPassRuPass.dll [2007-05-30 45056]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86}]
    MyCentria Internet Mate v2.3 — E:PROGRA~1MYCENT~1InfoBarMYCENT~1.DLL []

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
    {468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — E:Program FilesRambler AssistantramblertoolbarU0.dll [2007-08-01 800240]
    {413F641E-1E05-49A1-B066-70692CE31165} — Pochta.ru — E:Program FilesPochtaRuPochtaBarpochtabar.dll [2007-07-28 132867]
    {327C2873-E90D-4c37-AA9D-10AC9BABA46C} — Easy-WebPrint — E:Program FilesCanonEasy-WebPrintToolband.dll [2004-08-26 405504]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
    «CTSysVol»=E:Program FilesCreativeSBAudigySurround MixerCTSysVol.exe [2005-02-15 57344]
    «NvCplDaemon»=E:WINDOWSsystem32NvCpl.dll [2006-02-13 7557120]
    «NvMediaCenter»=E:WINDOWSsystem32NvMcTray.dll [2006-02-13 86016]
    «mouseElf»=E:PROGRA~1TWINTO~1MouseElf.EXE [2004-08-26 192512]
    «DAEMON Tools»=E:Program FilesDAEMON Toolsdaemon.exe [2005-12-10 133016]
    «QuickTime Task»=E:Program FilesQuickTimeqttask.exe [2006-08-11 77824]
    «DECTWinApp»=E:Program FilesPanasonicUSB GEARDECTWinApp.exe [2005-07-26 3211264]
    «HP Software Update»=E:Program FilesHPHP Software UpdateHPWuSchd2.exe [2007-03-11 49152]
    «NexusServer»=E:Program FilesCommon FilesGrass ValleyProCoder 3KernelPNXSERVR.exe [2007-03-26 389120]
    «egui»=E:Program FilesESETESET NOD32 Antivirusegui.exe [2009-05-14 2029640]
    «WinampAgent»=E:Program FilesWinampwinampa.exe [2009-07-01 37888]
    «UserFaultCheck»=E:WINDOWSsystem32dumprep 0 -u []
    «Malwarebytes Anti-Malware (reboot)»=E:Program FilesMalwarebytes’ Anti-Malwarembam.exe [2009-09-10 1312080]

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
    «CTFMON.EXE»=E:WINDOWSsystem32ctfmon.exe [2004-08-04 15360]
    «Creative Detector»=E:Program FilesCreativeMediaSourceDetectorCTDetect.exe [2004-12-02 102400]
    «ASUS SmartDoctor»=C:Program FilesASUSSmartDoctorSmartDoctor.exe [2006-02-21 1073152]
    «MSMSGS»=E:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]
    «updateMgr»=E:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe AcRdB7_0_5 []
    «H/PC Connection Agent»=E:Program FilesMicrosoft ActiveSyncwcescomm.exe [2006-11-13 1289000]
    «uTorrent»=E:Program FilesuTorrentuTorrent.exe [2009-07-14 288048]
    «mswindws»=mssql.exe []

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDrWebScheduler]
    E:Program FilesDrWebDRWEBSCD.EXE [2007-02-28 124416]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
    E:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
    E:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz]
    nwiz.exe /install []

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregP17Helper]
    Rundll32 P17.dll,P17Helper []

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSpIDerMail]
    E:Program FilesDrWebspiderml.exe [2007-02-28 163832]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSpIDerNT]
    E:PROGRA~1DrWebspidernt.exe [2006-05-02 118784]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregUpdReg]
    E:WINDOWSUpdReg.EXE [2000-05-11 90112]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderE:^Documents and Settings^Sergey^Start Menu^Programs^Startup^Adobe Gamma.lnk]
    E:PROGRA~1COMMON~1AdobeCALIBR~1ADOBEG~1.EXE [2005-03-16 113664]

    E:Documents and SettingsAll UsersStart MenuProgramsStartup
    Adobe Reader Speed Launch.lnk — E:Program FilesAdobeReader 8.0Readerreader_sl.exe
    Adobe Reader Synchronizer.lnk — E:Program FilesAdobeReader 8.0ReaderAdobeCollabSync.exe
    Bluetooth Manager.lnk — E:Program FilesToshibaBluetooth Toshiba StackTosBtMng1.exe
    HP Digital Imaging Monitor.lnk — E:Program FilesHPDigital Imagingbinhpqtra08.exe

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyarm32reg]
    E:Documents and SettingsAll UsersDocumentsSettingsarm32.dll []

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
    «dontdisplaylastusername»=0
    «legalnoticecaption»=
    «legalnoticetext»=
    «shutdownwithoutlogon»=1
    «undockwithoutlogon»=1

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
    «NoDriveTypeAutoRun»=145

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
    «C:Program FilesInternet ExplorerIEXPLORE.EXE»=»C:Program FilesInternet ExplorerIEXPLORE.EXE:*:Enabled:Internet Explorer»
    «E:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»E:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
    «E:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»E:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
    «E:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»E:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
    «E:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»E:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
    «E:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»E:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
    «E:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»E:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2869fd2b-ac2c-11dd-8146-0016768e85e2}]
    shellAutocommand — I:printer.exe
    shellAutoRuncommand — E:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL printer.exe

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{6105c68a-ee75-11dc-8045-0016768e85e2}]
    shellAutocommand — I:printer.exe
    shellAutoRuncommand — E:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL printer.exe

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{7847d594-9b99-11de-8289-0016768e85e2}]
    shellAutocommand — I:printer.exe
    shellAutoRuncommand — E:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL printer.exe

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c0c8713b-bd27-11dd-816b-0016768e85e2}]
    shellAutocommand — K:printer.exe
    shellAutoRuncommand — E:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL printer.exe

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f0e8fb50-c247-11dd-817b-0016768e85e2}]
    shellAutocommand — I:printer.exe
    shellAutoRuncommand — E:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL printer.exe

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f1c1757a-7066-11de-8249-0016768e85e2}]
    shellAutocommand — L:printer.exe
    shellAutoRuncommand — E:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL printer.exe

    ======File associations======

    .scr — open — «%1» /S «%3»

    ======List of files/folders created in the last 1 months======

    2009-10-12 19:33:25 —-D—- E:WINDOWSLastGood
    2009-10-12 19:08:56 —-D—- E:Documents and SettingsSergeyApplication DataMalwarebytes
    2009-10-12 19:08:50 —-D—- E:Documents and SettingsAll UsersApplication DataMalwarebytes
    2009-10-12 19:08:49 —-D—- E:Program FilesMalwarebytes’ Anti-Malware
    2009-10-08 22:49:05 —-A—- E:WINDOWSmauninst.exe
    2009-10-08 22:48:59 —-D—- E:Program FilesMedia Art
    2009-10-07 21:48:18 —-A—- E:WINDOWSsystem32rmoc3260.dll
    2009-10-07 21:48:17 —-A—- E:WINDOWSsystem32pndx5032.dll
    2009-10-07 21:48:17 —-A—- E:WINDOWSsystem32pndx5016.dll
    2009-10-07 21:47:18 —-A—- E:WINDOWSsystem32unrar.dll
    2009-10-07 21:47:16 —-A—- E:WINDOWSavisplitter.ini
    2009-10-07 21:46:58 —-A—- E:WINDOWSsystem32yv12vfw.dll
    2009-10-07 21:46:57 —-A—- E:WINDOWSsystem32xvidvfw.dll
    2009-10-07 21:46:57 —-A—- E:WINDOWSsystem32xvidcore.dll
    2009-10-07 21:46:56 —-A—- E:WINDOWSsystem32qt-dx331.dll
    2009-10-07 21:46:56 —-A—- E:WINDOWSsystem32dpl100.dll
    2009-10-07 21:46:38 —-A—- E:WINDOWSsystem32divx.dll
    2009-10-07 21:46:33 —-A—- E:WINDOWSsystem32ff_vfw.dll.manifest
    2009-10-07 21:46:33 —-A—- E:WINDOWSsystem32ff_vfw.dll
    2009-10-07 21:46:28 —-D—- E:Program FilesK-Lite Codec Pack
    2009-10-07 21:46:28 —-D—- E:Documents and SettingsSergeyApplication DataReal
    2009-10-07 21:46:28 —-D—- E:Documents and SettingsAll UsersApplication DataReal
    2009-10-07 15:19:06 —-N—- E:WINDOWSsystem32pxsfs.dll
    2009-10-07 15:19:06 —-N—- E:WINDOWSsystem32pxafs.dll
    2009-10-02 22:14:17 —-D—- E:Documents and SettingsSergeyApplication DataMedia Player Classic
    2009-09-30 20:35:52 —-D—- E:Documents and SettingsAll UsersApplication DataESET
    2009-09-30 19:50:47 —-D—- E:Program Filestrend micro
    2009-09-30 19:50:46 —-D—- E:rsit
    2009-09-30 10:01:50 —-A—- E:Documents and SettingsSergeyApplication Dataixijys.vbs
    2009-09-30 10:01:50 —-A—- E:Documents and SettingsAll UsersApplication Dataaxicipiw.com
    2009-09-29 21:46:19 —-A—- E:WINDOWSsystem32tuzijoj.dll
    2009-09-29 21:46:19 —-A—- E:WINDOWSmosuzyf.exe
    2009-09-29 21:46:19 —-A—- E:Program FilesCommon Filesbawu.exe
    2009-09-29 21:46:19 —-A—- E:Documents and SettingsAll UsersApplication Datazyranohu.bat
    2009-09-29 21:46:19 —-A—- E:Documents and SettingsAll UsersApplication Dataydivupero.vbs
    2009-09-29 21:46:19 —-A—- E:Documents and SettingsAll UsersApplication Datafaxyh.bat
    2009-09-29 20:31:01 —-D—- E:VKLife

    ======List of files/folders modified in the last 1 months======

    2009-10-12 19:33:43 —-D—- E:Documents and SettingsSergeyApplication DatauTorrent
    2009-10-12 19:33:36 —-RSHD—- E:WINDOWSsystem32dllcache
    2009-10-12 19:33:31 —-D—- E:WINDOWSsystem32
    2009-10-12 19:33:28 —-D—- E:WINDOWSsystem32drivers
    2009-10-12 19:33:25 —-D—- E:WINDOWS
    2009-10-12 19:32:11 —-D—- E:WINDOWSTemp
    2009-10-12 19:32:07 —-HD—- E:WINDOWSinf
    2009-10-12 19:32:00 —-SHD—- E:WINDOWSInstaller
    2009-10-12 19:32:00 —-HD—- E:Config.Msi
    2009-10-12 19:31:10 —-D—- E:WINDOWSsystem32CatRoot2
    2009-10-12 19:29:49 —-A—- E:WINDOWSSchedLgU.Txt
    2009-10-12 19:24:25 —-D—- E:Program FilesInternet Explorer
    2009-10-12 19:24:25 —-D—- E:Program Files
    2009-10-12 19:08:56 —-D—- E:WINDOWSPrefetch
    2009-10-12 15:12:11 —-A—- E:WINDOWSNeroDigital.ini
    2009-10-11 14:42:34 —-D—- E:Program FilesDrWeb
    2009-10-08 07:50:59 —-D—- E:Program FilesICQToolbar
    2009-10-07 21:45:06 —-D—- E:Program FilesXviD
    2009-10-07 15:20:50 —-D—- E:Program FilesWinamp
    2009-10-07 15:17:20 —-A—- E:WINDOWSBorisRED3.0.ini
    2009-10-07 15:16:05 —-A—- E:WINDOWSwinamp.ini
    2009-09-30 21:33:16 —-D—- E:Documents and SettingsSergeyApplication DataSkype
    2009-09-30 20:55:52 —-D—- E:Program FilesMyCentria
    2009-09-30 20:35:52 —-D—- E:Program FilesESET
    2009-09-30 16:03:46 —-D—- E:Documents and SettingsSergeyApplication DataskypePM
    2009-09-30 12:15:35 —-D—- E:Program FilesApollo Versatile Burner
    2009-09-30 10:01:50 —-D—- E:Program FilesCommon Files
    2009-09-29 23:33:00 —-SD—- E:WINDOWSTasks
    2009-09-28 23:37:15 —-D—- E:Documents and SettingsSergeyApplication DataAdobe
    2009-09-19 10:37:53 —-A—- E:WINDOWSwin.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 asuskbnt;Enhanced Display Driver Helper Service; E:WINDOWSsystem32driversatkkbnt.sys [2005-10-18 11008]
    R1 drwebnet;SpIDer Guard boot hook driver for Windows NT; E:WINDOWSsystem32driversdrwebnet.sys [2005-10-17 5856]
    R1 ehdrv;ehdrv; E:WINDOWSsystem32DRIVERSehdrv.sys [2009-05-14 107256]
    R1 epfwtdir;epfwtdir; E:WINDOWSsystem32DRIVERSepfwtdir.sys [2009-05-14 94360]
    R1 intelppm;Intel Processor Driver; E:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-04 36096]
    R1 kbdhid;Keyboard HID Driver; E:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-04 14848]
    R1 Tcpip6;Microsoft IPv6 Protocol Driver; E:WINDOWSsystem32DRIVERStcpip6.sys [2004-08-04 223616]
    R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; E:WINDOWSSystem32Driverstosrfcom.sys [2004-10-04 62799]
    R2 cnmpar21;C; ??E:Documents and SettingsAll UsersApplication DataCanonBJIJPrinterCNMWINDOWSCanon iP5200 InstallerInst2cnmpar21.sys []
    R2 eamon;eamon; E:WINDOWSsystem32DRIVERSeamon.sys [2009-05-14 114472]
    R2 EIO;EIO; ??E:WINDOWSsystem32driversEIO.sys []
    R2 Hardlock;Hardlock; ??E:WINDOWSsystem32drivershardlock.sys []
    R3 Arp1394;1394 ARP Client Protocol; E:WINDOWSsystem32DRIVERSarp1394.sys [2004-08-04 60800]
    R3 CCDECODE;Closed Caption Decoder; E:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
    R3 ctsfm2k;Creative SoundFont Management Device Driver; E:WINDOWSsystem32DRIVERSctsfm2k.sys [2005-01-10 138752]
    R3 dtscsi;dtscsi; E:WINDOWSSystem32Driversdtscsi.sys [2006-07-22 223128]
    R3 E100B;Intel(R) PRO Network Connection Driver; E:WINDOWSsystem32DRIVERSe100b325.sys [2005-03-05 157696]
    R3 genmcmnUSB;USB Scroll Mouse Driver; E:WINDOWSsystem32DRIVERSgflmouhid.sys [2004-04-19 6656]
    R3 hidusb;Microsoft HID Class Driver; E:WINDOWSsystem32DRIVERShidusb.sys [2004-08-04 9600]
    R3 MODEMCSA;Unimodem Streaming Filter Device; E:WINDOWSsystem32driversMODEMCSA.sys [2001-08-17 16128]
    R3 mouhid;Mouse HID Driver; E:WINDOWSsystem32DRIVERSmouhid.sys [2004-08-04 12160]
    R3 NABTSFEC;NABTS/FEC VBI Codec; E:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
    R3 NdisIP;Microsoft TV/Video Connection; E:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
    R3 NIC1394;1394 Net Driver; E:WINDOWSsystem32DRIVERSnic1394.sys [2004-08-04 61824]
    R3 nv;nv; E:WINDOWSsystem32DRIVERSnv4_mini.sys [2006-02-13 3642784]
    R3 ossrv;Creative OS Services Driver; E:WINDOWSsystem32DRIVERSctoss2k.sys [2005-01-10 106496]
    R3 P17;Sound Blaster Audigy; E:WINDOWSsystem32driversP17.sys [2005-07-07 1389056]
    R3 pfc;Padus ASPI Shell; E:WINDOWSsystem32driverspfc.sys [2005-11-02 10368]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; E:WINDOWSSystem32DriversRootMdm.sys [2004-08-04 5888]
    R3 SLIP;BDA Slip De-Framer; E:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
    R3 streamip;BDA IPSink; E:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
    R3 tosporte;Bluetooth Port Driver from Toshiba; E:WINDOWSsystem32DRIVERStosporte.sys [2005-03-14 47230]
    R3 tunmp;Microsoft Tun Miniport Adapter Driver; E:WINDOWSsystem32DRIVERStunmp.sys [2004-08-04 12416]
    R3 usbccgp;Microsoft USB Generic Parent Driver; E:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-04 31616]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; E:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
    R3 usbhub;Microsoft USB Standard Hub Driver; E:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; E:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
    R3 WSTCODEC;World Standard Teletext Codec; E:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
    S2 nvcap;nVidia WDM Video Capture (universal); E:WINDOWSsystem32DRIVERSnvcap.sys [2005-01-31 141246]
    S2 SPIDER;SpIDer FS Monitor for Windows NT; ??E:PROGRA~1DrWebspider.sys []
    S3 61883;61883 Unit Device; E:WINDOWSsystem32DRIVERS61883.sys [2004-08-03 48128]
    S3 Avc;AVC Device; E:WINDOWSsystem32DRIVERSavc.sys [2004-08-03 38912]
    S3 genmcmn;Scroll Mouse Driver; E:WINDOWSsystem32DRIVERSgmfiltr.sys [2004-05-12 8064]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; E:WINDOWSsystem32DRIVERSHPZid412.sys [2007-03-08 49920]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; E:WINDOWSsystem32DRIVERSHPZipr12.sys [2007-03-08 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; E:WINDOWSsystem32DRIVERSHPZius12.sys [2007-03-08 21568]
    S3 MSDV;Microsoft DV Camera and VCR; E:WINDOWSsystem32DRIVERSmsdv.sys [2004-08-03 51328]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
    S3 PanasonicDECT-USBGEAR;Panasonic USB GEAR Driver; E:WINDOWSSystem32Driverspccusbdd.sys [2005-05-27 47712]
    S3 toshidpt;TOSHIBA Bluetooth HID port driver; E:WINDOWSsystem32driversToshidpt.sys [2002-10-16 2851]
    S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; E:WINDOWSSystem32Driverstosrfbd.sys [2005-03-08 98560]
    S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; E:WINDOWSSystem32Driverstosrfbnp.sys [2004-07-08 36531]
    S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; E:WINDOWSsystem32DRIVERSTosrfhid.sys [2004-11-15 50048]
    S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; E:WINDOWSsystem32DRIVERStosrfnds.sys [2005-01-06 18612]
    S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; E:WINDOWSsystem32driversTosRfSnd.sys [2004-12-15 50048]
    S3 Tosrfusb;Bluetooth USB Controller; E:WINDOWSSystem32Driverstosrfusb.sys [2004-12-21 34816]
    S3 usb_rndisx;USB RNDIS Adapter; E:WINDOWSsystem32DRIVERSusb8023x.sys [2005-10-21 12800]
    S3 usbprint;Microsoft USB PRINTER Class; E:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
    S3 usbscan;USB Scanner Driver; E:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
    S3 USBSTOR;USB Mass Storage Driver; E:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
    S3 wceusbsh;Windows CE USB Serial Host Driver; E:WINDOWSsystem32DRIVERSwceusbsh.sys [2006-11-06 28672]
    S4 IntelIde;IntelIde; E:WINDOWSsystem32driversIntelIde.sys []
    S4 sr;System Restore Filter Driver; E:WINDOWSsystem32DRIVERSsr.sys [2004-08-04 73472]
    S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; E:WINDOWSSystem32driversws2ifsl.sys [2004-08-04 12032]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 6to4;IPv6 Helper Service; E:WINDOWSsystem32svchost.exe [2004-08-04 14336]
    R2 ATKKeyboardService;ATK Keyboard Service; E:WINDOWSATKKBService.exe [2005-10-18 241152]
    R2 Creative Service for CDROM Access;Creative Service for CDROM Access; E:WINDOWSsystem32CTsvcCDA.EXE [1999-12-13 44032]
    R2 ekrn;ESET Service; E:Program FilesESETESET NOD32 Antivirusekrn.exe [2009-05-14 731840]
    R2 hpqddsvc;HP CUE DeviceDiscovery Service; E:WINDOWSsystem32svchost.exe [2004-08-04 14336]
    R2 Net Driver HPZ12;Net Driver HPZ12; E:WINDOWSSystem32svchost.exe [2004-08-04 14336]
    R2 NVSvc;NVIDIA Display Driver Service; E:WINDOWSsystem32nvsvc32.exe [2006-02-13 143426]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; E:WINDOWSSystem32svchost.exe [2004-08-04 14336]
    R2 UMWdf;Windows User Mode Driver Framework; E:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
    R3 hpqcxs08;hpqcxs08; E:WINDOWSsystem32svchost.exe [2004-08-04 14336]
    S2 spidernt;SpIDer Guard for Windows NT; E:PROGRA~1DrWebSpiderNT.exe [2006-05-02 118784]
    S3 Adobe LM Service;Adobe LM Service; E:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2006-07-22 72704]
    S3 EhttpSrv;ESET HTTP Server; E:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2009-05-14 20680]
    S3 NBService;NBService; E:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-06-08 208896]
    S3 odserv;Microsoft Office Diagnostics Service; E:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; E:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
    S3 stllssvr;stllssvr; E:Program FilesCommon FilesSureThing Sharedstllssvr.exe [2007-05-03 74656]

    EOF

    12 октября, 2009 в 3:29 пп в ответ на: Помогите избавиться от Антивирус Про 2010! #26082
    Georgina
    Participant
    • Темы:2
    • Сообщений:7
    • ☆

    Здравствуйте.
    Спасибо за отклик!
    Вот лог после сканикования Malwarebytes Anti-malware:
    Malwarebytes’ Anti-Malware 1.41
    Версия базы данных: 2945
    Windows 5.1.2600 Service Pack 2

    12.10.2009 19:24:25
    mbam-log-2009-10-12 (19-24-25).txt

    Тип проверки: Полная (C:|D:|E:|F:|G:|M:|)
    Проверено объектов: 127943
    Прошло времени: 11 minute(s), 10 second(s)

    Заражено процессов в памяти: 0
    Заражено модулей в памяти: 0
    Заражено ключей реестра: 19
    Заражено значений реестра: 8
    Заражено параметров реестра: 4
    Заражено папок: 1
    Заражено файлов: 16

    Заражено процессов в памяти:
    (Вредоносные программы не обнаружены)

    Заражено модулей в памяти:
    (Вредоносные программы не обнаружены)

    Заражено ключей реестра:
    HKEY_CLASSES_ROOTconnectionservices.connectionservices (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{6d7b211a-88ea-490c-bab9-3600d8d7c503} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{6d7b211a-88ea-490c-bab9-3600d8d7c503} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6d7b211a-88ea-490c-bab9-3600d8d7c503} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall{6d7b211a-88ea-490c-bab9-3600d8d7c503} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTconnectionservices.connectionservices.1 (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTAppID{36dbc179-a19f-48f2-b16a-6a3e19b42a87} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{36dbc179-a19f-48f2-b16a-6a3e19b42a87} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOTCLSID{54645654-2225-4455-44a1-9f4543d34546} (Trojan.Clicker) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{36dbc179-a19f-48f2-b16a-6a3e19b42a87} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExtStats{33331111-1111-1111-1111-611111193429} (Trojan.Clicker) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{33331111-1111-1111-1111-611111193423} (Trojan.Clicker) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{33331111-1111-1111-1111-611111193429} (Trojan.Clicker) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{33331111-1111-1111-1111-615111193427} (Trojan.Clicker) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{33331111-1131-1111-1111-611111193428} (Trojan.Clicker) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{36dbc179-a19f-48f2-b16a-6a3e19b42a87} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREConnectionServices (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsrundll32.exe (Security.Hijack) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESystemCurrentControlSetEnumRootLEGACY_ZZZdrv_lich (Rootkit.Agent) -> Quarantined and deleted successfully.

    Заражено значений реестра:
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoadsystemcheck2 (Trojan.Clicker) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERControl Paneldon’t loadscui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERControl Paneldon’t loadwscui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorerForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunsvchost (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunRegedit32 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunAntivirus Pro 2010 (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunmserv (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    Заражено параметров реестра:
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterAntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterFirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterUpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonShell (Hijack.Shell) -> Bad: (Explorer.exe work.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

    Заражено папок:
    E:Program FilesConnectionServices (Trojan.BHO) -> Quarantined and deleted successfully.

    Заражено файлов:
    E:Program FilesConnectionServicesConnectionServices.dll (Trojan.BHO) -> Quarantined and deleted successfully.
    E:Program FilesConnectionServicesUninstall.exe (Trojan.BHO) -> Quarantined and deleted successfully.
    E:WINDOWSufdata2000.log (Malware.Trace) -> Quarantined and deleted successfully.
    E:Documents and SettingsSergeyApplication Datawiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
    E:Program FilesInternet Explorersetupapi.dll (Trojan.BHO) -> Quarantined and deleted successfully.
    E:WINDOWSsystem322.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
    E:WINDOWSsystem32form.txt (Malware.Trace) -> Quarantined and deleted successfully.
    E:WINDOWSsystem32lich.dat (Stolen.data) -> Quarantined and deleted successfully.
    E:Documents and SettingsSergeyLocal SettingsTemptmpwr2 (Rogue.Installer) -> Quarantined and deleted successfully.
    E:Documents and SettingsSergeyLocal SettingsTemptmpwr3 (Rogue.Installer) -> Quarantined and deleted successfully.
    E:Documents and SettingsSergeyLocal SettingsTemptmpwr4 (Rogue.Installer) -> Quarantined and deleted successfully.
    E:Documents and SettingsSergeyLocal SettingsTemptmpwr5 (Rogue.Installer) -> Quarantined and deleted successfully.
    E:Documents and SettingsSergeyLocal SettingsTemptmpwr6 (Rogue.Installer) -> Quarantined and deleted successfully.
    E:Documents and SettingsSergeyLocal SettingsTemptmpwr7 (Rogue.Installer) -> Quarantined and deleted successfully.
    E:WINDOWSTempwpv321253926400.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    E:Documents and SettingsSergeyoashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.

  • Автор
    Сообщения
Просмотр 5 сообщений - с 1 по 5 (из 5 всего)

Добро пожаловать

На нашем сайте размещены инструкции и программы, которые помогут вам абсолютно бесплатно и самостоятельно удалить навязчивую рекламу, вирусы и трояны.

Поиск

Важные инструкции

Этот параметр включен администратором
Какой лучший антивирус ? Как выбрать антивирус ?
Как удалить всплывающие окна
Как запустить компьютер в безопасном режиме (Safe Mode)
Как удалить рекламный вирус в браузере (Chrome, Opera, Firefox, Internet Explorer, Edge)

СПАЙВАРЕ РУ

  • О Спайваре Ру
  • Контакты
  • Реклама на сайте
  • Политика конфиденциальности
  • Правила использования

Нужна помощь?

Задайте свой вопрос прямо сейчас кликнув по следующей ссылке Задать вопрос.

Или обратитесь на наш форум, где команда Spyware-ru поможет вам. Узнайте, как попросить о помощи здесь.

Ссылки

  • Инструкции
  • Скачать программы
  • Помощь в удалении вирусов
  • Как вылечить компьютер
Copyright © 2008 - 2024 Spyware-RU.com (en)