Re: Re: Помогите убрать спайдера с машины!

16 ноября, 2008 в 2:34 пп #19750

Participant

Темы:2
Сообщений:13

☆

Valeri очень Вам признателен за помощь. Спасибо огромное. Согласно Вашему совету я удалил Threat файл и Combofix успешно загрузилась с Вашего сайта. Результат ее работы прилагается ниже. Стоит ли мне загружать Threat файл вновь, и было бы очень интересно узнать Ваше мнение о ценности данной программы в качестве антивируса? Общение с Вами одно удовольствие. Еще раз большое спасибо!

ComboFix 08-11-14.01 — Степан 2008-11-16 17:25:03.2 — NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1251.1.1049.18.1710 [GMT 3:00]
Running from: d:soft-waresoft-инвентарьлекариComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr0.dat
c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr1.dat

BITS: Possible infected sites

hxxp://www.threatfire.com
.
((((((((((((((((((((((((( Files Created from 2008-10-16 to 2008-11-16 )))))))))))))))))))))))))))))))
.

2008-11-15 12:45 . 2008-11-15 12:45

c:program filesStamina
2008-11-15 01:45 . 2008-11-15 01:45 d

c:documents and settingsСтепанApplication DataABBYY
2008-11-15 01:31 . 2008-11-15 01:31 d

C:tmp
2008-11-14 20:13 . 2008-11-14 20:13 d

c:program filesMSXML 4.0
2008-11-14 19:37 . 2008-11-14 19:37 d

c:program filesVirtual Teacher Screensaver
2008-11-14 19:26 . 2008-11-14 19:37 d

c:documents and settingsСтепанApplication Datavteacher
2008-11-14 19:08 . 2008-11-14 19:08 754 —a

c:windowsWORDPAD.INI
2008-11-14 17:58 . 2008-11-14 17:58 d

c:documents and settingsAll UsersApplication DataMalwarebytes
2008-11-14 17:58 . 2008-11-14 17:58 d

c:documents and settingsСтепанApplication DataMalwarebytes
2008-11-14 17:58 . 2008-10-22 16:10 38,496 —a

c:windowssystem32driversmbamswissarmy.sys
2008-11-14 17:58 . 2008-10-22 16:10 15,504 —a

c:windowssystem32driversmbam.sys
2008-11-14 15:00 . 2008-11-14 15:00 2,560 —a

c:windows_MSRSTRT.EXE
2008-11-13 21:32 . 2008-11-09 16:00 dr-h

c:documents and settingsАдминистраторSendTo
2008-11-13 21:32 . 2008-11-09 18:52 d—h

c:documents and settingsАдминистраторRecent
2008-11-13 21:32 . 2008-11-09 18:52 d—h

c:documents and settingsАдминистраторPrintHood
2008-11-13 21:32 . 2008-11-09 18:52 d—h

c:documents and settingsАдминистраторNetHood
2008-11-13 21:32 . 2008-11-13 21:38 d—h

c:documents and settingsАдминистраторLocal Settings
2008-11-13 21:32 . 2008-11-13 21:34 d—s—- c:documents and settingsАдминистраторCookies
2008-11-13 21:32 . 2008-11-09 18:52 dr-h

c:documents and settingsАдминистраторApplication Data
2008-11-13 21:32 . 2008-11-09 15:57 d—h

c:documents and settingsАдминистраторШаблоны
2008-11-13 21:32 . 2008-11-09 18:52 d

c:documents and settingsАдминистраторРабочий стол
2008-11-13 21:32 . 2008-11-09 18:52 d

c:documents and settingsАдминистраторМои документы
2008-11-13 21:32 . 2008-11-09 18:52 dr

c:documents and settingsАдминистраторГлавное меню
2008-11-13 21:32 . 2008-11-13 21:33 d

c:documents and settingsАдминистраторИзбранное
2008-11-13 21:32 . 2008-11-13 21:32 d

c:documents and settingsАдминистратор
2008-11-13 21:32 . 2008-11-13 21:37 524,288 —ah

c:documents and settingsАдминистраторNTUSER.DAT
2008-11-13 21:11 . 2008-11-13 21:11 d

c:documents and settingsСтепанApplication DataSamsung
2008-11-13 20:52 . 2006-05-03 22:53 174,592 —a

c:windowssystem32framedyn.dll
2008-11-13 20:51 . 2008-11-13 21:10 5,632 —a

c:windowssystem32driversStarOpen.sys
2008-11-13 20:47 . 2008-11-13 20:47 d

c:windowssystem32Samsung_USB_Drivers
2008-11-13 20:47 . 2007-05-02 11:11 109,704 —a

c:windowssystem32driversss_mdm.sys
2008-11-13 20:47 . 2007-05-02 11:11 83,592 —a

c:windowssystem32driversss_bus.sys
2008-11-13 20:47 . 2007-05-02 11:11 15,112 —a

c:windowssystem32driversss_mdfl.sys
2008-11-13 20:47 . 2007-05-02 11:11 12,424 —a

c:windowssystem32driversss_whnt.sys
2008-11-13 20:47 . 2007-05-02 11:11 12,424 —a

c:windowssystem32driversss_wh.sys
2008-11-13 20:47 . 2007-05-02 11:11 12,424 —a

c:windowssystem32driversss_cmnt.sys
2008-11-13 20:47 . 2007-05-02 11:11 12,424 —a

c:windowssystem32driversss_cm.sys
2008-11-13 20:46 . 2008-11-13 20:46 d

c:program filesSamsung
2008-11-13 20:46 . 2005-08-28 20:51 766 —a

c:windowssystem32Uninstall.ico
2008-11-13 20:45 . 2008-11-13 20:45 d

c:program filesCommon FilesAdobe
2008-11-13 18:06 . 2008-11-13 18:06 d—h

c:windowsPIF
2008-11-13 17:08 . 2008-11-13 17:08 d

c:windowssystem32NtmsData
2008-11-13 01:30 . 2008-11-13 01:30 d

c:documents and settingsСтепанDoctorWeb
2008-11-13 01:30 . 2008-11-13 01:30 d

c:documents and settingsСтепанDoctorWeb
2008-11-13 00:14 . 2008-10-24 14:10 453,632

c— c:windowssystem32dllcachemrxsmb.sys
2008-11-13 00:06 . 2008-11-14 14:27 d

c:windowssystem32ru-ru
2008-11-13 00:06 . 2008-11-13 00:07 d—h

c:windowsmsdownld.tmp
2008-11-13 00:06 . 2008-11-13 02:08 d

c:program filesCommon FilesYandex
2008-11-13 00:06 . 2008-11-13 00:06 d

c:documents and settingsСтепанApplication DataYandex
2008-11-12 23:56 . 2008-10-03 20:26 6,066,176

c— c:windowssystem32dllcacheieframe.dll
2008-11-12 23:56 . 2007-04-17 12:32 2,455,488

c— c:windowssystem32dllcacheieapfltr.dat
2008-11-12 23:56 . 2007-03-08 08:12 1,060,864

c— c:windowssystem32dllcacheieframe.dll.mui
2008-11-12 23:56 . 2008-08-26 11:26 459,264

c— c:windowssystem32dllcachemsfeeds.dll
2008-11-12 23:56 . 2008-08-26 11:26 383,488

c— c:windowssystem32dllcacheieapfltr.dll
2008-11-12 23:56 . 2008-08-26 11:26 267,776

c— c:windowssystem32dllcacheiertutil.dll
2008-11-12 23:56 . 2008-08-26 11:26 63,488

c— c:windowssystem32dllcacheicardie.dll
2008-11-12 23:56 . 2008-08-26 11:26 52,224

c— c:windowssystem32dllcachemsfeedsbs.dll
2008-11-12 23:56 . 2008-08-25 11:38 13,824

c— c:windowssystem32dllcacheieudinit.exe
2008-11-12 23:37 . 2008-11-12 23:48 d

c:program filesInternet Explorer 7
2008-11-12 20:48 . 2008-11-12 20:48 13,881 —a

c:windowsAscd_tmp.ini
2008-11-12 20:28 . 2008-11-12 20:28 d

c:windowsspeech
2008-11-12 20:27 . 2008-11-12 20:28 d

c:windowsLhsp
2008-11-12 10:01 . 2008-11-12 10:01 d

c:documents and settingsLocalServiceГлавное меню
2008-11-12 01:21 . 2008-11-12 01:21 dr

c:windowsAsDmiHtm
2008-11-12 00:55 . 2008-11-16 17:16 d-a

c:documents and settingsAll UsersApplication DataTEMP
2008-11-12 00:24 . 2008-11-12 00:24 d

C:!KillBox
2008-11-12 00:19 . 2008-06-14 20:59 272,512

c:windowssystem32driversbthport.sys
2008-11-12 00:19 . 2008-06-14 20:59 272,512

c— c:windowssystem32dllcachebthport.sys
2008-11-12 00:17 . 2008-08-14 16:47 2,182,144

c— c:windowssystem32dllcachentoskrnl.exe
2008-11-12 00:17 . 2008-08-14 16:47 2,138,112

c— c:windowssystem32dllcachentkrnlmp.exe
2008-11-12 00:17 . 2008-08-14 16:47 2,059,520

c— c:windowssystem32dllcachentkrnlpa.exe
2008-11-12 00:17 . 2008-08-14 16:47 2,017,792

c— c:windowssystem32dllcachentkrpamp.exe
2008-11-12 00:12 . 2008-11-12 00:25 209 —a

c:windowsWINCMD.INI
2008-11-11 21:47 . 2008-11-16 16:20 d—h

c:windows$hf_mig$
2008-11-11 21:35 . 2008-11-11 21:35 d

c:program filesSiber Systems
2008-11-11 20:51 . 2008-11-11 20:51 d

c:program filesASUS
2008-11-11 20:50 . 2008-11-11 20:53 d

c:windowsNV31763180.TMP
2008-11-11 20:50 . 2007-06-28 19:43 17,254 —a

c:windowssystem32nvwsapps.nvb
2008-11-11 20:47 . 2008-11-14 23:33 d

c:windowssystem32CatRoot_bak
2008-11-11 20:25 . 2008-11-11 20:25 13,646 —a

c:windowssystem32wpa.bak
2008-11-11 20:14 . 2008-11-11 20:14 d

c:program filesAnalog Devices
2008-11-11 20:13 . 2002-04-17 14:05 45,056

c:windowssystem32CleanUp.exe
2008-11-11 20:13 . 2006-09-06 17:43 22,752 —a

c:windowssystem32spupdsvc.exe
2008-11-11 20:09 . 2008-11-11 20:09 d—-c— c:windowssystem32DRVSTORE
2008-11-11 20:09 . 2008-11-11 20:09 d

c:program filesDIFX
2008-11-11 20:09 . 2006-06-18 23:38 43,520 —a

c:windowssystem32driversAmdK8.sys
2008-11-11 20:04 . 2008-11-11 20:04 d

c:windowsASUSInstAll
2008-11-11 20:02 . 2008-11-11 20:02 d

c:program filesNVIDIA Corporation
2008-11-11 20:02 . 2008-11-11 20:02 1,024 —a

C:.rnd
2008-11-11 20:02 . 2008-11-11 20:02 22 —a

c:windowsFileName
2008-11-11 20:00 . 2008-11-11 20:15 14,129 —a

c:windowsAscd_log.ini
2008-11-11 19:50 . 2007-07-12 10:03 12,288 —a

c:windowssystem32driversEIO.sys
2008-11-11 19:49 . 2008-11-11 19:49 d

c:program filesMy Company Name
2008-11-11 19:48 . 2008-11-13 20:51 d—h

c:program filesInstallShield Installation Information
2008-11-11 19:48 . 2004-08-17 16:05 130,048 —a

c:windowssystem32ksproxy.ax
2008-11-11 19:47 . 2008-11-11 20:53 d

c:windowsnview
2008-11-11 19:47 . 2007-06-28 19:43 356,352 —a

c:windowssystem32nvudisp.exe
2008-11-11 19:47 . 2008-11-11 20:54 127,254 —a

c:windowssystem32nvapps.xml
2008-11-11 19:47 . 2007-06-28 19:43 17,463 —a

c:windowssystem32nvdisp.nvu
2008-11-11 19:47 . 2007-06-28 19:43 17,254 —a

c:windowssystem32nvwsapps.xml
2008-11-11 19:46 . 2007-06-29 01:54 356,352 —a

c:windowssystem32NVUNINST.EXE
2008-11-11 19:45 . 2008-11-11 19:46 d

c:program filesCommon FilesInstallShield
2008-11-09 20:31 . 2004-08-12 11:00 5,810 -ra

c:windowssystem32driversASACPI.sys
2008-11-09 20:30 . 2006-10-11 06:33 10,288 —a

c:windowssystem32driversASUSHWIO.SYS
2008-11-09 16:05 . 2008-11-09 15:57 d—h

c:documents and settingsСтепанШаблоны
2008-11-09 16:05 . 2008-11-09 15:57 d—h

c:documents and settingsСтепанШаблоны
2008-11-09 16:05 . 2008-11-15 13:58 d

c:documents and settingsСтепанРабочий стол
2008-11-09 16:05 . 2008-11-15 13:58 d

c:documents and settingsСтепанРабочий стол
2008-11-09 16:05 . 2008-11-14 14:29 dr

c:documents and settingsСтепанМои документы
2008-11-09 16:05 . 2008-11-14 14:29 dr

c:documents and settingsСтепанМои документы
2008-11-09 16:05 . 2008-11-09 18:52 dr

c:documents and settingsСтепанГлавное меню
2008-11-09 16:05 . 2008-11-09 18:52 dr

c:documents and settingsСтепанГлавное меню
2008-11-09 16:05 . 2008-11-13 00:11 dr

c:documents and settingsСтепанИзбранное
2008-11-09 16:05 . 2008-11-13 00:11 dr

c:documents and settingsСтепанИзбранное
2008-11-09 16:03 . 2008-11-09 15:57 d—h

c:windowssystem32configsystemprofileШаблоны
2008-11-09 16:03 . 2008-11-09 18:52 d

c:windowssystem32configsystemprofileРабочий стол
2008-11-09 16:03 . 2008-11-09 18:52 d

c:windowssystem32configsystemprofileМои документы
2008-11-09 16:03 . 2008-11-09 18:52 dr

c:windowssystem32configsystemprofileГлавное меню
2008-11-09 16:03 . 2008-11-09 18:52 d

c:windowssystem32configsystemprofileИзбранное

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-09 13:01

w c:program filesmicrosoft frontpage
2008-10-24 11:10 453,632 —-a-w c:windowssystem32driversmrxsmb.sys
2008-09-30 13:43 1,286,152 —-a-w c:windowssystem32msxml4.dll
2008-09-15 15:40 1,846,144 —-a-w c:windowssystem32win32k.sys
2008-09-04 16:45 1,106,944 —-a-w c:windowssystem32msxml3.dll
2008-08-26 08:26 826,368 —-a-w c:windowssystem32wininet.dll
.

((((((((((((((((((((((((((((( snapshot@2008-11-13_21.52.20,82 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-14 12:00:45 2,560 —-a-w c:windows_MSRSTRT.EXE
+ 2004-08-18 12:00:00 61,440 -c—-w c:windowsie7admparse.dll
+ 2004-08-18 12:00:00 100,352 -c—-w c:windowsie7advpack.dll
+ 2004-08-18 12:00:00 35,328 -c—-w c:windowsie7corpol.dll
+ 2006-06-02 19:33:18 33,792 -c—-w c:windowsie7custsat.dll
+ 2008-08-20 05:37:23 357,888 -c—-w c:windowsie7dxtmsft.dll
+ 2008-08-20 05:37:24 205,312 -c—-w c:windowsie7dxtrans.dll
+ 2008-08-20 05:37:24 55,808 -c—-w c:windowsie7extmgr.dll
+ 2004-08-18 12:00:00 38,912 -c—-w c:windowsie7hmmapi.dll
+ 2004-08-18 12:00:00 34,304 -c—-w c:windowsie7ie4uinit.exe
+ 2004-08-18 12:00:00 139,264 -c—-w c:windowsie7ieakeng.dll
+ 2004-08-18 12:00:00 218,112 -c—-w c:windowsie7ieaksie.dll
+ 2004-08-18 12:00:00 221,184 -c—-w c:windowsie7ieakui.dll
+ 2004-08-18 12:00:00 323,584 -c—-w c:windowsie7iedkcs32.dll
+ 2008-08-19 09:30:39 18,432 -c—-w c:windowsie7iedw.exe
+ 2004-08-18 12:00:00 81,920 -c—-w c:windowsie7ieencode.dll
+ 2008-08-20 05:37:24 251,392 -c—-w c:windowsie7iepeers.dll
+ 2004-08-18 12:00:00 48,640 -c—-w c:windowsie7iernonce.dll
+ 2004-08-18 12:00:00 63,488 -c—-w c:windowsie7iesetup.dll
+ 2004-08-18 12:00:00 93,184 -c—-w c:windowsie7iexplore.exe
+ 2004-08-18 12:00:00 35,840 -c—-w c:windowsie7imgutil.dll
+ 2008-08-20 05:37:24 96,256 -c—-w c:windowsie7inseng.dll
+ 2007-12-18 14:43:09 450,560 -c—-w c:windowsie7jscript.dll
+ 2008-08-20 05:37:28 16,384 -c—-w c:windowsie7jsproxy.dll
+ 2004-08-18 12:00:00 22,016 -c—-w c:windowsie7licmgr10.dll
+ 2004-08-18 12:00:00 29,184 -c—-w c:windowsie7mshta.exe
+ 2008-08-20 05:37:31 3,081,216 -c—-w c:windowsie7mshtml.dll
+ 2008-08-20 05:37:28 449,024 -c—-w c:windowsie7mshtmled.dll
+ 2004-08-18 12:00:00 57,344 -c—-w c:windowsie7mshtmler.dll
+ 2004-08-18 12:00:00 146,432 -c—-w c:windowsie7msls31.dll
+ 2008-08-20 05:37:24 146,432 -c—-w c:windowsie7msrating.dll
+ 2008-08-20 05:37:25 532,480 -c—-w c:windowsie7mstime.dll
+ 2004-08-18 12:00:00 96,768 -c—-w c:windowsie7occache.dll
+ 2008-08-20 05:37:25 39,424 -c—-w c:windowsie7pngfilt.dll
+ 2007-09-27 13:47:40 33,472 -c—-w c:windowsie7spuninstiecustom.dll
+ 2007-09-27 13:45:30 66,048 -c—a-w c:windowsie7spuninstieResetIcons.exe
+ 2006-09-06 14:43:58 214,752 -c—-w c:windowsie7spuninstspuninst.exe
+ 2006-09-06 14:43:58 379,616 -c—-w c:windowsie7spuninstupdspapi.dll
+ 2004-08-18 12:00:00 37,888 -c—-w c:windowsie7url.dll
+ 2008-08-20 05:37:29 615,424 -c—-w c:windowsie7urlmon.dll
+ 2007-12-18 14:43:09 417,792 -c—-w c:windowsie7vbscript.dll
+ 2004-08-18 12:00:00 848,384 -c—-w c:windowsie7vgx.dll
+ 2004-08-18 12:00:00 277,504 -c—-w c:windowsie7webcheck.dll
+ 2008-08-20 05:37:27 659,968 -c—-w c:windowsie7wininet.dll
+ 2007-08-13 15:39:00 123,904 -c—-w c:windowsie7updatesKB953838-IE7advpack.dll
+ 2007-08-13 15:35:46 346,624 -c—-w c:windowsie7updatesKB953838-IE7dxtmsft.dll
+ 2007-08-13 15:35:38 214,528 -c—-w c:windowsie7updatesKB953838-IE7dxtrans.dll
+ 2007-08-13 15:54:10 131,584 -c—-w c:windowsie7updatesKB953838-IE7extmgr.dll
+ 2007-08-13 15:36:26 61,952 -c—-w c:windowsie7updatesKB953838-IE7icardie.dll
+ 2007-08-13 15:39:06 54,784 -c—-w c:windowsie7updatesKB953838-IE7ie4uinit.exe
+ 2007-08-13 15:39:26 152,064 -c—-w c:windowsie7updatesKB953838-IE7ieakeng.dll
+ 2007-08-13 15:39:54 229,376 -c—-w c:windowsie7updatesKB953838-IE7ieaksie.dll
+ 2007-08-13 14:56:54 161,792 -c—-w c:windowsie7updatesKB953838-IE7ieakui.dll
+ 2007-02-12 13:10:12 2,451,312 -c—-w c:windowsie7updatesKB953838-IE7ieapfltr.dat
+ 2007-07-11 09:27:48 383,488 -c—-w c:windowsie7updatesKB953838-IE7ieapfltr.dll
+ 2007-08-13 15:39:50 382,976 -c—-w c:windowsie7updatesKB953838-IE7iedkcs32.dll
+ 2007-08-13 15:54:10 6,049,280 -c—-w c:windowsie7updatesKB953838-IE7ieframe.dll
+ 2007-08-13 15:39:10 43,008 -c—-w c:windowsie7updatesKB953838-IE7iernonce.dll
+ 2007-08-13 15:34:04 266,752 -c—-w c:windowsie7updatesKB953838-IE7iertutil.dll
+ 2007-08-13 15:39:10 13,312 -c—-w c:windowsie7updatesKB953838-IE7ieudinit.exe
+ 2007-08-13 15:43:56 622,080 -c—-w c:windowsie7updatesKB953838-IE7iexplore.exe
+ 2007-08-13 15:54:10 27,136 -c—-w c:windowsie7updatesKB953838-IE7jsproxy.dll
+ 2007-08-13 15:54:10 458,752 -c—-w c:windowsie7updatesKB953838-IE7msfeeds.dll
+ 2007-08-13 15:54:10 50,688 -c—-w c:windowsie7updatesKB953838-IE7msfeedsbs.dll
+ 2007-08-13 15:54:12 3,578,368 -c—-w c:windowsie7updatesKB953838-IE7mshtml.dll
+ 2007-08-13 15:54:10 475,648 -c—-w c:windowsie7updatesKB953838-IE7mshtmled.dll
+ 2007-08-13 15:44:26 192,000 -c—-w c:windowsie7updatesKB953838-IE7msrating.dll
+ 2007-08-13 15:54:10 670,720 -c—-w c:windowsie7updatesKB953838-IE7mstime.dll
+ 2007-08-13 15:44:06 101,376 -c—-w c:windowsie7updatesKB953838-IE7occache.dll
+ 2007-08-13 15:36:12 44,544 -c—-w c:windowsie7updatesKB953838-IE7pngfilt.dll
+ 2007-03-06 03:35:22 22,752 -c—-w c:windowsie7updatesKB953838-IE7spcustom.dll
+ 2007-03-06 03:35:24 14,560 -c—-w c:windowsie7updatesKB953838-IE7spmsg.dll
+ 2007-03-06 03:35:29 214,752 -c—-w c:windowsie7updatesKB953838-IE7spuninst.exe
+ 2007-03-06 03:35:29 214,752 -c—-w c:windowsie7updatesKB953838-IE7spuninstspuninst.exe
+ 2007-03-06 03:36:39 379,616 -c—-w c:windowsie7updatesKB953838-IE7spuninstupdspapi.dll
+ 2007-03-06 03:35:47 720,608 -c—-w c:windowsie7updatesKB953838-IE7update.exe
+ 2007-03-06 03:36:39 379,616 -c—-w c:windowsie7updatesKB953838-IE7updspapi.dll
+ 2007-08-13 15:44:30 105,984 -c—-w c:windowsie7updatesKB953838-IE7url.dll
+ 2007-08-13 15:54:10 1,162,240 -c—-w c:windowsie7updatesKB953838-IE7urlmon.dll
+ 2007-08-13 15:54:10 231,424 -c—-w c:windowsie7updatesKB953838-IE7webcheck.dll
+ 2007-08-13 15:54:10 818,688 -c—-w c:windowsie7updatesKB953838-IE7wininet.dll
+ 2008-11-14 17:13:52 32,768 —-a-r c:windowsInstaller{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}icon.exe
+ 2008-11-14 22:53:08 77,824 —-a-r c:windowsInstaller{AA11000A-C75E-487C-88FC-37AA1AACFB65}ARPPRODUCTICON.exe
+ 2008-11-14 22:53:09 77,824 —-a-r c:windowsInstaller{AA11000A-C75E-487C-88FC-37AA1AACFB65}ICON_Lingvo.exe
+ 2008-11-14 22:53:09 53,248 —-a-r c:windowsInstaller{AA11000A-C75E-487C-88FC-37AA1AACFB65}ICON_LingvoInst.exe
+ 2008-11-14 22:53:09 53,248 —-a-r c:windowsInstaller{AA11000A-C75E-487C-88FC-37AA1AACFB65}ICON_SetupPPC.exe
+ 2008-11-14 22:53:09 1,314,816 —-a-r c:windowsInstaller{AA11000A-C75E-487C-88FC-37AA1AACFB65}ICON_Tutor.exe
— 2004-08-18 12:00:00 61,440 —-a-w c:windowssystem32admparse.dll
+ 2007-08-13 15:39:20 71,680 —-a-w c:windowssystem32admparse.dll
— 2004-08-18 12:00:00 100,352 —-a-w c:windowssystem32advpack.dll
+ 2008-08-26 08:26:53 124,928 —-a-w c:windowssystem32advpack.dll
— 2004-08-18 12:00:00 61,440 -c—a-w c:windowssystem32dllcacheadmparse.dll
+ 2007-08-13 15:39:20 71,680 -c—a-w c:windowssystem32dllcacheadmparse.dll
— 2004-08-18 12:00:00 100,352 -c—a-w c:windowssystem32dllcacheadvpack.dll
+ 2008-08-26 08:26:53 124,928 -c—-w c:windowssystem32dllcacheadvpack.dll
— 2006-06-02 19:33:18 33,792 -c—a-w c:windowssystem32dllcachecustsat.dll
+ 2007-08-13 15:54:10 33,792 -c—a-w c:windowssystem32dllcachecustsat.dll
— 2008-08-20 05:37:23 357,888 -c—a-w c:windowssystem32dllcachedxtmsft.dll
+ 2008-08-26 08:26:53 347,136 -c—-w c:windowssystem32dllcachedxtmsft.dll
— 2008-08-20 05:37:24 205,312 -c—a-w c:windowssystem32dllcachedxtrans.dll
+ 2008-08-26 08:26:53 214,528 -c—-w c:windowssystem32dllcachedxtrans.dll
— 2004-08-18 12:00:00 243,200 -c—a-w c:windowssystem32dllcachees.dll
+ 2008-07-07 20:32:21 253,952 -c—a-w c:windowssystem32dllcachees.dll
— 2008-08-20 05:37:24 55,808 -c—a-w c:windowssystem32dllcacheextmgr.dll
+ 2008-08-26 08:26:53 133,120 -c—-w c:windowssystem32dllcacheextmgr.dll
— 2004-08-18 12:00:00 38,912 -c—a-w c:windowssystem32dllcachehmmapi.dll
+ 2007-08-13 15:18:02 60,416 -c—a-w c:windowssystem32dllcachehmmapi.dll
— 2004-08-18 12:00:00 34,304 -c—a-w c:windowssystem32dllcacheie4uinit.exe
+ 2008-08-25 08:42:17 70,656 -c—-w c:windowssystem32dllcacheie4uinit.exe
— 2004-08-18 12:00:00 139,264 -c—a-w c:windowssystem32dllcacheieakeng.dll
+ 2008-08-26 08:26:53 153,088 -c—-w c:windowssystem32dllcacheieakeng.dll
— 2004-08-18 12:00:00 218,112 -c—a-w c:windowssystem32dllcacheieaksie.dll
+ 2008-08-26 08:26:54 230,400 -c—-w c:windowssystem32dllcacheieaksie.dll
— 2004-08-18 12:00:00 221,184 -c—a-w c:windowssystem32dllcacheieakui.dll
+ 2008-08-23 05:54:51 161,792 -c—-w c:windowssystem32dllcacheieakui.dll
— 2004-08-18 12:00:00 323,584 -c—a-w c:windowssystem32dllcacheiedkcs32.dll
+ 2008-08-26 08:26:54 384,512 -c—-w c:windowssystem32dllcacheiedkcs32.dll
— 2008-08-19 09:30:39 18,432 -c—a-w c:windowssystem32dllcacheiedw.exe
+ 2007-08-13 15:44:02 69,120 -c—a-w c:windowssystem32dllcacheiedw.exe
— 2004-08-18 12:00:00 81,920 -c—a-w c:windowssystem32dllcacheieencode.dll
+ 2007-08-13 15:45:18 78,336 -c—a-w c:windowssystem32dllcacheieencode.dll
— 2008-08-20 05:37:24 251,392 -c—a-w c:windowssystem32dllcacheiepeers.dll
+ 2007-08-13 15:54:10 191,488 -c—a-w c:windowssystem32dllcacheiepeers.dll
— 2004-08-18 12:00:00 48,640 -c—a-w c:windowssystem32dllcacheiernonce.dll
+ 2008-08-26 08:26:54 44,544 -c—-w c:windowssystem32dllcacheiernonce.dll
— 2004-08-18 12:00:00 63,488 -c—a-w c:windowssystem32dllcacheiesetup.dll
+ 2007-08-13 15:39:12 55,296 -c—a-w c:windowssystem32dllcacheiesetup.dll
— 2004-08-18 12:00:00 93,184 -c—a-w c:windowssystem32dllcacheiexplore.exe
+ 2008-08-23 05:56:15 635,848 -c—-w c:windowssystem32dllcacheiexplore.exe
— 2004-08-18 12:00:00 35,840 -c—a-w c:windowssystem32dllcacheimgutil.dll
+ 2007-08-13 15:36:06 36,352 -c—a-w c:windowssystem32dllcacheimgutil.dll
— 2008-08-20 05:37:24 96,256 -c—a-w c:windowssystem32dllcacheinseng.dll
+ 2007-08-13 15:39:02 92,672 -c—a-w c:windowssystem32dllcacheinseng.dll
— 2007-12-18 14:43:09 450,560 -c—a-w c:windowssystem32dllcachejscript.dll
+ 2007-08-13 15:38:04 491,520 -c—a-w c:windowssystem32dllcachejscript.dll
— 2008-08-20 05:37:28 16,384 -c—a-w c:windowssystem32dllcachejsproxy.dll
+ 2008-08-26 08:26:54 27,648 -c—-w c:windowssystem32dllcachejsproxy.dll
— 2004-08-18 12:00:00 22,016 -c—a-w c:windowssystem32dllcachelicmgr10.dll
+ 2007-08-13 15:44:18 40,960 -c—a-w c:windowssystem32dllcachelicmgr10.dll
— 2004-08-18 12:00:00 29,184 -c—a-w c:windowssystem32dllcachemshta.exe
+ 2007-08-13 15:32:30 45,568 -c—a-w c:windowssystem32dllcachemshta.exe
— 2008-08-20 05:37:31 3,081,216 -c—a-w c:windowssystem32dllcachemshtml.dll
+ 2008-08-27 11:56:56 3,593,216 -c—-w c:windowssystem32dllcachemshtml.dll
— 2008-08-20 05:37:28 449,024 -c—a-w c:windowssystem32dllcachemshtmled.dll
+ 2008-08-26 08:26:56 477,696 -c—-w c:windowssystem32dllcachemshtmled.dll
— 2004-08-18 12:00:00 57,344 -c—a-w c:windowssystem32dllcachemshtmler.dll
+ 2007-08-13 15:01:12 48,128 -c—a-w c:windowssystem32dllcachemshtmler.dll
— 2004-08-18 12:00:00 146,432 -c—a-w c:windowssystem32dllcachemsls31.dll
+ 2007-08-13 15:54:10 156,160 -c—a-w c:windowssystem32dllcachemsls31.dll
— 2008-08-20 05:37:24 146,432 -c—a-w c:windowssystem32dllcachemsrating.dll
+ 2008-08-26 08:26:56 193,024 -c—-w c:windowssystem32dllcachemsrating.dll
— 2008-08-20 05:37:25 532,480 -c—a-w c:windowssystem32dllcachemstime.dll
+ 2008-08-26 08:26:56 671,232 -c—-w c:windowssystem32dllcachemstime.dll
— 2004-08-18 12:00:00 96,768 -c—a-w c:windowssystem32dllcacheoccache.dll
+ 2008-08-26 08:26:56 102,912 -c—-w c:windowssystem32dllcacheoccache.dll
— 2008-08-20 05:37:25 39,424 -c—a-w c:windowssystem32dllcachepngfilt.dll
+ 2008-08-26 08:26:56 44,544 -c—-w c:windowssystem32dllcachepngfilt.dll
— 2004-08-18 12:00:00 37,888 -c—a-w c:windowssystem32dllcacheurl.dll
+ 2008-08-26 08:26:56 105,984 -c—-w c:windowssystem32dllcacheurl.dll
— 2008-08-20 05:37:29 615,424 -c—a-w c:windowssystem32dllcacheurlmon.dll
+ 2008-08-26 08:26:57 1,159,680 -c—-w c:windowssystem32dllcacheurlmon.dll
— 2007-12-18 14:43:09 417,792 -c—a-w c:windowssystem32dllcachevbscript.dll
+ 2007-08-13 15:54:10 413,696 -c—a-w c:windowssystem32dllcachevbscript.dll
— 2004-08-18 12:00:00 848,384 -c—a-w c:windowssystem32dllcachevgx.dll
+ 2007-08-13 15:54:10 765,952 -c—a-w c:windowssystem32dllcacheVGX.dll
— 2004-08-18 12:00:00 277,504 -c—a-w c:windowssystem32dllcachewebcheck.dll
+ 2008-08-26 08:26:57 233,472 -c—-w c:windowssystem32dllcachewebcheck.dll
— 2008-08-20 05:37:27 659,968 -c—a-w c:windowssystem32dllcachewininet.dll
+ 2008-08-26 08:26:57 826,368 -c—-w c:windowssystem32dllcachewininet.dll
— 2008-08-20 05:37:23 357,888 —-a-w c:windowssystem32dxtmsft.dll
+ 2008-08-26 08:26:53 347,136

w c:windowssystem32dxtmsft.dll
— 2008-08-20 05:37:24 205,312 —-a-w c:windowssystem32dxtrans.dll
+ 2008-08-26 08:26:53 214,528

w c:windowssystem32dxtrans.dll
— 2004-08-18 12:00:00 243,200 —-a-w c:windowssystem32es.dll
+ 2008-07-07 20:32:21 253,952 —-a-w c:windowssystem32es.dll
— 2008-08-20 05:37:24 55,808 —-a-w c:windowssystem32extmgr.dll
+ 2008-08-26 08:26:53 133,120

w c:windowssystem32extmgr.dll
— 2008-11-12 21:11:26 105,416 —-a-w c:windowssystem32FNTCACHE.DAT
+ 2008-11-15 08:28:58 95,072 —-a-w c:windowssystem32FNTCACHE.DAT
+ 2008-08-26 08:26:53 63,488 —-a-w c:windowssystem32icardie.dll
— 2004-08-18 12:00:00 34,304 —-a-w c:windowssystem32ie4uinit.exe
+ 2008-08-25 08:42:17 70,656

w c:windowssystem32ie4uinit.exe
— 2004-08-18 12:00:00 139,264 —-a-w c:windowssystem32ieakeng.dll
+ 2008-08-26 08:26:53 153,088

w c:windowssystem32ieakeng.dll
— 2004-08-18 12:00:00 218,112 —-a-w c:windowssystem32ieaksie.dll
+ 2008-08-26 08:26:54 230,400

w c:windowssystem32ieaksie.dll
— 2004-08-18 12:00:00 221,184 —-a-w c:windowssystem32ieakui.dll
+ 2008-08-23 05:54:51 161,792

w c:windowssystem32ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 —-a-w c:windowssystem32ieapfltr.dat
+ 2008-08-26 08:26:54 383,488 —-a-w c:windowssystem32ieapfltr.dll
— 2004-08-18 12:00:00 323,584 —-a-w c:windowssystem32iedkcs32.dll
+ 2008-08-26 08:26:54 384,512

w c:windowssystem32iedkcs32.dll
— 2004-08-18 12:00:00 81,920 —-a-w c:windowssystem32ieencode.dll
+ 2007-08-13 15:45:18 78,336 —-a-w c:windowssystem32ieencode.dll
+ 2008-10-03 17:26:32 6,066,176 —-a-w c:windowssystem32ieframe.dll
— 2008-08-20 05:37:24 251,392 —-a-w c:windowssystem32iepeers.dll
+ 2007-08-13 15:54:10 191,488 —-a-w c:windowssystem32iepeers.dll
— 2004-08-18 12:00:00 48,640 —-a-w c:windowssystem32iernonce.dll
+ 2008-08-26 08:26:54 44,544

w c:windowssystem32iernonce.dll
+ 2008-08-26 08:26:54 267,776 —-a-w c:windowssystem32iertutil.dll
— 2004-08-18 12:00:00 63,488 —-a-w c:windowssystem32iesetup.dll
+ 2007-08-13 15:39:12 55,296 —-a-w c:windowssystem32iesetup.dll
+ 2007-08-13 15:54:10 180,736

w c:windowssystem32ieui.dll
— 2004-08-18 12:00:00 35,840 —-a-w c:windowssystem32imgutil.dll
+ 2007-08-13 15:36:06 36,352 —-a-w c:windowssystem32imgutil.dll
— 2008-08-20 05:37:24 96,256 —-a-w c:windowssystem32inseng.dll
+ 2007-08-13 15:39:02 92,672 —-a-w c:windowssystem32inseng.dll
— 2007-12-18 14:43:09 450,560 —-a-w c:windowssystem32jscript.dll
+ 2007-08-13 15:38:04 491,520 —-a-w c:windowssystem32jscript.dll
— 2008-08-20 05:37:28 16,384 —-a-w c:windowssystem32jsproxy.dll
+ 2008-08-26 08:26:54 27,648

w c:windowssystem32jsproxy.dll
— 2004-08-18 12:00:00 22,016 —-a-w c:windowssystem32licmgr10.dll
+ 2007-08-13 15:44:18 40,960 —-a-w c:windowssystem32licmgr10.dll
+ 2008-08-26 08:26:55 459,264 —-a-w c:windowssystem32msfeeds.dll
+ 2008-08-26 08:26:55 52,224 —-a-w c:windowssystem32msfeedsbs.dll
+ 2007-08-13 15:36:40 12,288

w c:windowssystem32msfeedssync.exe
— 2004-08-18 12:00:00 29,184 —-a-w c:windowssystem32mshta.exe
+ 2007-08-13 15:32:30 45,568 —-a-w c:windowssystem32mshta.exe
— 2008-08-20 05:37:31 3,081,216 —-a-w c:windowssystem32mshtml.dll
+ 2008-08-27 11:56:56 3,593,216 —-a-w c:windowssystem32mshtml.dll
— 2008-08-20 05:37:28 449,024 —-a-w c:windowssystem32mshtmled.dll
+ 2008-08-26 08:26:56 477,696

w c:windowssystem32mshtmled.dll
— 2004-08-18 12:00:00 57,344 —-a-w c:windowssystem32mshtmler.dll
+ 2007-08-13 15:01:12 48,128 —-a-w c:windowssystem32mshtmler.dll
— 2004-08-18 12:00:00 146,432 —-a-w c:windowssystem32msls31.dll
+ 2007-08-13 15:54:10 156,160 —-a-w c:windowssystem32msls31.dll
— 2008-08-20 05:37:24 146,432 —-a-w c:windowssystem32msrating.dll
+ 2008-08-26 08:26:56 193,024

w c:windowssystem32msrating.dll
— 2008-08-20 05:37:25 532,480 —-a-w c:windowssystem32mstime.dll
+ 2008-08-26 08:26:56 671,232

w c:windowssystem32mstime.dll
— 2004-08-18 12:00:00 96,768 —-a-w c:windowssystem32occache.dll
+ 2008-08-26 08:26:56 102,912

w c:windowssystem32occache.dll
— 2008-08-20 05:37:25 39,424 —-a-w c:windowssystem32pngfilt.dll
+ 2008-08-26 08:26:56 44,544

w c:windowssystem32pngfilt.dll
— 2008-07-08 13:21:06 17,784

w c:windowssystem32spmsg.dll
+ 2007-11-30 12:40:54 17,784

w c:windowssystem32spmsg.dll
— 2004-08-18 12:00:00 37,888 —-a-w c:windowssystem32url.dll
+ 2008-08-26 08:26:56 105,984 —-a-w c:windowssystem32url.dll
— 2008-08-20 05:37:29 615,424 —-a-w c:windowssystem32urlmon.dll
+ 2008-08-26 08:26:57 1,159,680 —-a-w c:windowssystem32urlmon.dll
— 2007-12-18 14:43:09 417,792 —-a-w c:windowssystem32vbscript.dll
+ 2007-08-13 15:54:10 413,696 —-a-w c:windowssystem32vbscript.dll
+ 2005-11-14 20:38:44 571,904 —-a-w c:windowssystem32Virtual_Teacher_Screensaver.scr
— 2004-08-18 12:00:00 277,504 —-a-w c:windowssystem32webcheck.dll
+ 2008-08-26 08:26:57 233,472 —-a-w c:windowssystem32webcheck.dll
+ 2007-08-13 15:45:16 206,336

w c:windowssystem32WinFXDocObj.exe
+ 2008-11-14 22:51:44 1,230,336 —-a-w c:windowsWinSxSx86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8damsxml4.dll
+ 2008-09-30 13:42:08 1,286,152 —-a-w c:windowsWinSxSx86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cfmsxml4.dll
+ 2008-11-14 22:51:45 82,432 —-a-w c:windowsWinSxSx86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6amsxml4r.dll
+ 2008-09-30 13:45:12 91,656 —-a-w c:windowsWinSxSx86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bcebmsxml4r.dll
.
— Snapshot reset to current date —
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2004-08-18 15360]
«VTBPanel»=»c:program filesVirtual Teacher ScreensaverVTBackgroundPanel.exe» [2005-11-15 155648]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2007-06-28 8466432]
«SoundMAXPnP»=»c:program filesAnalog DevicesCoresmax4pnp.exe» [2006-12-18 868352]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2007-06-28 81920]
«ASUSGamerOSD»=»c:program filesASUSGamerOSDGamerOSD.exe» [2007-07-12 380928]
«Lingvo Launcher»=»d:soft-wareТренажерыСловариLingvoLvagent.exe» [2005-11-30 106496]
«LingvoTraining»=»d:soft-wareТренажерыСловариLingvoTutor.exe» [2005-11-30 1314816]
«nwiz»=»nwiz.exe» [2007-06-28 c:windowssystem32nwiz.exe]

[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2004-08-18 15360]

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=

R3 asusgsb;ASUS Virtual Video Capture Device Driver;c:windowssystem32driversasusgsb.sys [2008-11-11 12416]
R3 Video3D;ASUS Video3D Service;c:windowssystem32DriversVideo3D32.sys [2008-11-11 10752]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);c:windowssystem32DRIVERSss_bus.sys [2008-11-13 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;c:windowssystem32DRIVERSss_mdfl.sys [2008-11-13 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;c:windowssystem32DRIVERSss_mdm.sys [2008-11-13 109704]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2G]
ShellAutoRuncommand — G:Install.exe

*Newly Created Service* — CATCHME
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-16 17:25:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-11-16 17:26:26
ComboFix-quarantined-files.txt 2008-11-16 14:26:23
ComboFix2.txt 2008-11-13 18:52:40
ComboFix3.txt 2008-11-13 18:48:22
ComboFix4.txt 2008-11-13 18:38:20
ComboFix5.txt 2008-11-16 14:24:34

Pre-Run: 5 164 617 728 байт свободно
Post-Run: 5,162,680,320 байт свободно

449 — E O F — 2008-11-14 17:14:51

Re: Re: Помогите убрать спайдера с машины!

Добро пожаловать

Поиск

Важные инструкции

Как сбросить настройки Firefox (Инструкция)

Как удалить рекламный вирус в браузере (Chrome, Opera, Firefox, Internet Explorer, Edge)

Рекламный вирус в Планировщике заданий

Как запустить компьютер в безопасном режиме (Safe Mode)

Установлено в соответствии с корпоративным правилом (Удалить из Хрома)

СПАЙВАРЕ РУ

Нужна помощь?

Ссылки