- This topic has 3 ответа, 2 участника, and was last updated 15 years, 9 months назад by
.
-
Сообщения
-
При перезагрузке или выключении всплывает окошко Завершение програмы-Sample подскажите что да как Спасибо[attachment=0:3hxu9c5l]log.txt[/attachment:3hxu9c5l][attachment=1:3hxu9c5l]info.txt[/attachment:3hxu9c5l]
Здравствуйте, добро пожаловать на Spyware-ru форум.
Выполним дополнительную проверку.
Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.ComboFix 10-02-05.03 — Денис 06.02.2010 9:43.1.2 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.2046.1517 [GMT 3:00]
Running from: c:documents and settingsДенисРабочий столComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: PC Tools Firewall Plus *enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
* Resident AV is active.
((((((((((((((((((((((((( Files Created from 2010-01-06 to 2010-02-06 )))))))))))))))))))))))))))))))
.2010-02-06 06:49 . 2010-02-06 06:49 53248 —-a-w- c:tempcatchme.dll
2010-02-06 06:43 . 2010-02-06 06:43
d
w- c:tempWPDNSE
2010-02-06 06:16 . 2010-02-06 06:16 664 —-a-w- c:windowssystem32d3d9caps.dat
2010-02-05 18:14 . 2005-05-03 15:43 69632 —-a-w- c:windowsAlcmtr.exe
2010-02-05 18:12 . 2010-02-05 18:12
d
w- c:program filesltmoh
2010-02-05 18:08 . 2008-05-23 00:07 41856 —-a-w- c:windowssystem32driverstosrfusb.sys
2010-02-05 18:08 . 2008-04-23 14:15 131712 —-a-w- c:windowssystem32driverstosrfbd.sys
2010-02-05 18:08 . 2008-03-19 08:38 74112 —-a-w- c:windowssystem32driversTosrfhid.sys
2010-02-05 18:08 . 2007-11-29 06:45 36608 —-a-w- c:windowssystem32driverstosrfbnp.sys
2010-02-05 18:08 . 2005-01-07 02:42 18612 —-a-w- c:windowssystem32driverstosrfnds.sys
2010-02-05 18:08 . 2008-05-13 13:16 64000 —-a-w- c:windowssystem32driverstosrfcom.sys
2010-02-05 18:08 . 2008-01-22 17:57 54144 —-a-w- c:windowssystem32driversTosRfSnd.sys
2010-02-05 18:08 . 2008-03-25 10:54 41472 —-a-w- c:windowssystem32driverstosporte.sys
2010-02-05 14:35 . 2010-02-05 14:43 52224 —-a-w- c:documents and settingsДенисApplication DataSUPERAntiSpyware.comSUPERAntiSpywareSDDLLSSD10005.dll
2010-02-05 14:35 . 2010-02-05 14:49 117760 —-a-w- c:documents and settingsДенисApplication DataSUPERAntiSpyware.comSUPERAntiSpywareSDDLLSUIREPAIR.DLL
2010-02-05 14:33 . 2010-02-05 14:49
d
w- c:program filesSUPERAntiSpyware
2010-02-05 14:33 . 2010-02-05 14:33
d
w- c:documents and settingsДенисApplication DataSUPERAntiSpyware.com
2010-02-05 14:32 . 2010-02-05 14:32
d
w- c:program filesCommon FilesWise Installation Wizard
2010-02-05 12:11 . 2010-02-05 12:11
d
w- c:documents and settingsAll UsersApplication DataSUPERAntiSpyware.com
2010-02-05 11:57 . 2010-02-05 17:11
d
w- c:documents and settingsAll UsersApplication DataSpybot — Search & Destroy
2010-02-05 11:44 . 2010-02-05 14:26
d
w- c:documents and settingsДенисApplication DataMalwarebytes
2010-02-05 11:44 . 2010-02-05 14:26
d
w- c:documents and settingsAll UsersApplication DataMalwarebytes
2010-02-05 11:07 . 2010-02-05 11:07
d
w- C:rsit
2010-02-05 10:04 . 2010-02-05 10:05
d
w- c:documents and settingsДенисApplication DataPCToolsFirewallPlus
2010-02-05 10:00 . 2010-01-12 06:34 70664 —-a-w- c:windowssystem32driverspctNdis-PacketFilter.sys
2010-02-05 10:00 . 2010-01-07 08:35 32680 —-a-w- c:windowssystem32driverspctNdis-DNS.sys
2010-02-05 10:00 . 2010-01-07 08:35 58816 —-a-w- c:windowssystem32driverspctNdis.sys
2010-02-05 10:00 . 2010-01-13 05:59 115216 —-a-w- c:windowssystem32driverspctplfw.sys
2010-02-05 10:00 . 2010-02-05 11:04
d
w- c:program filesPC Tools Firewall Plus
2010-02-05 09:58 . 2010-01-07 09:40 233136 —-a-w- c:windowssystem32driverspctgntdi.sys
2010-02-05 09:57 . 2009-11-09 08:20 207792 —-a-w- c:windowssystem32driversPCTCore.sys
2010-02-05 09:57 . 2009-11-23 10:54 88040 —-a-w- c:windowssystem32driversPCTAppEvent.sys
2010-02-05 09:55 . 2010-02-05 10:40
d
w- c:program filesCommon FilesPC Tools
2010-02-05 09:49 . 2000-09-25 00:54 69632 —-a-w- c:windowssystem32GkSui18.EXE
2010-02-05 09:19 . 2010-02-05 09:19
d
w- c:documents and settingsДенисSecurityScans
2010-02-05 09:03 . 2010-02-05 09:03
d
w- c:program filesMicrosoft Baseline Security Analyzer 2
2010-02-04 11:16 . 2010-02-04 11:16
d
w- c:windowssystem32xircom
2010-02-04 11:16 . 2010-02-04 11:16
d
w- c:windowssystem32wbemsnmp
2010-02-04 11:16 . 2010-02-04 11:16
d
w- c:program filesmicrosoft frontpage
2010-02-04 10:37 . 2010-02-04 10:37
d
w- c:documents and settingsДенисLocal SettingsApplication DataThreat Expert
2010-02-04 07:36 . 2010-02-04 07:36
d
w- c:documents and settingsAll UsersApplication DatanView_Profiles
2010-02-03 16:37 . 2010-02-03 16:37
d
w- c:documents and settingsДенисLocal SettingsApplication DataESET
2010-02-03 14:46 . 2010-02-03 14:46
d
w- c:program filesESET
2010-02-03 08:34 . 2010-02-03 08:34
d
w- c:program filesTrendMicro
2010-02-03 07:34 . 2010-02-03 07:34
d
w- c:documents and settingsNetworkServiceApplication DataAhead
2010-02-02 11:04 . 2003-03-19 01:14 499712 —-a-w- c:windowssystem32MSVCP71.DLL
2010-02-02 11:04 . 2003-03-18 21:20 1060864 —-a-w- c:windowssystem32MFC71.dll
2010-02-02 10:05 . 2010-02-02 10:05
d
w- c:documents and settingsДенисLocal SettingsApplication DataHelp
2010-02-02 10:00 . 2010-02-03 08:09 11264 —-a-w- c:windowssystem32driversuzmyntkz.sys
2010-02-02 08:16 . 2010-02-02 08:16
d—h—w- c:windowssystem32GroupPolicy
2010-01-29 11:18 . 2010-01-29 11:18
d
w- c:documents and settingsAll UsersApplication DataInstallShield
2010-01-29 09:44 . 2010-01-29 09:44
d
w- c:program filesSun
2010-01-28 14:09 . 2010-01-28 14:09
d
w- c:program filesCommon FilesAdobe
2010-01-28 14:07 . 2010-01-28 14:10
d
w- c:documents and settingsДенисLocal SettingsApplication DataAdobe
2010-01-28 14:04 . 2010-01-28 14:04
d
w- c:documents and settingsAll UsersApplication DataCyberLink
2010-01-28 13:58 . 2010-02-01 12:01
d
w- c:documents and settingsДенисApplication DataAIMP
2010-01-28 13:57 . 2010-01-28 13:58
d
w- c:program filesAIMP2
2010-01-28 13:56 . 2010-01-28 13:56
d
w- c:program filesAIMP2 Tools
2010-01-28 13:55 . 2010-01-28 13:57
d
w- c:program filesAIMP2 BackUp
2010-01-28 13:22 . 2010-01-28 13:40
d
w- c:program filesGoogle
2010-01-28 13:16 . 2010-01-28 13:18
d
w- c:documents and settingsДенисLocal SettingsApplication DataACD Systems
2010-01-28 13:16 . 2010-01-28 13:16
d
w- c:documents and settingsДенисApplication DataACD Systems
2010-01-28 13:14 . 2010-01-28 13:14
d
w- c:documents and settingsAll UsersApplication DataACD Systems
2010-01-28 13:14 . 2010-01-28 13:14
d
w- c:program filesCommon FilesACD Systems
2010-01-28 13:14 . 2010-01-28 13:14
d
w- c:program filesACD Systems
2010-01-28 11:21 . 2010-01-28 11:21
d
w- c:documents and settingsДенисApplication DataMedia Player Classic
2010-01-26 17:56 . 2010-01-26 17:56
d
w- c:documents and settingsДенисLocal SettingsApplication DataReal
2010-01-26 15:11 . 2010-01-26 15:11
d
w- c:documents and settingsLocalServiceLocal SettingsApplication DataHagel Technologies
2010-01-26 15:11 . 2010-01-26 15:23
d
w- c:documents and settingsAll UsersApplication DataHagel Technologies
2010-01-26 14:06 . 2010-01-28 09:00 307200 —-a-w- c:windowsSetup1.exe
2010-01-26 14:06 . 2010-01-26 14:06 73216 —-a-w- c:windowsST6UNST.EXE
2010-01-25 18:50 . 2010-02-03 07:30
d
w- c:documents and settingsДенисApplication DataWinamp
2010-01-23 08:26 . 2010-01-23 08:26
d
w- c:windowsie8updates
2010-01-23 08:16 . 2010-01-23 08:26
d—h—w- c:windows$hf_mig$
2010-01-23 08:12 . 2009-10-21 05:40 75776 —-a-w- c:windowssystem32dllcachestrmfilt.dll
2010-01-23 08:12 . 2009-10-21 05:40 25088 —-a-w- c:windowssystem32dllcachehttpapi.dll
2010-01-23 08:12 . 2009-10-20 16:20 265728 —-a-w- c:windowssystem32dllcachehttp.sys
2010-01-23 08:11 . 2009-10-12 13:40 79872 —-a-w- c:windowssystem32dllcacheraschap.dll
2010-01-23 08:11 . 2009-10-12 13:40 150016 —-a-w- c:windowssystem32dllcacherastls.dll
2010-01-23 08:11 . 2009-10-13 10:34 270848 —-a-w- c:windowssystem32dllcacheoakley.dll
2010-01-23 08:11 . 2009-08-25 09:31 354816 —-a-w- c:windowssystem32dllcachewinhttp.dll
2010-01-23 08:05 . 2009-11-21 16:03 471552 —-a-w- c:windowssystem32dllcacheaclayers.dll
2010-01-23 08:02 . 2010-01-28 09:03 81920 —-a-w- c:windowssystem32dllcachefontsub.dll
2010-01-23 08:02 . 2009-10-15 16:39 119808 —-a-w- c:windowssystem32dllcachet2embed.dll
2010-01-23 07:58 . 2009-07-31 04:29 1447424 —-a-w- c:windowssystem32dllcachemsxml6.dll
2010-01-23 07:58 . 2010-01-28 09:03 1208320 —-a-w- c:windowssystem32dllcachemsxml3.dll
2010-01-22 17:49 . 2010-01-22 17:49 360192 —-a-w- c:windowssystem32TuneUpDefragService.exe
2010-01-22 17:49 . 2010-01-22 17:49
d
w- c:documents and settingsДенисApplication DataTuneUp Software
2010-01-21 10:27 . 2008-03-21 10:57 14640 —-a-w- c:windowssystem32spmsgXP_2k3.dll
2010-01-21 10:27 . 2010-01-21 10:27
d
w- c:documents and settingsAll UsersApplication DataNokia
2010-01-21 10:23 . 2010-01-21 10:21 24403616 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}NokiaSoftwareUpdaterSetup_en.exe
2010-01-21 10:22 . 2010-01-28 08:38 36864 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsSleep.exe
2010-01-21 10:22 . 2010-01-21 10:22 3351812 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsmsxml6Exec.exe
2010-01-21 10:22 . 2010-01-21 10:22 3203453 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsvcredistExec.exe
2010-01-21 09:42 . 2008-04-13 21:15 26112 —-a-w- c:windowssystem32driversusbser.sys
2010-01-21 09:40 . 2010-01-21 10:02
d
w- c:documents and settingsДенисApplication DataPC Suite
2010-01-21 09:40 . 2010-01-21 09:43
d
w- c:documents and settingsAll UsersApplication DataPC Suite
2010-01-21 09:39 . 2010-01-21 10:02
d
w- c:documents and settingsДенисApplication DataNokia
2010-01-21 09:38 . 2007-09-17 12:53 21632 —-a-w- c:windowssystem32driverspccsmcfd.sys
2010-01-21 09:38 . 2010-01-21 09:38
d
w- c:program filesPC Connectivity Solution
2010-01-21 09:38 . 2009-02-09 05:37 91136 —-a-w- c:windowssystem32nmwcdcls.dll
2010-01-21 09:38 . 2008-04-17 05:27 49394280 —-a-r- c:documents and settingsAll UsersApplication DataInstallations{9C05FA75-0337-4523-AA57-9D3511018887}Nokia_PC_Suite_rel_6_86_9_3_EA.exe
2010-01-21 09:37 . 2010-01-28 08:38 8192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{9C05FA75-0337-4523-AA57-9D3511018887}InstallerCommonCustomActionsUninstCCD.exe
2010-01-21 09:37 . 2010-01-28 08:38 61440 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{9C05FA75-0337-4523-AA57-9D3511018887}InstallerCommonCustomActionsUninstPCSFEMsi.exe
2010-01-21 09:37 . 2010-01-21 09:37 10240 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{9C05FA75-0337-4523-AA57-9D3511018887}InstallerCommonCustomActionsUninstPCS.exe
2010-01-21 09:37 . 2010-01-21 10:22
d
w- c:documents and settingsAll UsersApplication DataInstallations
2010-01-21 09:33 . 2010-01-21 09:33
d-sh—w- c:windowsftpcache
2010-01-21 08:34 . 2010-01-21 08:34
d
w- c:documents and settingsДенисApplication DataUniblue
2010-01-21 08:33 . 2010-02-04 10:01
d
w- c:documents and settingsДенисApplication DataCMedia
2010-01-20 17:58 . 2010-01-29 11:09
d
w- c:program filesNokia
2010-01-20 11:23 . 2010-01-20 11:23
d
w- c:documents and settingsAll UsersApplication DataESET
2010-01-20 09:08 . 2010-01-21 09:02
d
w- c:documents and settingsДенисApplication DataAuslogics
2010-01-19 15:02 . 2010-02-06 06:31
d—a-w- c:documents and settingsAll UsersApplication DataTEMP
2010-01-19 15:02 . 2010-01-19 15:02
d
w- c:program filesAuslogics
2010-01-18 20:01 . 2010-01-18 20:01
d
w- c:documents and settingsДенисApplication DataSoftOrbits
2010-01-18 20:01 . 2010-02-04 08:52
d
w- c:program filesAdvanced Woman Calendar
2010-01-17 18:41 . 2010-01-17 18:41
d
w- c:documents and settingsДенисApplication DataCOWON
2010-01-17 18:40 . 2010-01-17 18:41
d
w- c:program filesJetAudio
2010-01-17 18:40 . 2010-01-17 18:40
d
w- c:program filesCommon FilesCOWON
2010-01-17 17:57 . 2010-01-28 14:34 68856 —-a-w- c:documents and settingsДенисLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2010-01-17 15:12 . 2010-01-17 15:22
d
w- c:program filesMicrosoft Works
2010-01-17 15:11 . 2010-01-17 15:11
d
w- c:program filesMicrosoft.NET
2010-01-17 15:08 . 2010-01-17 15:08
d
w- c:program filesMicrosoft Visual Studio 8
2010-01-17 15:08 . 2010-01-17 15:11
d
w- c:windowsSHELLNEW
2010-01-17 15:07 . 2010-01-17 15:07
d
r- C:MSOCache.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-05 18:16 . 2010-01-16 09:09
d
w- c:program filesToshiba
2010-02-04 07:53 . 2006-12-12 08:13 32768 —-a-w- c:documents and settingsAll UsersApplication DataEBLib.dll
2010-02-04 07:53 . 2006-12-12 08:13 32768 —-a-w- c:documents and settingsAll UsersApplication DataEBLib.dll
2010-02-03 16:41 . 2010-01-16 10:26
d
w- c:documents and settingsAll UsersApplication DataKaspersky Lab
2010-02-03 14:05 . 2008-04-15 11:00 78352 —-a-w- c:windowssystem32perfc019.dat
2010-02-03 14:05 . 2008-04-15 11:00 472422 —-a-w- c:windowssystem32perfh019.dat
2010-02-02 09:19 . 2010-01-16 09:03
d
w- c:program filesEVEREST Ultimate
2010-01-29 11:09 . 2010-01-16 09:19
d
w- c:program filesCommon FilesInstallShield
2010-01-29 09:43 . 2010-01-29 09:34
d
w- c:program filesJava
2010-01-29 09:43 . 2010-01-29 09:43 152576 —-a-w- c:documents and settingsДенисApplication DataSunJavajre1.6.0_10lzma.dll
2010-01-29 09:36 . 2010-01-29 09:36 503808 —-a-w- c:documents and settingsДенисApplication DataSunJavaDeploymentSystemCache6.0541a209876-24e87bc1-nmsvcp71.dll
2010-01-29 09:36 . 2010-01-29 09:36 499712 —-a-w- c:documents and settingsДенисApplication DataSunJavaDeploymentSystemCache6.0541a209876-24e87bc1-njmc.dll
2010-01-29 09:36 . 2010-01-29 09:36 348160 —-a-w- c:documents and settingsДенисApplication DataSunJavaDeploymentSystemCache6.0541a209876-24e87bc1-nmsvcr71.dll
2010-01-29 09:35 . 2010-01-29 09:35
d
w- c:program filesCommon FilesJava
2010-01-29 09:35 . 2010-01-29 09:35 61440 —-a-w- c:documents and settingsДенисApplication DataSunJavaDeploymentSystemCache6.0176d0ad391-14012dfc-ndecora-sse.dll
2010-01-29 09:35 . 2010-01-29 09:35 12800 —-a-w- c:documents and settingsДенисApplication DataSunJavaDeploymentSystemCache6.0176d0ad391-14012dfc-ndecora-d3d.dll
2010-01-29 09:34 . 2010-01-29 09:34 411368 —-a-w- c:windowssystem32deploytk.dll
2010-01-28 14:02 . 2010-01-16 20:40 353576 —-a-w- c:windowssystem32msvcr71.dll
2010-01-28 09:05 . 2006-08-03 00:24 262144 —-a-w- c:windowssystem32SbrngAPI.dll
2010-01-28 09:04 . 2008-04-15 11:00 8192 —-a-w- c:windowssystem32mqperf.dll
2010-01-28 09:03 . 2008-04-15 11:00 32768 —-a-w- c:windowssystem32dispex.dll
2010-01-28 09:02 . 2008-04-15 11:00 20480 —-a-w- c:windowssystem32cacls.exe
2010-01-28 09:02 . 2008-04-15 11:00 28672 —-a-w- c:windowssystem32bthci.dll
2010-01-28 09:02 . 2008-04-15 11:00 12288 —-a-w- c:windowssystem32bootvid.dll
2010-01-28 09:02 . 2010-01-16 08:46 8192 —-a-w- c:windowssystem32bitsprx2.dll
2010-01-28 09:02 . 2008-04-15 11:00 233472 —-a-w- c:windowssystem32azroles.dll
2010-01-28 09:02 . 2010-01-16 08:43 16384 —-a-w- c:windowssystem32avmeter.dll
2010-01-28 09:02 . 2008-04-15 11:00 32768 —-a-w- c:windowssystem32asr_pfu.exe
2010-01-28 09:02 . 2008-04-15 11:00 12288 —-a-w- c:windowssystem32attrib.exe
2010-01-28 09:02 . 2009-11-16 09:46 176128 —-a-w- c:windowssystem32adsldp.dll
2010-01-28 09:02 . 2008-04-15 11:00 4096 —-a-w- c:windowssystem32actmovie.exe
2010-01-28 09:02 . 2006-08-03 00:23 450560 —-a-w- c:windowssystem32AdHocWiz.exe
2010-01-28 09:00 . 2010-01-16 08:46 3166208 —-a-w- c:windowssrchasstmsgr3en.dll
2010-01-28 09:00 . 2010-01-16 09:23 520192 —-a-w- c:windowsRtlExUpd.dll
2010-01-28 08:59 . 2010-01-16 08:46 765952 —-a-w- c:windowspchealthhelpctrbinariesHelpCtr.exe
2010-01-28 08:59 . 2010-01-16 11:37 20480 —-a-w- c:windowsnotepad.exe
2010-01-28 08:55 . 2010-01-16 09:23 315392 —-a-w- c:windowsHideWin.exe
2010-01-28 08:55 . 2008-04-15 11:00 28672 —-a-w- c:windowshh.exe
2010-01-28 08:55 . 2008-04-15 11:00 12288 —-a-w- c:windowsFontsscript.fon
2010-01-28 08:54 . 2010-01-16 11:37 12288 —ha-w- c:windowsFonts8514oem.fon
2010-01-28 08:38 . 2006-05-31 16:46 1347584 —-a-w- c:documents and settingsAll UsersApplication DataNeroDrWebDrweb32.dll
2010-01-26 07:11 . 2009-11-16 09:48 1571840 —-a-w- c:windowssystem32sfcfiles.dll
2010-01-21 10:28 . 2010-01-21 10:28 0 —ha-w- c:windowssystem32driversMsft_Kernel_ccdcmb_01007.Wdf
2010-01-21 10:27 . 2010-01-21 10:27 0 —ha-w- c:windowssystem32driversMsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-21 09:42 . 2010-01-21 09:42 0 —ha-w- c:windowssystem32driversMsft_Kernel_ccdcmb_01005.Wdf
2010-01-21 09:42 . 2010-01-21 09:42 0 —ha-w- c:windowssystem32driversMsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-01-20 10:18 . 2010-01-19 11:51
d
w- c:program filesWinamp
2010-01-20 09:58 . 2008-04-15 11:00 308224 —-a-w- c:windowssystem32xpsp1res.dll
2010-01-20 09:58 . 2009-11-16 09:47 11351040 —-a-w- c:windowssystem32wmploc.dll
2010-01-20 09:57 . 2008-04-15 11:00 358400 —-a-w- c:windowssystem32sysocmgr.exe
2010-01-20 09:57 . 2005-01-13 00:00 147456 —-a-w- c:windowssystem32ssleay32.dll
2010-01-20 09:57 . 2010-01-16 08:43 233984 —-a-w- c:windowssystem32sndvol32.exe
2010-01-20 09:57 . 2010-01-16 08:43 56320 —-a-w- c:windowssystem32sol.exe
2010-01-20 09:57 . 2008-04-15 11:00 255488 —-a-w- c:windowssystem32shrpubw.exe
2010-01-20 09:57 . 2008-04-15 11:00 76288 —-a-w- c:windowssystem32rsmui.exe
2010-01-20 09:57 . 2008-04-15 11:00 1139712 —-a-w- c:windowssystem32printui.dll
2010-01-20 09:57 . 2008-04-15 11:00 394752 —-a-w- c:windowssystem32photowiz.dll
2010-01-20 09:56 . 2008-04-15 11:00 409088 —-a-w- c:windowssystem32objsel.dll
2010-01-20 09:56 . 2008-04-15 11:00 174080 —-a-w- c:windowssystem32mycomput.dll
2010-01-20 09:56 . 2008-04-15 11:00 82944 —-a-w- c:windowssystem32mmcshext.dll
2010-01-20 09:56 . 2005-01-13 00:00 651264 —-a-w- c:windowssystem32libeay32.dll
2010-01-20 09:55 . 2008-04-15 11:00 333312 —-a-w- c:windowssystem32iexpress.exe
2010-01-20 09:55 . 2008-04-15 11:00 182784 —-a-w- c:windowssystem32eappgnui.dll
2010-01-20 09:54 . 2008-04-15 11:00 813568 —-a-w- c:windowssystem32compstui.dll
2010-01-17 15:12 . 2010-01-16 08:56
d
w- c:program filesMSBuild
2010-01-17 13:13 . 2010-01-16 08:47 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2010-01-16 20:41 . 2010-01-16 20:40
d
w- c:program filesK-Lite Codec Pack
2010-01-16 17:34 . 2010-01-16 10:59
d
w- c:documents and settingsДенисApplication DataYandex
2010-01-16 11:55 . 2010-01-16 11:55
d
w- c:program filesCCleaner
2010-01-16 11:00 . 2010-01-16 11:00
d
w- c:documents and settingsДенисApplication DataGHISLER
2010-01-16 10:40 . 2010-01-16 10:40 0 —-a-w- c:windowsnsreg.dat
2010-01-16 09:57 . 2010-01-16 08:49
d
w- c:program filesVistaDriveIcon
2010-01-16 09:29 . 2010-01-16 09:28
d
w- c:program filesIntel
2010-01-16 09:27 . 2010-01-16 09:26
d
w- c:documents and settingsAll UsersApplication DataXP
2010-01-16 09:26 . 2010-01-16 09:26
d
w- c:documents and settingsAll UsersApplication DataVista64
2010-01-16 09:23 . 2010-01-16 09:08
d
w- c:program filesRealtek
2010-01-16 09:07 . 2010-01-16 09:07
d
w- c:documents and settingsДенисApplication DataInstallShield
2010-01-16 09:03 . 2010-01-16 09:03
d
w- c:program filesUltraISO
2010-01-16 09:03 . 2010-01-16 09:03
d
w- c:program filesCommon FilesEZB Systems
2010-01-16 09:03 . 2010-01-16 09:03
d
w- c:program filesTuneUp Deafrag
2010-01-16 09:03 . 2010-01-16 09:03
d
w- c:program filesDeafrag
2010-01-16 08:56 . 2010-01-16 08:56
d
w- c:program filesReference Assemblies
2010-01-16 08:48 . 2010-01-16 08:48
d
w- c:program filesMSXML 4.0
2010-01-16 08:45 . 2010-01-16 08:45 22564 —-a-w- c:windowssystem32emptyregdb.dat
2010-01-16 08:44 . 2010-01-16 08:44
d
w- c:program filesWindows Media Connect 2
2010-01-08 22:42 . 2010-01-08 22:42 3366912 —-a-w- c:windowssystem32GPhotos.scr
2009-12-21 19:02 . 2009-11-16 09:47 972288 —-a-w- c:windowssystem32wininet.dll
2009-12-12 14:15 . 2010-01-16 20:40 178176 —-a-w- c:windowssystem32unrar.dll
2009-11-21 16:03 . 2008-04-15 11:00 471552 —-a-w- c:windowsAppPatchaclayers.dll
2009-11-16 09:52 . 2009-11-16 09:52 361600 —-a-w- c:windowssystem32driverstcpip.sys
2009-11-16 09:52 . 2009-11-16 09:52 164864 —-a-w- c:windowssystem32sfc_os.dll
2009-11-16 09:47 . 2009-11-16 02:31 23040 —-a-w- c:windowssystem32setup.exe
2009-11-16 09:46 . 2009-11-16 09:46 333952 —-a-w- c:windowssystem32driverssrv.sys
2009-11-16 06:06 . 2009-11-16 06:06 96408 —-a-w- c:windowssystem32driversepfwtdir.sys
2009-11-16 06:03 . 2009-11-16 06:03 108792 —-a-w- c:windowssystem32driversehdrv.sys
2009-11-16 05:56 . 2009-11-16 05:56 116520 —-a-w- c:windowssystem32driverseamon.sys
2009-11-16 02:31 . 2009-11-16 02:31 4300288 —-a-w- c:windowssystem32setupapi.dll
2009-11-16 02:31 . 2009-11-16 02:31 2143744 —-a-w- c:windowssystem32ntoskrnl.exe
2009-11-16 02:31 . 2010-01-16 08:46 178688 —-a-w- c:windowspchealthhelpctrbinariesmsconfig.exe
.
Sigcheck
[-] 2009-11-16 . A5BC817BB84DCB9E71719FF868144124 . 361600 . . [5.1.2600.5625] . . c:windowssystem32driverstcpip.sys[-] 2008-04-15 . B4FF0C68C02F48FD41735A7D89C74AD8 . 653312 . . [5.82] . . c:windowssystem32comctl32.dll
[-] 2008-04-15 . B4FF0C68C02F48FD41735A7D89C74AD8 . 653312 . . [5.82] . . c:windowssystem32dllcachecomctl32.dll[-] 2009-12-21 . DE000ED20A44A2F7452ADCDB7366A224 . 5982208 . . [8.00.6001.22967] . . c:windowssystem32mshtml.dll
[-] 2009-12-21 . DE000ED20A44A2F7452ADCDB7366A224 . 5982208 . . [8.00.6001.22967] . . c:windowssystem32dllcachemshtml.dll
[7] 2009-10-22 . A6CF28C6E0B6D10098AB601D85EE55E8 . 5943296 . . [8.00.6001.22942] . . c:windowsie8updatesKB978207-IE8mshtml.dll[-] 2009-11-16 . EE16015A743E8B504F2EF38F038DFBDB . 2143744 . . [5.1.2600.5857] . . c:windowssystem32ntoskrnl.exe
[-] 2007-10-19 . C603656A97F6D97E697784EF78C8F17E . 2302464 . . [5.1.2600.2180] . . c:windowsResourcesThemes200 Тем для Windows XPleapard_bootntoskrnl.exe[-] 2008-04-14 . 2BCDBCC87A74950CD0786E2A6B73F895 . 631808 . . [5.1.2600.5512] . . c:windowssystem32user32.dll
[-] 2008-04-14 . 2BCDBCC87A74950CD0786E2A6B73F895 . 631808 . . [5.1.2600.5512] . . c:windowssystem32dllcacheuser32.dll[-] 2009-12-21 . BA5C0CB9B01A913940B423F8BFD43689 . 972288 . . [8.00.6001.22967] . . c:windowssystem32wininet.dll
[-] 2009-12-21 . BA5C0CB9B01A913940B423F8BFD43689 . 972288 . . [8.00.6001.22967] . . c:windowssystem32dllcachewininet.dll
[7] 2009-11-16 . 806A775DACAF737CB60B0196264E3174 . 916480 . . [8.00.6001.22918] . . c:windowsie8updatesKB978207-IE8wininet.dll[-] 2008-04-15 . 7A97848A0815F81D3500A9C6FB488B65 . 2460160 . . [6.00.2900.5512] . . c:windowsexplorer.exe
[-] 2008-04-15 . 7A97848A0815F81D3500A9C6FB488B65 . 2460160 . . [6.00.2900.5512] . . c:windowssystem32dllcacheexplorer.exe[-] 2010-01-26 . 894AAFA81443772E8C71C4080517205A . 1571840 . . [5.1.2600.5512] . . c:windowssystem32sfcfiles.dll
[-] 2010-01-26 . 894AAFA81443772E8C71C4080517205A . 1571840 . . [5.1.2600.5512] . . c:windowssystem32dllcachesfcfiles.dll[-] 2008-04-15 . E880528ACB65C5E05EE7CF83B08464EA . 37376 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
[-] 2008-04-15 . E880528ACB65C5E05EE7CF83B08464EA . 37376 . . [5.1.2600.5512] . . c:windowssystem32dllcachectfmon.exe[-] 2009-11-16 . 4137FDFD4586C4F07B359FC40F4CE5BE . 2022400 . . [5.1.2600.5857] . . c:windowssystem32ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-12-24 8729864][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«SUPERAntiSpyware»=»c:program filesSUPERAntiSpywareSUPERAntiSpyware.exe» [2010-02-05 2002160][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2006-02-16 7557120]
«MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2010-01-16 8746680]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2009-11-16 2054360]
«NeroFilterCheck»=»c:program filesCommon FilesAheadLibNeroCheck.exe» [2010-01-28 155648]
«00PCTFW»=»c:program filesPC Tools Firewall PlusFirewallGUI.exe» [2010-01-12 3168216]
«nwiz»=»nwiz.exe» [2006-02-16 1519616]
«ITSecMng»=»c:program filesTOSHIBABluetooth Toshiba StackItSecMng.exe» [2007-09-28 75136]
«RTHDCPL»=»RTHDCPL.EXE» [2007-08-10 16384000][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2009-01-11 132096][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE8_01″=»shell32» [X]
«IE8_02″=»advpack.dll» [2009-11-16 128512]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Bluetooth Manager.lnk — c:program filesToshibaBluetooth Toshiba StackTosBtMng1.exe [2007-11-1 421888][hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks]
«{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}»= «c:program filesSUPERAntiSpywareSASSEH.DLL» [2008-05-13 77824][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotify!SASWinLogon]
2010-02-05 14:49 548352 —-a-w- c:program filesSUPERAntiSpywareSASWINLO.DLL[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifySebring]
2006-08-03 00:20 188482 —-a-w- c:windowssystem32LgNotify.dll[HKLM~startupfolderC:^Documents and Settings^Денис^Главное меню^Программы^Автозагрузка^Вырезка экрана и программа запуска для OneNote 2007.lnk]
backup=c:windowspssВырезка экрана и программа запуска для OneNote 2007.lnkStartup[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileIcmpSettings]
«AllowInboundEchoRequest»= 1 (0x1)R1 ehdrv;ehdrv;c:windowssystem32driversehdrv.sys [16.11.2009 9:03 108792]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [16.11.2009 9:06 96408]
R1 pctgntdi;pctgntdi;c:windowssystem32driverspctgntdi.sys [05.02.2010 12:58 233136]
R1 SASDIFSV;SASDIFSV;c:program filesSUPERAntiSpywaresasdifsv.sys [23.06.2009 11:01 9968]
R1 SASKUTIL;SASKUTIL;c:program filesSUPERAntiSpywareSASKUTIL.SYS [23.06.2009 11:01 74480]
R1 uzmyntkz;AVZ-RK Kernel Driver;c:windowssystem32driversuzmyntkz.sys [02.02.2010 13:00 11264]
R2 DicterUpdateService;Dicter Service;c:program filesDicterDicterService.exe [16.01.2010 15:00 468992]
R2 ekrn;ESET Service;c:program filesESETESET NOD32 Antivirusekrn.exe [16.11.2009 9:04 735960]
R2 PCTAppEvent;PCTAppEvent Driver;c:windowssystem32driversPCTAppEvent.sys [05.02.2010 12:57 88040]
R3 PCTFW-PacketFilter;PCTools Firewall — Packet filter driver;c:windowssystem32driverspctNdis-PacketFilter.sys [05.02.2010 13:00 70664]
R3 pctNDIS;PC Tools Driver;c:windowssystem32driverspctNdis.sys [05.02.2010 13:00 58816]
R3 pctplfw;pctplfw;c:windowssystem32driverspctplfw.sys [05.02.2010 13:00 115216]
R3 SASENUM;SASENUM;c:program filesSUPERAntiSpywareSASENUM.SYS [23.06.2009 11:01 7408]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/28 17:04];??c:program filesCyberLinkPowerDVD9NavFilter00.fcl —> c:program filesCyberLinkPowerDVD9NavFilter00.fcl [?]
.
.
Supplementary Scan
.
FF — ProfilePath — c:documents and settingsДенисApplication DataMozillaFirefoxProfilesigyb5afl.default
FF — prefs.js: browser.search.defaulturl — hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF — prefs.js: browser.search.selectedEngine — Winamp Search
FF — prefs.js: browser.startup.homepage — hxxp://www.yandex.ru
FF — prefs.js: keyword.URL — hxxp://go.mail.ru/search?utf8in=1&fr=fftbUFix&q=
FF — prefs.js: network.proxy.type — 4
FF — component: c:program filesMozilla Firefoxextensionslinkfilter@kaspersky.rucomponentsKavLinkFilter.dll
FF — plugin: c:program filesGooglePicasa3npPicasa3.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnprpjplug.dll
FF — plugin: c:program filesOperaprogrampluginsnppl3260.dll
FF — plugin: c:program filesOperaprogrampluginsnprpjplug.dll
FF — HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} — c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension
.
— — — — ORPHANS REMOVED — — — —Toolbar-ITBar7Position — (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-06 09:49
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(244)
c:windowssystem32SETUPAPI.dll
c:program filesSUPERAntiSpywareSASWINLO.DLL
c:windowssystem32WININET.dll
c:documents and settingsДенисApplication DataSUPERAntiSpyware.comSUPERAntiSpywareSDDLLSUIREPAIR.DLL
c:documents and settingsДенисApplication DataSUPERAntiSpyware.comSUPERAntiSpywareSDDLLSSD10005.dll
c:windowssystem32cscui.dll
c:windowssystem32LgNotify.dll
c:windowssystem32COMRes.dll— — — — — — — > ‘lsass.exe'(316)
c:windowssystem32setupapi.dll— — — — — — — > ‘explorer.exe'(16608)
c:windowssystem32SHDOCVW.dll
c:windowssystem32WININET.dll
c:windowssystem32COMRes.dll
c:windowsSystem32cscui.dll
c:windowssystem32wpdshext.dll
c:windowssystem32portabledeviceapi.dll
c:windowssystem32SETUPAPI.dll
c:windowssystem32audiodev.dll
c:windowssystem32WMVCore.DLL
c:windowssystem32WMASF.DLL
c:windowssystem32msi.dll
c:windowsSystem32wiadefui.dll
c:windowssystem32wpdshserviceobj.dll
c:windowssystem32webcheck.dll
c:windowssystem32portabledevicetypes.dll
c:windowssystem32NETSHELL.dll
c:windowssystem32credui.dll
c:windowssystem32MSVCP60.dll
c:windowssystem32eappprxy.dll
.
Completion time: 2010-02-06 09:50:44
ComboFix-quarantined-files.txt 2010-02-06 06:50Pre-Run: 26 460 196 864 байт свободно
Post-Run: 26 436 558 848 байт свободно— — End Of File — — 8F0F1FD2F53F36CC21A533D4FCA5F18A
- Для ответа в этой теме необходимо авторизоваться.
