SPYWARE-RU.COM

Созданные ответы форума

Просмотр 2 сообщений - с 1 по 2 (из 2 всего)

Автор

Сообщения
29 января, 2009 в 3:56 пп в ответ на: Посмотрите плз лог #21562
Grek
Participant
- Темы:2
- Сообщений:4
ComboFix 09-01-21.04 — pp 2009-01-29 18:44:08.2 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.1.1251.1.1049.18.511.242 [GMT 3:00]
Running from: c:documents and settingsppРабочий столComboFix.exe
Command switches used :: c:documents and settingsppРабочий столCFScript.txt
* Created a new restore point
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:windowssystem32fci.exe
c:windowssystem32i

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

Legacy_GARENAPENGINE

Legacy_SERVICE_CONTROLER

Legacy_SERVICE_CONTROLER_INSTALLER

Service_GarenaPEngine

Service_Service Controler

Service_Service Controler Installer

((((((((((((((((((((((((( Files Created from 2008-12-28 to 2009-01-29 )))))))))))))))))))))))))))))))
.

2009-01-29 18:48 . 2009-01-29 18:48 13 —a

c:windowsreset5.dt3
2009-01-29 18:48 . 2009-01-29 18:48 13 —a

c:windowsreset5.dt2
2009-01-29 18:48 . 2009-01-29 18:48 13 —a

c:windowsreset5.dt1
2009-01-28 21:11 . 2009-01-28 21:11 d

C:rsit
2009-01-28 21:11 . 2009-01-28 21:11 d

c:program filestrend micro
2009-01-28 18:13 . 2009-01-28 18:13 d

c:windowssystem32bits
2009-01-28 18:10 . 2009-01-28 19:33 d—h

c:windows$hf_mig$
2009-01-28 18:10 . 2005-02-25 06:36 22,752 —a

c:windowssystem32spupdsvc.exe
2009-01-28 18:09 . 2004-07-02 01:08 360,448 —a—c— c:windowssystem32dllcacheqmgr.dll
2009-01-28 18:09 . 2004-07-02 01:08 331,776 —a

c:windowssystem32winhttp.dll
2009-01-28 18:09 . 2004-07-02 01:08 331,776 —a—c— c:windowssystem32dllcachewinhttp.dll
2009-01-28 18:09 . 2004-07-02 01:08 17,408 —a

c:windowssystem32qmgrprxy.dll
2009-01-28 18:09 . 2004-07-02 01:08 17,408 —a—c— c:windowssystem32dllcacheqmgrprxy.dll
2009-01-28 18:09 . 2004-07-02 01:08 7,680

c— c:windowssystem32dllcachebitsprx2.dll
2009-01-28 18:09 . 2004-07-02 01:08 7,680

c:windowssystem32bitsprx2.dll
2009-01-28 18:09 . 2004-07-02 01:08 7,168

c— c:windowssystem32dllcachebitsprx3.dll
2009-01-28 18:09 . 2004-07-02 01:08 7,168

c:windowssystem32bitsprx3.dll
2009-01-28 18:06 . 2008-10-16 14:06 268,648 —a

c:windowssystem32mucltui.dll
2009-01-28 18:06 . 2008-10-16 14:06 27,496 —a

c:windowssystem32mucltui.dll.mui
2009-01-28 18:05 . 2008-10-16 14:09 43,544 —a

c:windowssystem32wups2.dll
2009-01-28 18:05 . 2008-10-16 14:08 31,768 —a

c:windowssystem32wucltui.dll.mui
2009-01-28 18:05 . 2008-10-16 14:08 27,672 —a

c:windowssystem32wuapi.dll.mui
2009-01-28 18:05 . 2008-10-16 14:07 23,576 —a

c:windowssystem32wuaucpl.cpl.mui
2009-01-28 18:05 . 2008-10-16 14:07 18,968 —a

c:windowssystem32wuaueng.dll.mui
2009-01-28 18:04 . 2008-10-16 14:12 561,688 —a

c:windowssystem32wuapi.dll
2009-01-28 18:04 . 2008-10-16 14:12 323,608 —a

c:windowssystem32wucltui.dll
2009-01-28 18:04 . 2008-10-16 14:12 213,528 —a

c:windowssystem32wuaucpl.cpl
2009-01-28 18:04 . 2004-08-03 14:04 187,160 —a

c:windowssystem32wuaueng1.dll
2009-01-28 18:04 . 2004-08-03 14:04 168,728 —a

c:windowssystem32wuauclt1.exe
2009-01-28 18:04 . 2008-10-16 14:08 34,328 —a

c:windowssystem32wups.dll
2009-01-28 18:02 . 2009-01-28 18:02 d—s—- c:documents and settingsppUserData
2009-01-28 14:17 . 2009-01-28 21:51 735,232 -r-hs—- c:windowssystem32driversSCtri.exe
2009-01-27 19:11 . 2009-01-27 19:16 d

c:documents and settingsppDSS DJ Data
2009-01-27 19:10 . 2009-01-27 19:10 d

c:program filesMyXOFT
2009-01-27 18:15 . 2009-01-27 18:37 33,367 —a

C:z8g5q3d3n2s9.exe
2009-01-27 00:54 . 2009-01-28 21:51 735,232 —a

c:windowssystem32SCtri.exe
2009-01-27 00:11 . 2009-01-27 00:14 94,208 —a

c:windowsScUnin.exe
2009-01-27 00:11 . 2009-01-27 00:14 35,525 —a

c:windowsscunin.dat
2009-01-27 00:11 . 2009-01-27 00:14 967 —a

c:windowsScUnin.pif
2009-01-27 00:10 . 2009-01-27 00:27 d

c:program filesStarcraft
2009-01-26 23:56 . 2009-01-27 00:57 d

c:program filesGarena
2009-01-26 23:56 . 2009-01-26 23:56 d

c:documents and settingsppApplication DataInstallShield
2009-01-25 22:16 . 2009-01-25 22:15 735,232 —a

c:windowssystem32driversSCtri.exe.vir
2009-01-24 05:36 . 2007-09-04 17:56 164,352 —a

c:windowssystem32unrar.dll
2009-01-24 05:35 . 2009-01-24 05:35 d

c:program filesK-Lite Codec Pack
2009-01-24 05:35 . 2007-11-29 23:30 3,596,288 —a

c:windowssystem32qt-dx331.dll
2009-01-24 05:35 . 2007-07-25 14:24 1,559,040 —a

c:windowssystem32xvidcore.dll
2009-01-24 05:35 . 2007-12-04 02:33 682,496 —a

c:windowssystem32divx.dll
2009-01-24 05:35 . 2006-09-24 16:11 389,120 —a

c:windowssystem32lameACM.acm
2009-01-24 05:35 . 2007-03-10 12:51 282,624 —a

c:windowssystem32xvidvfw.dll
2009-01-24 05:35 . 2004-01-25 17:18 217,088 —a

c:windowssystem32yv12vfw.dll
2009-01-24 05:35 . 2007-09-21 01:52 118,784 —a

c:windowssystem32ac3acm.acm
2009-01-24 05:35 . 2007-11-29 23:28 81,920 —a

c:windowssystem32dpl100.dll
2009-01-24 05:35 . 2007-12-24 13:49 7,680 —a

c:windowssystem32ff_vfw.dll
2009-01-24 05:35 . 2007-07-10 17:10 547 —a

c:windowssystem32ff_vfw.dll.manifest
2009-01-24 05:35 . 2007-10-03 16:03 414 —a

c:windowssystem32lame_acm.xml
2009-01-23 20:09 . 2009-01-24 00:04 720,896 —a

c:windowssystem32SbCtri.exe
2009-01-23 20:09 . 2009-01-24 00:04 720,896 -r-hs—- c:windowssystem32driversSbCtri.exe
2009-01-23 18:00 . 2009-01-29 18:49 4,933,320 —a

c:windows{00000002-00000000-00000006-00001102-00000008-10011102}.CDF
2009-01-23 18:00 . 2009-01-23 18:00 4,933,320

c:windows{00000002-00000000-00000006-00001102-00000008-10011102}.BAK
2009-01-23 17:59 . 2009-01-28 22:09 30,624 —a

c:windowssystem32BMXStateBkp-{00000002-00000000-00000006-00001102-00000008-10011102}.rfx
2009-01-23 17:59 . 2009-01-28 22:09 30,624 —a

c:windowssystem32BMXState-{00000002-00000000-00000006-00001102-00000008-10011102}.rfx
2009-01-23 17:59 . 2009-01-28 22:09 29,772 —a

c:windowssystem32BMXCtrlState-{00000002-00000000-00000006-00001102-00000008-10011102}.rfx
2009-01-23 17:59 . 2009-01-28 22:09 29,772 —a

c:windowssystem32BMXBkpCtrlState-{00000002-00000000-00000006-00001102-00000008-10011102}.rfx
2009-01-23 17:59 . 2009-01-28 22:09 2,796 —a

c:windowssystem32DVCState-{00000002-00000000-00000006-00001102-00000008-10011102}.rfx
2009-01-23 17:59 . 2009-01-28 22:09 1,072 —a

c:windowssystem32settingsbkup.sfm
2009-01-23 17:59 . 2009-01-28 22:09 1,072 —a

c:windowssystem32settings.sfm
2009-01-23 17:55 . 1998-01-08 04:00 1,048,576

c:windowssystem32SFMAN.DAT
2009-01-23 17:55 . 2000-05-11 01:00 90,112

c:windowsUpdreg.EXE
2009-01-23 17:55 . 1998-06-05 05:00 84,992

c:windowssystem32SFCVRT32.DLL
2009-01-23 17:55 . 1995-08-30 05:02 82,432

c:windowssystem32CTWFLT32.DLL
2009-01-23 17:55 . 1998-10-20 11:05 54,784

c:windowssystem32INETWH32.DLL
2009-01-23 17:55 . 1994-12-05 06:11 53,552

c:windowsCTCCW.DLL
2009-01-23 17:55 . 1995-07-13 05:01 26,768

c:windowssystem32CTL3D.DLL
2009-01-23 17:55 . 1996-05-23 05:24 24,976

c:windowsCTRES.DLL
2009-01-23 17:55 . 1999-01-14 09:04 231

c:windowsAC3API.INI
2009-01-23 17:54 . 2009-01-23 17:55 d

c:windowssystem32Defaults
2009-01-23 17:54 . 2002-08-29 02:01 134,272 —a

c:windowssystem32driversportcls.sys
2009-01-23 17:54 . 2002-08-29 01:32 57,856 —a

c:windowssystem32driversdrmk.sys
2009-01-23 17:52 . 2003-10-28 12:03 4,932,148 —a

c:windowsCTDVAUDY.CDF
2009-01-23 17:50 . 2003-11-11 11:08 77,824 —a

c:windowssystem32ctdvda32.dll
2009-01-23 17:46 . 2002-02-20 06:00 331,776

c:windowssystem32CTMEDENG.DLL
2009-01-23 17:46 . 2001-09-18 03:00 139,264 —a

c:windowssystem32Video.skn
2009-01-23 17:46 . 2001-03-30 02:00 62,976 —a

c:windowssystem32CTDetres.dll
2009-01-23 17:46 . 1999-12-13 04:01 44,032

c:windowssystem32CTSVCCDA.EXE
2009-01-23 17:46 . 1999-11-18 04:00 25,088

c:windowssystem32CTSVCCTL.EXE
2009-01-23 17:46 . 2000-04-20 01:00 24,576 —a

c:windowssystem32CTMERes.DLL
2009-01-23 17:46 . 1998-09-17 01:52 17,350 —a

c:windowssystem32CTDetect.hlp
2009-01-23 17:46 . 1998-09-17 01:52 641 —a

c:windowssystem32CTDetect.cnt
2009-01-23 01:16 . 2009-01-23 01:17 d

c:documents and settingsppApplication DataMra
2009-01-23 01:15 . 2009-01-23 01:15 d

c:program filesMail.Ru
2009-01-22 19:43 . 2009-01-22 19:52 49,197 —a

C:f2q2q4j8g1t8.exe
2009-01-22 00:40 . 2009-01-22 00:40 720,896 —a

c:windowssystem32driversSbCtri.exe.vir
2009-01-20 02:08 . 2009-01-20 02:26 d

c:program filesOCCT
2009-01-19 19:05 . 2009-01-19 19:05 715,776 -r-hs—- c:windowssystem32driversSbiCtr.exe
2009-01-19 14:20 . 2009-01-19 14:20 715,776 —a

c:windowssystem32driversSbiCtr.exe.vir
2009-01-16 20:42 . 2009-01-16 20:42 d

c:program filesBuka
2009-01-16 20:24 . 2009-01-16 20:34 d

C:Games
2009-01-14 16:51 . 2009-01-14 16:52 d

c:program filesAd Muncher
2009-01-14 03:41 . 2009-01-14 04:34 d

c:program filesFlylinkDC++
2009-01-11 18:47 . 2007-12-28 07:54 5,791 —a

c:windowssystem32instcm.inf
2009-01-06 03:24 . 2009-01-06 03:24 d

c:documents and settingsppApplication DataMedia Player Classic
2009-01-06 03:23 . 2004-01-12 01:00 348,160 —a

c:windowssystem32msvcr71.dll
2009-01-05 21:45 . 2009-01-25 22:16 d

c:program filesSoulseek
2009-01-05 19:53 . 2009-01-28 20:22 d-a

c:documents and settingsAll UsersApplication DataTEMP
2009-01-05 19:52 . 2006-05-25 14:52 162,304 —a

c:windowssystem32ztvunrar36.dll
2009-01-05 19:52 . 2003-02-02 19:06 153,088 —a

c:windowssystem32UNRAR3.dll
2009-01-05 19:52 . 2005-08-26 00:50 77,312 —a

c:windowssystem32ztvunace26.dll
2009-01-05 19:52 . 2002-03-06 00:00 75,264 —a

c:windowssystem32unacev2.dll
2009-01-05 19:52 . 2006-06-19 12:01 69,632 —a

c:windowssystem32ztvcabinet.dll
2009-01-05 19:51 . 2009-01-28 18:45 d

c:program filesTrojan Remover
2009-01-05 19:51 . 2009-01-05 19:51 d

c:documents and settingsppApplication DataSimply Super Software
2009-01-05 19:51 . 2009-01-05 19:51 d

c:documents and settingsAll UsersApplication DataSimply Super Software
2009-01-05 19:09 . 2009-01-05 19:14 d

c:program filesVITSOFT
2009-01-05 15:32 . 2009-01-05 15:32 d

c:program filesDAMN NFO Viewer
2009-01-05 15:28 . 2003-11-26 05:01 545 —a

c:windowsUC.PIF
2009-01-05 15:28 . 2003-11-26 05:01 545 —a

c:windowsRAR.PIF
2009-01-05 15:28 . 2005-02-11 00:00 545 —a

c:windowsPKZIP.PIF
2009-01-05 15:28 . 2005-02-11 00:00 545 —a

c:windowsPKUNZIP.PIF
2009-01-05 15:28 . 2005-02-11 00:00 545 —a

c:windowsNOCLOSE.PIF
2009-01-05 15:28 . 2003-11-26 05:01 545 —a

c:windowsLHA.PIF
2009-01-05 15:28 . 2003-11-26 05:01 545 —a

c:windowsARJ.PIF
2009-01-05 15:27 . 2009-01-05 15:28 d

c:program filesTotal Commander XP
2009-01-05 15:17 . 2009-01-05 15:16 512,096 —a

c:windowssystem32driversamon.sys
2009-01-05 15:17 . 2009-01-05 15:16 298,104 —a

c:windowssystem32imon.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-02 11:59

d

w c:program filesCommon FilesInstallShield
2009-01-02 11:51

d

w c:program filesmicrosoft frontpage
2009-01-02 11:50 558,142 —-a-w c:windowsjavaPackages87P31JRH.ZIP
2009-01-02 11:50 155,995 —-a-w c:windowsjavaPackages4RTNRLZX.ZIP
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«SBDrvDet»=»c:program filesCreativeSB Drive DetSBDrvDet.exe» [2002-12-03 45056]
«nod32kui»=»c:program filesEsetnod32kui.exe» [2009-01-05 949376]
«Ad Muncher»=»c:program filesAd MuncherAdMunch.exe» [2007-01-18 751616]
«DAEMON Tools»=»c:program filesDAEMON Toolsdaemon.exe» [2005-12-10 133016]
«MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2009-01-23 5603000]
«CTSysVol»=»c:program filesCreativeSBAudigy2Surround MixerCTSysVol.exe» [2003-09-17 57344]
«CTDVDDET»=»c:program filesCreativeSBAudigy2DVDAudioCTDVDDet.EXE» [2003-06-18 45056]
«UpdReg»=»c:windowsUpdReg.EXE» [2000-05-11 90112]
«CTHelper»=»CTHELPER.EXE» [2004-03-19 c:windowssystem32CTHELPER.EXE]

[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowsSystem32CTFMON.EXE» [2002-09-24 13312]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyreset5]
2002-09-09 23:30 17408 c:windowssystem32reset5.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«UpdatesDisableNotify»=dword:00000001
«AntiVirusDisableNotify»=dword:00000001
«AntiVirusOverride»=dword:00000001
«FirewallOverride»=dword:00000001

R1 nod32drv;nod32drv;c:windowssystem32driversnod32drv.sys [2009-01-05 15424]
.
.

Supplementary Scan

.
uStart Page = hxxp://active.mns.ru/
IE: Block frame with Ad Muncher — http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=E3B46J7T&id=menu_ie_frame
IE: Block image with Ad Muncher — http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=E3B46J7T&id=menu_ie_image
IE: Block link with Ad Muncher — http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=E3B46J7T&id=menu_ie_link
IE: Don’t filter page with Ad Muncher — http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=E3B46J7T&id=menu_ie_exclude
IE: Report page to the Ad Muncher developers — http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=E3B46J7T&id=menu_ie_report
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} — %SystemRoot%webrelated.htm
LSP: c:windowsSystem32imon.dll
TCP: {2E05A69A-E964-4EBB-B258-579F55E54807} = 80.70.224.4 80.70.224.2
TCP: {70BE2B90-E27D-484D-B7FA-A04E7A005C7D} = 80.70.224.2,80.70.224.4
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-29 18:49:13
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully
hidden files: 0

**************************************************************************
.

DLLs Loaded Under Running Processes

— — — — — — — > ‘winlogon.exe'(612)
c:windowsSystem32ODBC32.dll
c:windowssystem32Ati2evxx.dll
c:windowssystem32reset5.dll

— — — — — — — > ‘lsass.exe'(704)
c:windowsSystem32imon.dll
c:program filesEsetpr_imon.dll
c:windowsSystem32dssenh.dll
.

Other Running Processes

.
c:windowssystem32savedump.exe
c:windowssystem32ati2evxx.exe
c:windowssystem32ati2evxx.exe
c:windowssystem32CTSVCCDA.EXE
c:program filesESETnod32krn.exe
c:windowssystem32MsPMSPSv.exe
.
**************************************************************************
.
Completion time: 2009-01-29 18:52:01 — machine was rebooted
ComboFix-quarantined-files.txt 2009-01-29 15:51:57
ComboFix2.txt 2009-01-28 17:24:49

Pre-Run: 18 330 943 488 байт свободно
Post-Run: 18,310,488,064 байт свободно

236 — E O F — 2009-01-28 16:21:28
28 января, 2009 в 6:22 пп в ответ на: Посмотрите лог #21564
Grek
Participant
- Темы:2
- Сообщений:4
info.txt logfile of random’s system information tool 1.05 2009-01-28 21:11:30

======Uninstall list======

—>»C:Program FilesCreativeSBAudigy2ProgramCtzapxx.EXE» /W /U /S
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1494984B-9AC5-4F16-B61A-C21D5EFCC1C4}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1494984B-9AC5-4F16-B61A-C21D5EFCC1C4}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{169F8893-C1C5-4847-972C-EA1E008112AC}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{169F8893-C1C5-4847-972C-EA1E008112AC}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{236FADD8-58FD-11D6-A285-00A0CC51B2FE}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{236FADD8-58FD-11D6-A285-00A0CC51B2FE}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{266F8C74-5DC6-4405-B79B-4EB82B2FC684}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{266F8C74-5DC6-4405-B79B-4EB82B2FC684}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{435E969D-867E-4364-8E74-3DC8A69C5BDB}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{435E969D-867E-4364-8E74-3DC8A69C5BDB}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7201B853-5833-11D6-A285-00A0CC51B2FE}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7201B853-5833-11D6-A285-00A0CC51B2FE}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7A900EAB-DA37-4554-AF19-9C337476D05D}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7A900EAB-DA37-4554-AF19-9C337476D05D}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{87499F38-FD69-4A2B-B41A-BAB8DE9B94FE}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9154ED7C-926E-49CC-B677-0CF3C5267457}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9154ED7C-926E-49CC-B677-0CF3C5267457}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{A1185190-514F-11D6-A285-00A0CC51B2FE}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{A1185190-514F-11D6-A285-00A0CC51B2FE}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{AC157741-3285-4D6A-B934-9174587A3493}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{AC157741-3285-4D6A-B934-9174587A3493}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}setup.exe» -l0x9 /remove
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}setup.exe» -l0x9 /remove
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
Ad Muncher—>C:Program FilesAd MuncherAM-Install.exe /die
Adobe Flash Player 10 ActiveX—>C:WINDOWSSystem32MacromedFlashuninstall_activeX.exe
ATI — Software Uninstall Utility—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Display Driver—>rundll32 C:WINDOWSSystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Back2Life—>V:Total Commander XPAddOnBack2LifeBack2Life.exe /uninstall
Counter Strike 1.6 V34—>»C:Program FilesCounter-strikeuninstall.exe»
Creative MediaSource—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{56F3E1FF-54FE-4384-A153-6CCABA097814}SETUP.EXE» -l0x9 /remove
Creative System Information—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{87499F38-FD69-4A2B-B41A-BAB8DE9B94FE}setup.exe» -l0x9 /remove
DSS DJ 5.5—>»C:Program FilesMyXOFTDSS DJunins000.exe»
FlylinkDC++ r(365)—>»C:Program FilesFlylinkDC++unins000.exe»
Garena—>C:Program FilesInstallShield Installation Information{89C89156-A70F-4C6D-9CAE-2EA71F1396FE}setup.exe -runfromtemp -l0x0019 -removeonly
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
K-Lite Codec Pack 3.6.5 Full—>»C:Program FilesK-Lite Codec Packunins000.exe»
Mail.Ru Агент 5.3 (сборка 2560, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
Microsoft Connection Manager—>C:WINDOWSSystem32cmstp.exe /x C:WINDOWSSystem32instcm.inf
OCCT Perestroika 2.0.1—>»C:Program FilesOCCTunins000.exe»
SoulSeek Client 156c—>»C:Program FilesSoulseekuninstall.exe»
Sound Blaster Audigy 2—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{CECB9B3D-E681-4458-85F8-8D182941AF1D}SETUP.EXE» -l0x9
Starcraft—>C:WINDOWSSCunin.exe C:WINDOWSSCunin.dat
Total Commander 6.51 eXtended Pack—>»C:Program FilesTotal Commander XPunins000.exe»
Trojan Remover 6.7.5—>»C:Program FilesTrojan Removerunins000.exe»
Vit Registry Fix 9.1 (remove only)—>C:Program FilesVITSOFTVit Registry FixUninstall.exe
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803v2$spuninstspuninst.exe»
Антивирусная система NOD32—>C:Program FilesEsetSetupsetup.exe /UNINSTALL
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Герои Меча и Магии III: Полное собрание—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesBuka3DOГерои Меча и Магии III Полное собраниеSetupsetup.exe» -l0x19
Обновление безопасности для Windows XP (KB893756)—>»C:WINDOWS$NtUninstallKB893756$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB896423)—>»C:WINDOWS$NtUninstallKB896423$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB896424)—>»C:WINDOWS$NtUninstallKB896424$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB899587)—>»C:WINDOWS$NtUninstallKB899587$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB899591)—>»C:WINDOWS$NtUninstallKB899591$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB901017)—>»C:WINDOWS$NtUninstallKB901017$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB911562)—>»C:WINDOWS$NtUninstallKB911562$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB911927)—>»C:WINDOWS$NtUninstallKB911927$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB920685)—>»C:WINDOWS$NtUninstallKB920685$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB921398)—>»C:WINDOWS$NtUninstallKB921398$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB921883)—>»C:WINDOWS$NtUninstallKB921883$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB922616)—>»C:WINDOWS$NtUninstallKB922616$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB922819)—>»C:WINDOWS$NtUninstallKB922819$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB923414)—>»C:WINDOWS$NtUninstallKB923414$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB924191)—>»C:WINDOWS$NtUninstallKB924191$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB924496)—>»C:WINDOWS$NtUninstallKB924496$spuninstspuninst.exe»
Обновление для Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Обновление для Windows XP (KB911280)—>»C:WINDOWS$NtUninstallKB911280$spuninstspuninst.exe»
Пакет исправлений для Windows XP — KB842773—>C:WINDOWS$NtUninstallKB842773$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB873339—>C:WINDOWS$NtUninstallKB873339$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB885835—>C:WINDOWS$NtUninstallKB885835$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB885836—>C:WINDOWS$NtUninstallKB885836$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB925486—>»C:WINDOWS$NtUninstallKB925486-IE6SP1-20060918.120000$spuninstspuninst.exe»

System event log

Computer Name: KENT-6XWSQ78FWS
Event Code: 7036
Message: Служба «Службы терминалов» перешла в состояние Работает.

Record Number: 2967
Source Name: Service Control Manager
Time Written: 20090119193340.000000+180
Event Type: информация
User:

Computer Name: KENT-6XWSQ78FWS
Event Code: 26
Message: Всплывающее окно приложения: : SystemRootSystem32ativvaxx.dll failed to load

Record Number: 2966
Source Name: Application Popup
Time Written: 20090119193242.000000+180
Event Type: информация
User:

Computer Name: KENT-6XWSQ78FWS
Event Code: 6005
Message: Запущена служба журнала событий.

Record Number: 2965
Source Name: EventLog
Time Written: 20090119193213.000000+180
Event Type: информация
User:

Computer Name: KENT-6XWSQ78FWS
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 1 Uniprocessor Free.

Record Number: 2964
Source Name: EventLog
Time Written: 20090119193213.000000+180
Event Type: информация
User:

Computer Name: KENT-6XWSQ78FWS
Event Code: 26
Message: Всплывающее окно приложения: : SystemRootSystem32ativvaxx.dll failed to load

Record Number: 2963
Source Name: Application Popup
Time Written: 20090119193041.000000+180
Event Type: информация
User:

Application event log

Computer Name: KENT-6XWSQ78FWS
Event Code: 105
Message: The service was started.

Record Number: 138
Source Name: ATI Smart
Time Written: 20090105173315.000000+180
Event Type: информация
User:

Computer Name: KENT-6XWSQ78FWS
Event Code: 1004
Message: Ошибка приложения lsass.exe, версия 5.1.2600.1106, модуль unknown, версия 0.0.0.0, адрес 0x00000000.

Record Number: 137
Source Name: Application Error
Time Written: 20090105172704.000000+180
Event Type: ошибка
User:

Computer Name: KENT-6XWSQ78FWS
Event Code: 105
Message: The service was started.

Record Number: 136
Source Name: Creative Service for CDROM Access
Time Written: 20090105172656.000000+180
Event Type: информация
User:

Computer Name: KENT-6XWSQ78FWS
Event Code: 105
Message: The service was started.

Record Number: 135
Source Name: ATI Smart
Time Written: 20090105172656.000000+180
Event Type: информация
User:

Computer Name: KENT-6XWSQ78FWS
Event Code: 1015
Message: Критический системный процесс, C:WINDOWSsystem32lsass.exe, завершился ошибкой с кодом состояния c0000005.
Необходимо перезагрузить этот компьютер.

Record Number: 134
Source Name: Winlogon
Time Written: 20090105172519.000000+180
Event Type: ошибка
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 11 Stepping 1, GenuineIntel
«PROCESSOR_REVISION»=0b01
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

EOF
Автор

Сообщения

Просмотр 2 сообщений - с 1 по 2 (из 2 всего)

Grek

Созданные ответы форума

Добро пожаловать

Поиск

Важные инструкции

Установлено в соответствии с корпоративным правилом (Удалить из Хрома)

Как удалить вирус с телефона Андроид (Инструкция)

Как удалить рекламный вирус в браузере (Chrome, Opera, Firefox, Internet Explorer, Edge)

Какой лучший антивирус ? Как выбрать антивирус ?

Этот параметр включен администратором

СПАЙВАРЕ РУ

Нужна помощь?

Ссылки