• Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы

SPYWARE-RU.COM
Меню
  • Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы
В начало
Adguard
 

mrRastishka

  • Профиль
  • Начатые темы
  • Созданные ответы
  • Engagements
  • Избранное

Созданные ответы форума

Просмотр 2 сообщений - с 1 по 2 (из 2 всего)
  • Автор
    Сообщения
  • 25 января, 2009 в 6:44 пп в ответ на: Помогите убрать ленту новостей #21466
    mrRastishka
    Participant
    • Темы:1
    • Сообщений:3
    • ☆

    спасибо все хорошо работает Лента пропала..:))
    Спасибо за помощь!))

    25 января, 2009 в 11:05 дп в ответ на: Помогите убрать ленту новостей #21467
    mrRastishka
    Participant
    • Темы:1
    • Сообщений:3
    • ☆

    спасибо за ответ!))
    Лог Мув ит
    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== SERVICES/DRIVERS ==========
    Unable to stop service aotsqd0t .
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7E3EDD51-48FD-40F2-ACE4-0D2D9F2889AE}\ deleted successfully.
    ========== FILES ==========
    C:Documents and SettingsAll UsersApplication Datawxilib.dll unregistered successfully.
    C:Documents and SettingsAll UsersApplication Datawxilib.dll moved successfully.
    File/Folder C:WINDOWSsystem32driversaotsqd0t.sys not found.
    ========== COMMANDS ==========
    File delete failed. C:DOCUME~1AdminLOCALS~1TempWCESLog.log scheduled to be deleted on reboot.
    User’s Temp folder emptied.
    User’s Temporary Internet Files folder emptied.
    User’s Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    Windows Temp folder emptied.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001wb.vx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000md.dat scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000url.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000w.ax scheduled to be deleted on reboot.
    File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000wb.vx scheduled to be deleted on reboot.
    Opera cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 01252009_135600

    Files moved on Reboot…
    C:DOCUME~1AdminLOCALS~1TempWCESLog.log moved successfully.
    C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009adoc.bx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009md.dat moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009url.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009w.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009wb.vx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008adoc.bx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008md.dat moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008url.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008w.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008wb.vx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005adoc.bx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005md.dat moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005url.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005w.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005wb.vx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004adoc.bx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004md.dat moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004url.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004w.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004wb.vx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003adoc.bx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003md.dat moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003url.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003w.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003wb.vx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002adoc.bx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002md.dat moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002url.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002w.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002wb.vx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001adoc.bx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001md.dat moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001url.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001w.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001wb.vx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000adoc.bx moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000md.dat moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000url.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000w.ax moved successfully.
    C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000wb.vx moved successfully.

    лог. тхт RSit
    Logfile of random’s system information tool 1.05 (written by random/random)
    Run by Admin at 2009-01-25 13:58:53
    Microsoft Windows XP Professional Service Pack 2
    System drive C: has 3 GB (43%) free of 8 GB
    Total RAM: 511 MB (40% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:58:59, on 25.01.2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20733)
    Boot mode: Normal

    Running processes:
    C:WINDOWSSystem32smss.exe
    C:WINDOWSsystem32winlogon.exe
    C:WINDOWSsystem32services.exe
    C:WINDOWSsystem32lsass.exe
    C:WINDOWSsystem32Ati2evxx.exe
    C:WINDOWSsystem32svchost.exe
    C:WINDOWSSystem32svchost.exe
    C:WINDOWSsystem32spoolsv.exe
    C:WINDOWSsystem32Ati2evxx.exe
    C:WINDOWSExplorer.EXE
    C:WINDOWSnotepad.exe
    C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
    C:Program FilesBonjourmDNSResponder.exe
    C:Program FilesEsetnod32krn.exe
    C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
    C:WINDOWSSOUNDMAN.EXE
    C:Program FilesSynapticsSynTPSynTPEnh.exe
    C:Program FilesEsetnod32kui.exe
    C:WINDOWSsystem32ctfmon.exe
    C:Program FilesMicrosoft ActiveSyncwcescomm.exe
    C:PROGRA~1MICROS~3rapimgr.exe
    C:Program FilesOperaopera.exe
    C:Program FilesQIPqip.exe
    C:Documents and SettingsAdminРабочий столRSIT.exe
    C:WINDOWSsystem32wuauclt.exe
    C:Program Filestrend microAdmin.exe

    R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://carnage.ru/
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = 192.168.1.33:3128
    R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local;
    R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
    O1 — Hosts: 208.109.46.212 http://www.driver-soft.com
    O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
    O4 — HKLM..Run: [Ярлык для страницы свойств High Definition Audio] HDAShCut.exe
    O4 — HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
    O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
    O4 — HKLM..Run: [AlcWzrd] ALCWZRD.EXE
    O4 — HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
    O4 — HKLM..Run: [nod32kui] «C:Program FilesEsetnod32kui.exe» /WAITSERVICE
    O4 — HKLM..Run: [D_V_T] C:\dvt.exe /S C:\d_v_t.reg
    O4 — HKLM..Run: [QuickTime Task] «C:Program FilesK-Lite Codec PackQuickTimeqttask.exe» -atboottime
    O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
    O4 — HKCU..Run: [H/PC Connection Agent] «C:Program FilesMicrosoft ActiveSyncwcescomm.exe»
    O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
    O4 — HKUSS-1-5-18..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘SYSTEM’)
    O4 — HKUSS-1-5-18..RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User ‘SYSTEM’)
    O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
    O4 — HKUS.DEFAULT..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘Default user’)
    O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
    O9 — Extra button: Create Mobile Favorite — {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
    O9 — Extra button: (no name) — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
    O9 — Extra ‘Tools’ menuitem: Добавить в избранное мобильного устройства… — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
    O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O9 — Extra button: (no name) — Cmdmapping — (no file) (HKCU)
    O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
    O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
    O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
    O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
    O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
    O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
    O23 — Service: NOD32 Kernel Service (NOD32krn) — Eset — C:Program FilesEsetnod32krn.exe
    O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
    O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
    O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
    O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
    O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

    —
    End of file — 6054 bytes

    ======Scheduled tasks folder======

    C:WINDOWStasksAppleSoftwareUpdate.job
    C:WINDOWStasksNorton Security Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
    «Ярлык для страницы свойств High Definition Audio»=C:WINDOWSsystem32HDAShCut.exe [2005-12-26 61952]
    «ATIPTA»=C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe [2005-04-28 344064]
    «SoundMan»=C:WINDOWSSOUNDMAN.EXE [2005-06-21 90112]
    «AlcWzrd»=C:WINDOWSALCWZRD.EXE [2005-07-13 2806272]
    «SynTPEnh»=C:Program FilesSynapticsSynTPSynTPEnh.exe [2005-04-15 708697]
    «nod32kui»=C:Program FilesEsetnod32kui.exe [2008-07-23 1003912]
    «D_V_T»=C:\dvt.exe [2008-07-23 3584]
    «QuickTime Task»=C:Program FilesK-Lite Codec PackQuickTimeqttask.exe [2008-09-06 413696]

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
    «ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-03-15 30208]
    «H/PC Connection Agent»=C:Program FilesMicrosoft ActiveSyncwcescomm.exe [2006-11-13 1289000]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregCTFMON.EXE]
    C:WINDOWSsystem32ctfmon.exe [2008-03-15 30208]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools Lite]
    C:Program FilesDAEMON Tools Litedaemon.exe [2008-02-14 486856]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregH/PC Connection Agent]
    C:Program FilesMicrosoft ActiveSyncwcescomm.exe [2006-11-13 1289000]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregiTunesHelper]
    C:Program FilesiTunesiTunesHelper.exe [2008-10-01 289576]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
    C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Microsoft Office.lnk]
    C:PROGRA~1MICROS~2Office10OSA.EXE [2001-02-13 83360]

    [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Ускоренный запуск Adobe Reader.lnk]
    C:PROGRA~1AdobeACROBA~1.0ReaderREADER~1.EXE [2005-09-24 29696]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
    C:WINDOWSsystem32Ati2evxx.dll [2005-04-28 46080]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
    WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32wpdshserviceobj.dll [2008-03-02 133632]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
    «dontdisplaylastusername»=0
    «legalnoticecaption»=
    «legalnoticetext»=
    «shutdownwithoutlogon»=1
    «undockwithoutlogon»=1

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
    «NoDriveTypeAutoRun»=323
    «NoSharedDocuments»=1
    «NoSMConfigurePrograms»=1
    «NoDriveAutoRun»=67108863
    «NoDrives»=0

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
    «NoDriveAutoRun»=
    «NoDriveTypeAutoRun»=
    «NoDrives»=

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
    «%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
    «%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
    «C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
    «C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
    «C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»
    «C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
    «C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
    «%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
    «%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
    «C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
    «C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
    «C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»

    ======List of files/folders created in the last 1 months======

    2009-01-25 13:56:12 —-SHD—- C:RECYCLER
    2009-01-25 13:56:00 —-D—- C:_OTMoveIt
    2009-01-23 02:04:28 —-D—- C:rsit
    2009-01-23 02:04:28 —-D—- C:Program Filestrend micro
    2009-01-23 01:54:29 —-D—- C:WINDOWStemp
    2009-01-23 01:54:27 —-A—- C:ComboFix.txt
    2009-01-23 01:51:54 —-D—- C:ComboFix
    2009-01-23 01:12:38 —-A—- C:WINDOWSzip.exe
    2009-01-23 01:12:38 —-A—- C:WINDOWSVFIND.exe
    2009-01-23 01:12:38 —-A—- C:WINDOWSSWREG.exe
    2009-01-23 01:12:38 —-A—- C:WINDOWSsed.exe
    2009-01-23 01:12:38 —-A—- C:WINDOWSNIRCMD.exe
    2009-01-23 01:12:38 —-A—- C:WINDOWSgrep.exe
    2009-01-23 01:12:38 —-A—- C:WINDOWSfdsv.exe
    2009-01-23 01:12:37 —-A—- C:WINDOWSSWXCACLS.exe
    2009-01-23 01:12:37 —-A—- C:WINDOWSSWSC.exe
    2009-01-23 01:12:30 —-D—- C:WINDOWSERDNT
    2009-01-23 01:12:30 —-D—- C:Qoobox
    2009-01-22 11:39:36 —-SHD—- C:found.001
    2009-01-18 21:43:42 —-D—- C:Documents and SettingsAdminApplication DataSkype
    2009-01-18 21:43:31 —-D—- C:Program FilesSkype
    2009-01-18 21:43:30 —-D—- C:Program FilesCommon FilesSkype

    ======List of files/folders modified in the last 1 months======

    2009-01-25 13:56:28 —-A—- C:WINDOWSSchedLgU.Txt
    2009-01-24 14:30:32 —-D—- C:Documents and SettingsAdminApplication DataskypePM
    2009-01-24 14:25:41 —-RD—- C:Program Files
    2009-01-23 19:05:52 —-D—- C:Program FilesESET
    2009-01-23 19:04:57 —-SH—- C:boot.ini
    2009-01-23 19:04:57 —-A—- C:WINDOWSwin.ini
    2009-01-23 19:04:57 —-A—- C:WINDOWSsystem.ini
    2009-01-23 18:00:03 —-D—- C:Program FilesNorton Security Scan
    2009-01-23 01:54:30 —-D—- C:WINDOWSsystem32
    2009-01-23 01:54:29 —-D—- C:WINDOWS
    2009-01-23 01:53:43 —-D—- C:WINDOWSsystem32CatRoot2
    2009-01-23 01:53:04 —-D—- C:WINDOWSsystem32drivers
    2009-01-23 01:53:03 —-D—- C:WINDOWSAppPatch
    2009-01-23 01:53:03 —-D—- C:Program FilesCommon Files
    2009-01-23 01:31:08 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
    2009-01-23 01:27:39 —-D—- C:WINDOWSSoftwareDistribution
    2009-01-23 01:12:37 —-SHD—- C:System Volume Information
    2009-01-23 01:12:37 —-D—- C:WINDOWSsystem32Restore
    2009-01-23 00:13:07 —-D—- C:WINDOWSpss
    2009-01-22 23:49:44 —-D—- C:Program FilesInternet Explorer
    2009-01-22 21:33:15 —-D—- C:Program FilesQIP
    2009-01-21 18:48:53 —-HD—- C:Program FilesInstallShield Installation Information
    2009-01-18 21:43:39 —-SHD—- C:WINDOWSInstaller
    2009-01-18 21:43:34 —-D—- C:Documents and SettingsAll UsersApplication DataSkype
    2009-01-02 20:11:59 —-A—- C:WINDOWSNeroDigital.ini
    2009-01-02 20:11:49 —-D—- C:Program FilesK-Lite Codec Pack
    2009-01-02 20:11:42 —-A—- C:WINDOWSsystem32x264vfw.dll
    2008-12-26 16:29:11 —-RSHDC—- C:WINDOWSsystem32dllcache

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-03-15 40448]
    R1 nod32drv;nod32drv; ??C:WINDOWSsystem32driversnod32drv.sys []
    R1 WmiAcpi;Интерфейс управления для ACPI Microsoft Windows; C:WINDOWSsystem32DRIVERSwmiacpi.sys [2008-03-15 8832]
    R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2004-08-18 12032]
    R2 AMON;AMON; ??C:WINDOWSsystem32driversamon.sys []
    R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2006-12-04 62336]
    R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-03-15 60800]
    R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2005-04-28 1132544]
    R3 CmBatt;Драйвер AC-адаптера блока питания (Майкрософт); C:WINDOWSsystem32DRIVERSCmBatt.sys [2008-03-15 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:WINDOWSSystem32DriversGEARAspiWDM.sys [2008-04-17 15464]
    R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-12-26 138752]
    R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2005-07-13 3851264]
    R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
    R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-03-15 61824]
    R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtnicxp.sys [2007-07-12 96384]
    R3 SynTP;Synaptics TouchPad Driver; C:WINDOWSsystem32DRIVERSSynTP.sys [2005-04-15 189664]
    R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-03-15 30208]
    R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-03-15 59520]
    R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-03-15 20608]
    S3 a6vwnxnl;a6vwnxnl; C:WINDOWSsystem32driversa6vwnxnl.sys []
    S3 catchme;catchme; ??C:ComboFixcatchme.sys []
    S3 HdAudAddService;Драйвер функции Microsoft UAA для службы High Definition Audio; C:WINDOWSsystem32driversHdAudio.sys [2005-12-26 145920]
    S3 usb_rndisx;USB RNDIS Adapter; C:WINDOWSsystem32DRIVERSusb8023x.sys [2005-10-21 12800]
    S3 USBAAPL;Apple Mobile USB Driver; C:WINDOWSSystem32Driversusbaapl.sys [2008-10-01 32000]
    S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-03-15 26496]
    S3 wceusbsh;Windows CE USB Serial Host Driver; C:WINDOWSsystem32DRIVERSwceusbsh.sys [2006-11-06 28672]
    S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2008-03-02 77568]
    S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2008-03-02 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2008-10-01 116040]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2005-04-28 364544]
    R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-08-29 238888]
    R2 NOD32krn;NOD32 Kernel Service; C:Program FilesEsetnod32krn.exe [2008-07-23 635272]
    S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
    S3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2008-10-01 536872]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media Playerwmpnetwk.exe [2006-10-18 913408]
    S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2004-08-18 14336]

    EOF

  • Автор
    Сообщения
Просмотр 2 сообщений - с 1 по 2 (из 2 всего)

Добро пожаловать

На нашем сайте размещены инструкции и программы, которые помогут вам абсолютно бесплатно и самостоятельно удалить навязчивую рекламу, вирусы и трояны.

Поиск

Важные инструкции

Удалить всплывающие окна, рекламу, уведомления в Chrome
Как запустить компьютер в безопасном режиме (Safe Mode)
Сброс настроек Firefox
Как сбросить настройки Firefox (Инструкция)
Как удалить всплывающие окна
Проверка на вирусы Андроид телефона
Как удалить вирус с телефона Андроид (Инструкция)

СПАЙВАРЕ РУ

  • О Спайваре Ру
  • Контакты
  • Реклама на сайте
  • Политика конфиденциальности
  • Правила использования

Нужна помощь?

Задайте свой вопрос прямо сейчас кликнув по следующей ссылке Задать вопрос.

Или обратитесь на наш форум, где команда Spyware-ru поможет вам. Узнайте, как попросить о помощи здесь.

Ссылки

  • Инструкции
  • Скачать программы
  • Помощь в удалении вирусов
  • Как вылечить компьютер
Copyright © 2008 - 2024 Spyware-RU.com (en)