-
Код:
C:\WINDOWS\SYSTEM32\MSCTFIME.IME
Проверьте на virustotal.com и дайте ссылку на результат.
Подозрение на неизвестный загрузчик только поттому, что база проверенных пуста, в моей он в белом списке.
Скрипт ниже для uVS подчистит хвосты от Exchange:
Код:
;uVS v4.0.5 [http://dsrt.dyndns.org]
;Target OS: NTv5.2
v400c
deltmp
delref %SystemDrive%\PROGRAM FILES\IOBIT\LIVEUPDATE\LIVEUPDATE.EXE
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\REAPI.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\EXADMIN.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\MAILDSMX.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\EXRTENG.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\OMASINK.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\PEEXCH50.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\MSGTRACK.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\CDOEXM.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\EXMIME.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EXSMIME.DLL
delref G:\TEMP\YES\IVIEWERS.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EXADMIN.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\XLSASINK.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\MSGFILTER.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\EXPS.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\ESCONF.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\EXCLUADM.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\CONTENTFILTER.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\CDO.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\PBAG.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\EXRTOBJ.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\PHATCAT.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\EXWMI.DLL
delref %SystemDrive%\PROGRAM FILES\COMMON FILES\ACRONIS\VSSREQUESTOR\VSS_REQUESTOR_PROXY.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EMPMR.EXE
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\SS.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EMPMS.EXE
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\IMAPADM.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\IMAPMGR.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\DRVIIS.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\NNTPMGR.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\SMTPMGR.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\PHATQADM.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\E2KDSN.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EXCDO.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EMPMT.EXE
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EXSCHEMA.EXE
delref %SystemDrive%\PROGRAM FILES\IOBIT\IOBIT UNINSTALLER\UNINSTALER_SKIPUAC.EXE
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\ONSUBMIT.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EMPKP.EXE
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\EXCHWEB\BIN\SPELL\MSSTKO32.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EMPMB.EXE
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\POP3MGR.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\MSCFV2\MSEXCHANGE.UCECONTENTFILTER.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EXODBPRX.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\EXODBPRX.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\STORE.EXE
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\EXSP.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\NNTPEX.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\PHATQ.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\POP3ADM.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\MAQADMIN.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EMPML.EXE
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EXSTORPH.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\EXPKM.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\EXCDO.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\CDOWF.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\CDOWFEVT.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\MISCAT.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\PROTOLOG.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\EMPPF.EXE
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\TURFLIST.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\AQADMCON.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\EXCHWEB\BIN\EXWFORM.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\LETADATA.DLL
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\EMBX.DLL
delref %SystemDrive%\PROGRA~1\EXCHSRVR\BIN\TRANMSG.DLL
delref %SystemDrive%\PROGRAM FILES\KASPERSKY LAB\KASPERSKY ADMINISTRATION KIT\KLACTGUI.EXE
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\ADCLEAN.EXE
delref %SystemDrive%\PROGRAM FILES\EXCHSRVR\BIN\MAILMIG.EXE
apply
-
-
Будь в курсе!
Будь в курсе!
Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:
-
Junior Member
- Вес репутации
- 31
MSCTFIME.IME - проверил, не выявлено.
Больше не буду Вас дергать. Во всем виноваты мои "кривые руки". Сам накосячил. Большое спасибо за помощь.
