- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Касперский ничего вредоносного не нашел. 🙂
Вот лог результата сканирования комбофикс:
ComboFix 09-08-27.A3 — Loner-XP 28.08.2009 21:15.3.2 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.3327.2807 [GMT 3:00]
Running from: c:documents and settingsLoner-XPРабочий столComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 090827-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:documents and settingsLoner-XPЊ®Ё ¤®Єг¬Ґвлcc_20090810_220511.reg
c:documents and settingsLoner-XPЊ®Ё ¤®Єг¬Ґвлcc_20090811_183605.reg
c:documents and settingsLoner-XPЊ®Ё ¤®Єг¬Ґвлcc_20090818_195652.reg
.
((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-28 )))))))))))))))))))))))))))))))
.
2009-08-28 18:17 . 2009-08-28 18:17 53248 —-a-w- c:tempcatchme.dll
2009-08-28 18:15 . 2009-08-28 18:15
d
w- c:tempWPDNSE
2009-08-28 16:46 . 2009-08-28 17:04
d
w- c:tempKAV Updater update files
2009-08-28 16:45 . 2009-08-28 18:17
d
w- c:tempjkos-Loner-XP
2009-08-28 16:44 . 2009-08-28 16:44
d
w- c:windowsSun
2009-08-28 16:36 . 2009-08-28 18:11
d
w- c:temphsperfdata_Loner-XP
2009-08-28 16:36 . 2009-08-28 16:35 411368 —-a-w- c:windowssystem32deploytk.dll
2009-08-28 16:35 . 2009-08-28 16:35
d
w- c:program filesJava
2009-08-28 16:35 . 2009-08-28 16:35 152576 —-a-w- c:documents and settingsLoner-XPApplication DataSunJavajre1.6.0_15lzma.dll
2009-08-28 16:23 . 2004-08-18 20:00 15360 —-a-w- c:windowssystem32ctfmon.exe
2009-08-28 11:52 . 2009-08-28 11:52
d-sh—w- c:documents and settingsLocalServiceIETldCache
2009-08-28 09:23 . 2009-08-28 09:23
d
w- c:tempmsohtmlclip
2009-08-28 08:58 . 2009-08-28 10:13
d
w- c:temp_avast4_
2009-08-28 08:46 . 2009-08-28 08:46
d-sh—w- c:documents and settingsLoner-XPPrivacIE
2009-08-28 08:17 . 2009-08-28 08:17
d-sh—w- c:documents and settingsLoner-XPIETldCache
2009-08-28 08:08 . 2009-08-07 08:48 100352 -c—-w- c:windowssystem32dllcacheiecompat.dll
2009-08-28 08:08 . 2009-08-28 08:08
d
w- c:windowsie8updates
2009-08-28 08:07 . 2009-07-03 17:00 12800 -c—-w- c:windowssystem32dllcachexpshims.dll
2009-08-28 08:07 . 2009-07-03 17:00 246272 -c—-w- c:windowssystem32dllcacheieproxy.dll
2009-08-28 08:06 . 2009-08-28 08:07
dc-h—w- c:windowsie8
2009-08-26 16:55 . 2009-08-27 08:36
d
w- c:documents and settingsLoner-XPLocal SettingsApplication DataWMTools Downloaded Files
2009-08-23 16:46 . 2009-08-23 16:54
d
w- c:documents and settingsLoner-XPLocal SettingsApplication DataFLVService
2009-08-23 16:46 . 2009-08-23 18:00
d
w- c:program filesAsk & Record Toolbar
2009-08-23 16:46 . 2009-08-23 16:46
d
w- c:windowsAsk & Record Toolbar
2009-08-23 16:43 . 2009-08-23 16:43
d
w- c:windowsReplay Media Catcher
2009-08-23 16:37 . 2009-08-23 16:37
d
w- c:windowsReplay Converter 3
2009-08-23 16:30 . 2009-08-23 16:30
d
w- c:windowsFLV Player
2009-08-19 17:02 . 2009-08-28 09:24
d
w- c:tempmsohtmlclip1
2009-08-18 16:58 . 2009-08-28 18:17
d
w- c:tempVBE
2009-08-18 07:08 . 2004-08-18 20:00 148992 —-a-w- c:windowsregedit.exe
2009-08-12 15:32 . 2009-06-25 08:42 54272 -c—-w- c:windowssystem32dllcachewdigest.dll
2009-08-12 15:32 . 2009-06-25 08:42 301568 -c—-w- c:windowssystem32dllcachekerberos.dll
2009-08-12 15:32 . 2009-06-25 08:42 136704 -c—-w- c:windowssystem32dllcachemsv1_0.dll
2009-08-12 15:32 . 2009-06-24 10:28 92928 -c—-w- c:windowssystem32dllcacheksecdd.sys
2009-08-12 06:27 . 2009-06-15 11:10 80896 -c—-w- c:windowssystem32dllcachetlntsess.exe
2009-08-12 06:27 . 2009-06-15 10:45 79872 -c—-w- c:windowssystem32dllcachetelnet.exe
2009-08-12 06:27 . 2009-06-10 06:17 134144 -c—-w- c:windowssystem32dllcachewkssvc.dll
2009-08-12 06:27 . 2009-06-10 14:14 85504 -c—-w- c:windowssystem32dllcacheavifil32.dll
2009-08-12 06:27 . 2009-07-17 19:03 58880 -c—-w- c:windowssystem32dllcacheatl.dll
2009-08-12 06:27 . 2009-08-05 09:01 204800 -c—-w- c:windowssystem32dllcachemswebdvd.dll
2009-08-12 06:25 . 2009-07-10 13:28 1315328 -c—-w- c:windowssystem32dllcachemsoe.dll
2009-08-10 22:51 . 2008-07-06 12:06 89088 -c—-w- c:windowssystem32dllcachefilterpipelineprintproc.dll
2009-08-10 22:51 . 2008-07-06 12:06 575488 -c—-w- c:windowssystem32dllcachexpsshhdr.dll
2009-08-10 22:51 . 2008-07-06 12:06 1676288 -c—-w- c:windowssystem32dllcachexpssvcs.dll
2009-08-10 22:51 . 2008-07-06 10:50 597504 -c—-w- c:windowssystem32dllcacheprintfilterpipelinesvc.exe
2009-08-10 15:00 . 2009-08-10 15:00
d
w- c:documents and settingsLoner-XPApplication DataWinPatrol
2009-08-10 15:00 . 2009-07-09 11:41 0 —-a-w- c:documents and settingsLoner-XPApplication DataWinPatrolConfig.sys
2009-08-10 15:00 . 2009-07-09 11:41 0 —-a-w- c:documents and settingsLoner-XPApplication DataWinPatrolAutoexec.bat
2009-08-10 15:00 . 2009-08-10 15:00
d
w- c:program filesBillP Studios
2009-08-10 14:44 . 2009-08-10 14:44
d
w- c:windowsERUNT
2009-08-10 14:44 . 2009-08-10 14:44
d
w- C:!FixIEDef
2009-08-10 12:58 . 2008-10-16 11:06 268648 —-a-w- c:windowssystem32mucltui.dll
2009-08-10 10:25 . 2009-04-15 14:53 585216 -c—-w- c:windowssystem32dllcacherpcrt4.dll
2009-08-10 10:25 . 2008-12-16 12:32 354304 -c—-w- c:windowssystem32dllcachewinhttp.dll
2009-08-10 10:25 . 2009-06-16 14:40 81920 -c—-w- c:windowssystem32dllcachefontsub.dll
2009-08-10 10:25 . 2009-06-16 14:40 119808 -c—-w- c:windowssystem32dllcachet2embed.dll
2009-08-10 10:24 . 2008-10-23 12:42 286720 -c—-w- c:windowssystem32dllcachegdi32.dll
2009-08-10 09:48 . 2008-06-17 19:02 8478720 -c—-w- c:windowssystem32dllcacheshell32.dll
2009-08-10 09:44 . 2008-09-10 01:15 1307648 -c—-w- c:windowssystem32dllcachemsxml6.dll
2009-08-10 09:43 . 2008-06-24 16:44 74240 -c—-w- c:windowssystem32dllcachemscms.dll
2009-08-10 09:43 . 2009-06-25 08:42 56832 -c—-w- c:windowssystem32dllcachesecur32.dll
2009-08-10 09:43 . 2009-03-21 14:09 995840 -c—-w- c:windowssystem32dllcachekernel32.dll
2009-08-10 09:41 . 2008-07-07 20:29 253952 -c—-w- c:windowssystem32dllcachees.dll
2009-08-10 09:40 . 2009-06-25 08:42 147456 -c—-w- c:windowssystem32dllcacheschannel.dll
2009-08-10 09:39 . 2009-03-06 13:51 284672 -c—-w- c:windowssystem32dllcachepdh.dll
2009-08-10 09:39 . 2009-02-09 10:57 401408 -c—-w- c:windowssystem32dllcacherpcss.dll
2009-08-10 09:39 . 2009-02-09 10:57 473600 -c—-w- c:windowssystem32dllcachefastprox.dll
2009-08-10 09:39 . 2009-02-06 10:15 227840 -c—-w- c:windowssystem32dllcachewmiprvse.exe
2009-08-10 09:39 . 2009-06-26 12:12 732160 -c—-w- c:windowssystem32dllcachelsasrv.dll
2009-08-10 09:39 . 2009-02-09 11:18 2025984 -c—-w- c:windowssystem32dllcachentkrpamp.exe
2009-08-10 09:39 . 2009-02-09 11:18 2067968 -c—-w- c:windowssystem32dllcachentkrnlpa.exe
2009-08-10 09:39 . 2009-02-09 11:18 2147328 -c—-w- c:windowssystem32dllcachentkrnlmp.exe
2009-08-10 09:39 . 2009-02-09 11:18 111104 -c—-w- c:windowssystem32dllcacheservices.exe
2009-08-10 09:39 . 2009-02-09 10:57 719360 -c—-w- c:windowssystem32dllcachentdll.dll
2009-08-10 09:39 . 2009-02-09 10:57 453120 -c—-w- c:windowssystem32dllcachewmiprvsd.dll
2009-08-10 09:39 . 2009-02-06 10:36 35328 -c—-w- c:windowssystem32dllcachesc.exe
2009-08-10 09:36 . 2009-05-07 15:16 347136 -c—-w- c:windowssystem32dllcachelocalspl.dll
2009-08-10 09:35 . 2009-06-03 19:11 1292800 -c—-w- c:windowssystem32dllcachequartz.dll
2009-08-10 09:33 . 2008-06-12 14:23 956928 -c—-w- c:windowssystem32dllcachemsdtctm.dll
2009-08-10 09:33 . 2008-06-12 14:23 91648 -c—-w- c:windowssystem32dllcachemtxoci.dll
2009-08-10 09:33 . 2008-06-12 14:23 66560 -c—-w- c:windowssystem32dllcachemtxclu.dll
2009-08-10 09:33 . 2008-06-12 14:23 58880 -c—-w- c:windowssystem32dllcachemsdtclog.dll
2009-08-10 09:33 . 2008-06-12 14:23 161792 -c—-w- c:windowssystem32dllcachemsdtcuiu.dll
2009-08-10 09:17 . 2009-03-08 01:33 759296 -c—a-w- c:windowssystem32dllcacheVGX.dll
2009-08-10 09:09 . 2008-10-24 11:41 455936 -c—-w- c:windowssystem32dllcachemrxsmb.sys
2009-08-10 09:08 . 2008-12-11 10:57 333952 -c—-w- c:windowssystem32dllcachesrv.sys
2009-08-10 09:06 . 2008-04-11 19:06 691712 -c—-w- c:windowssystem32dllcacheinetcomm.dll
2009-08-10 08:53 . 2008-08-14 10:34 138496 -c—-w- c:windowssystem32dllcacheafd.sys
2009-08-10 08:53 . 2008-06-20 17:45 247296 -c—-w- c:windowssystem32dllcachemswsock.dll
2009-08-10 08:53 . 2008-06-20 17:45 147968 -c—-w- c:windowssystem32dllcachednsapi.dll
2009-08-10 08:53 . 2008-06-20 11:59 361600 -c—-w- c:windowssystem32dllcachetcpip.sys
2009-08-10 08:53 . 2008-06-20 11:16 225856 -c—-w- c:windowssystem32dllcachetcpip6.sys
2009-08-10 08:30 . 2009-04-19 19:51 1847296 -c—-w- c:windowssystem32dllcachewin32k.sys
2009-08-10 08:15 . 2009-08-28 08:08
d—h—w- c:windows$hf_mig$
2009-08-10 08:12 . 2008-10-03 10:04 247326 -c—-w- c:windowssystem32dllcachestrmdll.dll
2009-08-10 08:11 . 2008-10-15 16:37 337408 -c—-w- c:windowssystem32dllcachenetapi32.dll
2009-08-10 08:09 . 2008-09-04 17:17 1106944 -c—-w- c:windowssystem32dllcachemsxml3.dll
2009-08-10 07:49 . 2008-04-21 21:15 218624 -c—-w- c:windowssystem32dllcachewordpad.exe
2009-08-05 17:10 . 2009-08-08 12:15
d
w- C:Games
2009-08-04 13:21 . 2009-08-17 16:04 51376 —-a-w- c:windowssystem32driversaswTdi.sys
2009-08-04 13:21 . 2009-08-17 16:04 23152 —-a-w- c:windowssystem32driversaswRdr.sys
2009-08-04 13:21 . 2009-08-17 16:03 26944 —-a-w- c:windowssystem32driversaavmker4.sys
2009-08-04 13:21 . 2009-08-17 16:06 93392 —-a-w- c:windowssystem32driversaswmon.sys
2009-08-04 13:21 . 2009-08-17 16:06 94160 —-a-w- c:windowssystem32driversaswmon2.sys
2009-08-04 13:21 . 2009-08-17 16:05 114768 —-a-w- c:windowssystem32driversaswSP.sys
2009-08-04 13:21 . 2009-08-17 16:05 20560 —-a-w- c:windowssystem32driversaswFsBlk.sys
2009-08-04 13:21 . 2009-08-17 16:02 97480 —-a-w- c:windowssystem32AvastSS.scr
2009-08-04 13:21 . 2009-08-17 16:10 1279456 —-a-w- c:windowssystem32aswBoot.exe
2009-08-04 13:21 . 2009-08-04 13:21
d
w- c:program filesAlwil Software
2009-08-04 13:12 . 2009-08-06 17:27
d
w- c:program filesSuperBoost
2009-08-03 18:26 . 2009-08-03 18:26 68424 —-a-w- c:windowssystem32driversGRD.sys
2009-08-03 18:11 . 2009-08-03 18:11 50632 —-a-w- c:windowssystem32driversMiniIcpt.sys
2009-08-03 18:10 . 2009-08-03 18:10 51016 —-a-w- c:windowssystem32driversGDTdiIcpt.sys
2009-08-03 18:10 . 2009-08-03 18:10 22272 —-a-w- c:windowssystem32driversGDNdisIc.sys
2009-08-03 18:10 . 2009-08-03 18:10
d-sh—w- C:#GDATA.Trash.Store#
2009-08-03 18:10 . 2009-08-04 13:17
d
w- c:program filesCommon FilesG DATA
2009-08-03 18:10 . 2009-08-04 13:17
d
w- c:documents and settingsAll UsersApplication DataG DATA
2009-08-03 18:08 . 2009-08-03 18:08
d
w- c:documents and settingsLoner-XPLocal SettingsApplication DataDownloaded Installations
2009-08-03 17:46 . 2009-08-03 17:46
d
w- c:documents and settingsAll UsersApplication DataEgoset
2009-08-01 15:04 . 2009-08-01 15:04
d
w- c:windowssystem32LogFiles
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-28 08:50 . 2009-07-16 18:44 61160 —-a-w- c:windowssystem32driverstoolkitdisk.sys
2009-08-28 08:50 . 2009-07-16 18:40
d
w- c:program filesToolKitService
2009-08-28 08:46 . 2009-07-09 17:01
d
w- c:documents and settingsLoner-XPApplication DataSUPERAntiSpyware.com
2009-08-21 13:27 . 2008-04-15 12:00 84284 —-a-w- c:windowssystem32perfc019.dat
2009-08-21 13:27 . 2008-04-15 12:00 484670 —-a-w- c:windowssystem32perfh019.dat
2009-08-21 08:46 . 2009-07-09 12:03 68864 —-a-w- c:documents and settingsLoner-XPLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-08-12 20:51 . 2009-07-09 11:51
d
w- c:documents and settingsAll UsersApplication DataMicrosoft Help
2009-08-05 09:01 . 2008-04-15 12:00 204800 —-a-w- c:windowssystem32mswebdvd.dll
2009-07-29 16:46 . 2009-07-29 16:46
d
w- c:program filesОдиссея Черепашки
2009-07-28 16:38 . 2009-07-28 16:06
d
w- c:documents and settingsAll UsersApplication DataKaspersky Lab
2009-07-28 16:04 . 2009-07-28 16:04
d
w- c:documents and settingsAll UsersApplication DataKaspersky Lab Setup Files
2009-07-23 11:20 . 2009-07-23 11:20
d
w- c:program filesTurtle Odyssey 2 Rus
2009-07-21 06:53 . 2009-07-16 10:44 10 —-a-w- c:windowspopcinfo.dat
2009-07-20 12:00 . 2009-07-20 12:00 7680 —-a-w- c:documents and settingsLoner-XPApplication DataThinstallAuslogics BoostSpeed40000029f00002iDiskCleaner.exe
2009-07-17 20:14 . 2009-07-17 20:14
d
w- c:program filesYandex
2009-07-17 20:14 . 2009-07-17 20:14
d
w- c:documents and settingsLoner-XPApplication DataYandex
2009-07-17 19:03 . 2008-04-15 12:00 58880 —-a-w- c:windowssystem32atl.dll
2009-07-17 12:36 . 2009-07-17 12:36
d
w- c:documents and settingsLoner-XPApplication DataMedia Player Classic
2009-07-16 18:40 . 2009-07-16 18:40
d
w- c:program filesToolKitDev
2009-07-13 20:43 . 2008-07-21 17:12 286208 —-a-w- c:windowssystem32wmpdxm.dll
2009-07-10 15:45 . 2009-07-10 15:45 7680 —-a-w- c:documents and settingsLoner-XPApplication DataThinstallAuslogics BoostSpeed4000006700002iIntSpeedUp.exe
2009-07-10 15:45 . 2009-07-10 15:45
d
w- c:documents and settingsLoner-XPApplication DataThinstall
2009-07-10 13:38 . 2009-07-10 13:19
d
w- c:program filesABBYY Lingvo x3
2009-07-10 13:19 . 2009-07-10 13:19
d
w- c:program filesCommon FilesABBYY
2009-07-10 13:19 . 2009-07-10 13:19
d
w- c:documents and settingsAll UsersApplication DataABBYY
2009-07-10 12:06 . 2009-07-10 12:06 2915944 —-a-w- c:windowssystem32driversappdrv01.sys
2009-07-10 12:06 . 2009-07-10 12:06 304528 —-a-w- c:windowssystem32appdrvrem01.exe
2009-07-10 11:53 . 2009-07-09 11:41 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2009-07-10 09:06 . 2009-07-10 09:03
d
w- c:program filesАнглоКУРС
2009-07-10 09:00 . 2009-07-10 08:58
d
w- c:program filesKomi
2009-07-10 09:00 . 2009-07-10 09:00
d
w- c:program filesCommon FilesAdobe
2009-07-10 08:58 . 2009-07-10 08:58
d
w- c:program filesWindows Media Components
2009-07-10 08:38 . 2009-07-10 08:38
d
w- c:program filesMicrosoft Agent
2009-07-10 08:38 . 2009-07-10 08:38
d
w- c:program filesMagic Gooddy
2009-07-09 19:52 . 2009-07-09 19:52
d
w- c:documents and settingsLoner-XPApplication DataMalwarebytes
2009-07-09 19:52 . 2009-07-09 19:52
d
w- c:documents and settingsAll UsersApplication DataMalwarebytes
2009-07-09 17:02 . 2009-07-09 17:02
d
w- c:documents and settingsAll UsersApplication DataSUPERAntiSpyware.com
2009-07-09 12:37 . 2009-07-09 12:37
d
w- c:program filesD-Link
2009-07-09 12:37 . 2009-07-09 12:15
d—h—w- c:program filesInstallShield Installation Information
2009-07-09 12:37 . 2009-07-09 12:15
d
w- c:program filesCommon FilesInstallShield
2009-07-09 12:16 . 2009-07-09 12:16
d
w- c:program filesRealtek
2009-07-09 12:16 . 2009-07-09 12:16 315392 —-a-w- c:windowsHideWin.exe
2009-07-09 12:14 . 2009-07-09 12:14
d
w- c:program filesMarvell
2009-07-09 12:10 . 2009-07-09 12:10
d
w- c:program filesIntel
2009-07-09 12:02 . 2009-07-09 12:02
d
w- c:program filesAGEIA Technologies
2009-07-09 12:00 . 2009-07-09 12:00
d
w- c:program filesMSBuild
2009-07-09 11:59 . 2009-07-09 11:59
d
w- c:program filesReference Assemblies
2009-07-09 11:56 . 2009-07-09 11:56
d
w- c:program filesMSXML 6.0
2009-07-09 11:53 . 2009-07-09 11:53
d
w- c:program filesMicrosoft Works
2009-07-09 11:53 . 2009-07-09 11:53
d
w- c:program filesMicrosoft.NET
2009-07-09 11:52 . 2009-07-09 11:52
d
w- c:program filesMicrosoft Visual Studio 8
2009-07-09 11:49 . 2009-07-09 11:49
d
w- c:documents and settingsLoner-XPApplication DataNero
2009-07-09 11:49 . 2009-07-09 11:48
d
w- c:program filesCommon FilesNero
2009-07-09 11:48 . 2009-07-09 11:48
d
w- c:documents and settingsAll UsersApplication DataNero
2009-07-09 11:48 . 2009-07-09 11:48
d
w- c:program filesNero
2009-07-09 11:48 . 2008-07-21 17:23 1571840 —-a-w- c:windowssystem32sfcfiles.dll
2009-07-09 11:44 . 2009-07-09 11:44
d
w- c:program filesK-Lite Codec Pack
2009-07-09 11:43 . 2009-07-09 11:43
d
w- c:program filesmicrosoft frontpage
2009-07-09 11:43 . 2009-07-09 11:43 717296 —-a-w- c:windowssystem32driverssptd.sys
2009-07-09 11:41 . 2009-07-09 11:41
d
w- c:program filesMSXML 4.0
2009-07-09 11:39 . 2009-07-09 11:39 22564 —-a-w- c:windowssystem32emptyregdb.dat
2009-07-09 11:38 . 2009-07-09 11:38
d
w- c:program filesWindows Media Connect 2
2009-07-03 17:00 . 2008-07-21 17:13 915456 —-a-w- c:windowssystem32wininet.dll
2009-06-26 12:12 . 2008-07-21 17:11 732160 —-a-w- c:windowssystem32lsasrv.dll
2009-06-25 08:42 . 2008-07-21 17:11 136704 —-a-w- c:windowssystem32msv1_0.dll
2009-06-25 08:42 . 2008-04-15 12:00 56832 —-a-w- c:windowssystem32secur32.dll
2009-06-25 08:42 . 2008-04-15 12:00 54272 —-a-w- c:windowssystem32wdigest.dll
2009-06-25 08:42 . 2008-04-15 12:00 301568 —-a-w- c:windowssystem32kerberos.dll
2009-06-25 08:42 . 2008-04-15 12:00 147456 —-a-w- c:windowssystem32schannel.dll
2009-06-24 10:28 . 2008-04-15 12:00 92928 —-a-w- c:windowssystem32driversksecdd.sys
2009-06-16 14:40 . 2008-04-15 12:00 81920 —-a-w- c:windowssystem32fontsub.dll
2009-06-16 14:40 . 2008-04-15 12:00 119808 —-a-w- c:windowssystem32t2embed.dll
2009-06-15 11:10 . 2008-04-15 12:00 80896 —-a-w- c:windowssystem32tlntsess.exe
2009-06-15 10:45 . 2008-04-15 12:00 79872 —-a-w- c:windowssystem32telnet.exe
2009-06-10 14:14 . 2008-04-15 12:00 85504 —-a-w- c:windowssystem32avifil32.dll
2009-06-10 06:21 . 2009-07-09 11:38 2066432 —-a-w- c:windowssystem32mstscax.dll
2009-06-10 06:17 . 2008-07-21 17:12 134144 —-a-w- c:windowssystem32wkssvc.dll
2009-06-03 19:11 . 2008-07-21 17:11 1292800 —-a-w- c:windowssystem32quartz.dll
2008-06-11 22:54 . 2009-07-09 11:44 125482 —-a-r- c:program filesLoner-XP.rar
.
Sigcheck
[-] 2008-04-14 17:40 581632 884DE990C498D77C28F8608E09D4DFE1 c:windowssystem32user32.dll
[-] 2008-04-15 12:00 1520640 8CCF0C4A84D3FBF374EA21A13E78DC8B c:windowsexplorer.exe
[-] 2004-08-18 20:00 15360 CDC69C55CF6C39162451685020CF6F06 c:windowssystem32ctfmon.exe
[-] 2008-04-15 12:00 1433600 A45E0F55E804199A6226EC2FD63C8F51 c:windowssystem32comres.dll
[-] 2008-04-15 12:00 652288 B2A2D80C9D3A3805DDECA6ED5A7556A0 c:windowssystem32comctl32.dll
[7] 2008-04-15 12:00 921088 AEF3D788DBF40C7C4D204EA45EB0C505 c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70acomctl32.dll
[7] 2008-04-15 12:00 1054208 FF63BB56C05EA817124D4E18162FCE46 c:windowsWinSxSx86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83comctl32.dll
[-] 2009-07-09 11:48 1571840 0D6A6816E62F80B9D3B873729B1CEC21 c:windowssystem32sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-08-18_07.41.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-28 16:27 . 2009-08-28 16:27 16384 c:windowsTempPerflib_Perfdata_5e4.dat
+ 2008-07-21 17:11 . 2009-07-14 11:03 46080 c:windowssystem32tzchange.exe
+ 2009-07-09 11:58 . 2009-01-07 15:21 26144 c:windowssystem32spupdsvc.exe
+ 2009-08-10 08:16 . 2009-01-07 15:21 17440 c:windowssystem32spmsg.dll
+ 2008-04-15 12:00 . 2009-03-08 01:31 46592 c:windowssystem32pngfilt.dll
+ 2008-04-15 12:00 . 2009-08-21 13:27 71196 c:windowssystem32perfc009.dat
— 2008-04-15 12:00 . 2009-08-18 07:00 71196 c:windowssystem32perfc009.dat
+ 2007-10-25 19:01 . 2009-01-07 15:20 23552 c:windowssystem32normaliz.dll
— 2007-10-25 19:01 . 2007-10-25 19:01 23552 c:windowssystem32normaliz.dll
— 2007-10-25 19:02 . 2007-10-25 19:02 24576 c:windowssystem32nlsdl.dll
+ 2007-10-25 19:02 . 2009-01-07 15:20 24576 c:windowssystem32nlsdl.dll
+ 2008-07-21 17:13 . 2009-03-08 01:31 48128 c:windowssystem32mshtmler.dll
— 2008-07-21 17:13 . 2008-07-21 17:13 48128 c:windowssystem32mshtmler.dll
+ 2008-07-21 17:13 . 2009-03-08 01:31 66560 c:windowssystem32mshtmled.dll
+ 2008-07-21 17:13 . 2009-03-08 01:31 45568 c:windowssystem32mshta.exe
+ 2009-07-09 11:38 . 2009-03-08 01:31 13312 c:windowssystem32msfeedssync.exe
+ 2009-07-09 11:38 . 2009-07-03 17:00 55296 c:windowssystem32msfeedsbs.dll
+ 2008-07-21 17:13 . 2009-03-08 01:34 43008 c:windowssystem32licmgr10.dll
+ 2008-07-21 17:13 . 2009-07-03 17:00 25600 c:windowssystem32jsproxy.dll
+ 2008-04-15 12:00 . 2009-03-08 01:32 94720 c:windowssystem32inseng.dll
+ 2008-04-15 12:00 . 2009-03-08 01:31 34816 c:windowssystem32imgutil.dll
+ 2008-06-11 05:30 . 2009-03-08 01:32 36864 c:windowssystem32ieudinit.exe
+ 2008-07-21 17:13 . 2009-03-08 01:32 71680 c:windowssystem32iesetup.dll
+ 2008-07-21 17:13 . 2009-03-08 01:32 55808 c:windowssystem32iernonce.dll
+ 2007-10-25 19:01 . 2009-01-07 15:20 26112 c:windowssystem32idndl.dll
— 2007-10-25 19:01 . 2007-10-25 19:01 26112 c:windowssystem32idndl.dll
+ 2008-06-11 05:31 . 2009-03-08 01:31 59904 c:windowssystem32icardie.dll
+ 2009-08-10 09:58 . 2009-03-08 01:31 46592 c:windowssystem32dllcachepngfilt.dll
+ 2009-03-08 01:31 . 2009-03-08 01:31 48128 c:windowssystem32dllcachemshtmler.dll
+ 2009-08-10 09:58 . 2009-03-08 01:31 66560 c:windowssystem32dllcachemshtmled.dll
+ 2009-03-08 01:31 . 2009-03-08 01:31 45568 c:windowssystem32dllcachemshta.exe
+ 2009-08-10 09:58 . 2009-07-03 17:00 55296 c:windowssystem32dllcachemsfeedsbs.dll
+ 2009-03-08 01:34 . 2009-03-08 01:34 43008 c:windowssystem32dllcachelicmgr10.dll
+ 2009-08-10 09:58 . 2009-07-03 17:00 25600 c:windowssystem32dllcachejsproxy.dll
+ 2009-03-08 01:32 . 2009-03-08 01:32 94720 c:windowssystem32dllcacheinseng.dll
+ 2009-03-08 01:31 . 2009-03-08 01:31 34816 c:windowssystem32dllcacheimgutil.dll
+ 2009-03-08 01:32 . 2009-03-08 01:32 71680 c:windowssystem32dllcacheiesetup.dll
+ 2009-08-10 09:58 . 2009-03-08 01:32 55808 c:windowssystem32dllcacheiernonce.dll
+ 2009-08-10 09:58 . 2009-03-08 01:31 59904 c:windowssystem32dllcacheicardie.dll
+ 2009-03-08 01:24 . 2009-03-08 01:24 68608 c:windowssystem32dllcachehmmapi.dll
+ 2009-08-10 09:58 . 2009-03-08 01:33 18944 c:windowssystem32dllcachecorpol.dll
+ 2009-03-08 01:32 . 2009-03-08 01:32 72704 c:windowssystem32dllcacheadmparse.dll
+ 2008-07-21 17:13 . 2009-03-08 01:33 18944 c:windowssystem32corpol.dll
+ 2008-07-21 17:13 . 2009-03-08 01:32 72704 c:windowssystem32admparse.dll
+ 2009-08-28 08:08 . 2009-03-08 01:33 12288 c:windowsie8updatesKB972260-IE8xpshims.dll
+ 2009-08-28 08:08 . 2009-03-08 01:31 55296 c:windowsie8updatesKB972260-IE8msfeedsbs.dll
+ 2009-08-28 08:08 . 2009-03-08 01:33 25600 c:windowsie8updatesKB972260-IE8jsproxy.dll
+ 2009-08-28 08:07 . 2009-03-08 17:34 58464 c:windowsie8spuninstiecustom.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 44544 c:windowsie8pngfilt.dll
+ 2009-08-28 08:06 . 2008-07-21 17:13 48128 c:windowsie8mshtmler.dll
+ 2009-08-28 08:06 . 2008-07-21 17:13 89088 c:windowsie8mshta.exe
+ 2009-08-28 08:06 . 2007-08-13 15:36 12288 c:windowsie8msfeedssync.exe
+ 2009-08-28 08:06 . 2009-06-29 16:14 52224 c:windowsie8msfeedsbs.dll
+ 2009-08-28 08:06 . 2008-07-21 17:13 40960 c:windowsie8licmgr10.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 27648 c:windowsie8jsproxy.dll
+ 2009-08-28 08:06 . 2007-08-13 15:39 92672 c:windowsie8inseng.dll
+ 2009-08-28 08:06 . 2007-08-13 15:36 36352 c:windowsie8imgutil.dll
+ 2009-08-28 08:06 . 2008-07-21 17:13 55296 c:windowsie8iesetup.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 44544 c:windowsie8iernonce.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 78336 c:windowsie8ieencode.dll
+ 2009-08-28 08:06 . 2009-06-29 11:28 70656 c:windowsie8ie4uinit.exe
+ 2009-08-28 08:06 . 2009-06-29 16:14 63488 c:windowsie8icardie.dll
+ 2009-08-28 08:06 . 2008-07-21 17:13 60416 c:windowsie8hmmapi.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 17408 c:windowsie8corpol.dll
+ 2009-08-28 08:06 . 2008-07-21 17:13 71680 c:windowsie8admparse.dll
+ 2009-08-28 08:08 . 2009-03-08 01:35 2048 c:windowsie8updatesKB973874-IE8iecompat.dll
— 2008-04-15 12:00 . 2008-04-15 12:00 121856 c:windowssystem32xmllite.dll
+ 2008-04-15 12:00 . 2009-01-07 15:21 121856 c:windowssystem32xmllite.dll
+ 2009-07-09 11:38 . 2009-03-08 01:34 208384 c:windowssystem32WinFXDocObj.exe
+ 2008-04-15 12:00 . 2009-03-08 01:34 236544 c:windowssystem32webcheck.dll
+ 2008-07-21 17:11 . 2009-03-08 01:33 420352 c:windowssystem32vbscript.dll
— 2008-07-21 17:13 . 2009-06-29 16:14 105984 c:windowssystem32url.dll
+ 2008-07-21 17:13 . 2009-03-08 01:34 105984 c:windowssystem32url.dll
+ 2008-07-21 17:13 . 2009-01-07 15:21 474112 c:windowssystem32shlwapi.dll
+ 2008-04-15 12:00 . 2009-08-21 13:27 441260 c:windowssystem32perfh009.dat
— 2008-04-15 12:00 . 2009-08-18 07:00 441260 c:windowssystem32perfh009.dat
+ 2008-07-21 17:13 . 2009-07-03 17:00 206848 c:windowssystem32occache.dll
+ 2008-07-21 17:13 . 2009-03-08 01:32 611840 c:windowssystem32mstime.dll
+ 2008-04-15 12:00 . 2009-03-08 01:34 193536 c:windowssystem32msrating.dll
— 2008-07-21 17:13 . 2008-07-21 17:13 156160 c:windowssystem32msls31.dll
+ 2008-07-21 17:13 . 2009-03-08 01:22 156160 c:windowssystem32msls31.dll
+ 2008-06-11 05:31 . 2009-07-03 17:00 594432 c:windowssystem32msfeeds.dll
+ 2009-01-07 15:20 . 2009-01-07 15:20 265720 c:windowssystem32msdbg2.dll
+ 2008-07-21 17:11 . 2009-03-08 01:33 726528 c:windowssystem32jscript.dll
+ 2009-08-28 16:36 . 2009-08-28 16:35 149280 c:windowssystem32javaws.exe
+ 2009-08-28 16:36 . 2009-08-28 16:35 145184 c:windowssystem32javaw.exe
+ 2009-08-28 16:36 . 2009-08-28 16:35 145184 c:windowssystem32java.exe
+ 2007-10-25 18:59 . 2009-03-08 01:22 164352 c:windowssystem32ieui.dll
+ 2008-07-21 17:13 . 2009-07-03 17:00 184320 c:windowssystem32iepeers.dll
+ 2008-07-21 17:13 . 2009-07-03 17:00 386048 c:windowssystem32iedkcs32.dll
+ 2008-06-11 05:30 . 2009-03-08 01:11 445952 c:windowssystem32ieapfltr.dll
+ 2008-07-21 17:13 . 2009-03-08 01:32 163840 c:windowssystem32ieakui.dll
+ 2008-07-21 17:13 . 2009-03-08 01:33 229376 c:windowssystem32ieaksie.dll
+ 2008-07-21 17:13 . 2009-03-08 01:33 125952 c:windowssystem32ieakeng.dll
+ 2008-07-21 17:13 . 2009-07-03 11:01 173056 c:windowssystem32ie4uinit.exe
+ 2008-07-21 17:13 . 2009-03-08 01:31 216064 c:windowssystem32dxtrans.dll
+ 2008-07-21 17:13 . 2009-03-08 01:31 348160 c:windowssystem32dxtmsft.dll
+ 2009-08-10 09:58 . 2009-07-03 17:00 915456 c:windowssystem32dllcachewininet.dll
+ 2009-08-10 09:58 . 2009-03-08 01:34 236544 c:windowssystem32dllcachewebcheck.dll
+ 2009-03-08 01:33 . 2009-03-08 01:33 420352 c:windowssystem32dllcachevbscript.dll
+ 2009-08-10 09:58 . 2009-03-08 01:34 105984 c:windowssystem32dllcacheurl.dll
— 2009-08-10 09:58 . 2009-06-29 16:14 105984 c:windowssystem32dllcacheurl.dll
+ 2009-01-07 15:20 . 2009-01-07 15:20 134144 c:windowssystem32dllcachesqmapi.dll
+ 2009-01-07 15:21 . 2009-01-07 15:21 474112 c:windowssystem32dllcacheshlwapi.dll
+ 2009-08-10 09:58 . 2009-07-03 17:00 206848 c:windowssystem32dllcacheoccache.dll
+ 2009-08-10 09:58 . 2009-03-08 01:32 611840 c:windowssystem32dllcachemstime.dll
+ 2009-08-10 09:58 . 2009-03-08 01:34 193536 c:windowssystem32dllcachemsrating.dll
+ 2009-03-08 01:22 . 2009-03-08 01:22 156160 c:windowssystem32dllcachemsls31.dll
+ 2009-08-10 09:58 . 2009-07-03 17:00 594432 c:windowssystem32dllcachemsfeeds.dll
+ 2009-03-08 01:33 . 2009-03-08 01:33 726528 c:windowssystem32dllcachejscript.dll
+ 2009-08-10 09:58 . 2009-03-08 11:09 638816 c:windowssystem32dllcacheiexplore.exe
+ 2009-03-08 01:31 . 2009-07-03 17:00 184320 c:windowssystem32dllcacheiepeers.dll
+ 2009-08-10 09:58 . 2009-07-03 17:00 386048 c:windowssystem32dllcacheiedkcs32.dll
+ 2009-08-10 09:58 . 2009-03-08 01:11 445952 c:windowssystem32dllcacheieapfltr.dll
+ 2009-08-10 09:58 . 2009-03-08 01:32 163840 c:windowssystem32dllcacheieakui.dll
+ 2009-08-10 09:58 . 2009-03-08 01:33 229376 c:windowssystem32dllcacheieaksie.dll
+ 2009-08-10 09:58 . 2009-03-08 01:33 125952 c:windowssystem32dllcacheieakeng.dll
+ 2009-08-10 09:58 . 2009-07-03 11:01 173056 c:windowssystem32dllcacheie4uinit.exe
+ 2009-08-10 09:58 . 2009-03-08 01:31 216064 c:windowssystem32dllcachedxtrans.dll
+ 2009-08-10 09:58 . 2009-03-08 01:31 348160 c:windowssystem32dllcachedxtmsft.dll
+ 2009-08-10 09:58 . 2009-03-08 01:32 128512 c:windowssystem32dllcacheadvpack.dll
+ 2008-07-21 17:13 . 2009-03-08 01:32 128512 c:windowssystem32advpack.dll
+ 2009-08-23 16:43 . 2009-08-23 16:43 471552 c:windowsReplay Media Catcheruninstall.exe
+ 2009-08-23 16:37 . 2009-08-23 16:37 471552 c:windowsReplay Converter 3uninstall.exe
+ 2009-08-28 16:35 . 2009-08-28 16:35 537600 c:windowsInstaller7c332.msi
+ 2009-08-28 08:08 . 2008-07-08 13:21 391032 c:windowsie8updatesKB973874-IE8spuninstupdspapi.dll
+ 2009-08-28 08:08 . 2008-07-08 13:21 232824 c:windowsie8updatesKB973874-IE8spuninstspuninst.exe
+ 2009-08-28 08:08 . 2009-03-08 01:34 914944 c:windowsie8updatesKB972260-IE8wininet.dll
+ 2009-08-28 08:08 . 2009-05-26 11:43 391032 c:windowsie8updatesKB972260-IE8spuninstupdspapi.dll
+ 2009-08-28 08:08 . 2009-05-26 11:43 232824 c:windowsie8updatesKB972260-IE8spuninstspuninst.exe
+ 2009-08-28 08:08 . 2009-03-08 01:34 109568 c:windowsie8updatesKB972260-IE8occache.dll
+ 2009-08-28 08:08 . 2009-03-08 01:32 594432 c:windowsie8updatesKB972260-IE8msfeeds.dll
+ 2009-08-28 08:08 . 2009-03-08 01:33 246784 c:windowsie8updatesKB972260-IE8ieproxy.dll
+ 2009-08-28 08:08 . 2009-03-08 01:31 183808 c:windowsie8updatesKB972260-IE8iepeers.dll
+ 2009-08-28 08:08 . 2009-03-08 11:09 391536 c:windowsie8updatesKB972260-IE8iedkcs32.dll
+ 2009-08-28 08:08 . 2009-03-08 01:32 173056 c:windowsie8updatesKB972260-IE8ie4uinit.exe
+ 2009-08-28 08:06 . 2009-06-29 16:14 828928 c:windowsie8wininet.dll
+ 2009-08-28 08:06 . 2007-08-13 15:45 206336 c:windowsie8winfxdocobj.exe
+ 2009-08-28 08:06 . 2009-06-29 16:14 233472 c:windowsie8webcheck.dll
+ 2009-08-28 08:06 . 2008-05-27 17:26 765952 c:windowsie8vgx.dll
+ 2009-08-28 08:06 . 2008-07-21 17:12 430080 c:windowsie8vbscript.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 105984 c:windowsie8url.dll
+ 2009-08-28 08:07 . 2009-01-07 15:21 390688 c:windowsie8spuninstupdspapi.dll
+ 2009-08-28 08:07 . 2009-01-07 15:21 232992 c:windowsie8spuninstspuninst.exe
+ 2009-08-28 08:06 . 2008-07-21 17:13 477184 c:windowsie8shlwapi.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 102912 c:windowsie8occache.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 671232 c:windowsie8mstime.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 193024 c:windowsie8msrating.dll
+ 2009-08-28 08:06 . 2008-07-21 17:13 156160 c:windowsie8msls31.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 477696 c:windowsie8mshtmled.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 459264 c:windowsie8msfeeds.dll
+ 2009-08-28 08:06 . 2008-07-21 17:11 512000 c:windowsie8jscript.dll
+ 2009-08-28 08:06 . 2009-06-29 07:25 634632 c:windowsie8iexplore.exe
+ 2009-08-28 08:06 . 2007-10-25 18:59 180736 c:windowsie8ieui.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 268288 c:windowsie8iertutil.dll
+ 2009-08-28 08:06 . 2007-08-13 15:54 287744 c:windowsie8ieproxy.dll
+ 2009-08-28 08:06 . 2008-07-21 17:13 191488 c:windowsie8iepeers.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 388608 c:windowsie8iedkcs32.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 380928 c:windowsie8ieapfltr.dll
+ 2009-08-28 08:06 . 2009-06-29 07:23 161792 c:windowsie8ieakui.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 230400 c:windowsie8ieaksie.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 153088 c:windowsie8ieakeng.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 214528 c:windowsie8dxtrans.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 347136 c:windowsie8dxtmsft.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 124928 c:windowsie8advpack.dll
+ 2009-08-23 16:30 . 2009-08-23 16:30 473600 c:windowsFLV Playeruninstall.exe
+ 2009-08-23 16:46 . 2009-08-23 16:46 471552 c:windowsAsk & Record Toolbaruninstall.exe
+ 2008-07-21 17:13 . 2009-07-03 17:00 1208832 c:windowssystem32urlmon.dll
+ 2008-07-21 17:13 . 2009-01-07 15:21 1497088 c:windowssystem32shdocvw.dll
+ 2008-04-15 12:00 . 2009-07-19 13:16 5937152 c:windowssystem32mshtml.dll
+ 2008-06-11 05:30 . 2009-07-03 17:00 1985536 c:windowssystem32iertutil.dll
+ 2008-06-11 05:30 . 2009-02-06 18:07 3698584 c:windowssystem32ieapfltr.dat
+ 2009-08-10 09:58 . 2009-07-03 17:00 1208832 c:windowssystem32dllcacheurlmon.dll
+ 2009-01-07 15:21 . 2009-01-07 15:21 1497088 c:windowssystem32dllcacheshdocvw.dll
+ 2009-07-19 16:01 . 2009-07-19 13:16 5937152 c:windowssystem32dllcachemshtml.dll
+ 2009-08-10 09:58 . 2009-07-03 17:00 1985536 c:windowssystem32dllcacheiertutil.dll
+ 2009-08-10 09:58 . 2009-02-06 18:07 3698584 c:windowssystem32dllcacheieapfltr.dat
+ 2009-01-07 15:21 . 2009-01-07 15:21 1022976 c:windowssystem32dllcachebrowseui.dll
+ 2008-07-21 17:13 . 2009-01-07 15:21 1022976 c:windowssystem32browseui.dll
+ 2009-08-28 08:08 . 2009-03-08 01:34 1206784 c:windowsie8updatesKB972260-IE8urlmon.dll
+ 2009-08-28 08:08 . 2009-03-08 01:41 5937152 c:windowsie8updatesKB972260-IE8mshtml.dll
+ 2009-08-28 08:08 . 2009-03-08 01:32 1985024 c:windowsie8updatesKB972260-IE8iertutil.dll
+ 2009-08-28 08:06 . 2009-06-29 16:14 1163264 c:windowsie8urlmon.dll
+ 2009-08-28 08:06 . 2008-07-21 17:13 2884608 c:windowsie8shdocvw.dll
+ 2009-08-28 08:06 . 2009-07-19 13:22 3600384 c:windowsie8mshtml.dll
+ 2009-08-28 08:06 . 2009-07-19 13:22 6070784 c:windowsie8ieframe.dll
+ 2009-08-28 08:06 . 2009-06-29 08:33 2452872 c:windowsie8ieapfltr.dat
+ 2009-08-28 08:06 . 2008-07-21 17:13 1047040 c:windowsie8browseui.dll
+ 2009-08-28 07:59 . 2009-07-29 14:49 24281536 c:windowssystem32MRT.exe
+ 2008-06-11 05:30 . 2009-07-19 15:46 11067392 c:windowssystem32ieframe.dll
+ 2009-08-10 09:58 . 2009-07-19 15:46 11067392 c:windowssystem32dllcacheieframe.dll
+ 2009-08-28 08:08 . 2009-03-08 01:39 11063808 c:windowsie8updatesKB972260-IE8ieframe.dll
.
— Snapshot reset to current date —
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE~Browser Helper Objects{70EA269E-56DF-49C2-86B2-1A1924ED88B4}]
2009-08-19 10:50 105744 —-a-w- c:program filesToolKitServiceUpdatestkiehlp2.dll
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=»c:program filesCommon FilesNeroLibNMBgMonitor.exe» [2007-09-20 202024]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2007-12-04 8523776]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2007-12-04 81920]
«NeroFilterCheck»=»c:program filesCommon FilesNeroLibNeroCheck.exe» [2007-03-01 153136]
«NBKeyScan»=»c:program filesNeroNero8Nero BackItUpNBKeyScan.exe» [2007-09-20 1836328]
«GrooveMonitor»=»c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe» [2006-10-26 31016]
«Lingvo Launcher»=»c:program filesABBYY Lingvo x3LvAgent.exe» [2008-07-16 1029408]
«avast!»=»c:progra~1ALWILS~1Avast4ashDisp.exe» [2009-08-17 81000]
«SunJavaUpdateSched»=»c:program filesJavajre6binjusched.exe» [2009-08-28 149280]
«RTHDCPL»=»RTHDCPL.EXE» — c:windowsRTHDCPL.exe [2007-03-21 16126464]
«nwiz»=»nwiz.exe» — c:windowssystem32nwiz.exe [2007-12-04 1626112]
[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«IE7_012″=»advpack.dll» — c:windowssystem32advpack.dll [2009-03-08 128512]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001
«FirewallOverride»=dword:00000001
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«DisableUnicastResponsesToMulticastBroadcast»= 0 (0x0)
[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE»=
«c:\Program Files\Microsoft Office\Office12\GROOVE.EXE»=
«c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE»=
«d:\Sims 3\Game\Bin\TS3.exe»=
«c:\Program Files\SuperBoost\X-1.exe»=
«c:\WINDOWS\system32\usmt\migwiz.exe»=
R0 mv61xx;mv61xx;c:windowssystem32driversmv61xx.sys [21.07.2008 20:14 143360]
R1 appdrv01;Application Driver (01);c:windowssystem32driversappdrv01.sys [10.07.2009 15:06 2915944]
R1 aswSP;avast! Self Protection;c:windowssystem32driversaswSP.sys [04.08.2009 16:21 114768]
R2 ABBYY.Licensing.Lingvo.Desktop.14.0;Сервис лицензирования ABBYY Lingvo x3;c:program filesCommon FilesABBYYLingvo14.0LicensingNetworkLicenseServer.exe [14.07.2008 15:10 808224]
R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [04.08.2009 16:21 20560]
R2 ToolkitSvc;Toolkit Service;c:program filesToolKitServicetoolkitservice.exe [16.07.2009 21:44 134376]
R3 ToolkitDisk;ToolkitDisk;c:windowssystem32driverstoolkitdisk.sys [16.07.2009 21:44 61160]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc —> c:windowsSystem32appdrvrem01.exe svc [?]
S3 Служба G Data Тюнер;Служба G Data Тюнер;c:program filesG DataTotalCareAVKTunerAVKTunerService.exe —> c:program filesG DataTotalCareAVKTunerAVKTunerService.exe [?]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:windowssystem32driversl151x86.sys [09.07.2009 15:15 36864]
S3 PciCon;PciCon;??j:pcicon.sys —> j:PciCon.sys [?]
— Other Services/Drivers In Memory —
*NewlyCreated* — JAVAQUICKSTARTERSERVICE
*NewlyCreated* — WMIAPSRV
[HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
«c:windowssystem32rundll32.exe» «c:windowssystem32iedkcs32.dll»,BrandIEActiveSetup SIGNUP
.
— — — — ORPHANS REMOVED — — — —
Toolbar-ITBar7Position — (no file)
.
Supplementary Scan
.
uStart Page = hxxp://www.mail.ru/
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Перевести с помощью ABBYY Lingvo x&3 — c:program filesABBYY Lingvo x3Lingvo.exe/3000
TCP: {0AF7C72E-BC1C-482F-8D2E-57850B7D565A} = 212.48.193.37 212.48.193.38
TCP: {A5EF9050-F512-481C-AEC9-44D8DB1947F8} = 78.36.121.17,78.36.121.18
DPF: {7FCCA6BE-430C-4E80-B036-56A22DD5B29B} — hxxp://static2.uploadbox.com/cab/SActiveX.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-28 21:17
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0
**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERSS-1-5-21-854245398-842925246-682003330-500SoftwareMicrosoftInternet ExplorerUser Preferences]
@Denied: (2) (Administrator)
«88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977″=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b6,e4,fa,df,a3,7d,a2,41,b6,14,92,
«2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81″=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b6,e4,fa,df,a3,7d,a2,41,b6,14,92,
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(724)
c:windowssystem32SETUPAPI.dll
c:windowssystem32cscui.dll
— — — — — — — > ‘lsass.exe'(780)
c:windowssystem32setupapi.dll
.
Completion time: 2009-08-28 21:18
ComboFix-quarantined-files.txt 2009-08-28 18:18
Pre-Run: 15 942 165 504 байт свободно
Post-Run: 16 096 353 792 байт свободно
519 — E O F — 2009-08-28 08:08
