- This topic has 3 ответа, 2 участника, and was last updated 16 years, 3 months назад by
.
-
Сообщения
-
Доброго времени суток. Уменя проблема. С переодичностью в 2 недели слетает операционка, это уже на протяжении почти года. Самое большое время работы месяц, антивирусники за это время стояли разные (Касперский, Доктор вэб, нод32, панда, не ставила только аваст…) базы обновлялись своевременно, никаких предупреждений они не выдавали, выключаю компьютер через пуск, как обычно, утром комп. не грузится… (в основном пишет поврежден системный файл, иногда предлагает восстановить, иногда нет….). В безопасном режиме тоже не грузится. У меня решение одно — переустановить операционку. Разные проверки антивирусами ничего не находят. Сканер от доктора вэба один раз находил троянов, удалил, после этого я поставила фаерволл ((OutpostPro) он работал около недели, потом перестал запускаться, выдавал какую-то ошибку, я его удалила, после чего исчезли все драйвера на модем…. при попытке восстановления драйверов система выдавала ошибку, не находила драйвера на установочных дисках…. Пришлось переустановить систему! 😆 И так еще два раза, ставлю фаерволл…Последнюю неделю сканирую комп. Anti Trojan Elite, UnHackMe, SUPERAntiSpyware Free Edition, они находят троянов вроде удаляют, но после перезагрузки находят все то же самое, что удаляли пять минут назад…. Virus Removal Tool нашел 19 троянов удалил, но при следующей проверке они были на месте, восстановление системы отключено… По вашей инструкции :
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Mufasa at 2009-07-11 00:10:16
Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (7%) free of 40 GB
Total RAM: 1022 MB (36% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:10:22, on 11.07.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesSpyware Terminatorsp_rsser.exe
C:WINDOWSExplorer.EXE
C:Program FilesMail.RuAgentMAgent.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSRTHDCPL.EXE
C:Program FilesDAEMON Tools Litedaemon.exe
C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe
C:Program FilesSpyware TerminatorSpywareTerminatorUpdate.exe
C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
C:Program FilesCommon FilesNeroLibNMIndexingService.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesOperaopera.exe
C:Documents and SettingsMufasaРабочий столVirus Removal Toolis-RKLLLis-RKLLL.exe
D:для компаantirootkit.exe
D:для компаRSIT.exe
C:Program Filestrend microMufasa.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://DreamLair.net
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://DreamLair.net
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: (no name) — {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} — C:PROGRA~1CrawlerToolbarctbr.dll
O3 — Toolbar: DAEMON Tools Toolbar — {32099AAC-C132-4136-9E9A-4E364A424E17} — C:Program FilesDAEMON Tools ToolbarDTToolbar.dll
O3 — Toolbar: Панель &Crawler — {4B3803EA-5230-4DC3-A7FC-33638F3D3542} — C:PROGRA~1CrawlerToolbarctbr.dll
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesNeroLibNeroCheck.exe
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe» ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 — HKCU..Run: [SpywareTerminatorUpdate] «C:Program FilesSpyware TerminatorSpywareTerminatorUpdate.exe»
O4 — HKCU..Run: [SUPERAntiSpyware] C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [IE8_01] regsvr32 /s /n /i:u shell32 (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [IE8_01] regsvr32 /s /n /i:u shell32 (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [IE8_01] regsvr32 /s /n /i:u shell32 (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [IE8_01] regsvr32 /s /n /i:u shell32 (User ‘Default user’)
O8 — Extra context menu item: crawler search — tbr:iemenu
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O16 — DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) — http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O17 — HKLMSystemCCSServicesTcpip..{FB62539C-B0B9-44C5-9391-EE2B55DCDDB7}: NameServer = 213.135.128.2 213.135.128.9
O17 — HKLMSystemCCSServicesTcpip..{FEFCA3F8-E6B0-4FE9-A99F-134664B82F0F}: NameServer = 213.135.128.2,213.135.128.9
O18 — Protocol: tbr — {4D25FB7A-8902-4291-960E-9ADA051CFBBF} — C:PROGRA~1CrawlerToolbarctbr.dll
O20 — Winlogon Notify: !SASWinLogon — C:Program FilesSUPERAntiSpywareSASWINLO.dll
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Nero BackItUp Scheduler 3 — Nero AG — C:Program FilesNeroNero8Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: PLFlash DeviceIoControl Service — Prolific Technology Inc. — C:WINDOWSsystem32IoctlSvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: PnkBstrA — Unknown owner — C:WINDOWSsystem32PnkBstrA.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Spyware Terminator Realtime Shield Service (sp_rssrv) — Crawler.com — C:Program FilesSpyware Terminatorsp_rsser.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 7066 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-22 62080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{1cb20bf0-bbae-40a7-93f4-6435ff3d0411}]
C:PROGRA~1CrawlerToolbarctbr.dll [2009-06-26 1215488][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} — DAEMON Tools Toolbar — C:Program FilesDAEMON Tools ToolbarDTToolbar.dll [2008-12-10 929224]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} — Панель &Crawler — C:PROGRA~1CrawlerToolbarctbr.dll [2009-06-26 1215488][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-07-03 7975096]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2009-06-10 13758464]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2009-06-10 86016]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2009-06-12 17887232]
«NeroFilterCheck»=C:Program FilesCommon FilesNeroLibNeroCheck.exe [2008-02-28 570664][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools Litedaemon.exe [2008-12-29 687560]
«IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe [2008-02-28 1828136]
«SpywareTerminatorUpdate»=C:Program FilesSpyware TerminatorSpywareTerminatorUpdate.exe [2009-07-08 3055616]
«SUPERAntiSpyware»=C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe [2009-06-23 1830128]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-04-15 15360][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify!SASWinLogon]
C:Program FilesSUPERAntiSpywareSASWINLO.dll [2008-12-22 356352][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]
C:WINDOWSsystem32WgaLogon.dll [2009-03-27 190464][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32wpdshserviceobj.dll [2008-05-18 133632][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}»=C:Program FilesSUPERAntiSpywareSASSEH.DLL [2008-05-13 77824][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesDC++DCPlusPlus.exe»=»C:Program FilesDC++DCPlusPlus.exe:*:Enabled:DC++»
«C:Program FilesOperaopera.exe»=»C:Program FilesOperaopera.exe:*:Enabled:Opera Internet Browser»
«C:WINDOWSsystem32PnkBstrA.exe»=»C:WINDOWSsystem32PnkBstrA.exe:*:Enabled:PnkBstrA»
«C:WINDOWSsystem32PnkBstrB.exe»=»C:WINDOWSsystem32PnkBstrB.exe:*:Enabled:PnkBstrB»
«C:Program FilesActivisionCall of Duty — World at WarCoDWaWmp.exe»=»C:Program FilesActivisionCall of Duty — World at WarCoDWaWmp.exe:*:Enabled:Call of Duty(R) — World at War(TM)»
«C:Program FilesActivisionCall of Duty — World at WarCoDWaW.exe»=»C:Program FilesActivisionCall of Duty — World at WarCoDWaW.exe:*:Enabled:Call of Duty(R) — World at War(TM)»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-07-10 22:43:49 —-D—- C:rsit
2009-07-10 22:20:47 —-D—- C:VundoFix Backups
2009-07-10 22:20:47 —-A—- C:VundoFix.txt
2009-07-10 21:30:16 —-D—- C:Documents and SettingsMufasaApplication DataMalwarebytes
2009-07-10 21:30:11 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2009-07-10 21:30:11 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2009-07-10 20:57:49 —-A—- C:WINDOWSPartizan.txt
2009-07-10 20:04:07 —-A—- C:WINDOWSsystem32Partizan.exe
2009-07-10 18:04:27 —-A—- C:WINDOWSntbtlog.txt
2009-07-10 17:24:43 —-A—- C:WINDOWSrootkitno.ini
2009-07-10 16:43:42 —-D—- C:Program FilesAnti Trojan Elite
2009-07-10 15:55:19 —-D—- C:Program FilesGRISOFT
2009-07-10 02:07:15 —-D—- C:Documents and SettingsMufasaApplication DataAuslogics
2009-07-10 02:07:00 —-D—- C:Program FilesAuslogics
2009-07-10 01:26:23 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-07-10 01:20:24 —-A—- C:WINDOWSsystem32ztvunrar36.dll
2009-07-10 01:20:24 —-A—- C:WINDOWSsystem32ztvunace26.dll
2009-07-10 01:20:24 —-A—- C:WINDOWSsystem32ztvcabinet.dll
2009-07-10 01:20:24 —-A—- C:WINDOWSsystem32UNRAR3.dll
2009-07-10 01:20:24 —-A—- C:WINDOWSsystem32unacev2.dll
2009-07-10 01:20:21 —-D—- C:Program FilesTrojan Remover
2009-07-10 01:20:21 —-D—- C:Documents and SettingsMufasaApplication DataSimply Super Software
2009-07-10 01:20:21 —-D—- C:Documents and SettingsAll UsersApplication DataSimply Super Software
2009-07-09 23:47:13 —-RASHD—- C:autorun.inf
2009-07-09 21:26:26 —-D—- C:Documents and SettingsAll UsersApplication DataSUPERAntiSpyware.com
2009-07-09 21:26:13 —-D—- C:Program FilesSUPERAntiSpyware
2009-07-09 21:26:13 —-D—- C:Documents and SettingsMufasaApplication DataSUPERAntiSpyware.com
2009-07-09 19:10:06 —-A—- C:WINDOWSpestpatrol5.INI
2009-07-09 19:01:20 —-A—- C:caisslog.txt
2009-07-09 18:49:52 —-D—- C:Program FilesPivim Multibar
2009-07-08 23:36:28 —-D—- C:Program FilesTrend Micro
2009-07-08 14:45:14 —-D—- C:RootkitNO
2009-07-08 14:11:13 —-D—- C:WINDOWSRestoreSafeDeleted
2009-07-08 13:41:06 —-A—- C:WINDOWSsystem32PARTIZAN.TXT
2009-07-08 13:30:00 —-RASHOT—- C:WINDOWSwinstart.bat
2009-07-08 13:29:30 —-D—- C:Program FilesUnHackMe
2009-07-08 03:26:39 —-D—- C:Program FilesWinClamAVShield
2009-07-08 02:56:31 —-D—- C:Program FilesSpybot — Search & Destroy
2009-07-08 02:56:31 —-D—- C:Documents and SettingsAll UsersApplication DataSpybot — Search & Destroy
2009-07-08 02:38:08 —-D—- C:Program FilesCrawler
2009-07-08 02:38:00 —-D—- C:Documents and SettingsMufasaApplication DataSpyware Terminator
2009-07-08 02:37:35 —-D—- C:Documents and SettingsAll UsersApplication DataSpyware Terminator
2009-07-08 02:37:25 —-D—- C:Program FilesSpyware Terminator
2009-07-08 02:14:34 —-D—- C:Documents and SettingsMufasaApplication DataPanda Security
2009-07-08 02:13:47 —-D—- C:Documents and SettingsAll UsersApplication DataPanda Security
2009-07-08 02:03:52 —-D—- C:Program Filesvnd
2009-07-08 01:31:53 —-D—- C:Documents and SettingsMufasaApplication DataUniblue
2009-07-08 00:32:17 —-D—- C:Documents and SettingsMufasaApplication DataHelp
2009-07-04 21:22:52 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-07-04 21:22:38 —-D—- C:Program FilesAdobe
2009-07-04 21:14:43 —-D—- C:Program FilesНовый Диск
2009-07-04 21:13:26 —-D—- C:Documents and SettingsMufasaApplication DataInstallShield
2009-07-04 18:24:09 —-A—- C:WINDOWSNeroDigital.ini
2009-07-04 18:20:37 —-D—- C:Program FilesNeroInstall.bak
2009-07-04 18:16:35 —-D—- C:Documents and SettingsMufasaApplication DataNero
2009-07-04 18:16:01 —-A—- C:WINDOWSsystem32MsiExec.exe.log
2009-07-04 18:14:09 —-D—- C:Program FilesNero
2009-07-04 18:14:09 —-D—- C:Documents and SettingsAll UsersApplication DataNero
2009-07-04 18:14:08 —-D—- C:Program FilesCommon FilesNero
2009-07-04 16:59:53 —-D—- C:WINDOWSsystem32DirectX
2009-07-04 16:59:53 —-D—- C:WINDOWSLogs
2009-07-04 16:59:16 —-A—- C:WINDOWSsystem32PnkBstrB.exe
2009-07-04 16:59:15 —-D—- C:WINDOWSsystem32LogFiles
2009-07-04 16:59:15 —-A—- C:WINDOWSsystem32PnkBstrA.exe
2009-07-04 16:59:15 —-A—- C:WINDOWSsystem32pbsvc.exe
2009-07-04 16:50:01 —-D—- C:Program FilesActivision
2009-07-04 16:43:42 —-SHD—- C:WINDOWSftpcache
2009-07-04 16:42:58 —-D—- C:Documents and SettingsMufasaApplication DataDAEMON Tools Pro
2009-07-04 16:42:58 —-D—- C:Documents and SettingsMufasaApplication DataDAEMON Tools
2009-07-04 16:41:58 —-D—- C:Documents and SettingsAll UsersApplication DataDAEMON Tools Lite
2009-07-04 16:41:47 —-D—- C:Program FilesDAEMON Tools Toolbar
2009-07-04 16:41:16 —-D—- C:Program FilesDAEMON Tools Lite
2009-07-04 16:39:17 —-D—- C:Documents and SettingsMufasaApplication DataDAEMON Tools Lite
2009-07-04 14:10:29 —-D—- C:Program FilesAIMP2
2009-07-04 14:00:10 —-D—- C:WINDOWSsystem32Lang
2009-07-04 13:51:49 —-D—- C:WINDOWSsystem32RTCOM
2009-07-04 13:51:41 —-A—- C:WINDOWSsystem32ksuser.dll
2009-07-04 13:51:34 —-A—- C:WINDOWSvncutil.exe
2009-07-04 13:51:34 —-A—- C:WINDOWSSOUNDMAN.EXE
2009-07-04 13:51:34 —-A—- C:WINDOWSSkyTel.exe
2009-07-04 13:51:32 —-A—- C:WINDOWSRtlUpd.exe
2009-07-04 13:51:30 —-A—- C:WINDOWSsystem32RtkCoInstXP.dll
2009-07-04 13:51:30 —-A—- C:WINDOWSRTLCPL.EXE
2009-07-04 13:51:30 —-A—- C:WINDOWSRtkAudioService.exe
2009-07-04 13:51:26 —-A—- C:WINDOWSRTHDCPL.EXE
2009-07-04 13:51:25 —-A—- C:WINDOWSMicCal.exe
2009-07-04 13:51:24 —-A—- C:WINDOWSALCWZRD.EXE
2009-07-04 13:51:23 —-HD—- C:Program FilesInstallShield Installation Information
2009-07-04 13:51:23 —-D—- C:Program FilesRealtek
2009-07-04 13:51:23 —-A—- C:WINDOWSALCMTR.EXE
2009-07-04 13:51:21 —-A—- C:WINDOWSRtlExUpd.dll
2009-07-04 01:02:21 —-D—- C:Program FilesCommon FilesDirectX
2009-07-04 00:29:40 —-A—- C:WINDOWSsystem32nvunrm.exe
2009-07-04 00:24:07 —-D—- C:WINDOWSsystem32AGEIA
2009-07-04 00:24:07 —-D—- C:Program FilesAGEIA Technologies
2009-07-04 00:23:42 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-07-04 00:13:14 —-D—- C:WINDOWSnview
2009-07-04 00:13:14 —-A—- C:WINDOWSsystem32nvudisp.exe
2009-07-04 00:12:36 —-D—- C:Program FilesCommon FilesInstallShield
2009-07-03 22:42:08 —-D—- C:КАРАОКЕ
2009-07-03 22:39:52 —-D—- C:БАКСОВЫ ДЕТКИ
2009-07-03 22:04:37 —-D—- C:ПРОГИ
2009-07-03 21:53:17 —-D—- C:КИНО
2009-07-03 18:19:22 —-D—- C:Program FilesSystemRequirementsLab
2009-07-03 18:12:11 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-07-03 18:09:03 —-D—- C:NVIDIA
2009-07-03 16:05:46 —-D—- C:Documents and SettingsMufasaApplication DataMra
2009-07-03 16:05:32 —-D—- C:Program FilesMail.Ru
2009-07-03 13:06:03 —-D—- C:Program FilesSMSDV
2009-07-03 12:06:19 —-D—- C:Documents and SettingsAll UsersApplication DataAlawarWrapper
2009-07-03 12:06:04 —-D—- C:Program FilesAlawar.ru
2009-07-03 10:20:52 —-D—- C:Program FilesDisney Interactive
2009-07-03 10:19:53 —-A—- C:WINDOWSdisney.ini
2009-07-03 10:19:50 —-A—- C:WINDOWSIsUninst.exe
2009-07-02 23:07:41 —-HD—- C:WINDOWSPIF
2009-07-02 22:41:43 —-D—- C:Documents and SettingsMufasaApplication DataQIP
2009-07-02 22:41:11 —-D—- C:Program FilesQIP Infium
2009-07-02 20:10:04 —-D—- C:WINDOWSsystem32appmgmt
2009-07-02 19:32:19 —-A—- C:WINDOWSsystem32h323log.txt
2009-07-02 19:31:24 —-A—- C:WINDOWSsystem32nvuide.exe
2009-07-02 19:31:09 —-A—- C:WINDOWSsystem32nvuninst.exe
2009-07-02 19:31:06 —-A—- C:WINDOWSsystem32usbui.dll
2009-07-02 19:30:01 —-SHD—- C:WINDOWSInstaller
2009-07-02 19:30:01 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-07-02 19:30:00 —-D—- C:Program FilesCommon FilesODBC
2009-07-02 19:30:00 —-A—- C:WINDOWSODBCINST.INI
2009-07-02 19:29:58 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-07-02 19:29:57 —-RD—- C:Program Files
2009-07-02 19:29:57 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-07-02 19:29:57 —-D—- C:Program FilesCommon Files
2009-07-02 19:29:55 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-07-02 19:29:55 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-07-02 19:29:55 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-07-02 19:29:53 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-07-02 19:29:53 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-07-02 19:29:53 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-07-02 19:29:53 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-07-02 19:29:53 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-07-02 19:29:53 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-07-02 19:29:53 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-07-02 19:29:52 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-07-02 19:29:52 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-07-02 19:29:52 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-07-02 19:29:51 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-07-02 19:29:51 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-07-02 19:29:50 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-07-02 19:29:47 —-RA—- C:WINDOWSsystem32kbdur.dll
2009-07-02 19:29:47 —-A—- C:WINDOWSsystem32kbdycc.dll
2009-07-02 19:29:47 —-A—- C:WINDOWSsystem32kbduzb.dll
2009-07-02 19:29:47 —-A—- C:WINDOWSsystem32kbdtat.dll
2009-07-02 19:29:47 —-A—- C:WINDOWSsystem32kbdmon.dll
2009-07-02 19:29:47 —-A—- C:WINDOWSsystem32kbdkyr.dll
2009-07-02 19:29:47 —-A—- C:WINDOWSsystem32kbdkaz.dll
2009-07-02 19:29:47 —-A—- C:WINDOWSsystem32kbdbu.dll
2009-07-02 19:29:47 —-A—- C:WINDOWSsystem32kbdblr.dll
2009-07-02 19:29:47 —-A—- C:WINDOWSsystem32kbdaze.dll
2009-07-02 19:29:46 —-A—- C:WINDOWSsystem32irclass.dll
2009-07-02 19:29:46 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-07-02 19:29:46 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-07-02 19:29:45 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-07-02 19:29:45 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-07-02 19:29:44 —-A—- C:WINDOWSTASKMAN.EXE
2009-07-02 19:29:43 —-A—- C:WINDOWSsystem32storprop.dll
2009-07-02 19:29:43 —-A—- C:WINDOWSsystem32CONFIG.TMP
2009-07-02 19:29:43 —-A—- C:WINDOWSsystem32batt.dll
2009-07-02 19:29:43 —-A—- C:WINDOWSNOTEPAD.EXE
2009-07-02 19:29:36 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-07-02 19:29:23 —-D—- C:WINDOWSsystem32CatRoot2
2009-07-02 19:29:23 —-D—- C:WINDOWSsystem32CatRoot
2009-07-02 19:29:18 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-07-02 19:27:54 —-A—- C:WINDOWSsetuplog.txt
2009-07-02 19:27:41 —-A—- C:WINDOWSsystem32NVCOI.DLL
2009-07-02 19:27:41 —-A—- C:WINDOWSsystem32idecoiins.dll
2009-07-02 19:27:41 —-A—- C:WINDOWSsystem32idecoi.dll
2009-07-02 19:27:35 —-A—- C:WINDOWSsystem32fdco1ins.dll
2009-07-02 19:27:35 —-A—- C:WINDOWSsystem32bdco1ins.dll
2009-07-02 19:27:30 —-A—- C:WINDOWSsystem32nvusmb.exe
2009-07-02 19:27:30 —-A—- C:WINDOWSsystem32NVCOSMB.DLL
2009-07-02 19:26:46 —-SHD—- C:System Volume Information
2009-07-02 19:26:46 —-D—- C:Documents and Settings
2009-07-02 19:26:03 —-ASH—- C:boot.ini
2009-07-02 19:22:53 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-07-02 19:22:53 —-RSD—- C:WINDOWSFonts
2009-07-02 19:22:53 —-RD—- C:WINDOWSWeb
2009-07-02 19:22:53 —-HD—- C:WINDOWSinf
2009-07-02 19:22:53 —-D—- C:WINDOWSWinSxS
2009-07-02 19:22:53 —-D—- C:WINDOWStwain_32
2009-07-02 19:22:53 —-D—- C:WINDOWSTemp
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32wins
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32wbem
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32usmt
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32spool
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32ShellExt
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32Setup
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32ru-ru
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32ru
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32ras
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32oobe
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32npp
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32mui
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32inetsrv
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32IME
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32icsxml
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32ias
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32export
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32drivers
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32dhcp
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32config
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem323com_dmi
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem323076
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem322052
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem321054
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem321049
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem321042
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem321041
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem321037
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem321033
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem321031
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem321028
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem321025
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem32
2009-07-02 19:22:53 —-D—- C:WINDOWSsystem
2009-07-02 19:22:53 —-D—- C:WINDOWSsecurity
2009-07-02 19:22:53 —-D—- C:WINDOWSResources
2009-07-02 19:22:53 —-D—- C:WINDOWSrepair
2009-07-02 19:22:53 —-D—- C:WINDOWSProvisioning
2009-07-02 19:22:53 —-D—- C:WINDOWSPeerNet
2009-07-02 19:22:53 —-D—- C:WINDOWSpchealth
2009-07-02 19:22:53 —-D—- C:WINDOWSNetwork Diagnostic
2009-07-02 19:22:53 —-D—- C:WINDOWSmui
2009-07-02 19:22:53 —-D—- C:WINDOWSmsapps
2009-07-02 19:22:53 —-D—- C:WINDOWSmsagent
2009-07-02 19:22:53 —-D—- C:WINDOWSL2Schemas
2009-07-02 19:22:53 —-D—- C:WINDOWSjava
2009-07-02 19:22:53 —-D—- C:WINDOWSime
2009-07-02 19:22:53 —-D—- C:WINDOWSHelp
2009-07-02 19:22:53 —-D—- C:WINDOWSehome
2009-07-02 19:22:53 —-D—- C:WINDOWSDriver Cache
2009-07-02 19:22:53 —-D—- C:WINDOWSDebug
2009-07-02 19:22:53 —-D—- C:WINDOWSConnection Wizard
2009-07-02 19:22:53 —-D—- C:WINDOWSConfig
2009-07-02 19:22:53 —-D—- C:WINDOWSAppPatch
2009-07-02 19:22:53 —-D—- C:WINDOWSaddins
2009-07-02 19:22:53 —-D—- C:WINDOWS
2009-07-02 18:38:50 —-D—- C:Program FilesDrWeb
2009-07-02 18:38:50 —-D—- C:Documents and SettingsAll UsersApplication DataDoctor Web
2009-07-02 18:26:55 —-D—- C:Documents and SettingsAll UsersApplication DataAgnitum
2009-07-02 18:07:52 —-D—- C:Program FilesVirtualDubMod
2009-07-02 18:04:56 —-D—- C:Documents and SettingsMufasaApplication DataMacromedia
2009-07-02 18:04:56 —-D—- C:Documents and SettingsMufasaApplication DataAdobe
2009-07-02 18:00:16 —-D—- C:Spyware Cleaner 2009
2009-07-02 17:53:24 —-D—- C:Program FilesDC++
2009-07-02 17:50:52 —-SHD—- C:RECYCLER
2009-07-02 17:49:23 —-D—- C:ESET_NOD32_Antivirus_Business_Edition_4.0.437_English_x86
2009-07-02 17:49:09 —-D—- C:Documents and SettingsMufasaApplication DataWinRAR
2009-07-02 17:48:47 —-D—- C:Program FilesThe Cleaner
2009-07-02 17:14:29 —-D—- C:Documents and SettingsMufasaApplication DataOpera
2009-07-02 17:14:25 —-D—- C:Program FilesOpera
2009-07-02 16:45:10 —-D—- C:Documents and SettingsMufasaApplication DataIdentities
2009-07-02 16:45:06 —-HD—- C:Program FilesUninstall Information
2009-07-02 16:44:56 —-D—- C:Program FilesWinRAR
2009-07-02 16:42:38 —-SD—- C:Documents and SettingsMufasaApplication DataMicrosoft
2009-07-02 16:42:38 —-ASH—- C:Documents and SettingsMufasaApplication Datadesktop.ini
2009-07-02 16:42:37 —-D—- C:WINDOWSsystem32xircom
2009-07-02 16:42:37 —-D—- C:Program Filesxerox
2009-07-02 16:42:36 —-D—- C:Program Filesmicrosoft frontpage
2009-07-02 16:41:16 —-SD—- C:WINDOWSsystem32Microsoft
2009-07-02 16:41:16 —-D—- C:WINDOWSPrefetch
2009-07-02 16:41:16 —-A—- C:WINDOWSSchedLgU.Txt
2009-07-02 16:40:15 —-RA—- C:Program Filesboot.ini
2009-07-02 16:39:18 —-D—- C:Program FilesUkraine
2009-07-02 16:39:06 —-AD—- C:WINDOWSCursors
2009-07-02 16:39:04 —-AD—- C:WINDOWSMedia
2009-07-02 16:39:02 —-D—- C:Program FilesMicrosoft Silverlight
2009-07-02 16:38:57 —-D—- C:WINDOWSsystem32Adobe
2009-07-02 16:38:57 —-D—- C:Program FilesCommon FilesAdobe
2009-07-02 16:38:14 —-RSD—- C:WINDOWSassembly
2009-07-02 16:38:14 —-D—- C:WINDOWSMicrosoft.NET
2009-07-02 16:38:12 —-D—- C:WINDOWSsystem32URTTemp
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xinput9_1_0.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xinput1_3.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xinput1_2.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xinput1_1.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xaudio2_4.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xaudio2_3.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32XAudio2_2.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32XAudio2_1.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32XAudio2_0.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xapofx1_3.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xapofx1_2.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32XAPOFX1_1.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32XAPOFX1_0.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine3_4.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine3_3.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine3_2.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine3_1.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine3_0.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine2_9.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine2_8.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine2_7.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine2_6.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine2_5.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine2_4.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine2_3.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine2_2.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine2_10.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine2_1.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32xactengine2_0.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32x3daudio1_6.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32x3daudio1_5.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32X3DAudio1_4.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32X3DAudio1_3.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32x3daudio1_2.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32x3daudio1_1.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32x3daudio1_0.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32d3dx9_41.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32D3DX9_40.dll
2009-07-02 16:37:55 —-A—- C:WINDOWSsystem32d3dx9_39.dll
2009-07-02 16:37:54 —-A—- C:WINDOWSsystem32d3dx9_38.dll
2009-07-02 16:37:54 —-A—- C:WINDOWSsystem32d3dx9_37.dll
2009-07-02 16:37:54 —-A—- C:WINDOWSsystem32d3dx9_36.dll
2009-07-02 16:37:54 —-A—- C:WINDOWSsystem32d3dx9_35.dll
2009-07-02 16:37:54 —-A—- C:WINDOWSsystem32d3dx9_34.dll
2009-07-02 16:37:54 —-A—- C:WINDOWSsystem32d3dx9_33.dll
2009-07-02 16:37:54 —-A—- C:WINDOWSsystem32d3dx9_32.dll
2009-07-02 16:37:54 —-A—- C:WINDOWSsystem32d3dx9_31.dll
2009-07-02 16:37:54 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2009-07-02 16:37:54 —-A—- C:WINDOWSsystem32d3dx9_29.dll
2009-07-02 16:37:54 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx9_27.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx9_26.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx9_25.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx9_24.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx10_41.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx10_40.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx10_39.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx10_38.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx10_37.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx10_36.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx10_35.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx10_34.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx10_33.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dx10.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dcompiler_41.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32D3DCompiler_40.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32D3DCompiler_39.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32D3DCompiler_38.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32D3DCompiler_37.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dcompiler_36.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dcompiler_35.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dcompiler_34.dll
2009-07-02 16:37:53 —-A—- C:WINDOWSsystem32d3dcompiler_33.dll
2009-07-02 16:37:43 —-A—- C:WINDOWSsystem32zlib1.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32wrap_oal.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32wnaspi32.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32Vbrun300.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32vbrun200.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32vbrun100.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32Vb40032.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32Vb40016.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32ssleay32.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32OpenAL32.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32msvcrt10.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32msvcr71.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32msvcr70.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32msvcp71.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MSVCP70.DLL
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32msvci70.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MSSTKPRP.DLL
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32msstdfmt.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MFC71u.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MFC71KOR.DLL
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MFC71JPN.DLL
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MFC71ITA.DLL
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MFC71FRA.DLL
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MFC71ESP.DLL
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MFC71ENU.DLL
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MFC71DEU.DLL
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MFC71CHT.DLL
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MFC71CHS.DLL
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32MFC71.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32mfc70u.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32mfc70kor.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32mfc70jpn.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32mfc70ita.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32mfc70fra.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32mfc70esp.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32mfc70enu.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32mfc70deu.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32mfc70cht.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32mfc70chs.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32mfc70.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32libssl32.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32libeay32.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32atl71.dll
2009-07-02 16:37:42 —-A—- C:WINDOWSsystem32atl70.dll
2009-07-02 16:37:38 —-D—- C:Program FilesMSXML 4.0
2009-07-02 16:37:24 —-A—- C:WINDOWScontrol.ini
2009-07-02 16:37:24 —-A—- C:AUTOEXEC.BAT
2009-07-02 16:37:17 —-A—- C:WINDOWSOEWABLog.txt
2009-07-02 16:37:13 —-A—- C:WINDOWSsystem32mapi32.dll
2009-07-02 16:37:08 —-D—- C:Temp
2009-07-02 16:36:24 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-07-02 16:36:20 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-07-02 16:36:16 —-HD—- C:Program FilesWindowsUpdate
2009-07-02 16:36:05 —-A—- C:WINDOWSsystem32atrace.dll
2009-07-02 16:36:04 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-07-02 16:36:03 —-A—- C:WINDOWSsystem32acctres.dll
2009-07-02 16:36:02 —-D—- C:Program FilesCommon FilesServices
2009-07-02 16:36:00 —-SD—- C:WINDOWSTasks
2009-07-02 16:36:00 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-07-02 16:35:59 —-D—- C:Program FilesCommon FilesMSSoap
2009-07-02 16:35:56 —-D—- C:WINDOWSsystem32Macromed
2009-07-02 16:35:56 —-D—- C:WINDOWSsrchasst
2009-07-02 16:35:54 —-A—- C:WINDOWSsystem32wuweb.dll
2009-07-02 16:35:54 —-A—- C:WINDOWSsystem32wucltui.dll
2009-07-02 16:35:54 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-07-02 16:35:54 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-07-02 16:35:53 —-A—- C:WINDOWSsystem32wups.dll
2009-07-02 16:35:53 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-07-02 16:35:53 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-07-02 16:35:53 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-07-02 16:35:53 —-A—- C:WINDOWSsystem32wuapi.dll
2009-07-02 16:35:53 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-07-02 16:35:53 —-A—- C:WINDOWSsystem32qmgr.dll
2009-07-02 16:35:53 —-A—- C:WINDOWSsystem32bitsprx4.dll
2009-07-02 16:35:53 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-07-02 16:35:53 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-07-02 16:35:49 —-D—- C:Program FilesMovie Maker
2009-07-02 16:35:38 —-A—- C:WINDOWSsystem32safrslv.dll
2009-07-02 16:35:38 —-A—- C:WINDOWSsystem32safrdm.dll
2009-07-02 16:35:38 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-07-02 16:35:38 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-07-02 16:35:35 —-A—- C:WINDOWSsystem32fltMc.exe
2009-07-02 16:35:35 —-A—- C:WINDOWSsystem32fltlib.dll
2009-07-02 16:35:34 —-D—- C:WINDOWSsystem32Restore
2009-07-02 16:35:34 —-A—- C:WINDOWSsystem32srsvc.dll
2009-07-02 16:35:34 —-A—- C:WINDOWSsystem32srrstr.dll
2009-07-02 16:35:34 —-A—- C:WINDOWSsystem32srclient.dll
2009-07-02 16:35:34 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-07-02 16:35:34 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-07-02 16:35:34 —-A—- C:WINDOWSsystem32ils.dll
2009-07-02 16:35:33 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-07-02 16:35:33 —-A—- C:WINDOWSsystem32msconf.dll
2009-07-02 16:35:33 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-07-02 16:35:31 —-D—- C:Program FilesNetMeeting
2009-07-02 16:35:31 —-A—- C:WINDOWSsystem32msoert2.dll
2009-07-02 16:35:31 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-07-02 16:35:30 —-A—- C:WINDOWSsystem32inetres.dll
2009-07-02 16:35:30 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-07-02 16:35:28 —-D—- C:Program FilesOutlook Express
2009-07-02 16:35:28 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-07-02 16:35:28 —-A—- C:WINDOWSsystem32mstinit.exe
2009-07-02 16:35:28 —-A—- C:WINDOWSsystem32mstask.dll
2009-07-02 16:35:28 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-07-02 16:35:28 —-A—- C:WINDOWSsystem32icwdial.dll
2009-07-02 16:35:27 —-A—- C:WINDOWSsystem32isign32.dll
2009-07-02 16:35:27 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-07-02 16:35:23 —-D—- C:Program FilesCommon FilesSystem
2009-07-02 16:34:46 —-D—- C:Program FilesComPlus Applications
2009-07-02 16:34:45 —-A—- C:WINDOWSvbaddin.ini
2009-07-02 16:34:45 —-A—- C:WINDOWSvb.ini
2009-07-02 16:34:41 —-D—- C:WINDOWSRegistration
2009-07-02 16:34:28 —-D—- C:Program FilesWindows Media Player
2009-07-02 16:34:28 —-D—- C:Program FilesWindows Media Connect 2
2009-07-02 16:34:24 —-A—- C:WINDOWSsystem32winfxdocobj.exe
2009-07-02 16:34:24 —-A—- C:WINDOWSsystem32msfeedssync.exe
2009-07-02 16:34:23 —-A—- C:WINDOWSsystem32msfeedsbs.dll
2009-07-02 16:34:22 —-A—- C:WINDOWSsystem32ieframe.dll.mui
2009-07-02 16:34:21 —-A—- C:WINDOWSsystem32advpack.dll.mui
2009-07-02 16:34:19 —-RD—- C:WINDOWSOffline Web Pages
2009-07-02 16:34:19 —-D—- C:WINDOWSwbem
2009-07-02 16:34:19 —-D—- C:Program FilesInternet Explorer
2009-07-02 16:34:18 —-SD—- C:WINDOWSDownloaded Program Files
2009-07-02 16:34:18 —-D—- C:WINDOWSsystem32PreInstall
2009-07-02 16:34:18 —-A—- C:WINDOWSsystem32muweb.dll
2009-07-02 16:34:18 —-A—- C:WINDOWSsystem32mucltui.dll.mui
2009-07-02 16:34:17 —-D—- C:WINDOWSSoftwareDistribution
2009-07-02 16:34:17 —-A—- C:WINDOWSsystem32wudfupdate_01007.dll
2009-07-02 16:34:17 —-A—- C:WINDOWSsystem32winusbcoinstaller.dll
2009-07-02 16:34:17 —-A—- C:WINDOWSsystem32mucltui.dll
2009-07-02 16:34:16 —-A—- C:WINDOWSsystem32wdfcoinstaller01007.dll
2009-07-02 16:34:15 —-A—- C:WINDOWSsystem32gpprefcl.dll
2009-07-02 16:34:12 —-D—- C:Program FilesMSN Gaming Zone
2009-07-02 16:34:12 —-A—- C:WINDOWSsystem32write.exe
2009-07-02 16:34:05 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-07-02 16:34:05 —-A—- C:WINDOWSsystem32hticons.dll
2009-07-02 16:34:04 —-A—- C:WINDOWSsystem32winchat.exe
2009-07-02 16:34:04 —-A—- C:WINDOWSsystem32avwav.dll
2009-07-02 16:34:04 —-A—- C:WINDOWSsystem32avtapi.dll
2009-07-02 16:34:04 —-A—- C:WINDOWSsystem32avmeter.dll
2009-07-02 16:34:00 —-A—- C:WINDOWSsystem32getuname.dll
2009-07-02 16:33:59 —-A—- C:WINDOWSsystem32winmine.exe
2009-07-02 16:33:59 —-A—- C:WINDOWSsystem32sol.exe
2009-07-02 16:33:59 —-A—- C:WINDOWSsystem32charmap.exe
2009-07-02 16:33:59 —-A—- C:WINDOWSsystem32calc.exe
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32tslabels.ini
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32tskill.exe
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32tscon.exe
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32shadow.exe
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32reset.exe
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32regini.exe
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32mshearts.exe
2009-07-02 16:33:58 —-A—- C:WINDOWSsystem32freecell.exe
2009-07-02 16:33:57 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-07-02 16:33:57 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-07-02 16:33:57 —-A—- C:WINDOWSsystem32msg.exe
2009-07-02 16:33:57 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-07-02 16:33:57 —-A—- C:WINDOWSsystem32logoff.exe
2009-07-02 16:33:57 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-07-02 16:33:52 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-07-02 16:33:52 —-A—- C:WINDOWSsystem32accwiz.exe
2009-07-02 16:33:51 —-D—- C:Program FilesWindows NT
2009-07-02 16:33:51 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-07-02 16:33:51 —-A—- C:WINDOWSsystem32mspaint.exe
2009-07-02 16:33:51 —-A—- C:WINDOWSsystem32mplay32.exe
2009-07-02 16:33:51 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-07-02 16:33:50 —-A—- C:WINDOWSsystem32spider.exe
2009-07-02 16:33:50 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-07-02 16:33:49 —-A—- C:WINDOWSsystem32tsgqec.dll
2009-07-02 16:33:49 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-07-02 16:33:49 —-A—- C:WINDOWSsystem32rhttpaa.dll
2009-07-02 16:33:49 —-A—- C:WINDOWSsystem32mstscax.dll
2009-07-02 16:33:49 —-A—- C:WINDOWSsystem32aaclient.dll
2009-07-02 16:33:48 —-A—- C:WINDOWSsystem32termsrv.dll
2009-07-02 16:33:48 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-07-02 16:33:48 —-A—- C:WINDOWSsystem32remotepg.dll
2009-07-02 16:33:48 —-A—- C:WINDOWSsystem32rdshost.exe
2009-07-02 16:33:48 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-07-02 16:33:48 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-07-02 16:33:48 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-07-02 16:33:48 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-07-02 16:33:48 —-A—- C:WINDOWSsystem32rdchost.dll
2009-07-02 16:33:48 —-A—- C:WINDOWSsystem32qprocess.exe
2009-07-02 16:33:48 —-A—- C:WINDOWSsystem32mstsc.exe
2009-07-02 16:33:47 —-D—- C:WINDOWSsystem32MsDtc
2009-07-02 16:33:47 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-07-02 16:33:47 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-07-02 16:33:47 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-07-02 16:33:47 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-07-02 16:33:47 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-07-02 16:33:47 —-A—- C:WINDOWSsystem32icaapi.dll
2009-07-02 16:33:47 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-07-02 16:33:46 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-07-02 16:33:46 —-A—- C:WINDOWSsystem32mtxex.dll
2009-07-02 16:33:46 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-07-02 16:33:46 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-07-02 16:33:46 —-A—- C:WINDOWSsystem32msdtc.exe
2009-07-02 16:33:46 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-07-02 16:33:45 —-D—- C:WINDOWSsystem32Com
2009-07-02 16:33:45 —-A—- C:WINDOWSsystem32stclient.dll
2009-07-02 16:33:45 —-A—- C:WINDOWSsystem32comrepl.dll
2009-07-02 16:33:45 —-A—- C:WINDOWSsystem32comaddin.dll
2009-07-02 16:33:45 —-A—- C:WINDOWSsystem32colbact.dll
2009-07-02 16:33:45 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-07-02 16:33:45 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-07-02 16:33:45 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-07-02 16:33:45 —-A—- C:WINDOWSsystem32catsrv.dll
2009-07-02 16:33:44 —-A—- C:WINDOWSsystem32comuid.dll
2009-07-02 16:33:44 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-07-02 16:33:44 —-A—- C:WINDOWSsystem32comsnap.dll
2009-07-02 16:33:44 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-07-02 16:33:39 —-A—- C:WINDOWSsystem32servdeps.dll
2009-07-02 16:33:39 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-07-02 16:33:39 —-A—- C:WINDOWSsystem32licwmi.dll
2009-07-02 16:33:39 —-A—- C:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-07-10 14:38:13 —-A—- C:WINDOWSwin.ini
2009-07-02 19:29:56 —-A—- C:WINDOWSsystem.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;AMD Processor Driver; C:WINDOWSsystem32DRIVERSAmdK8.sys [2006-06-19 36864]
R1 is-RKLLLdrv;is-RKLLLdrv; C:WINDOWSsystem32DRIVERS39900678.sys [2008-07-08 148496]
R1 SASDIFSV;SASDIFSV; ??C:Program FilesSUPERAntiSpywareSASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; ??C:Program FilesSUPERAntiSpywareSASKUTIL.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; ??C:WINDOWSsystem32driverssp_rsdrv2.sys []
R2 exFat;exFat; C:WINDOWSsystem32driversexFat.sys [2009-01-28 133632]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2008-10-11 62848]
R3 ATE_PROCMON;ATE_PROCMON; ??C:Program FilesAnti Trojan EliteATEPMon.sys []
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2009-06-16 5095936]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2009-06-10 8087712]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2008-08-01 22016]
R3 SASENUM;SASENUM; ??C:Program FilesSUPERAntiSpywareSASENUM.SYS []
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-04-15 17152]
R3 XenAntiSpywareFilter;10.07.200922:31:54; ??C:TempRar$EX01.984XAS_4.4.2_Light ruXAF.sys []
S3 Ambfilt;Ambfilt; C:WINDOWSsystem32driversAmbfilt.sys [2008-08-05 1684736]
S3 asdm4929;asdm4929; C:WINDOWSsystem32driversasdm4929.sys []
S3 Monfilt;Monfilt; C:WINDOWSsystem32driversMonfilt.sys [2006-01-04 1389056]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2008-05-18 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2008-05-18 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2008-04-15 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:Program FilesSpyware Terminatorsp_rsser.exe [2009-07-08 487424]
R3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesNeroLibNMIndexingService.exe [2008-02-28 529704]
S2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:Program FilesNeroNero8Nero BackItUpNBService.exe [2008-02-18 877864]
S2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2009-06-10 168004]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:WINDOWSsystem32IoctlSvc.exe [2006-12-19 81920]
S2 PnkBstrA;PnkBstrA; C:WINDOWSsystem32PnkBstrA.exe [2009-07-04 66872]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2004-07-15 32768]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media Playerwmpnetwk.exe [2006-11-03 914944]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
EOF
Может у меня руки не из того места растут, но все равно очень рассчитываю на Вашу помощь!Здравствуйте, добро пожаловать на Spyware-ru форум.
Проверим ещё одной программой.
Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.Примечание: перед использованием Combofix обязательно установите Recovery console. Как это сделать будет описано на странице, ссылку на которую я привёл выше.
Спасибо огромное за помощь! Вот лог
ComboFix 09-07-13.01 — Mufasa 14.07.2009 3:24.2.2 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.1022.493 [GMT 4:00]
Running from: c:documents and settingsMufasaРабочий столComboFix.exe
Command switches used :: c:documents and settingsMufasaРабочий столWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
FW: Outpost Firewall Pro *disabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
..
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
Legacy_RKHIT((((((((((((((((((((((((( Files Created from 2009-06-13 to 2009-07-13 )))))))))))))))))))))))))))))))
.2009-07-13 23:27 . 2009-07-13 23:27 60416 —-a-w- c:tempPerflib_Perfdata__755.dat
2009-07-13 21:42 . 2009-04-06 07:37 704384 —-a-w- c:windowssystem32driversSandBox.sys
2009-07-13 21:42 . 2009-02-10 12:15 257432 —-a-w- c:windowssystem32driversafwcore.sys
2009-07-13 21:40 . 2009-02-18 13:30 31128 —-a-w- c:windowssystem32driversafw.sys
2009-07-13 21:40 . 2009-07-13 23:27
d
w- c:tempsdi
2009-07-13 21:40 . 2009-07-13 21:48
d
w- c:windowssystem32Filt
2009-07-13 21:40 . 2009-07-13 21:40
d
w- c:program filesAgnitum
2009-07-13 21:40 . 2009-07-13 21:48
d
w- c:tempis-99D41.tmp
2009-07-13 21:40 . 2009-07-13 21:40
d
w- c:tempis-1EVPI.tmp
2009-07-13 15:03 . 2009-07-13 15:03
d
w- C:VBARESCUE
2009-07-13 12:47 . 2009-07-13 12:45 42112 —-a-w- c:windowssystem32driversSDTHOOK.SYS
2009-07-12 09:12 . 2009-07-12 09:12
d
w- c:tempnro.log
2009-07-11 11:35 . 2009-07-12 08:19 4212 —h—w- c:windowssystem32zllictbl.dat
2009-07-11 11:34 . 2009-07-13 23:27
d
w- c:temp71109153419
2009-07-11 11:34 . 2009-07-12 08:30
d
w- c:windowsInternet Logs
2009-07-10 18:43 . 2009-07-10 18:44
d
w- C:rsit
2009-07-10 18:20 . 2009-07-10 18:20
d
w- C:VundoFix Backups
2009-07-10 17:30 . 2009-07-10 17:30
d
w- c:documents and settingsMufasaApplication DataMalwarebytes
2009-07-10 17:30 . 2009-07-10 17:30
d
w- c:documents and settingsAll UsersApplication DataMalwarebytes
2009-07-10 14:29 . 2009-07-13 23:27
d
w- c:tempTRTEMP-SPT_38_DB_3.007.009.0000_patch_3.007.008.000
2009-07-10 14:27 . 2009-07-10 14:27
d
w- c:documents and settingsAdminApplication DataSimply Super Software
2009-07-10 14:27 . 2009-04-18 08:14 2937720 —-a-w- c:documents and settingsAdminApplication DataSimply Super SoftwareTrojan Removerjmc36.exe
2009-07-10 14:07 . 2009-07-10 14:07
d
w- c:documents and settingsAdminApplication DataSpyware Terminator
2009-07-10 14:07 . 2009-07-10 14:07 117760 —-a-w- c:documents and settingsAdminApplication DataSUPERAntiSpyware.comSUPERAntiSpywareSDDLLSUIREPAIR.DLL
2009-07-10 14:06 . 2009-07-10 14:06
d
w- c:documents and settingsAdminApplication DataSUPERAntiSpyware.com
2009-07-10 12:43 . 2009-07-13 19:52
d
w- c:program filesAnti Trojan Elite
2009-07-10 10:58 . 2009-07-13 23:27
d
w- c:tempis-CE74L.tmp
2009-07-10 10:58 . 2009-07-10 10:58
d
w- c:tempis-54C2T.tmp
2009-07-09 22:07 . 2009-07-09 22:09
d
w- c:documents and settingsMufasaApplication DataAuslogics
2009-07-09 22:07 . 2009-07-09 22:07
d
w- c:program filesAuslogics
2009-07-09 21:26 . 2009-07-10 14:27
d—a-w- c:documents and settingsAll UsersApplication DataTEMP
2009-07-09 21:20 . 2009-07-13 19:56
d
w- c:program filesTrojan Remover
2009-07-09 17:26 . 2009-07-09 17:26
d
w- c:documents and settingsAll UsersApplication DataSUPERAntiSpyware.com
2009-07-09 17:26 . 2009-07-13 19:56
d
w- c:documents and settingsMufasaApplication DataSUPERAntiSpyware.com
2009-07-09 17:26 . 2009-07-13 19:56
d
w- c:program filesSUPERAntiSpyware
2009-07-09 08:51 . 2009-07-13 23:27
d-sh—w- c:tempCookies
2009-07-09 08:51 . 2009-07-09 08:51
d-sh—w- c:tempTemporary Internet Files
2009-07-09 08:51 . 2009-07-09 08:51
d-sh—w- c:tempHistory
2009-07-08 19:36 . 2009-07-10 20:10
d
w- c:program filesTrend Micro
2009-07-08 14:13 . 2009-07-13 23:28 146022432 —sha-w- c:windowssystem32driversfidbox.dat
2009-07-08 14:13 . 2008-07-08 10:54 148496 —-a-w- c:windowssystem32drivers39900678.sys
2009-07-08 10:45 . 2009-07-10 19:07
d
w- C:RootkitNO
2009-07-08 10:11 . 2009-07-08 10:11
d
w- c:windowsRestoreSafeDeleted
2009-07-08 09:30 . 2009-07-10 16:03 2 —shatr- c:windowswinstart.bat
2009-07-08 09:29 . 2009-07-13 19:56
d
w- c:program filesUnHackMe
2009-07-08 09:27 . 2009-07-08 09:27
d
r- c:documents and settingsLocalServiceИзбранное
2009-07-07 22:56 . 2009-07-13 19:55
d
w- c:program filesSpybot — Search & Destroy
2009-07-07 22:56 . 2009-07-13 19:55
d
w- c:documents and settingsAll UsersApplication DataSpybot — Search & Destroy
2009-07-07 22:38 . 2009-07-07 22:38
d
w- c:program filesCrawler
2009-07-07 22:14 . 2009-07-07 22:14
d
w- c:documents and settingsMufasaApplication DataPanda Security
2009-07-07 22:13 . 2009-07-07 22:13
d
w- c:documents and settingsAll UsersApplication DataPanda Security
2009-07-07 22:03 . 2009-07-07 22:10
d
w- c:program filesvnd
2009-07-07 21:31 . 2009-07-07 21:31
d
w- c:documents and settingsMufasaApplication DataUniblue
2009-07-07 20:32 . 2009-07-07 20:32
d
w- c:documents and settingsMufasaLocal SettingsApplication DataHelp
2009-07-04 17:23 . 2009-07-05 17:38
d
w- c:documents and settingsMufasaLocal SettingsApplication DataAdobe
2009-07-04 12:59 . 2009-07-04 12:59
d
w- c:windowsLogs
2009-07-04 12:59 . 2009-07-04 12:59 22328 —-a-w- c:documents and settingsMufasaApplication DataPnkBstrK.sys
2009-07-04 12:59 . 2009-07-04 12:59
d
w- c:windowssystem32LogFiles
2009-07-04 12:50 . 2009-07-04 12:50
d
w- c:program filesActivision
2009-07-04 12:43 . 2009-07-04 12:43
d-sh—w- c:windowsftpcache
2009-07-04 12:42 . 2009-07-04 17:13
d
w- c:documents and settingsMufasaApplication DataDAEMON Tools Pro
2009-07-04 12:42 . 2009-07-04 12:42
d
w- c:documents and settingsMufasaApplication DataDAEMON Tools
2009-07-04 12:41 . 2009-07-04 12:41
d
w- c:documents and settingsAll UsersApplication DataDAEMON Tools Lite
2009-07-04 12:41 . 2009-07-04 12:41
d
w- c:program filesDAEMON Tools Toolbar
2009-07-04 12:41 . 2009-07-04 13:06
d
w- c:program filesDAEMON Tools Lite
2009-07-04 12:39 . 2009-07-04 12:43
d
w- c:documents and settingsMufasaApplication DataDAEMON Tools Lite
2009-07-04 12:39 . 2009-07-04 12:39 717296 —-a-w- c:windowssystem32driverssptd.sys
2009-07-04 10:10 . 2009-07-04 10:11
d
w- c:program filesAIMP2
2009-07-04 10:00 . 2009-07-04 10:00
d
w- c:windowssystem32Lang
2009-07-04 09:52 . 2008-04-13 20:15 6272 —-a-w- c:windowssystem32driverssplitter.sys
2009-07-04 09:52 . 2008-04-13 20:47 83072 —-a-w- c:windowssystem32driverswdmaud.sys
2009-07-04 09:52 . 2008-04-13 20:15 52864 —-a-w- c:windowssystem32driversDMusic.sys
2009-07-04 09:52 . 2008-04-13 20:15 56576 —-a-w- c:windowssystem32driversswmidi.sys
2009-07-04 09:52 . 2008-04-13 20:15 172416 —-a-w- c:windowssystem32driverskmixer.sys
2009-07-04 09:52 . 2008-04-13 18:09 142592 —-a-w- c:windowssystem32driversaec.sys
2009-07-03 21:02 . 2009-07-03 21:02
d
w- c:program filesCommon FilesDirectX
2009-07-03 20:29 . 2008-07-29 09:33 446464 —-a-w- c:windowssystem32nvunrm.exe
2009-07-03 20:29 . 2008-07-07 21:45 4984 —-a-w- c:windowssystem32driversnvphy.bin
2009-07-03 20:24 . 2009-07-03 20:24
d
w- c:windowssystem32AGEIA
2009-07-03 20:24 . 2009-07-03 20:24
d
w- c:program filesAGEIA Technologies
2009-07-03 20:23 . 2009-07-13 19:56
d
w- c:program filesCommon FilesWise Installation Wizard
2009-07-03 20:13 . 2009-07-03 20:13
d
w- c:windowsnview
2009-07-03 20:13 . 2009-06-10 02:03 457248 —-a-w- c:windowssystem32nvudisp.exe
2009-07-03 20:12 . 2009-07-03 20:12
d
w- c:program filesCommon FilesInstallShield
2009-07-03 18:42 . 2009-07-03 18:47
d
w- C:КАРАОКЕ
2009-07-03 18:39 . 2009-07-03 18:40
d
w- C:БАКСОВЫ ДЕТКИ
2009-07-03 18:04 . 2009-07-13 19:59
d
w- C:ПРОГИ
2009-07-03 17:53 . 2009-07-03 18:03
d
w- C:КИНО
2009-07-03 14:09 . 2009-07-03 20:22
d
w- C:NVIDIA
2009-07-03 12:05 . 2009-07-03 12:07
d
w- c:documents and settingsMufasaApplication DataMra
2009-07-03 12:05 . 2009-07-03 12:05
d
w- c:program filesMail.Ru
2009-07-03 09:06 . 2009-07-03 10:30
d
w- c:program filesSMSDV
2009-07-03 08:06 . 2009-07-12 16:58
d
w- c:documents and settingsAll UsersApplication DataAlawarWrapper
2009-07-03 08:06 . 2009-07-03 10:43
d
w- c:program filesAlawar.ru
2009-07-03 06:20 . 2009-07-03 06:20
d
w- c:program filesDisney Interactive
2009-07-03 06:19 . 1998-01-23 09:22 304128 —-a-w- c:windowsIsUninst.exe
2009-07-03 06:19 . 2009-07-03 06:19
d
w- c:documents and settingsMufasaWINDOWS
2009-07-02 19:07 . 2009-07-02 19:07
d—h—w- c:windowsPIF
2009-07-02 18:41 . 2009-07-02 18:41
d
w- c:documents and settingsMufasaApplication DataQIP
2009-07-02 18:41 . 2009-07-02 18:41
d
w- c:program filesQIP Infium.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-13 23:27 . 2009-07-08 14:13 1713080 —sha-w- c:windowssystem32driversfidbox.idx
2009-07-13 19:53 . 2008-04-15 10:00 49350 —-a-w- c:windowssystem32perfc019.dat
2009-07-13 19:53 . 2008-04-15 10:00 346144 —-a-w- c:windowssystem32perfh019.dat
2009-07-10 14:51 . 2009-07-02 15:34 664 —-a-w- c:windowssystem32d3d9caps.dat
2009-07-07 23:34 . 2009-07-02 14:38
d
w- c:documents and settingsAll UsersApplication DataDoctor Web
2009-07-07 20:24 . 2009-07-02 14:38
d
w- c:program filesDrWeb
2009-07-04 17:23 . 2009-07-02 12:38
d
w- c:program filesCommon FilesAdobe
2009-07-04 17:14 . 2009-07-04 17:14
d
w- c:program filesНовый Диск
2009-07-04 17:14 . 2009-07-04 09:51
d—h—w- c:program filesInstallShield Installation Information
2009-07-04 17:13 . 2009-07-04 17:13
d
w- c:documents and settingsMufasaApplication DataInstallShield
2009-07-04 14:20 . 2009-07-04 14:20
d
w- c:program filesNeroInstall.bak
2009-07-04 14:16 . 2009-07-04 14:16
d
w- c:documents and settingsMufasaApplication DataNero
2009-07-04 14:15 . 2009-07-04 14:14
d
w- c:program filesCommon FilesNero
2009-07-04 14:14 . 2009-07-04 14:14
d
w- c:program filesNero
2009-07-04 14:14 . 2009-07-04 14:14
d
w- c:documents and settingsAll UsersApplication DataNero
2009-07-04 09:51 . 2009-07-04 09:51
d
w- c:program filesRealtek
2009-07-03 14:09 . 2009-07-02 13:53
d
w- c:program filesDC++
2009-07-03 12:44 . 2009-07-02 12:36 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2009-07-02 18:34 . 2009-07-02 13:14
d
w- c:program filesOpera
2009-07-02 14:26 . 2009-07-02 14:26
d
w- c:documents and settingsAll UsersApplication DataAgnitum
2009-07-02 14:07 . 2009-07-02 14:07
d
w- c:program filesVirtualDubMod
2009-07-02 13:49 . 2009-07-02 13:49 43984 —-a-w- c:documents and settingsMufasaLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-07-02 13:05 . 2009-07-02 13:05 552 —-a-w- c:windowssystem32d3d8caps.dat
2009-07-02 12:42 . 2009-07-02 12:42
d
w- c:program filesmicrosoft frontpage
2009-07-02 12:39 . 2009-07-02 12:39
d
w- c:program filesUkraine
2009-07-02 12:34 . 2009-07-02 12:34 22564 —-a-w- c:windowssystem32emptyregdb.dat
2009-07-02 12:34 . 2009-07-02 12:34
d
w- c:program filesWindows Media Connect 2
2009-06-21 04:46 . 2009-07-02 15:31 485920 —-a-w- c:windowssystem32nvuninst.exe
2009-06-16 14:15 . 2009-07-04 09:51 5095936 —-a-w- c:windowssystem32driversRtkHDAud.sys
2009-06-12 07:10 . 2009-07-04 09:51 17887232 —-a-w- c:windowsRTHDCPL.EXE
2009-06-10 04:28 . 2009-06-10 04:28 3510272 —-a-w- c:windowssystem32nvgames.dll
2009-06-10 04:28 . 2009-06-10 04:28 5890048 —-a-w- c:windowssystem32nvdispsr.dll
2009-06-10 04:28 . 2009-06-10 04:28 4022272 —-a-w- c:windowssystem32nvdisps.dll
2009-06-10 04:28 . 2009-06-10 04:28 86016 —-a-w- c:windowssystem32nvmctray.dll
2009-06-10 04:28 . 2009-06-10 04:28 168004 —-a-w- c:windowssystem32nvsvc32.exe
2009-06-10 04:28 . 2009-06-10 04:28 143360 —-a-w- c:windowssystem32nvcolor.exe
2009-06-10 04:28 . 2009-06-10 04:28 13758464 —-a-w- c:windowssystem32nvcpl.dll
2009-06-10 04:28 . 2009-06-10 04:28 229376 —-a-w- c:windowssystem32nvmccs.dll
2009-06-10 02:03 . 2009-06-10 02:03 671744 —-a-w- c:windowssystem32nvcuvid.dll
2009-06-10 02:03 . 2009-06-10 02:03 1720320 —-a-w- c:windowssystem32nvcuda.dll
2009-06-10 02:03 . 2009-06-10 02:03 1580550 —-a-w- c:windowssystem32nvdata.bin
2009-06-10 02:03 . 2009-06-10 02:03 1310720 —-a-w- c:windowssystem32nvcuvenc.dll
2009-06-10 02:03 . 2007-04-20 06:05 9998336 —-a-w- c:windowssystem32nvoglnt.dll
2009-06-10 02:03 . 2007-04-20 06:05 815104 —-a-w- c:windowssystem32nvapi.dll
2009-06-10 02:03 . 2007-04-20 06:05 8087712 —-a-w- c:windowssystem32driversnv4_mini.sys
2009-06-10 02:03 . 2007-04-20 06:05 5908608 —-a-w- c:windowssystem32nv4_disp.dll
2009-06-10 02:03 . 2007-04-20 06:05 151552 —-a-w- c:windowssystem32nvcodins.dll
2009-06-10 02:03 . 2007-04-20 06:05 151552 —-a-w- c:windowssystem32nvcod.dll
2009-06-09 10:43 . 2009-07-04 09:51 37376 —-a-w- c:windowssystem32RtkCoInstXP.dll
2009-06-03 10:02 . 2009-07-04 09:51 1482752 —-a-w- c:windowsRtlUpd.exe
2009-05-18 14:33 . 2009-05-18 14:33 23040 —-a-w- c:windowssystem32setup.exe
2009-05-18 14:33 . 2009-05-18 14:33 1571840 —-a-w- c:windowssystem32sfcfiles.dll
2009-05-18 14:31 . 2001-10-19 21:06 77891 —-a-w- c:windowssystem32usrmlnka.exe
2009-05-18 14:22 . 2009-05-18 14:22 330752 —-a-w- c:windowssystem32dmconfig.dll
2009-05-18 14:22 . 2009-05-18 14:22 799872 —-a-w- c:windowssystem32driversdmboot.sys
2009-05-18 14:22 . 2009-05-18 14:22 4096 —-a-w- c:windowssystem32wmvdmoe2.dll
2009-05-18 14:22 . 2009-05-18 14:22 4096 —-a-w- c:windowssystem32wmvdmod.dll
2009-05-18 14:22 . 2009-05-18 14:22 224768 —-a-w- c:windowssystem32dmadmin.exe
2009-05-18 14:22 . 2009-05-18 14:22 1329152 —-a-w- c:windowssystem32wmspdmoe.dll
2009-05-18 14:22 . 2009-05-18 14:22 603648 —-a-w- c:windowssystem32wmspdmod.dll
2009-05-18 14:22 . 2009-05-18 14:22 99840 —-a-w- c:windowssystem32wmpshell.dll
2009-05-18 14:22 . 2009-05-18 14:22 8273920 —-a-w- c:windowssystem32wmploc.dll
2009-05-18 14:22 . 2009-05-18 14:22 4096 —-a-w- c:windowssystem32wmsdmoe2.dll
2009-05-18 14:22 . 2009-05-18 14:22 4096 —-a-w- c:windowssystem32wmsdmod.dll
2009-05-18 14:22 . 2009-05-18 14:22 314880 —-a-w- c:windowssystem32wmpdxm.dll
2009-05-18 14:22 . 2009-05-18 14:22 242688 —-a-w- c:windowssystem32wmpasf.dll
2009-05-18 14:20 . 2009-07-02 12:35 561688 —-a-w- c:windowssystem32wuapi.dll
2009-05-18 14:19 . 2009-07-02 12:35 691712 —-a-w- c:windowssystem32inetcomm.dll
2009-05-18 08:40 . 2009-05-18 08:40 998400 —-a-w- c:windowssystem32syssetup.dll
2009-05-18 08:40 . 2009-05-18 08:40 219648 —-a-w- c:windowssystem32uxtheme.dll
2009-05-18 08:40 . 2009-05-18 08:40 991744 —-a-w- c:windowssystem32setupapi.dll
2009-05-06 22:57 . 2009-05-06 22:57 361600 —-a-w- c:windowssystem32driverstcpip.sys
2009-04-28 05:55 . 2009-04-28 05:55 70936 —-a-w- c:windowssystem32PhysXLoader.dll
2009-04-16 13:23 . 2009-07-04 09:51 540672 —-a-w- c:windowsRtlExUpd.dll
2009-04-15 04:32 . 2009-04-15 04:32 3072 —-a-w- c:windowssystem32xpsp4res.dll
2008-04-15 10:00 . 2009-07-02 12:40 251152 —ha-r- c:program filesntldr
2006-12-10 18:30 . 2009-07-02 12:40 225 —-a-r- c:program filesboot.ini
.
Sigcheck
[-] 2009-05-06 22:57 361600 B8F35C9F3938FCF8131E64918D2D447E c:windowssystem32driverstcpip.sys[-] 2009-05-18 14:33 1571840 23B7818F8EAA620D51C6B8A46DE829CC c:windowssystem32sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«DAEMON Tools Lite»=»c:program filesDAEMON Tools Litedaemon.exe» [2008-12-29 687560]
«IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=»c:program filesCommon FilesNeroLibNMIndexStoreSvr.exe» [2008-02-28 1828136]
«ctfmon.exe»=»c:windowssystem32ctfmon.exe» [2008-04-15 15360][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2009-07-03 7975096]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2009-06-10 13758464]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2009-06-10 86016]
«NeroFilterCheck»=»c:program filesCommon FilesNeroLibNeroCheck.exe» [2008-02-28 570664]
«OutpostMonitor»=»c:progra~1AgnitumOUTPOS~1op_mon.exe» [2009-04-15 1229640]
«OutpostFeedBack»=»c:program filesAgnitumOutpost Firewall Profeedback.exe» [2009-04-14 433480]
«nwiz»=»nwiz.exe» — c:windowssystem32nwiz.exe [2009-06-10 1657376]
«RTHDCPL»=»RTHDCPL.EXE» — c:windowsRTHDCPL.EXE [2009-06-12 17887232][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-15 15360][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE8_01″=»shell32» [X]
«IE8_02″=»advpack.dll» — c:windowssystem32advpack.dll [2009-05-18 128512][HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«UpdatesOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)
«DisableUnicastResponsesToMulticastBroadcast»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\DC++\DCPlusPlus.exe»=
«c:\Program Files\Opera\opera.exe»=
«c:\Program Files\Activision\Call of Duty — World at War\CoDWaWmp.exe»=
«c:\Program Files\Activision\Call of Duty — World at War\CoDWaW.exe»=R1 is-RKLLLdrv;is-RKLLLdrv;c:windowssystem32drivers39900678.sys [08.07.2009 18:13 148496]
R1 SandBox;SandBox;c:windowssystem32driversSandBox.sys [14.07.2009 1:42 704384]
R2 acssrv;Agnitum Client Security Service;c:progra~1AgnitumOUTPOS~1acs.exe [14.07.2009 1:40 1267528]
R3 afw;Agnitum firewall driver;c:windowssystem32driversafw.sys [14.07.2009 1:40 31128]
R3 afwcore;afwcore;c:windowssystem32driversafwcore.sys [14.07.2009 1:42 257432]
R3 ASWFilt;ASWFilt;c:windowssystem32FiltASWFilt.dll [14.07.2009 1:42 33888]
S1 SASKUTIL;SASKUTIL;??c:program filesSUPERAntiSpywareSASKUTIL.sys —> c:program filesSUPERAntiSpywareSASKUTIL.sys [?]
S3 Ambfilt;Ambfilt;c:windowssystem32driversAmbfilt.sys [04.07.2009 13:51 1684736]
S3 ATE_PROCMON;ATE_PROCMON;??c:program filesAnti Trojan EliteATEPMon.sys —> c:program filesAnti Trojan EliteATEPMon.sys [?]
S3 SDTHOOK;SDTHOOK;c:windowssystem32driversSDTHOOK.SYS [13.07.2009 16:47 42112]
S3 XenAntiSpywareFilter;10.07.200922:31;??c:tempRar$EX01.984XAS_4.4.2_Light ruXAF.sys —> c:tempRar$EX01.984XAS_4.4.2_Light ruXAF.sys [?][HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
«c:windowssystem32rundll32.exe» «c:windowssystem32iedkcs32.dll»,BrandIEActiveSetup SIGNUP[HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled componentsNewUserCustom]
%SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSectionEx c:windowsINFcustom.inf,NewUserFirstLogonInstall,,4,N
.
— — — — ORPHANS REMOVED — — — —Toolbar-ITBar7Position — (no file)
.
Supplementary Scan
.
uStart Page = hxxp://DreamLair.net
mStart Page = hxxp://DreamLair.net
IE: crawler search — tbr:iemenu
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
TCP: {FEFCA3F8-E6B0-4FE9-A99F-134664B82F0F} = 213.135.128.2,213.135.128.9
Handler: tbr — {4D25FB7A-8902-4291-960E-9ADA051CFBBF} — c:progra~1CrawlerToolbarctbr.dll
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-14 03:28
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERSS-1-5-21-329068152-492894223-1417001333-1004SoftwareMicrosoftSystemCertificatesAddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘explorer.exe'(2868)
c:windowssystem32msi.dll
c:windowssystem32ieframe.dll
c:windowssystem32wpdshserviceobj.dll
c:windowssystem32webcheck.dll
c:windowssystem32portabledevicetypes.dll
c:windowssystem32portabledeviceapi.dll
.
Other Running Processes
.
c:windowssystem32nvsvc32.exe
c:windowssystem32rundll32.exe
c:program filesNeroNero8Nero BackItUpNBService.exe
c:windowssystem32IoctlSvc.exe
c:program filesCommon FilesNeroLibNMIndexingService.exe
.
**************************************************************************
.
Completion time: 2009-07-13 3:30 — machine was rebooted
ComboFix-quarantined-files.txt 2009-07-13 23:30Pre-Run: 3 535 118 336 байт свободно
Post-Run: 3 595 001 856 байт свободноWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS
[operating systems]
c:cmdconsBOOTSECT.DAT=»Microsoft Windows Recovery Console» /cmdcons
multi(0)disk(0)rdisk(0)partition(1)WINDOWS=»Microsoft Windows XP Professional RU» /noexecute=optin /fastdetectCurrent=6 Default=6 Failed=5 LastKnownGood=7 Sets=1,2,3,4,5,6,7
309.
- Для ответа в этой теме необходимо авторизоваться.
