Здравствуйте. лог Combofix:
ComboFix 11-01-10.07 — Общий компьютер 11.01.2011 14:33:14.1.2 — x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1251.7.1049.18.2046.916 [GMT 5:00]
Running from: c:usersОбщий компьютерDesktopComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
AV: Panda Internet Security 2010 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}
FW: Panda Personal Firewall 2010 *Disabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
SP: Microsoft Security Essentials *Disabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Panda Internet Security 2010 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:program files\setup.exe
c:program filesSetup.exe
c:usersОбщий компьютерAppDataRoaming.#
.
((((((((((((((((((((((((( Files Created from 2010-12-11 to 2011-01-11 )))))))))))))))))))))))))))))))
.
2011-01-11 09:43 . 2011-01-11 09:43
d
w- c:usersDefaultAppDataLocaltemp
2011-01-11 09:03 . 2010-11-10 04:33 6273872 —-a-w- c:programdataMicrosoftMicrosoft AntimalwareDefinition Updates{7F402425-31C9-468E-B678-69386F841A22}mpengine.dll
2011-01-08 13:10 . 2011-01-08 13:10
d
w- c:program filesCommon FilesSkype
2011-01-04 10:10 . 2011-01-04 10:10
d
w- c:program filesMicrosoft CAPICOM 2.1.0.2
2011-01-03 13:19 . 2011-01-03 13:19
d
w- c:programdataLogiShrd
2011-01-03 13:17 . 2011-01-03 13:17
d
w- c:usersОбщий компьютерAppDataLocalLogiShrd
2011-01-03 13:15 . 2011-01-03 13:15
d
w- c:usersОбщий компьютерAppDataRoamingLeadertech
2011-01-03 13:15 . 2011-01-03 13:15 53248 —-a-r- c:usersОбщий компьютерAppDataRoamingMicrosoftInstaller{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}ARPPRODUCTICON.exe
2011-01-03 13:15 . 2011-01-11 08:57
d
w- c:windowssystem32logishrd
2011-01-03 13:15 . 2011-01-03 13:15
d
w- c:programdataLogitech
2011-01-03 13:14 . 2011-01-03 13:14
d
w- c:program filesCommon FilesLWS
2011-01-03 13:14 . 2011-01-03 13:16
d
w- c:program filesLogitech
2011-01-03 13:01 . 2011-01-03 13:16
d
w- c:program filesCommon Fileslogishrd
2010-12-28 05:27 . 2010-12-28 05:27
d
w- c:usersОбщий компьютерAppDataRoamingPeerNetworking
2010-12-23 17:24 . 2010-12-23 17:24
d
w- c:programdataGuard.Mail.Ru
2010-12-16 04:57 . 2010-10-18 13:37 81920 —-a-w- c:windowssystem32consent.exe
2010-12-16 04:56 . 2010-10-28 13:20 2048 —-a-w- c:windowssystem32tzres.dll
2010-12-16 04:55 . 2010-11-03 10:51 2409784 —-a-w- c:program filesWindows MailOESpamFilter.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-03 13:15 . 2011-01-03 13:15 53248 —-a-r- c:usersОбщий компьютерAppDataRoamingMicrosoftInstaller{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}ARPPRODUCTICON.exe
2011-01-03 13:15 . 2011-01-03 13:15 53248 —-a-r- c:usersОбщий компьютерAppDataRoamingMicrosoftInstaller{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}ARPPRODUCTICON.exe
2010-11-12 13:53 . 2010-05-04 14:18 472808 —-a-w- c:windowssystem32deployJava1.dll
2010-11-10 04:33 . 2010-08-26 03:23 6273872 —-a-w- c:programdataMicrosoftMicrosoft AntimalwareDefinition UpdatesBackupmpengine.dll
2010-11-09 21:49 . 2010-11-09 21:49 4323040 —-a-w- c:windowssystem32driverslvuvc.sys
2010-11-09 21:49 . 2010-11-09 21:49 539232 —-a-w- c:windowssystem32LVUI2RC.dll
2010-11-09 21:49 . 2010-11-09 21:49 543328 —-a-w- c:windowssystem32LVUI2.dll
2010-11-09 21:47 . 2010-11-09 21:47 195168 —-a-w- c:windowssystem32lvci13101216.dll
2010-11-09 21:47 . 2010-11-09 21:47 416352 —-a-w- c:windowssystem32lvcodec2.dll
2010-11-09 21:45 . 2010-11-09 21:45 102744 —-a-w- c:windowssystem32LogiDPPApp.exe
2010-11-09 21:45 . 2010-11-09 21:45 10871128 —-a-w- c:windowssystem32LogiDPP.dll
2010-11-09 21:45 . 2010-11-09 21:45 316248 —-a-w- c:windowssystem32DevManagerCore.dll
2010-10-19 20:51 . 2009-12-21 04:50 222080
w- c:windowssystem32MpSigStub.exe
2010-10-18 08:00 . 2010-11-03 11:33 108032 —-a-w- c:windowssystem32ff_vfw.dll
2010-05-28 12:40 . 2010-05-28 12:40 3091968 —-a-w- c:program filesopenofficeorg32.msi
2002-03-11 09:06 . 2002-03-11 09:06 1822520 —-a-w- c:program filesinstmsiw.exe
2002-03-11 08:45 . 2002-03-11 08:45 1708856 —-a-w- c:program filesinstmsia.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersegisPSDP]
@=»{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}»
[HKEY_CLASSES_ROOTCLSID{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-10-27 08:05 40496 —-a-w- c:program filesEgisTecMyWinLocker 3x86PSDProtect.dll
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«swg»=»c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe» [2009-11-28 68856]
«Sidebar»=»c:program filesWindows Sidebarsidebar.exe» [2009-04-11 1233920]
«msnmsgr»=»c:program filesWindows LiveMessengermsnmsgr.exe» [2010-09-22 4240760]
«WMPNSCFG»=»c:program filesWindows Media PlayerWMPNSCFG.exe» [2008-01-21 202240]
«CollaborationHost»=»c:windowssystem32p2phost.exe» [2008-01-21 192000]
«Logitech Vid»=»c:program filesLogitechVid HDVid.exe» [2010-10-29 5915480]
«Skype»=»c:program filesSkypePhoneSkype.exe» [2011-01-03 15028104]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«IAAnotif»=»c:program filesIntelIntel Matrix Storage Manageriaanotif.exe» [2008-09-12 182808]
«RtHDVCpl»=»c:program filesRealtekAudioHDARtHDVCpl.exe» [2009-03-10 6957600]
«Google Desktop Search»=»c:program filesGoogleGoogle Desktop SearchGoogleDesktop.exe» [2010-07-25 30192]
«EgisTecLiveUpdate»=»c:program filesEgisTec Egis Software UpdateEgisUpdate.exe» [2008-10-27 199464]
«mwlDaemon»=»c:program filesEgisTecMyWinLocker 3x86mwlDaemon.exe» [2008-10-27 346672]
«APVXDWIN»=»c:program filesPanda SecurityPanda Internet Security 2010APVXDWIN.EXE» [2009-09-25 906496]
«SCANINICIO»=»c:program filesPanda SecurityPanda Internet Security 2010Inicio.exe» [2009-08-12 56064]
«Skytel»=»c:program filesRealtekAudioHDASkytel.exe» [2009-03-10 1833504]
«Share-to-Web Namespace Daemon»=»c:program filesHewlett-PackardHP Share-to-Webhpgs2wnd.exe» [2002-04-17 69632]
«hpqSRMon»=»c:program filesHewlett-PackardDigital ImagingbinhpqSRMon.exe» [2008-08-20 150016]
«HP Software Update»=»c:program filesHewlett-PackardHP Software UpdateHPWuSchd2.exe» [2008-12-08 54576]
«MSSE»=»c:program filesMicrosoft Security Essentialsmsseces.exe» [2010-09-14 1094224]
«SunJavaUpdateSched»=»c:program filesCommon FilesJavaJava Updatejusched.exe» [2010-05-14 248552]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 9.0ReaderReader_sl.exe» [2010-09-22 35760]
«Adobe ARM»=»c:program filesCommon FilesAdobeARM1.0AdobeARM.exe» [2010-09-20 932288]
«Guard.Mail.ru.gui»=»c:program filesMail.RuGuardGuardMailRu.exe» [2010-12-23 1041088]
«LWS»=»c:program filesLogitechLWSWebcam SoftwareLWS.exe» [2010-05-07 165208]
c:usersЋЎйЁ© Є®¬ЇмовҐаAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
Logitech . ђҐЈЁбва жЁп Џа®¤гЄв .lnk — c:program filesLogitechEregeReg.exe [2009-11-16 517384]
c:programdataMicrosoftWindowsStart MenuProgramsStartup
Њ®Ёв®а ЂЏ‘-ЏҐз вм.lnk — h:bp6RSPrintPrintMon.exe [N/A]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«EnableUIADesktopToggle»= 0 (0x0)
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavldr]
2008-03-18 11:58 58672 —-a-w- c:windowsSystem32avldr.dll
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifycpcsp]
2009-07-29 04:47 717824 —-a-w- c:program filesCrypto ProCSPcpcspi.dll
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwindows]
«AppInit_DLLs»=c:progra~1GoogleGOOGLE~1GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«mixer6″=wdmaud.drv
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 wdigest tspkg cpssl
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMsMpSvc]
@=»Service»
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPskSvcRetail]
@=»Service»
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalR5BaseSmc]
@=»»
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSCardSvr]
@=»»
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimaltoken]
@=»»
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
@=»»
R1 aatksjzf;aatksjzf;c:windowssystem32driversaatksjzf.sys [x]
R1 abrqfgyd;abrqfgyd;c:windowssystem32driversabrqfgyd.sys [x]
R1 acbmeiun;acbmeiun;c:windowssystem32driversacbmeiun.sys [x]
R1 acejoghr;acejoghr;c:windowssystem32driversacejoghr.sys [x]
R1 acipanif;acipanif;c:windowssystem32driversacipanif.sys [x]
R1 aeqvvcmr;aeqvvcmr;c:windowssystem32driversaeqvvcmr.sys [x]
R1 aitmohax;aitmohax;c:windowssystem32driversaitmohax.sys [x]
R1 alejpbzl;alejpbzl;c:windowssystem32driversalejpbzl.sys [x]
R1 alpbmjcf;alpbmjcf;c:windowssystem32driversalpbmjcf.sys [x]
R1 anhtuzog;anhtuzog;c:windowssystem32driversanhtuzog.sys [x]
R1 aoftixqm;aoftixqm;c:windowssystem32driversaoftixqm.sys [x]
R1 aotupanc;aotupanc;c:windowssystem32driversaotupanc.sys [x]
R1 atbexzho;atbexzho;c:windowssystem32driversatbexzho.sys [x]
R1 atvfxbzn;atvfxbzn;c:windowssystem32driversatvfxbzn.sys [x]
R1 awxsrvva;awxsrvva;c:windowssystem32driversawxsrvva.sys [x]
R1 axuuvqef;axuuvqef;c:windowssystem32driversaxuuvqef.sys [x]
R1 aytplndr;aytplndr;c:windowssystem32driversaytplndr.sys [x]
R1 azmdbhwx;azmdbhwx;c:windowssystem32driversazmdbhwx.sys [x]
R1 bbtpsyfr;bbtpsyfr;c:windowssystem32driversbbtpsyfr.sys [x]
R1 bcidwhou;bcidwhou;c:windowssystem32driversbcidwhou.sys [x]
R1 bgsmmbsc;bgsmmbsc;c:windowssystem32driversbgsmmbsc.sys [x]
R1 bqbxdjmt;bqbxdjmt;c:windowssystem32driversbqbxdjmt.sys [x]
R1 bqhycprx;bqhycprx;c:windowssystem32driversbqhycprx.sys [x]
R1 brhcvzbf;brhcvzbf;c:windowssystem32driversbrhcvzbf.sys [x]
R1 bsjaimrf;bsjaimrf;c:windowssystem32driversbsjaimrf.sys [x]
R1 btjbbssp;btjbbssp;c:windowssystem32driversbtjbbssp.sys [x]
R1 bubiasay;bubiasay;c:windowssystem32driversbubiasay.sys [x]
R1 bxrnwnny;bxrnwnny;c:windowssystem32driversbxrnwnny.sys [x]
R1 byjdvhzh;byjdvhzh;c:windowssystem32driversbyjdvhzh.sys [x]
R1 bylzosep;bylzosep;c:windowssystem32driversbylzosep.sys [x]
R1 bymmbyxi;bymmbyxi;c:windowssystem32driversbymmbyxi.sys [x]
R1 bzqtzjbi;bzqtzjbi;c:windowssystem32driversbzqtzjbi.sys [x]
R1 cefofiee;cefofiee;c:windowssystem32driverscefofiee.sys [x]
R1 cfsazvnn;cfsazvnn;c:windowssystem32driverscfsazvnn.sys [x]
R1 cndlmavp;cndlmavp;c:windowssystem32driverscndlmavp.sys [x]
R1 coigdlwv;coigdlwv;c:windowssystem32driverscoigdlwv.sys [x]
R1 cphuhgif;cphuhgif;c:windowssystem32driverscphuhgif.sys [x]
R1 ctywrpdm;ctywrpdm;c:windowssystem32driversctywrpdm.sys [x]
R1 cwfalzch;cwfalzch;c:windowssystem32driverscwfalzch.sys [x]
R1 cxtlmqyh;cxtlmqyh;c:windowssystem32driverscxtlmqyh.sys [x]
R1 dbmbwhpe;dbmbwhpe;c:windowssystem32driversdbmbwhpe.sys [x]
R1 ddikyqhp;ddikyqhp;c:windowssystem32driversddikyqhp.sys [x]
R1 dgxpqedg;dgxpqedg;c:windowssystem32driversdgxpqedg.sys [x]
R1 dgyqgatp;dgyqgatp;c:windowssystem32driversdgyqgatp.sys [x]
R1 diaflwqh;diaflwqh;c:windowssystem32driversdiaflwqh.sys [x]
R1 dkuaflna;dkuaflna;c:windowssystem32driversdkuaflna.sys [x]
R1 dltxvnqk;dltxvnqk;c:windowssystem32driversdltxvnqk.sys [x]
R1 dmiulizo;dmiulizo;c:windowssystem32driversdmiulizo.sys [x]
R1 donzuqdt;donzuqdt;c:windowssystem32driversdonzuqdt.sys [x]
R1 dujxocev;dujxocev;c:windowssystem32driversdujxocev.sys [x]
R1 dvwnhqor;dvwnhqor;c:windowssystem32driversdvwnhqor.sys [x]
R1 eakwgpou;eakwgpou;c:windowssystem32driverseakwgpou.sys [x]
R1 eevsksml;eevsksml;c:windowssystem32driverseevsksml.sys [x]
R1 efjjypxs;efjjypxs;c:windowssystem32driversefjjypxs.sys [x]
R1 efwrpwmu;efwrpwmu;c:windowssystem32driversefwrpwmu.sys [x]
R1 ehfnlbsq;ehfnlbsq;c:windowssystem32driversehfnlbsq.sys [x]
R1 eidougqr;eidougqr;c:windowssystem32driverseidougqr.sys [x]
R1 eilkguuw;eilkguuw;c:windowssystem32driverseilkguuw.sys [x]
R1 ejkooqsa;ejkooqsa;c:windowssystem32driversejkooqsa.sys [x]
R1 ekvpogxj;ekvpogxj;c:windowssystem32driversekvpogxj.sys [x]
R1 ekwztbum;ekwztbum;c:windowssystem32driversekwztbum.sys [x]
R1 enuoasje;enuoasje;c:windowssystem32driversenuoasje.sys [x]
R1 eqaqkjim;eqaqkjim;c:windowssystem32driverseqaqkjim.sys [x]
R1 eqxfonpl;eqxfonpl;c:windowssystem32driverseqxfonpl.sys [x]
R1 errumlez;errumlez;c:windowssystem32driverserrumlez.sys [x]
R1 esasovqg;esasovqg;c:windowssystem32driversesasovqg.sys [x]
R1 esycgabw;esycgabw;c:windowssystem32driversesycgabw.sys [x]
R1 fcfydytc;fcfydytc;c:windowssystem32driversfcfydytc.sys [x]
R1 fdbwmcpi;fdbwmcpi;c:windowssystem32driversfdbwmcpi.sys [x]
R1 fdsdzupx;fdsdzupx;c:windowssystem32driversfdsdzupx.sys [x]
R1 fgivbtnq;fgivbtnq;c:windowssystem32driversfgivbtnq.sys [x]
R1 fhllpztt;fhllpztt;c:windowssystem32driversfhllpztt.sys [x]
R1 fizssudi;fizssudi;c:windowssystem32driversfizssudi.sys [x]
R1 fngnvxll;fngnvxll;c:windowssystem32driversfngnvxll.sys [x]
R1 freytfbq;freytfbq;c:windowssystem32driversfreytfbq.sys [x]
R1 fureaasy;fureaasy;c:windowssystem32driversfureaasy.sys [x]
R1 fvbwzkkp;fvbwzkkp;c:windowssystem32driversfvbwzkkp.sys [x]
R1 fvlqrhpt;fvlqrhpt;c:windowssystem32driversfvlqrhpt.sys [x]
R1 fyidhqov;fyidhqov;c:windowssystem32driversfyidhqov.sys [x]
R1 gaytihvd;gaytihvd;c:windowssystem32driversgaytihvd.sys [x]
R1 gogdsdmo;gogdsdmo;c:windowssystem32driversgogdsdmo.sys [x]
R1 gprteagp;gprteagp;c:windowssystem32driversgprteagp.sys [x]
R1 gqeejjtb;gqeejjtb;c:windowssystem32driversgqeejjtb.sys [x]
R1 gscdthoz;gscdthoz;c:windowssystem32driversgscdthoz.sys [x]
R1 gzhwuqvk;gzhwuqvk;c:windowssystem32driversgzhwuqvk.sys [x]
R1 gztqehrp;gztqehrp;c:windowssystem32driversgztqehrp.sys [x]
R1 haffqyqv;haffqyqv;c:windowssystem32drivershaffqyqv.sys [x]
R1 hbnvknit;hbnvknit;c:windowssystem32drivershbnvknit.sys [x]
R1 hcyhzuhj;hcyhzuhj;c:windowssystem32drivershcyhzuhj.sys [x]
R1 hffabfxo;hffabfxo;c:windowssystem32drivershffabfxo.sys [x]
R1 hgqnqluw;hgqnqluw;c:windowssystem32drivershgqnqluw.sys [x]
R1 hmmmlata;hmmmlata;c:windowssystem32drivershmmmlata.sys [x]
R1 hnetxblh;hnetxblh;c:windowssystem32drivershnetxblh.sys [x]
R1 hpqtoyod;hpqtoyod;c:windowssystem32drivershpqtoyod.sys [x]
R1 hqbngjah;hqbngjah;c:windowssystem32drivershqbngjah.sys [x]
R1 hqiqgtqi;hqiqgtqi;c:windowssystem32drivershqiqgtqi.sys [x]
R1 hqugyugt;hqugyugt;c:windowssystem32drivershqugyugt.sys [x]
R1 hqzoraoc;hqzoraoc;c:windowssystem32drivershqzoraoc.sys [x]
R1 hvpjrtbv;hvpjrtbv;c:windowssystem32drivershvpjrtbv.sys [x]
R1 iayzuuru;iayzuuru;c:windowssystem32driversiayzuuru.sys [x]
R1 idianbud;idianbud;c:windowssystem32driversidianbud.sys [x]
R1 idzvgyqx;idzvgyqx;c:windowssystem32driversidzvgyqx.sys [x]
R1 ieqdlapz;ieqdlapz;c:windowssystem32driversieqdlapz.sys [x]
R1 ieumuczk;ieumuczk;c:windowssystem32driversieumuczk.sys [x]
R1 iffsabmm;iffsabmm;c:windowssystem32driversiffsabmm.sys [x]
R1 iganksje;iganksje;c:windowssystem32driversiganksje.sys [x]
R1 igokxigz;igokxigz;c:windowssystem32driversigokxigz.sys [x]
R1 ihlnrsxw;ihlnrsxw;c:windowssystem32driversihlnrsxw.sys [x]
R1 imlgogyn;imlgogyn;c:windowssystem32driversimlgogyn.sys [x]
R1 iowcrjrp;iowcrjrp;c:windowssystem32driversiowcrjrp.sys [x]
R1 isbhwhxo;isbhwhxo;c:windowssystem32driversisbhwhxo.sys [x]
R1 ivhuhxge;ivhuhxge;c:windowssystem32driversivhuhxge.sys [x]
R1 jaetqehf;jaetqehf;c:windowssystem32driversjaetqehf.sys [x]
R1 jdvhvzgn;jdvhvzgn;c:windowssystem32driversjdvhvzgn.sys [x]
R1 jmzuwuuo;jmzuwuuo;c:windowssystem32driversjmzuwuuo.sys [x]
R1 jnbmxsjy;jnbmxsjy;c:windowssystem32driversjnbmxsjy.sys [x]
R1 jsklditq;jsklditq;c:windowssystem32driversjsklditq.sys [x]
R1 jtwypmkj;jtwypmkj;c:windowssystem32driversjtwypmkj.sys [x]
R1 jwdvlagf;jwdvlagf;c:windowssystem32driversjwdvlagf.sys [x]
R1 jwkyqtum;jwkyqtum;c:windowssystem32driversjwkyqtum.sys [x]
R1 jxzhrvla;jxzhrvla;c:windowssystem32driversjxzhrvla.sys [x]
R1 jynozbbb;jynozbbb;c:windowssystem32driversjynozbbb.sys [x]
R1 jyqrhxej;jyqrhxej;c:windowssystem32driversjyqrhxej.sys [x]
R1 kejwwrbu;kejwwrbu;c:windowssystem32driverskejwwrbu.sys [x]
R1 klakawzg;klakawzg;c:windowssystem32driversklakawzg.sys [x]
R1 klgkhivm;klgkhivm;c:windowssystem32driversklgkhivm.sys [x]
R1 kmbhlagz;kmbhlagz;c:windowssystem32driverskmbhlagz.sys [x]
R1 kmveivqg;kmveivqg;c:windowssystem32driverskmveivqg.sys [x]
R1 knlxtreg;knlxtreg;c:windowssystem32driversknlxtreg.sys [x]
R1 kqnckoqq;kqnckoqq;c:windowssystem32driverskqnckoqq.sys [x]
R1 krewdlfi;krewdlfi;c:windowssystem32driverskrewdlfi.sys [x]
R1 ksgblcjx;ksgblcjx;c:windowssystem32driversksgblcjx.sys [x]
R1 ktnoennw;ktnoennw;c:windowssystem32driversktnoennw.sys [x]
R1 kxhgjyet;kxhgjyet;c:windowssystem32driverskxhgjyet.sys [x]
R1 kzveidaj;kzveidaj;c:windowssystem32driverskzveidaj.sys [x]
R1 laiufytq;laiufytq;c:windowssystem32driverslaiufytq.sys [x]
R1 lczjgfhi;lczjgfhi;c:windowssystem32driverslczjgfhi.sys [x]
R1 lfvbpqlh;lfvbpqlh;c:windowssystem32driverslfvbpqlh.sys [x]
R1 lkarqfvj;lkarqfvj;c:windowssystem32driverslkarqfvj.sys [x]
R1 lvhfdujb;lvhfdujb;c:windowssystem32driverslvhfdujb.sys [x]
R1 lvrsnmra;lvrsnmra;c:windowssystem32driverslvrsnmra.sys [x]
R1 lwqixjeo;lwqixjeo;c:windowssystem32driverslwqixjeo.sys [x]
R1 lwzvxtve;lwzvxtve;c:windowssystem32driverslwzvxtve.sys [x]
R1 lxryrkpn;lxryrkpn;c:windowssystem32driverslxryrkpn.sys [x]
R1 lznkwpkc;lznkwpkc;c:windowssystem32driverslznkwpkc.sys [x]
R1 mggmngcr;mggmngcr;c:windowssystem32driversmggmngcr.sys [x]
R1 miwkbueh;miwkbueh;c:windowssystem32driversmiwkbueh.sys [x]
R1 mkihfbkt;mkihfbkt;c:windowssystem32driversmkihfbkt.sys [x]
R1 mkjojxaq;mkjojxaq;c:windowssystem32driversmkjojxaq.sys [x]
R1 mkncivjr;mkncivjr;c:windowssystem32driversmkncivjr.sys [x]
R1 mlctwxlm;mlctwxlm;c:windowssystem32driversmlctwxlm.sys [x]
R1 mpawwhsx;mpawwhsx;c:windowssystem32driversmpawwhsx.sys [x]
R1 mpwsoqhj;mpwsoqhj;c:windowssystem32driversmpwsoqhj.sys [x]
R1 mskxhnya;mskxhnya;c:windowssystem32driversmskxhnya.sys [x]
R1 mvjtogda;mvjtogda;c:windowssystem32driversmvjtogda.sys [x]
R1 mwvcvsmd;mwvcvsmd;c:windowssystem32driversmwvcvsmd.sys [x]
R1 mxkdudoe;mxkdudoe;c:windowssystem32driversmxkdudoe.sys [x]
R1 mxnzlfyl;mxnzlfyl;c:windowssystem32driversmxnzlfyl.sys [x]
R1 myuxbdtk;myuxbdtk;c:windowssystem32driversmyuxbdtk.sys [x]
R1 najbglvg;najbglvg;c:windowssystem32driversnajbglvg.sys [x]
R1 nbbmyosw;nbbmyosw;c:windowssystem32driversnbbmyosw.sys [x]
R1 nbiwgjdq;nbiwgjdq;c:windowssystem32driversnbiwgjdq.sys [x]
R1 nbozuaso;nbozuaso;c:windowssystem32driversnbozuaso.sys [x]
R1 nhsedhkh;nhsedhkh;c:windowssystem32driversnhsedhkh.sys [x]
R1 nkkxbmyp;nkkxbmyp;c:windowssystem32driversnkkxbmyp.sys [x]
R1 nkybroxs;nkybroxs;c:windowssystem32driversnkybroxs.sys [x]
R1 nnlszqob;nnlszqob;c:windowssystem32driversnnlszqob.sys [x]
R1 nuaqhgyd;nuaqhgyd;c:windowssystem32driversnuaqhgyd.sys [x]
R1 nxklmxkz;nxklmxkz;c:windowssystem32driversnxklmxkz.sys [x]
R1 oagdongv;oagdongv;c:windowssystem32driversoagdongv.sys [x]
R1 oaixvntl;oaixvntl;c:windowssystem32driversoaixvntl.sys [x]
R1 ocgwakwa;ocgwakwa;c:windowssystem32driversocgwakwa.sys [x]
R1 oeeckuki;oeeckuki;c:windowssystem32driversoeeckuki.sys [x]
R1 oehrdddh;oehrdddh;c:windowssystem32driversoehrdddh.sys [x]
R1 ogmiwfoh;ogmiwfoh;c:windowssystem32driversogmiwfoh.sys [x]
R1 oteumqwh;oteumqwh;c:windowssystem32driversoteumqwh.sys [x]
R1 otktpmqx;otktpmqx;c:windowssystem32driversotktpmqx.sys [x]
R1 pafrqmpe;pafrqmpe;c:windowssystem32driverspafrqmpe.sys [x]
R1 pahbmmhx;pahbmmhx;c:windowssystem32driverspahbmmhx.sys [x]
R1 pdltmxeu;pdltmxeu;c:windowssystem32driverspdltmxeu.sys [x]
R1 pepoclzz;pepoclzz;c:windowssystem32driverspepoclzz.sys [x]
R1 phmwgmng;phmwgmng;c:windowssystem32driversphmwgmng.sys [x]
R1 piyqdjog;piyqdjog;c:windowssystem32driverspiyqdjog.sys [x]
R1 pjdonhme;pjdonhme;c:windowssystem32driverspjdonhme.sys [x]
R1 plltqkbi;plltqkbi;c:windowssystem32driversplltqkbi.sys [x]
R1 pndvqwva;pndvqwva;c:windowssystem32driverspndvqwva.sys [x]
R1 posdnnth;posdnnth;c:windowssystem32driversposdnnth.sys [x]
R1 ppspouac;ppspouac;c:windowssystem32driversppspouac.sys [x]
R1 pwslvwth;pwslvwth;c:windowssystem32driverspwslvwth.sys [x]
R1 pxvkangc;pxvkangc;c:windowssystem32driverspxvkangc.sys [x]
R1 pyidrukl;pyidrukl;c:windowssystem32driverspyidrukl.sys [x]
R1 pzuyxxqf;pzuyxxqf;c:windowssystem32driverspzuyxxqf.sys [x]
R1 qajnvodv;qajnvodv;c:windowssystem32driversqajnvodv.sys [x]
R1 qenavxvl;qenavxvl;c:windowssystem32driversqenavxvl.sys [x]
R1 qgbbkada;qgbbkada;c:windowssystem32driversqgbbkada.sys [x]
R1 qgqysdqe;qgqysdqe;c:windowssystem32driversqgqysdqe.sys [x]
R1 qhgitbff;qhgitbff;c:windowssystem32driversqhgitbff.sys [x]
R1 qjywaelf;qjywaelf;c:windowssystem32driversqjywaelf.sys [x]
R1 qjzjtopt;qjzjtopt;c:windowssystem32driversqjzjtopt.sys [x]
R1 qkxlnwwb;qkxlnwwb;c:windowssystem32driversqkxlnwwb.sys [x]
R1 qmlhyzwp;qmlhyzwp;c:windowssystem32driversqmlhyzwp.sys [x]
R1 qqsxopba;qqsxopba;c:windowssystem32driversqqsxopba.sys [x]
R1 qrsqppvv;qrsqppvv;c:windowssystem32driversqrsqppvv.sys [x]
R1 qrtkwssi;qrtkwssi;c:windowssystem32driversqrtkwssi.sys [x]
R1 quxvaxyd;quxvaxyd;c:windowssystem32driversquxvaxyd.sys [x]
R1 rcrglqzt;rcrglqzt;c:windowssystem32driversrcrglqzt.sys [x]
R1 rjhousmg;rjhousmg;c:windowssystem32driversrjhousmg.sys [x]
R1 rluhnqtz;rluhnqtz;c:windowssystem32driversrluhnqtz.sys [x]
R1 rmhxhrit;rmhxhrit;c:windowssystem32driversrmhxhrit.sys [x]
R1 rnnbsajz;rnnbsajz;c:windowssystem32driversrnnbsajz.sys [x]
R1 romgulfv;romgulfv;c:windowssystem32driversromgulfv.sys [x]
R1 rpvuarzc;rpvuarzc;c:windowssystem32driversrpvuarzc.sys [x]
R1 rqpsdyvh;rqpsdyvh;c:windowssystem32driversrqpsdyvh.sys [x]
R1 rscjfvhd;rscjfvhd;c:windowssystem32driversrscjfvhd.sys [x]
R1 rvocjati;rvocjati;c:windowssystem32driversrvocjati.sys [x]
R1 rvpjhthx;rvpjhthx;c:windowssystem32driversrvpjhthx.sys [x]
R1 ryzewucx;ryzewucx;c:windowssystem32driversryzewucx.sys [x]
R1 rzvcycfm;rzvcycfm;c:windowssystem32driversrzvcycfm.sys [x]
R1 satjyvbl;satjyvbl;c:windowssystem32driverssatjyvbl.sys [x]
R1 scammfqe;scammfqe;c:windowssystem32driversscammfqe.sys [x]
R1 sdzowcsg;sdzowcsg;c:windowssystem32driverssdzowcsg.sys [x]
R1 sjddvsys;sjddvsys;c:windowssystem32driverssjddvsys.sys [x]
R1 slvfzaon;slvfzaon;c:windowssystem32driversslvfzaon.sys [x]
R1 snbulavj;snbulavj;c:windowssystem32driverssnbulavj.sys [x]
R1 snpuvskk;snpuvskk;c:windowssystem32driverssnpuvskk.sys [x]
R1 svtqjbjh;svtqjbjh;c:windowssystem32driverssvtqjbjh.sys [x]
R1 syigsfep;syigsfep;c:windowssystem32driverssyigsfep.sys [x]
R1 szaqwaha;szaqwaha;c:windowssystem32driversszaqwaha.sys [x]
R1 tbcjqswc;tbcjqswc;c:windowssystem32driverstbcjqswc.sys [x]
R1 tegapedi;tegapedi;c:windowssystem32driverstegapedi.sys [x]
R1 tjcxupzx;tjcxupzx;c:windowssystem32driverstjcxupzx.sys [x]
R1 tklhloni;tklhloni;c:windowssystem32driverstklhloni.sys [x]
R1 tkmtqjqt;tkmtqjqt;c:windowssystem32driverstkmtqjqt.sys [x]
R1 tlplzhvs;tlplzhvs;c:windowssystem32driverstlplzhvs.sys [x]
R1 tlvjwskd;tlvjwskd;c:windowssystem32driverstlvjwskd.sys [x]
R1 tosjqfgp;tosjqfgp;c:windowssystem32driverstosjqfgp.sys [x]
R1 tqikgrrh;tqikgrrh;c:windowssystem32driverstqikgrrh.sys [x]
R1 trqgltio;trqgltio;c:windowssystem32driverstrqgltio.sys [x]
R1 tvhbqxus;tvhbqxus;c:windowssystem32driverstvhbqxus.sys [x]
R1 tvrulqcp;tvrulqcp;c:windowssystem32driverstvrulqcp.sys [x]
R1 ubeetzmh;ubeetzmh;c:windowssystem32driversubeetzmh.sys [x]
R1 uenvymmv;uenvymmv;c:windowssystem32driversuenvymmv.sys [x]
R1 ugifxsgk;ugifxsgk;c:windowssystem32driversugifxsgk.sys [x]
R1 uhmhwvfn;uhmhwvfn;c:windowssystem32driversuhmhwvfn.sys [x]
R1 uierngev;uierngev;c:windowssystem32driversuierngev.sys [x]
R1 ukfevhxs;ukfevhxs;c:windowssystem32driversukfevhxs.sys [x]
R1 uthhpste;uthhpste;c:windowssystem32driversuthhpste.sys [x]
R1 utvnwreg;utvnwreg;c:windowssystem32driversutvnwreg.sys [x]
R1 vcpeikkf;vcpeikkf;c:windowssystem32driversvcpeikkf.sys [x]
R1 vebtyqzy;vebtyqzy;c:windowssystem32driversvebtyqzy.sys [x]
R1 vixfedri;vixfedri;c:windowssystem32driversvixfedri.sys [x]
R1 vlocunyf;vlocunyf;c:windowssystem32driversvlocunyf.sys [x]
R1 vogkrjtg;vogkrjtg;c:windowssystem32driversvogkrjtg.sys [x]
R1 voyukojo;voyukojo;c:windowssystem32driversvoyukojo.sys [x]
R1 vrqcaudg;vrqcaudg;c:windowssystem32driversvrqcaudg.sys [x]
R1 vshllhbm;vshllhbm;c:windowssystem32driversvshllhbm.sys [x]
R1 vwojjbbc;vwojjbbc;c:windowssystem32driversvwojjbbc.sys [x]
R1 vwuocgcz;vwuocgcz;c:windowssystem32driversvwuocgcz.sys [x]
R1 vxhwcrko;vxhwcrko;c:windowssystem32driversvxhwcrko.sys [x]
R1 vzfqsqer;vzfqsqer;c:windowssystem32driversvzfqsqer.sys [x]
R1 wbcnqiac;wbcnqiac;c:windowssystem32driverswbcnqiac.sys [x]
R1 weszgous;weszgous;c:windowssystem32driversweszgous.sys [x]
R1 whxvfnfi;whxvfnfi;c:windowssystem32driverswhxvfnfi.sys [x]
R1 wmlexebm;wmlexebm;c:windowssystem32driverswmlexebm.sys [x]
R1 wqrayuid;wqrayuid;c:windowssystem32driverswqrayuid.sys [x]
R1 wsrafeob;wsrafeob;c:windowssystem32driverswsrafeob.sys [x]
R1 wthnylnv;wthnylnv;c:windowssystem32driverswthnylnv.sys [x]
R1 wtohdiod;wtohdiod;c:windowssystem32driverswtohdiod.sys [x]
R1 wuglshpn;wuglshpn;c:windowssystem32driverswuglshpn.sys [x]
R1 wvjfasqc;wvjfasqc;c:windowssystem32driverswvjfasqc.sys [x]
R1 wxhytjax;wxhytjax;c:windowssystem32driverswxhytjax.sys [x]
R1 wzzlxvcw;wzzlxvcw;c:windowssystem32driverswzzlxvcw.sys [x]
R1 xaqenenp;xaqenenp;c:windowssystem32driversxaqenenp.sys [x]
R1 xcyhzjfs;xcyhzjfs;c:windowssystem32driversxcyhzjfs.sys [x]
R1 xlcjabba;xlcjabba;c:windowssystem32driversxlcjabba.sys [x]
R1 xltdbqsw;xltdbqsw;c:windowssystem32driversxltdbqsw.sys [x]
R1 xuihzmyr;xuihzmyr;c:windowssystem32driversxuihzmyr.sys [x]
R1 xxehihwk;xxehihwk;c:windowssystem32driversxxehihwk.sys [x]
R1 xyxvxnzb;xyxvxnzb;c:windowssystem32driversxyxvxnzb.sys [x]
R1 ycubbghw;ycubbghw;c:windowssystem32driversycubbghw.sys [x]
R1 yedcpluf;yedcpluf;c:windowssystem32driversyedcpluf.sys [x]
R1 yeprmeqr;yeprmeqr;c:windowssystem32driversyeprmeqr.sys [x]
R1 yfgarfcn;yfgarfcn;c:windowssystem32driversyfgarfcn.sys [x]
R1 yihckcvy;yihckcvy;c:windowssystem32driversyihckcvy.sys [x]
R1 yotbjdtv;yotbjdtv;c:windowssystem32driversyotbjdtv.sys [x]
R1 ywtxjzae;ywtxjzae;c:windowssystem32driversywtxjzae.sys [x]
R1 ywzxcgul;ywzxcgul;c:windowssystem32driversywzxcgul.sys [x]
R1 zackbtpe;zackbtpe;c:windowssystem32driverszackbtpe.sys [x]
R1 zgmmmjqw;zgmmmjqw;c:windowssystem32driverszgmmmjqw.sys [x]
R1 zgrxcghi;zgrxcghi;c:windowssystem32driverszgrxcghi.sys [x]
R1 zgxlumyo;zgxlumyo;c:windowssystem32driverszgxlumyo.sys [x]
R1 zirjktry;zirjktry;c:windowssystem32driverszirjktry.sys [x]
R1 zkkwdjdm;zkkwdjdm;c:windowssystem32driverszkkwdjdm.sys [x]
R1 zmpeccrk;zmpeccrk;c:windowssystem32driverszmpeccrk.sys [x]
R1 zmqraynb;zmqraynb;c:windowssystem32driverszmqraynb.sys [x]
R1 zrofwamv;zrofwamv;c:windowssystem32driverszrofwamv.sys [x]
R1 zttzszgy;zttzszgy;c:windowssystem32driverszttzszgy.sys [x]
R1 zvddqptv;zvddqptv;c:windowssystem32driverszvddqptv.sys [x]
R1 zxnsrywm;zxnsrywm;c:windowssystem32driverszxnsrywm.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Служба Google Update (gupdate);c:program filesGoogleUpdateGoogleUpdate.exe [2010-02-01 135664]
R3 GoogleDesktopManager-051210-111108;Диспетчер Google Desktop 5.9.1005.12335;c:program filesGoogleGoogle Desktop SearchGoogleDesktop.exe [2010-07-25 30192]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:program filesNewTech InfosystemsNTI Backup Now 5BackupSvc.exe [2008-09-23 50424]
R3 token;USB Token Service;c:windowssystem32DRIVERSeps2kt1.sys [2010-05-20 31744]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 51040]
S0 pavboot;Panda boot driver;c:windowssystem32Driverspavboot.sys [2009-06-30 28552]
S1 APPFLT;App Filter Plugin;c:windowssystem32DriversAPPFLT.SYS [2009-09-30 75016]
S1 CProCtrl;КриптоПро CSP драйвер;c:windowssystem32DRIVERSCProCtrl.sys [2009-04-22 54536]
S1 DSAFLT;DSA Filter Plugin;c:windowssystem32DriversDSAFLT.SYS [2009-06-16 53128]
S1 FNETMON;NetMon Filter Plugin;c:windowssystem32Driversfnetmon.SYS [2008-03-28 22072]
S1 IDSFLT;Ids Filter Plugin;c:windowssystem32DriversIDSFLT.SYS [2009-06-16 193800]
S1 NETFLTDI;Panda Net Driver [TDI Layer];c:windowssystem32DriversNETFLTDI.SYS [2009-06-16 08:33 159112]
S1 ShldDrv;Panda File Shield Driver;c:windowssystem32DRIVERSShlDrv51.sys [2008-03-04 41144]
S1 WNMFLT;Wifi Monitor Filter Plugin;c:windowssystem32DriversWNMFLT.SYS [2009-06-16 46728]
S2 AmFSM;AmFSM;c:windowssystem32DRIVERSamm8660.sys [2009-08-06 49160]
S2 ComFiltr;Panda Anti-Dialer;c:windowssystem32DRIVERSCOMFiltr.sys [2009-11-28 13880]
S2 cpcsp1;КриптоПро CSP KC1;c:windowssystem32svchost.exe [2008-01-21 21504]
S2 Guard.Mail.ru;Guard.Mail.ru;c:program filesMail.RuGuardGuardMailRu.exe [2010-12-23 1041088]
S2 Gwmsrv;Panda Goodware Cache Manager;c:windowssystem32svchost [x]
S2 mwlPSDFilter;mwlPSDFilter;c:windowssystem32DRIVERSmwlPSDFilter.sys [2008-10-09 19504]
S2 mwlPSDNServ;mwlPSDNServ;c:windowssystem32DRIVERSmwlPSDNServ.sys [2008-10-09 16432]
S2 mwlPSDVDisk;mwlPSDVDisk;c:windowssystem32DRIVERSmwlPSDVDisk.sys [2008-10-09 59952]
S2 MWLService;MyWinLocker Service;c:program filesEgisTecMyWinLocker 3×86\MWLService.exe [2008-10-27 306736]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:program filesNewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe [2008-09-23 144632]
S2 PavProc;Panda Process Protection Driver;c:windowssystem32DRIVERSPavProc.sys [2009-06-30 163336]
S2 PskSvcRetail;Panda PSK service;c:program filesPanda SecurityPanda Internet Security 2010PskSvc.exe [2009-08-25 28928]
S2 Start BT in service;Start BT in service;c:program filesIVT CorporationBlueSoleilStartSkysolSvc.exe [2007-12-27 51816]
S3 AvFlt;Antivirus Filter Driver;c:windowssystem32driversav5flt.sys [x]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:windowssystem32DRIVERSe1y6032.sys [2008-11-21 220288]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:windowssystem32DRIVERSMpNWMon.sys [2010-03-25 42368]
S3 NETIMFLT01060039;PANDA NDIS IM Filter Miniport v1.6.0.39;c:windowssystem32DRIVERSneti1639.sys [2009-09-09 199432]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:windowssystem32driversnvhda32v.sys [2009-05-11 64544]
S3 PavSRK.sys;PavSRK.sys;c:windowssystem32PavSRK.sys [x]
S3 PavTPK.sys;PavTPK.sys;c:windowssystem32PavTPK.sys [x]
S3 R5BaseSmc;USB Token Holder Service;c:windowssystem32DRIVERSsmccard.sys [2010-05-20 14592]
S3 RTIFDH;RTIFDH;c:windowssystem32DRIVERSrtIFDH.sys [2009-07-01 13312]
S3 RTUSB;Rutoken;c:windowssystem32DRIVERSrtUSB.sys [2009-07-01 29824]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
panda REG_MULTI_SZ Gwmsrv
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
hpdevmgmt REG_MULTI_SZ hpqcxs08
cpcsp REG_MULTI_SZ cpcsp1
.
Contents of the ‘Scheduled Tasks’ folder
2011-01-11 c:windowsTasksGoogleUpdateTaskMachineCore.job
— c:program filesGoogleUpdateGoogleUpdate.exe [2010-02-01 16:29]
2011-01-11 c:windowsTasksGoogleUpdateTaskMachineUA.job
— c:program filesGoogleUpdateGoogleUpdate.exe [2010-02-01 16:29]
2011-01-11 c:windowsTasksUser_Feed_Synchronization-{40CBA629-AF20-4EA7-B068-C4E5C2E3414E}.job
— c:windowssystem32msfeedssync.exe [2010-12-16 04:25]
.
.
Supplementary Scan
.
uStart Page = hxxp://yandex.ru/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0419&s=1&o=vb32&d=1006&m=aspire_x3810
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Google ВикиКомментарии… — c:program filesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
DPF: {0013C359-980C-4916-B47A-B313DDF56755} — hxxps://www.alfadirect.ru/ADSign/ADCrypto.cab
.
— — — — ORPHANS REMOVED — — — —
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} — (no file)
HKCU-Run-PCHDPlayer — c:program filespchdPCHDPlayer.exe
HKLM-Run-WinampAgent — c:program filesWinampwinampa.exe
AddRemove-Dexster_is1 — i:dexsterunins000.exe
AddRemove-PV_BP_7_is1 — d:bp7unins000.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-11 14:43
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes …
scanning hidden autostart entries …
HKCUSoftwareMicrosoftWindowsCurrentVersionRun
PCHDPlayer = c:program filespchdPCHDPlayer.exe??W????[Zi?? ???x???u?r?r?e?n?t?V?e?r?s?i?o?n??R?u?n???????]??]Qi?? ???x??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
scanning hidden files …
scan completed successfully
hidden files: 0
**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}000AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
«BlindDial»=dword:00000000
[HKEY_LOCAL_MACHINEsystemControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}001AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
«BlindDial»=dword:00000000
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(952)
c:program filesCrypto ProCSPdetoured.dll
— — — — — — — > ‘lsass.exe'(876)
c:program filesCrypto ProCSPdetoured.dll
— — — — — — — > ‘csrss.exe'(756)
c:program filesCrypto ProCSPdetoured.dll
— — — — — — — > ‘csrss.exe'(824)
c:program filesCrypto ProCSPdetoured.dll
.
Completion time: 2011-01-11 14:45:56
ComboFix-quarantined-files.txt 2011-01-11 09:45
Pre-Run: 84 908 834 816 байт свободно
Post-Run: 88 691 605 504 байт свободно
— — End Of File — — F45F50BD5EBA6AEC4E3A7218D8CE0D7A
