- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
вот лог файл комбо фикс
ComboFix
09-01-05.05 — РАЗУМНЫЙ 2009-01-06 22:33:06.1 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.1.1049.18.511.267 [GMT 3:00]
Running from: c:documents and settingsРАЗУМНЫЙРабочий столComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Outdated)
* Created a new restore point
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:recycledRecycled
c:windowssystem32AutoRun.inf
c:windowssystem32hpowiax3.dll
.
((((((((((((((((((((((((( Files Created from 2008-12-06 to 2009-01-06 )))))))))))))))))))))))))))))))
.
2009-01-06 20:33 . 2009-01-06 20:35
c:windowsnview
2009-01-06 20:33 . 2009-01-06 20:42 41,237 —a
c:windowssystem32nvapps.xml
2009-01-06 20:12 . 2009-01-06 20:12
c:program filesSystemRequirementsLab
2009-01-06 16:21 . 2009-01-06 16:21
c:windowsDownloaded Installations
2009-01-06 13:29 . 2009-01-06 16:21
c:program filesD-Tools
2009-01-06 13:29 . 2004-08-22 16:31 155,136 —a
c:windowssystem32driversd347bus.sys
2009-01-06 13:29 . 2004-08-22 16:31 5,248 —a
c:windowssystem32driversd347prt.sys
2009-01-05 13:30 . 2009-01-05 13:30
c:documents and settingsAll Users.WINDOWSApplication DataESET
2009-01-05 02:33 . 2009-01-05 02:33 31,076 —ah
c:windowssystem32mlfcache.dat
2009-01-05 02:31 . 2009-01-05 02:31
c:documents and settingsРАЗУМНЫЙApplication DataApple Computer
2009-01-05 02:30 . 2009-01-05 02:31
c:program filesSafari
2009-01-05 02:29 . 2009-01-05 02:29
c:program filesApple Software Update
2009-01-04 21:13 . 2008-12-21 18:42 70 —a
C:ПАРОЛЬ
2009-01-02 02:53 . 2009-01-06 17:24
C:с камеры
2009-01-02 02:52 . 2004-08-17 16:04 159,232 —a
c:windowssystem32ptpusd.dll
2009-01-02 02:52 . 2001-10-19 21:06 5,632 —a
c:windowssystem32ptpusb.dll
2008-12-30 17:02 . 2008-12-30 17:59
c:program filesBonjour
2008-12-30 17:02 . 2008-12-30 17:02
c:documents and settingsAll Users.WINDOWSApplication DataApple
2008-12-29 00:41 . 2008-12-29 00:41
c:documents and settingsРАЗУМНЫЙApplication Datarambler.ru
2008-12-29 00:40 . 2008-12-29 02:57
c:program filesRambler Assistant
2008-12-29 00:38 . 2008-12-29 19:44
c:documents and settingsРАЗУМНЫЙApplication DataICQ
2008-12-29 00:30 . 2008-12-29 19:44
c:program filesICQ6.5
2008-12-28 22:42 . 2008-12-28 22:43
c:documents and settingsРАЗУМНЫЙApplication Datafoobar2000
2008-12-27 14:14 . 2008-12-27 14:14
c:program filesWinamp Toolbar
2008-12-27 14:14 . 2008-12-27 14:14
c:documents and settingsAll Users.WINDOWSApplication DataWinamp Toolbar
2008-12-27 14:08 . 2009-01-06 17:46
c:program filesWinamp
2008-12-24 01:42 . 2008-12-24 01:42
c:documents and settingsРАЗУМНЫЙApplication DataGetRightToGo
2008-12-20 00:39 . 2008-12-20 00:39 10 —a
c:windowspopcinfo.dat
2008-12-19 18:17 . 2008-12-25 15:40
c:windowsSxsCaPendDel
2008-12-19 11:57 . 2008-10-16 14:06 268,648 —a
c:windowssystem32mucltui.dll
2008-12-19 11:57 . 2008-10-16 14:06 27,496 —a
c:windowssystem32mucltui.dll.mui
2008-12-18 22:10 . 2007-04-09 13:23 28,040 —a
c:windowssystem32mdimon.dll
2008-12-18 22:10 . 2008-12-18 22:10 394 —a
c:windowsODBC.INI
2008-12-18 22:09 . 2008-12-18 22:09
c:program filesMicrosoft.NET
2008-12-18 22:07 . 2008-12-18 22:09
c:windowsSHELLNEW
2008-12-18 10:10 . 2008-12-18 10:10 754 —a
c:windowsWORDPAD.INI
2008-12-18 03:00 . 2008-12-18 03:00
c:program filesMSXML 4.0
2008-12-18 02:47 . 2008-12-18 03:39
c:program filesBT Engine
2008-12-18 02:34 . 2008-12-18 21:58
c:documents and settingsРАЗУМНЫЙApplication DataMra
2008-12-18 02:34 . 2008-12-18 02:34
c:documents and settingsРАЗУМНЫЙApplication DataMail.Ru
2008-12-18 02:19 . 2008-12-19 00:05
c:documents and settingsРАЗУМНЫЙApplication DataskypePM
2008-12-18 02:19 . 2008-12-18 02:19 56 —ah
c:windowssystem32ezsidmv.dat
2008-12-18 02:16 . 2008-12-18 02:16
c:program filesSkype
2008-12-18 02:16 . 2008-12-18 02:16
c:program filesCommon FilesSkype
2008-12-18 02:16 . 2008-12-18 02:16
c:documents and settingsAll Users.WINDOWSApplication DataSkype
2008-12-18 02:16 . 2008-12-25 15:47
c:documents and settingsРАЗУМНЫЙApplication DataSkype
2008-12-17 23:19 . 2009-01-05 13:22
c:program filesNeo Utilities
2008-12-17 19:48 . 2006-12-31 07:57 7,208
c:windowssystem32secupd.sig
2008-12-17 19:48 . 2006-12-31 07:57 7,208 —a—c— c:windowssystem32dllcachesecupd.sig
2008-12-17 19:48 . 2006-12-31 07:57 4,569
c:windowssystem32secupd.dat
2008-12-17 19:48 . 2006-12-31 07:57 4,569 —a—c— c:windowssystem32dllcachesecupd.dat
2008-12-17 18:20 . 2009-01-06 20:02
c:windowssystem32CatRoot_bak
2008-12-17 03:53 . 2004-08-17 16:05 91,136 —a
c:windowssystem32kswdmcap.ax
2008-12-17 03:53 . 2004-08-17 16:05 91,136 —a—c— c:windowssystem32dllcachekswdmcap.ax
2008-12-17 03:53 . 2004-08-17 16:05 61,952 —a
c:windowssystem32kstvtune.ax
2008-12-17 03:53 . 2004-08-17 16:05 61,952 —a—c— c:windowssystem32dllcachekstvtune.ax
2008-12-17 03:53 . 2004-08-17 16:04 54,272 —a
c:windowssystem32vfwwdm32.dll
2008-12-17 03:53 . 2004-08-17 16:04 54,272 —a—c— c:windowssystem32dllcachevfwwdm32.dll
2008-12-17 03:53 . 2004-08-17 16:05 43,008 —a
c:windowssystem32ksxbar.ax
2008-12-17 03:53 . 2004-08-17 16:05 43,008 —a—c— c:windowssystem32dllcacheksxbar.ax
2008-12-17 03:53 . 2004-08-17 16:05 28,672 —a
c:windowssystem32vidcap.ax
2008-12-17 03:53 . 2004-08-17 16:05 28,672 —a—c— c:windowssystem32dllcachevidcap.ax
2008-12-17 03:53 . 2004-08-03 23:10 17,024 —a
c:windowssystem32driversCCDECODE.sys
2008-12-17 03:53 . 2004-08-03 23:10 17,024 —a—c— c:windowssystem32dllcacheccdecode.sys
2008-12-17 03:52 . 2003-05-06 18:00 163,072 —a
c:windowssystem32driversov519vid.sys
2008-12-17 03:52 . 2003-09-25 17:00 135,168 —a
c:windowsov519cap.exe
2008-12-17 03:52 . 2003-05-06 18:00 61,440 —a
c:windowsov519dib.dll
2008-12-17 03:52 . 2003-05-06 18:00 40,960 —a
c:windowssystem32ov519ext.dll
2008-12-17 03:52 . 2003-06-02 23:35 40,960 —a
c:windowsCleanDev.exe
2008-12-17 03:52 . 2003-05-06 18:00 36,099 —a
c:windowsamcap.exe
2008-12-17 03:52 . 2003-05-06 18:00 25,211 —a
c:windowssystem32driversov519cmd.sys
2008-12-17 03:52 . 2003-05-06 18:00 25,099 —a
c:windowssystem32ov519ext.ax
2008-12-17 03:52 . 2003-05-06 18:00 16,426 —a
c:windowssystem32ov519usd.dll
2008-12-17 03:51 . 2009-01-03 20:57
C:download
2008-12-17 03:34 . 2008-12-17 03:34
c:documents and settingsРАЗУМНЫЙApplication DataArcSoft
2008-12-17 03:34 . 2008-12-17 03:34
C:C_DILLA
2008-12-17 03:34 . 2008-12-17 03:34 112,128 -r-h
c:windowsCdaC14BA.DLL
2008-12-17 03:34 . 2008-12-17 03:34 39,936 —a
c:windowssystem32driversCDAC11BA.EXE
2008-12-17 03:34 . 2008-12-17 03:34 30,720 -r-h
c:windowsCdaC13BA.EXE
2008-12-17 03:34 . 2008-12-17 03:33 8,864 —a
c:windowssystem32driversCDAC15BA.SYS
2008-12-17 03:33 . 2002-10-01 09:22 9,856 —a
c:windowssystem32driverspfc.sys
2008-12-17 03:32 . 1995-07-31 13:44 212,480 —a
c:windowsPCDLIB32.DLL
2008-12-17 02:57 . 2008-12-17 02:57
c:documents and settingsРАЗУМНЫЙApplication DataHP
2008-12-17 02:48 . 2008-12-17 02:52
c:documents and settingsРАЗУМНЫЙApplication Datavlc
2008-12-17 02:48 . 2009-01-04 18:27
c:documents and settingsРАЗУМНЫЙApplication Datadvdcss
2008-12-17 02:06 . 2008-12-17 02:06 25 —a
c:windowscdplayer.ini
2008-12-17 02:02 . 2008-12-17 02:02
c:program filesCommon Filesxing shared
2008-12-17 01:23 . 2008-12-19 18:17
c:documents and settingsAll Users.WINDOWSApplication DataDriverScanner
2008-12-17 01:23 . 2008-12-19 18:17
c:documents and settingsРАЗУМНЫЙApplication DataUniblue
2008-12-17 01:09 . 2008-12-17 01:09
c:documents and settingsAll Users.WINDOWSApplication DataWEBREG
2008-12-17 01:08 . 2007-03-08 07:20 49,920 -ra
c:windowssystem32driversHPZid412.sys
2008-12-17 01:08 . 2007-03-08 07:20 16,496 -ra
c:windowssystem32driversHPZipr12.sys
2008-12-17 01:07 . 2008-12-17 01:07
c:documents and settingsAll Users.WINDOWSApplication DataHewlett-Packard
2008-12-17 01:07 . 2007-03-30 18:07 267,864 -ra
c:windowssystem32hpzids01.dll
2008-12-17 01:07 . 2007-03-28 14:01 117,760 —a
c:windowssystem32hpzll5ha.dll
2008-12-17 01:07 . 2007-03-08 07:20 21,568 -ra
c:windowssystem32driversHPZius12.sys
2008-12-17 01:06 . 2007-03-17 19:11 569,344 -ra
c:windowssystem32hpotscl3.dll
2008-12-17 01:06 . 2007-03-08 07:20 364,544 -ra
c:windowssystem32hppldcoi.dll
2008-12-17 01:06 . 2007-03-08 07:20 309,760 -ra
c:windowssystem32difxapi.dll
2008-12-17 01:06 . 2007-03-17 19:11 303,104 -ra
c:windowssystem32hpovst10.dll
2008-12-17 01:06 . 2004-08-03 22:58 15,104 —a
c:windowssystem32driversusbscan.sys
2008-12-17 01:06 . 2004-08-03 22:58 15,104 —a—c— c:windowssystem32dllcacheusbscan.sys
2008-12-17 01:04 . 2008-12-17 01:04
c:documents and settingsAll Users.WINDOWSApplication DataHPSSUPPLY
2008-12-17 01:04 . 2008-12-17 01:04
c:documents and settingsРАЗУМНЫЙApplication DataHPAppData
2008-12-17 01:02 . 2008-12-17 01:02
c:documents and settingsAll Users.WINDOWSApplication DataHP Product Assistant
2008-12-17 01:02 . 2008-12-17 01:03
c:documents and settingsAll Users.WINDOWSApplication DataHP
2008-12-17 00:59 . 2004-08-03 23:08 26,496 —a—c— c:windowssystem32dllcacheusbstor.sys
2008-12-17 00:57 . 2008-12-17 18:22 153,266 —a
c:windowshpoins14.dat
2008-12-17 00:57 . 2007-06-06 02:07 2,000
c:windowshpomdl14.dat
2008-12-17 00:25 . 2008-10-16 23:33 6,066,176
c— c:windowssystem32dllcacheieframe.dll
2008-12-17 00:25 . 2007-04-17 12:32 2,455,488
c— c:windowssystem32dllcacheieapfltr.dat
2008-12-17 00:25 . 2007-03-08 08:12 1,060,864
c— c:windowssystem32dllcacheieframe.dll.mui
2008-12-17 00:25 . 2008-10-16 23:33 459,264
c— c:windowssystem32dllcachemsfeeds.dll
2008-12-17 00:25 . 2008-10-16 23:33 383,488
c— c:windowssystem32dllcacheieapfltr.dll
2008-12-17 00:25 . 2008-10-16 23:33 267,776
c— c:windowssystem32dllcacheiertutil.dll
2008-12-17 00:25 . 2008-10-16 23:33 63,488
c— c:windowssystem32dllcacheicardie.dll
2008-12-17 00:25 . 2008-10-16 23:33 52,224
c— c:windowssystem32dllcachemsfeedsbs.dll
2008-12-17 00:25 . 2008-10-16 16:11 13,824
c— c:windowssystem32dllcacheieudinit.exe
2008-12-17 00:24 . 2008-12-17 00:26
c:windowssystem32ru-ru
2008-12-17 00:04 . 2008-12-17 00:04
c:program filesOpenAL
2008-12-17 00:04 . 2008-12-17 00:04 413,696 —a
c:windowssystem32wrap_oal.dll
2008-12-17 00:04 . 2008-12-17 00:04 110,592 —a
c:windowssystem32OpenAL32.dll
2008-12-17 00:03 . 2008-12-17 00:03
c:program filesЧАРОДЕЙКИ
2008-12-16 17:10 . 2008-12-16 17:10
c:documents and settingsAll Users.WINDOWSApplication DataEscapeTheMuseum
2008-12-15 22:20 . 2008-12-15 22:20
c:program filesAkelPad
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-06 17:34
d
w c:program filesFlashGet
2009-01-05 21:34
d—h—w c:program filesInstallShield Installation Information
2008-12-25 08:39
d
w c:program filesCommon FilesAdobe
2008-12-20 08:24
d
w c:program filesSeekeen
2008-12-19 15:15
d
w c:program filesИгры
2008-12-18 00:23
d
w c:program filesuTorrent [tfile.ru]
2008-12-18 00:23
d
w c:program filesMass Downloader
2008-12-18 00:23
d
w c:program filesCommon FilesSymantec Shared
2008-12-16 23:02
d
w c:program filesCommon FilesReal
2008-12-16 23:01
d
w c:program filesReal
2008-12-11 20:06
d
w c:program filesMail.Ru
2008-12-11 19:10
d
w c:program filesDAEMON Tools
2008-12-11 13:51
d
w c:program filesCommon FilesYandex
2008-12-05 08:01
d
w c:program filesCommon FilesDirectX
2008-12-05 06:51
d
w c:program filesJava
2008-12-04 13:22
d
w c:program filesMyCentria
2008-12-04 13:21
d
w c:program filesBarbie
2008-12-01 19:26
d
w c:program filesLizardTech
2008-11-22 14:15
d
w c:program filesSun
2008-11-15 22:26
d
w c:program filesICQ6
2008-11-14 15:13
d
w c:program filesWinMPG VideoConvert
2008-11-14 14:59
d
w c:program filesDivX
2008-11-07 19:48
d
w c:program filesQuickTime
2008-11-07 13:55
d
w c:program filesBarbie(TM)
2008-11-01 08:29 774,144 —-a-w c:program filesRngInterstitial.dll
2008-10-23 13:01 283,648 —-a-w c:windowssystem32gdi32.dll
2008-10-16 20:33 826,368 —-a-w c:windowssystem32wininet.dll
2008-10-16 11:13 1,809,944 —-a-w c:windowssystem32wuaueng.dll
2008-10-16 11:12 561,688 —-a-w c:windowssystem32wuapi.dll
2008-10-16 11:12 323,608 —-a-w c:windowssystem32wucltui.dll
2008-10-16 11:12 202,776 —-a-w c:windowssystem32wuweb.dll
2008-10-16 11:09 92,696 —-a-w c:windowssystem32cdm.dll
2008-10-16 11:09 51,224 —-a-w c:windowssystem32wuauclt.exe
2008-10-16 11:09 43,544 —-a-w c:windowssystem32wups2.dll
2008-10-16 11:08 34,328 —-a-w c:windowssystem32wups.dll
2008-10-16 11:07 208,744 —-a-w c:windowssystem32muweb.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}»= «c:program filesWinamp Toolbarwinamptb.dll» [2008-07-16 1266992]
[HKEY_CLASSES_ROOTclsid{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOTWINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOTTypeLib{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOTWINAMPTB.AOLTBSearch]
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2004-08-17 15360]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«TkBellExe»=»c:program filesCommon FilesRealUpdate_OBrealsched.exe» [2008-12-17 185872]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2008-07-01 1447168]
«DAEMON Tools-1033″=»c:program filesD-Toolsdaemon.exe» [2004-08-22 81920]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 9.0ReaderReader_sl.exe» [2008-06-12 34672]
«NeoBackup»=»c:program filesNeo Utilitiesneobackup.exe» [2006-01-20 1340416]
«HP Software Update»=»c:program filesHPHP Software UpdateHPWuSchd2.exe» [2007-03-11 49152]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2005-11-04 7307264]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2005-11-04 86016]
«Ярлык для страницы свойств High Definition Audio»=»HDAudPropShortcut.exe» [2004-03-17 c:windowssystem32Hdaudpropshortcut.exe]
«SoundMan»=»SOUNDMAN.EXE» [2004-09-23 c:windowsSOUNDMAN.EXE]
«AlcWzrd»=»ALCWZRD.EXE» [2004-09-24 c:windowsALCWZRD.EXE]
«nwiz»=»nwiz.exe» [2005-11-04 c:windowssystem32nwiz.exe]
[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2004-08-17 15360]
c:documents and settingsAll Users.WINDOWSѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
HP Digital Imaging Monitor.lnk — c:program filesHPDigital Imagingbinhpqtra08.exe [2007-03-11 210520]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager]
BootExecute REG_MULTI_SZ autocheck autochk *0
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-]
«MAgent»=c:documents and settingsРАЗУМНЫЙApplication DataMail.RuAgentMAgent.exe -CU
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun-]
«Flashget»=»c:program filesFlashGetFlashGet.exe» /min
«Pragma5″=c:program filesTrident SoftwarePragmaprestart.exe
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\uTorrent [tfile.ru]\utorrent.exe»=
«c:\Program Files\FlashGet\flashget.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=
«c:\Program Files\ICQ6.5\ICQ.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [2008-07-01 34312]
R4 ekrn;Eset Service;c:program filesEsetESET NOD32 Antivirusekrn.exe [2007-12-21 468224]
S4 PTsup5;PsViatau;c:program filesTrident SoftwarePragmaPTsup5.exe [2008-07-01 81192]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the ‘Scheduled Tasks’ folder
2009-01-04 c:windowsTasksAppleSoftwareUpdate.job
— c:program filesApple Software UpdateSoftwareUpdate.exe [2008-04-11 17:57]
.
— — — — ORPHANS REMOVED — — — —
HKLM-Run-APVXDWIN — c:program filesPanda SecurityPanda Internet Security 2008APVXDWIN.EXE
HKLM-Run-WinampAgent — c:program filesWinampwinampa.exe
.
Supplementary Scan
.
uInternet Connection Wizard,ShellNext = hxxp://www.pandasoftware.com/redirector/?prod=208&app=WindowsUpdate&lang=rus
IE: &Winamp Search — c:documents and settingsAll Users.WINDOWSApplication DataWinamp ToolbarieToolbarresourcesen-USlocalsearch.html
IE: &Закачать все при помощи FlashGet — c:program filesFlashGetjc_all.htm
IE: &Закачать при помощи FlashGet — c:program filesFlashGetjc_link.htm
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: Добавить в Rambler-Закладки — c:program filesRambler AssistantramblertoolbarU0.dll/zakladki.htm
IE: Найти с помощью Рамблера — c:program filesRambler AssistantramblertoolbarU0.dll/search.htm
IE: Перевести с помощью словарей Рамблера — c:program filesRambler AssistantramblertoolbarU0.dll/dic.htm
TCP: {DD201F27-ADEB-4DB4-9E1F-35C6126A2052} = 62.213.0.12 62.213.2.1
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-06 22:36:13
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
**************************************************************************
.
Completion time: 2009-01-06 22:39:09
ComboFix-quarantined-files.txt 2009-01-06 19:37:51
Pre-Run: 1 704 366 080 байт свободно
Post-Run: 1,700,462,592 байт свободно
266 — E O F — 2008-12-29 18:11:08
