- This topic has 1 ответ, 2 участника, and was last updated 16 years, 3 months назад by
.
-
Сообщения
-
Здравствуйте. У меня на компе появились вирусы kis7.0 определяет их как Trojan.BAT.Agent.md Trojan.BAT.Agent.me Trojan.BAT.Agent.mc Находятся они в папках ProgramFiles и Windows .расширения bat, exe . Также их видно в диспетчере задач (запущены левые процессы).
Вот логи:
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Администратор at 2009-01-31 23:54:12
Microsoft Windows XP Professional Service Pack 2
System drive C: has 10 GB (42%) free of 24 GB
Total RAM: 2047 MB (80% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:54:13, on 31.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesKaspersky LabKaspersky Internet Security 7.0avp.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesKaspersky LabKaspersky Internet Security 7.0avp.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32taskmgr.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesOperaOpera.exe
C:Program FilesDownload Masterdmaster.exe
C:Documents and SettingsАдминистраторРабочий столRSIT.exe
C:Program Filestrend microАдминистратор.exeO4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O8 — Extra context menu item: Добавить в Анти-Баннер — C:Program FilesKaspersky LabKaspersky Internet Security 7.0ie_banner_deny.htm
O17 — HKLMSystemCCSServicesTcpip..{A23FE4CB-1293-4C77-97D2-0494CC8FDCF2}: NameServer = 212.33.225.211 212.33.224.131
O23 — Service: 01T4A09 (01SAC) — Unknown owner — C:Program FilesYEEZT519MIAZL1PR1.EXE
O23 — Service: ZZMT3SB3M4Z7 (0ZL7203BUH) — Unknown owner — C:Program FilesXANFKLG813G.EXE
O23 — Service: 18WI3V — Unknown owner — C:WINDOWSKGTQ44Y2.exe
O23 — Service: 1KFVMQEY (29YMG3) — Unknown owner — C:Program FilesZOXGQWFGANSRSIN8B8.EXE (file missing)
O23 — Service: 2KAP6ZZACE (2I3ZH0U2) — Unknown owner — C:Program Files�22KNYSZ242O6YWUZKCQ7V6.EXE (file missing)
O23 — Service: 1X19K5NJUHE (2X0GRQN8D) — Unknown owner — C:Program FilesZAM4NC7818E3NEGQ070JCZNC.EXE (file missing)
O23 — Service: 2DV8GTU (3BUFF) — Unknown owner — C:Program FilesYVF4ZKWNO1AGHHH0M.EXE
O23 — Service: 37Z1ICB8I (45YHK3J) — Unknown owner — C:Program Files2IKX1D3WHHQMG9K76V23.EXE (file missing)
O23 — Service: 3PWV22 (4NX99N9OJRR1) — Unknown owner — C:Program Files27JRQT4QD2QPFJA.EXE (file missing)
O23 — Service: 6ZXULQ6UF (4Y817PF) — Unknown owner — C:Program Files2RJTLMMLDEQVE5IDK2FY.EXE (file missing)
O23 — Service: 66OMH8VG (66NZGF) — Unknown owner — C:Program Files2JBH00WY3SNTGWG4VV.EXE (file missing)
O23 — Service: BU3NE (9BTAMB4WACI) — Unknown owner — C:Program Files7WEZ62VZBPZ6L.EXE (file missing)
O23 — Service: 8LCCVXRFSE (9LBPU5AU) — Unknown owner — C:Program Files664PS4337B6U90JXJC7U8E.EXE (file missing)
O23 — Service: 12EPKJFJCJX (A0BX03ZP7) — Unknown owner — C:Program FilesRLXVJLCRYX2K2VG9EDYP2EYZ.EXE
O23 — Service: A6OVXRIIK3 (ADN2I683) — Unknown owner — C:Program FilesPZ27MZKW9S753VUQHKC20W0B.EXE
O23 — Service: Kaspersky Internet Security 7.0 (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Internet Security 7.0avp.exe
O23 — Service: B6U32MJY (B4TA1G) — Unknown owner — C:Program FilesB7X57R6SONB4.EXE
O23 — Service: A5DPTM2MLO2T (B5CL9WC2TN) — Unknown owner — C:Program FilesI48MH3MZFD.EXE (file missing)
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FK6G315Z1N (FL5U28QJ) — Unknown owner — C:Program FilesD3RBFS6S13S89LN3PSMC56.EXE
O23 — Service: EX4THUI134 (FY37G48K) — Unknown owner — C:Program FilesBBOP0OKUN898FJ1HIOFFETL.EXE (file missing)
O23 — Service: FG0B2V (GF9EY79FI5SX) — Unknown owner — C:Program FilesEP7VUTW9T27COG2.EXE
O23 — Service: H1YH7PJQ — Unknown owner — C:WINDOWS5WU3782C38C.exe
O23 — Service: G6ZHUTFM (H6QF83) — Unknown owner — C:Program FilesEJVVQAVMR9NS7FEY4JC.EXE
O23 — Service: ISSCI3G (HSRJA) — Unknown owner — C:Program FilesEC6V44FR9DBQ77KA.EXE
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: MOPCR49 (K1NJC) — Unknown owner — C:Program Files4ZH8S8BS1WVO7E0I.EXE (file missing)
O23 — Service: LDJZY (KE9XY66KU9C) — Unknown owner — C:Program FilesHWVFBQ2PRYK9.EXE
O23 — Service: LL3BZPCMSS (KL2LA7TC) — Unknown owner — C:Program FilesH5NURRZBZ2B9IFBNA6647OS.EXE
O23 — Service: LZVNHHYNOP0 (M0W1GPJ2A) — Unknown owner — C:Program FilesHDHJ00G0VPWPHCVHL.EXE (file missing)
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: MBBP72ETURLY (NCCLMMTTEE) — Unknown owner — C:Program FilesIW470�ZFPV.EXE
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: NS0BW23C (ORACFA) — Unknown owner — C:Program FilesKTCWU3YV37AXBYHNFUA9.EXE
O23 — Service: NYD8BU1 (OYJC0) — Unknown owner — C:Program FilesJBV6W0CNFQDDW3FC.EXE (file missing)
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: SGYKDFI1 (REXLJH) — Unknown owner — C:Program FilesPYK3E8F69D2FFK470M.EXE (file missing)
O23 — Service: Remote Administrator Service (r_server) — Unknown owner — C:WINDOWSsystem32r_server.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: T0DGAZ0OQ (T0CUIKB) — Unknown owner — C:Program FilesRD4CS90T2UFHZO5KN96CY.EXE (file missing)
O23 — Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) — TuneUp Software GmbH — C:Program FilesTuneUp Utilities 2006WinStylerThemeSvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: WTH2Q (VSV1XH7B85AM) — Unknown owner — C:Program FilesSREDEHYGWAP2CH.EXE (file missing)
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe
O23 — Service: VYG5R (WWFCZH2D5LU) — Unknown owner — C:Program FilesR8ZQL0HF4FJA.EXE
O23 — Service: WC9LKQ1 (XCGS7) — Unknown owner — C:Program FilesUW13NDMLI0VADFXRG.EXE
O23 — Service: Y7315G49G8W9 (Z721NPH4TP) — Unknown owner — C:Program FilesUKOUFIOI84.EXE
O23 — Service: YBNWQB (ZB1TX34OSW5X) — Unknown owner — C:Program FilesUTWHIDPKZQVWE5.EXE (file missing)
O23 — Service: ZJRPWCR9R — Unknown owner — C:WINDOWSGZAKADY3STHH.exe—
End of file — 6704 bytes======Scheduled tasks folder======
C:WINDOWStasks1-Click Maintenance.job
======Registry dump======
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360][HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, msansspc.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
======List of files/folders created in the last 1 months======
2009-01-31 23:12:16 —-D—- C:rsit
2009-01-31 23:12:16 —-D—- C:Program Filestrend micro
2009-01-31 22:38:19 —-RASH—- C:WINDOWSGZAKADY3STHH.exe
2009-01-31 22:38:18 —-RASH—- C:WINDOWSKGTQ44Y2.exe
2009-01-31 22:38:18 —-D—- C:Program FilesZKUQ1VW
2009-01-31 22:38:18 —-A—- C:Program FilesP79BLZ8K7UV1.bat
2009-01-31 22:33:38 —-RASH—- C:WINDOWSS387DF.exe
2009-01-31 22:33:38 —-D—- C:Program FilesIW470
2009-01-31 22:29:32 —-RASH—- C:WINDOWS5WU3782C38C.exe
2009-01-31 22:29:32 —-D—- C:Program FilesDDXU0YRC4I
2009-01-31 22:22:35 —-RASH—- C:WINDOWSY0YHC4MYN.exe
2009-01-31 22:16:39 —-RASH—- C:WINDOWSINITUR.exe
2009-01-31 22:16:39 —-D—- C:Program FilesXANFK
2009-01-31 21:57:05 —-RASH—- C:WINDOWS�NY1V.exe
2009-01-31 21:57:05 —-D—- C:Program FilesPZ27MZKW9S75
2009-01-31 21:45:04 —-RASH—- C:WINDOWSNFAH29VX15.exe
2009-01-31 21:35:33 —-RASH—- C:WINDOWSJADXWB5GU.exe
2009-01-31 21:35:33 —-D—- C:Program FilesYEEZT519
2009-01-31 21:27:22 —-RASH—- C:WINDOWSYP4UJQ.exe
2009-01-31 21:27:22 —-D—- C:Program FilesK2Q4S
2009-01-31 21:10:06 —-RASH—- C:WINDOWSC7ZTUB5.exe
2009-01-31 21:10:06 —-D—- C:Program FilesR8ZQL0
2009-01-31 21:10:06 —-A—- C:Program FilesJ3EC26NAX94.bat
2009-01-31 20:59:57 —-RASH—- C:WINDOWS9PRFFIIHLQ.exe
2009-01-31 20:59:57 —-D—- C:Program FilesMPOSJKO0Q
2009-01-31 20:38:08 —-RASH—- C:WINDOWSTSZ35GD.exe
2009-01-31 20:06:21 —-RASH—- C:WINDOWSIY5JUSFRWFOZ.exe
2009-01-31 20:06:21 —-D—- C:Program FilesX26JQ7ALU2Y
2009-01-31 20:06:21 —-A—- C:Program FilesPMC22N4F.bat
2009-01-31 10:26:10 —-RASH—- C:WINDOWSSKJP42.exe
2009-01-31 08:30:17 —-RASH—- C:WINDOWSHGMAP1UVHBD4.exe
2009-01-31 08:30:17 —-D—- C:Program FilesWKMGKXZ0FW1
2009-01-31 08:21:41 —-RASH—- C:WINDOWSII5FJ87.exe
2009-01-31 08:21:41 —-D—- C:Program FilesXK6DAQ
2009-01-31 08:21:41 —-A—- C:Program FilesMCSPVD0IG8J.bat
2009-01-31 08:05:58 —-RASH—- C:WINDOWSW27MZ2E2.exe
2009-01-31 04:02:11 —-RASH—- C:WINDOWS6FUVSJHP70.exe
2009-01-31 04:02:11 —-D—- C:Program FilesEJVVQAVMR
2009-01-31 03:04:38 —-RASH—- C:WINDOWSQGQ5GS.exe
2009-01-31 03:04:38 —-A—- C:Program FilesX4IN4X0OO4.bat
2009-01-31 02:42:58 —-RASH—- C:WINDOWSSWL8N8F9Z.exe
2009-01-31 02:42:58 —-A—- C:Program FilesYNZKU.bat
2009-01-31 02:30:50 —-RASH—- C:WINDOWSWS0MUX4U.exe
2009-01-31 02:30:50 —-D—- C:Program FilesW0NLG60
2009-01-31 02:25:44 —-RASH—- C:WINDOWSW69Q60QF.exe
2009-01-31 02:25:43 —-D—- C:Program FilesRLXVJLCRYX2K
2009-01-31 02:23:52 —-SHD—- C:Config.Msi
2009-01-31 02:21:06 —-RASH—- C:WINDOWSC9HX4.exe
2009-01-31 02:21:05 —-D—- C:Program FilesUW13NDML
2009-01-31 02:14:21 —-RASH—- C:WINDOWSKXIX0U7T0G.exe
2009-01-31 02:14:21 —-D—- C:Program FilesZ1J0XLQY2
2009-01-31 01:05:50 —-RASH—- C:WINDOWSOT6176E2T.exe
2009-01-31 01:01:55 —-RASH—- C:WINDOWS1DEXH35UCB.exe
2009-01-31 01:01:54 —-D—- C:Program FilesB7X57R
2009-01-31 00:54:15 —-RASH—- C:WINDOWS6L6VY2T2.exe
2009-01-31 00:54:15 —-RASH—- C:WINDOWS22NOC8UJIDXJ.exe
2009-01-31 00:54:14 —-D—- C:Program FilesEP7VUTW
2009-01-31 00:50:46 —-RASH—- C:WINDOWS�7Z7MA7FC.exe
2009-01-31 00:45:17 —-RASH—- C:WINDOWS9UUFEZX.exe
2009-01-31 00:45:17 —-D—- C:Program FilesHWVFBQ
2009-01-31 00:39:26 —-RSH—- C:WINDOWSI3WJUMURBU08.exe
2009-01-31 00:39:25 —-D—- C:Program FilesYVF4ZKWN
2009-01-31 00:35:55 —-RSH—- C:WINDOWSJF6L6CBGB0G.exe
2009-01-30 23:41:41 —-RASH—- C:WINDOWSVZUVNSD3F.exe
2009-01-30 23:24:33 —-RASH—- C:WINDOWSLY1IQ6QOTIZL.exe
2009-01-30 23:12:49 —-RASH—- C:WINDOWSEXPXXCVTF.exe
2009-01-30 23:12:48 —-D—- C:Program FilesUKOUF
2009-01-30 23:12:48 —-A—- C:Program FilesM1RUSWY21Z.bat
2009-01-30 23:09:06 —-RASH—- C:WINDOWS68B6XIF23.exe
2009-01-30 23:09:06 —-D—- C:Program FilesEC6V44FR
2009-01-30 22:43:05 —-RASH—- C:WINDOWSSSDZ9VN.exe
2009-01-30 22:38:32 —-RASH—- C:WINDOWS51QI1HOIYBNQ.exe
2009-01-30 22:38:32 —-D—- C:Program FilesD3RBFS6S13S
2009-01-30 11:35:05 —-RASH—- C:WINDOWSNEJW4DUXT65.exe
2009-01-30 03:52:48 —-RASH—- C:WINDOWSSBQ3CMNGN3.exe
2009-01-30 03:49:18 —-RASH—- C:WINDOWSR13AY81ZK0Z0.exe
2009-01-30 03:43:45 —-RASH—- C:WINDOWS91MX068XGV1H.exe
2009-01-30 03:43:45 —-D—- C:Program FilesH5NURRZBZ2B
2009-01-30 03:39:46 —-RASH—- C:WINDOWSNFHVYK4L.exe
2009-01-30 03:32:21 —-RASH—- C:WINDOWSZBDGAP4VXT2.exe
2009-01-30 03:26:48 —-RASH—- C:WINDOWSC3CVBBP0SP1.exe
2009-01-30 03:22:24 —-RASH—- C:WINDOWS9GJ3I.exe
2009-01-30 03:16:59 —-RASH—- C:WINDOWSNO5MS734.exe
2009-01-30 03:11:38 —-RASH—- C:WINDOWS1OHWN5QW.exe
2009-01-30 03:06:15 —-RASH—- C:WINDOWSXWK2367F4.exe
2009-01-30 03:00:05 —-RASH—- C:WINDOWSU6Z9RIMXB.exe
2009-01-30 02:39:53 —-RASH—- C:WINDOWSNNITQU3FBE4.exe
2009-01-30 02:25:38 —-RASH—- C:WINDOWSC8IFILN4OPF.exe
2009-01-30 02:14:02 —-D—- C:WINDOWSpss
2009-01-30 01:38:09 —-RASH—- C:WINDOWSE8CBN7RLQ5H.exe
2009-01-30 01:33:50 —-RASH—- C:WINDOWS1RUCC.exe
2009-01-30 01:24:15 —-RASH—- C:WINDOWS6FGT2QU5.exe
2009-01-30 01:21:26 —-RASH—- C:WINDOWSYCXK3U1M.exe
2009-01-30 00:42:01 —-RSH—- C:WINDOWSNZBM3.exe
2009-01-30 00:27:14 —-RASH—- C:WINDOWS41YIR37WB3RK.exe
2009-01-30 00:24:53 —-RASH—- C:WINDOWSDODDHQH4.exe
2009-01-30 00:12:29 —-RASH—- C:WINDOWSAUJ6AW3D0Q.exe
2009-01-29 23:55:57 —-RASH—- C:WINDOWSPBWXRXM542H.exe
2009-01-29 23:55:57 —-D—- C:Program FilesKTCWU3YV37
2009-01-29 23:02:25 —-RASH—- C:WINDOWS5H9KKLLGOF.exe
2009-01-29 22:48:27 —-RASH—- C:WINDOWS8P9NZ6R87.exe
2009-01-29 22:45:25 —-RSH—- C:WINDOWSO99TW2J.exe
2009-01-29 22:24:00 —-HD—- C:WINDOWSPIF
2009-01-29 22:19:54 —-RSH—- C:WINDOWSSDJBYWQ.exe
2009-01-29 16:50:50 —-RSH—- C:WINDOWSPNOPCZIODCE.exe
2009-01-29 13:17:46 —-A—- C:WINDOWSHN9X31E1.exe
2009-01-29 12:31:20 —-RSH—- C:WINDOWSE2B4V0.exe
2009-01-29 12:31:20 —-A—- C:WINDOWSCWOGIJ.txt
2009-01-29 05:09:56 —-AH—- C:WINDOWSsystem32msupdata.dll
2009-01-29 05:09:54 —-D—- C:WINDOWSsystem32Performance
2009-01-29 05:08:35 —-D—- C:WINDOWSsystem32MSN
2009-01-29 00:09:25 —-A—- C:WINDOWSntbtlog.txt
2009-01-28 22:44:56 —-D—- C:WINDOWSsystem32LogFiles
2009-01-26 13:56:41 —-D—- C:Program FilesAdvanced IP Scanner
2009-01-24 22:43:39 —-D—- C:Documents and SettingsАдминистраторApplication DataRadmin
2009-01-24 21:35:53 —-D—- C:Program FilesElcomSoft
2009-01-24 21:12:50 —-A—- C:WINDOWSwininit.ini
2009-01-24 21:11:25 —-A—- C:WINDOWSsystem32raddrv.dll
2009-01-24 21:11:25 —-A—- C:WINDOWSsystem32r_server.exe
2009-01-24 21:11:24 —-D—- C:Program FilesRadmin
2009-01-23 01:47:10 —-D—- C:Documents and SettingsАдминистраторApplication DataVyPRESS
2009-01-23 01:47:00 —-D—- C:Program FilesVypress Chat
2009-01-21 22:51:11 —-D—- C:Program FilesPowerQuest
2009-01-19 20:06:19 —-A—- C:WINDOWSsystem32ptpusb.dll
2009-01-19 20:06:18 —-A—- C:WINDOWSsystem32ptpusd.dll
2009-01-18 01:22:11 —-D—- C:Program FilesИгры от NevoSoft
2009-01-18 00:43:49 —-D—- C:Игры от NevoSoft
2009-01-15 23:53:01 —-D—- C:Program FilesGreedyTorrent
2009-01-14 23:56:12 —-D—- C:Program FilesAVIConverter
2009-01-12 00:48:44 —-D—- C:WINDOWSsystem32windows media
2009-01-12 00:48:34 —-D—- C:WINDOWSRegisteredPackages
2009-01-12 00:48:33 —-HD—- C:WINDOWSmsdownld.tmp
2009-01-11 01:29:22 —-D—- C:Program FilesOpenSource MPEG Splitter
2009-01-11 00:52:06 —-D—- C:Documents and SettingsАдминистраторApplication DataCoreCodec
2009-01-11 00:50:47 —-D—- C:Program FilesHaali
2009-01-11 00:50:43 —-D—- C:Program FilesCoreCodec
2009-01-07 00:35:26 —-D—- C:Program FilesTotal Commander
2009-01-06 21:41:20 —-D—- C:Program FilesWinRAR
2009-01-06 12:55:10 —-D—- C:WINDOWSsystem32appmgmt
2009-01-06 00:58:36 —-A—- C:WINDOWSsystem32unrar.dll
2009-01-06 00:58:36 —-A—- C:WINDOWSsystem32rmoc3260.dll
2009-01-06 00:58:36 —-A—- C:WINDOWSsystem32pndx5032.dll
2009-01-06 00:58:36 —-A—- C:WINDOWSsystem32pndx5016.dll
2009-01-06 00:58:36 —-A—- C:WINDOWSsystem32pncrt.dll
2009-01-06 00:58:35 —-A—- C:WINDOWSavisplitter.ini
2009-01-06 00:58:34 —-A—- C:WINDOWSsystem32yv12vfw.dll
2009-01-06 00:58:34 —-A—- C:WINDOWSsystem32huffyuv.dll
2009-01-06 00:58:33 —-A—- C:WINDOWSsystem32xvidvfw.dll
2009-01-06 00:58:33 —-A—- C:WINDOWSsystem32xvidcore.dll
2009-01-06 00:58:33 —-A—- C:WINDOWSsystem32x264vfw.dll
2009-01-06 00:58:33 —-A—- C:WINDOWSsystem32vp7vfw.dll
2009-01-06 00:58:33 —-A—- C:WINDOWSsystem32vp6vfw.dll
2009-01-06 00:58:33 —-A—- C:WINDOWSsystem32qt-dx331.dll
2009-01-06 00:58:33 —-A—- C:WINDOWSsystem32dpl100.dll
2009-01-06 00:58:32 —-A—- C:WINDOWSsystem32divx.dll
2009-01-06 00:58:27 —-D—- C:Documents and SettingsАдминистраторApplication DataReal
2009-01-06 00:58:27 —-D—- C:Documents and SettingsAll UsersApplication DataReal
2009-01-05 15:07:37 —-D—- C:Program FilesOntrack
2009-01-01 17:36:18 —-D—- C:Program FilesKWorld======List of files/folders modified in the last 1 months======
2009-01-31 23:47:19 —-D—- C:WINDOWSTemp
2009-01-31 23:36:33 —-D—- C:WINDOWSPrefetch
2009-01-31 23:12:16 —-D—- C:Program Files
2009-01-31 22:39:07 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-01-31 22:39:03 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-01-31 22:39:02 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-31 22:38:19 —-D—- C:WINDOWS
2009-01-31 22:37:15 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-31 21:33:27 —-SD—- C:WINDOWSDownloaded Program Files
2009-01-31 08:21:36 —-D—- C:WINDOWSsystem32
2009-01-31 02:57:45 —-D—- C:WINDOWSsystem32drivers
2009-01-31 02:28:03 —-SHD—- C:WINDOWSInstaller
2009-01-31 02:27:56 —-HD—- C:WINDOWSinf
2009-01-31 02:27:43 —-D—- C:Program FilesKaspersky Lab
2009-01-31 02:27:10 —-D—- C:KAV
2009-01-31 02:00:59 —-D—- C:смерть червякам !!!
2009-01-30 02:17:22 —-SH—- C:boot.ini
2009-01-30 02:17:22 —-A—- C:WINDOWSwin.ini
2009-01-30 02:17:22 —-A—- C:WINDOWSsystem.ini
2009-01-30 00:48:19 —-A—- C:WINDOWSNeroDigital.ini
2009-01-29 13:09:32 —-D—- C:Documents and SettingsАдминистраторApplication DatauTorrent
2009-01-29 12:31:31 —-D—- C:Program FilesInternet Explorer
2009-01-29 12:31:31 —-D—- C:Program FilesICQ6
2009-01-29 12:31:31 —-D—- C:Program FilesGoldWave4.26
2009-01-29 12:31:30 —-D—- C:Program FilesEasy CD-DA Extractor
2009-01-29 12:31:30 —-D—- C:Program FilesDownload Master
2009-01-29 12:31:30 —-D—- C:Program FilesDjVuReader
2009-01-29 12:31:30 —-D—- C:Program FilesDAEMON Tools Toolbar
2009-01-29 12:31:30 —-D—- C:Program FilesDAEMON Tools Pro
2009-01-29 12:31:30 —-D—- C:Program FilesDAEMON Tools Lite
2009-01-29 12:31:27 —-D—- C:Program FilesCCleaner
2009-01-29 12:31:27 —-D—- C:Program FilesAVS4YOU
2009-01-29 12:31:27 —-D—- C:Program FilesAvRack
2009-01-29 12:31:27 —-D—- C:Program FilesAVI MPEG RM WMV Splitter
2009-01-29 12:31:20 —-D—- C:Program FilesABC Simulator 2.0
2009-01-29 12:31:20 —-D—- C:Program Files7-Zip
2009-01-29 05:10:08 —-D—- C:Program FilesICQToolbar
2009-01-29 02:02:50 —-D—- C:Program FilesShareman
2009-01-27 03:00:44 —-SD—- C:Documents and SettingsАдминистраторApplication DataMicrosoft
2009-01-24 21:36:02 —-A—- C:WINDOWSsystem32BASSMOD.dll
2009-01-23 01:47:04 —-D—- C:WINDOWSWinSxS
2009-01-23 00:06:55 —-D—- C:Ad-Aware SE Personal
2009-01-12 00:48:42 —-D—- C:WINDOWSsystem32CatRoot
2009-01-06 21:34:14 —-D—- C:WINDOWSsystem32config
2009-01-06 00:58:33 —-D—- C:Program FilesK-Lite Codec Pack
2009-01-05 23:18:15 —-D—- C:WINDOWSsecurity
2009-01-05 15:11:47 —-HD—- C:Program FilesInstallShield Installation Information
2009-01-05 03:49:58 —-RSD—- C:WINDOWSassembly
2009-01-05 03:49:13 —-D—- C:WINDOWSMicrosoft.NET
2009-01-05 01:05:15 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-01 03:51:32 —-D—- C:1000
2009-01-01 03:05:08 —-SHD—- C:WINDOWSsystem32wsnpoem======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Драйвер AMD процессора; C:WINDOWSsystem32DRIVERSAmdK8.sys [2006-07-02 43520]
R1 klif;Klif; ??C:WINDOWSsystem32driversklif.sys []
R1 PQNTDrv;PQNTDrv; C:WINDOWSsystem32driversPQNTDrv.sys [2002-09-16 4228]
R1 uzqxotg2;AVZ-RK Kernel Driver; ??C:WINDOWSsystem32Driversuzqxotg2.sys []
R2 BT848;BtCap, WDM Video Capture; C:WINDOWSsystem32driversBT848.sys [2001-02-28 254160]
R2 BTTUNER;BtTuner, WDM TvTuner; C:WINDOWSsystem32driversBTTUNER.sys [2001-03-08 18944]
R2 BTXBAR;BtXBar, WDM Crossbar; C:WINDOWSsystem32driversBTXBAR.sys [1999-07-22 13308]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2008-09-24 4122368]
R3 AmdLLD;AMD Low Level Device Driver; C:WINDOWSsystem32DRIVERSAmdLLD.sys [2006-11-01 33280]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2004-08-17 60800]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2007-04-04 24344]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
R3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-18 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2004-08-17 61824]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2008-07-26 6097536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2005-04-06 12928]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-04 57600]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-04 17024]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:WINDOWSsystem32DRIVERSyk51x86.sys [2004-08-19 189568]
S2 vmi386;vmi386; C:WINDOWSSystem32driversvmi386.sys []
S3 61883;Устройство 61883; C:WINDOWSsystem32DRIVERS61883.sys [2004-08-03 48128]
S3 ajgkm6la;ajgkm6la; C:WINDOWSsystem32driversajgkm6la.sys []
S3 al6rfplt;al6rfplt; C:WINDOWSsystem32driversal6rfplt.sys []
S3 Avc;Устройство AVC; C:WINDOWSsystem32DRIVERSavc.sys [2004-08-03 38912]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 ENTECH;ENTECH; ??C:WINDOWSsystem32DRIVERSENTECH.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:WINDOWSsystem32DRIVERSmsdv.sys [2004-08-03 51328]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2005-04-06 33536]
S3 RivaTuner32;RivaTuner32; ??C:Program FilesRivaTuner v2.10RivaTuner32.sys []
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 TSP;TSP; ??C:WINDOWSsystem32driversklif.sys []
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Automatc Updata; C:WINDOWSSystem32svchost.exe [2004-08-17 14336]
R2 AVP;Kaspersky Internet Security 7.0; C:Program FilesKaspersky LabKaspersky Internet Security 7.0avp.exe [2007-06-28 218376]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2008-07-26 159812]
S2 01SAC;01T4A09; C:Program FilesYEEZT519MIAZL1PR1.EXE [2009-01-29 53248]
S2 0ZL7203BUH;ZZMT3SB3M4Z7; C:Program FilesXANFKLG813G.EXE [2009-01-29 53248]
S2 18WI3V;18WI3V; C:WINDOWSKGTQ44Y2.exe [2009-01-29 53248]
S2 29YMG3;1KFVMQEY; C:Program FilesZOXGQWFGANSRSIN8B8.EXE -X4ANXC0WG0P9 []
S2 2I3ZH0U2;2KAP6ZZACE; C:Program Files�22KNYSZ242O6YWUZKCQ7V6.EXE -ZBHQV3S []
S2 2X0GRQN8D;1X19K5NJUHE; C:Program FilesZAM4NC7818E3NEGQ070JCZNC.EXE -YQ6SHKK []
S2 3BUFF;2DV8GTU; C:Program FilesYVF4ZKWNO1AGHHH0M.EXE [2009-01-29 53248]
S2 45YHK3J;37Z1ICB8I; C:Program Files2IKX1D3WHHQMG9K76V23.EXE -1Z648A []
S2 4NX99N9OJRR1;3PWV22; C:Program Files27JRQT4QD2QPFJA.EXE -ZG3YXZH6QPT []
S2 4Y817PF;6ZXULQ6UF; C:Program Files2RJTLMMLDEQVE5IDK2FY.EXE -1830T []
S2 66NZGF;66OMH8VG; C:Program Files2JBH00WY3SNTGWG4VV.EXE -1ZVP5 []
S2 9BTAMB4WACI;BU3NE; C:Program Files7WEZ62VZBPZ6L.EXE -6058XYFE0A []
S2 9LBPU5AU;8LCCVXRFSE; C:Program Files664PS4337B6U90JXJC7U8E.EXE -6FJFEV []
S2 A0BX03ZP7;12EPKJFJCJX; C:Program FilesRLXVJLCRYX2K2VG9EDYP2EYZ.EXE [2009-01-29 53248]
S2 ADN2I683;A6OVXRIIK3; C:Program FilesPZ27MZKW9S753VUQHKC20W0B.EXE [2009-01-29 53248]
S2 B4TA1G;B6U32MJY; C:Program FilesB7X57R6SONB4.EXE [2009-01-29 53248]
S2 B5CL9WC2TN;A5DPTM2MLO2T; C:Program FilesI48MH3MZFD.EXE -ZHTMZVS8 []
S2 FL5U28QJ;FK6G315Z1N; C:Program FilesD3RBFS6S13S89LN3PSMC56.EXE [2009-01-29 53248]
S2 FY37G48K;EX4THUI134; C:Program FilesBBOP0OKUN898FJ1HIOFFETL.EXE -AR9U7S2 []
S2 GF9EY79FI5SX;FG0B2V; C:Program FilesEP7VUTW9T27COG2.EXE [2009-01-29 53248]
S2 H1YH7PJQ;H1YH7PJQ; C:WINDOWS5WU3782C38C.exe [2009-01-29 53248]
S2 H6QF83;G6ZHUTFM; C:Program FilesEJVVQAVMR9NS7FEY4JC.EXE [2009-01-29 53248]
S2 HSRJA;ISSCI3G; C:Program FilesEC6V44FR9DBQ77KA.EXE [2009-01-29 53248]
S2 K1NJC;MOPCR49; C:Program Files4ZH8S8BS1WVO7E0I.EXE -DEPKPZB1GKH []
S2 KE9XY66KU9C;LDJZY; C:Program FilesHWVFBQ2PRYK9.EXE [2009-01-29 53248]
S2 KL2LA7TC;LL3BZPCMSS; C:Program FilesH5NURRZBZ2B9IFBNA6647OS.EXE [2009-01-29 53248]
S2 M0W1GPJ2A;LZVNHHYNOP0; C:Program FilesHDHJ00G0VPWPHCVHL.EXE -HT2R5FDZ []
S2 NCCLMMTTEE;MBBP72ETURLY; C:Program FilesIW470�ZFPV.EXE [2009-01-29 53248]
S2 ORACFA;NS0BW23C; C:Program FilesKTCWU3YV37AXBYHNFUA9.EXE [2009-01-29 53248]
S2 OYJC0;NYD8BU1; C:Program FilesJBV6W0CNFQDDW3FC.EXE -JR36W6MZ65S []
S2 REXLJH;SGYKDFI1; C:Program FilesPYK3E8F69D2FFK470M.EXE -O4AYKV4ARMF7 []
S2 T0CUIKB;T0DGAZ0OQ; C:Program FilesRD4CS90T2UFHZO5KN96CY.EXE -OTHJZD []
S2 VSV1XH7B85AM;WTH2Q; C:Program FilesSREDEHYGWAP2CH.EXE -R90IMNA4F7 []
S2 WWFCZH2D5LU;VYG5R; C:Program FilesR8ZQL0HF4FJA.EXE [2009-01-29 53248]
S2 XCGS7;WC9LKQ1; C:Program FilesUW13NDMLI0VADFXRG.EXE [2009-01-29 53248]
S2 Z721NPH4TP;Y7315G49G8W9; C:Program FilesUKOUFIOI84.EXE [2009-01-29 53248]
S2 ZB1TX34OSW5X;YBNWQB; C:Program FilesUTWHIDPKZQVWE5.EXE -T9ODNW6TUZ []
S2 ZJRPWCR9R;ZJRPWCR9R; C:WINDOWSGZAKADY3STHH.exe [2009-01-29 53248]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:Program FilesSonyShared Plug-InsMedia ManagerMSSQL$SONY_MEDIAMGRBinnsqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:Program FilesMicrosoft SQL Server80ToolsBinnsqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 r_server;Remote Administrator Service; C:WINDOWSsystem32r_server.exe [2004-06-16 708608]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:Program FilesSonyShared Plug-InsMedia ManagerMSSQL$SONY_MEDIAMGRBinnsqlagent.EXE [2002-12-17 311872]
S3 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:Program FilesTuneUp Utilities 2006WinStylerThemeSvc.exe [2005-08-11 118272]
S4 0NTFLVSLF8O;0NTFLVSLF8O; C:WINDOWSH3D6W.exe -QQRBCXK2R5 []
S4 0UC2T9RUIS;0UC2T9RUIS; C:WINDOWSI3WJUMURBU08.exe [2009-01-29 53248]
S4 1HEPQIB6SV;1HEPQIB6SV; C:WINDOWSIY5JUSFRWFOZ.exe [2009-01-29 53248]
S4 26GPKBZR9;26GPKBZR9; C:WINDOWSJF6L6CBGB0G.exe [2009-01-29 53248]
S4 3HZ4EUP5;3HZ4EUP5; C:WINDOWSKXIX0U7T0G.exe [2009-01-29 53248]
S4 4KSRIEWX4Q;4KSRIEWX4Q; C:WINDOWSNZBM3.exe [2009-01-29 53248]
S4 4VJZO;4VJZO; C:WINDOWSO99TW2J.exe [2009-01-29 53248]
S4 5YMZR9Q;5YMZR9Q; C:WINDOWSOT6176E2T.exe [2009-01-29 53248]
S4 66YZDJ;66YZDJ; C:WINDOWSNFHVYK4L.exe [2009-01-29 53248]
S4 830IC;830IC; C:WINDOWSSDJBYWQ.exe [2009-01-29 53248]
S4 8W3TBGUDZ;8W3TBGUDZ; C:WINDOWSPNOPCZIODCE.exe [2009-01-29 53248]
S4 9961PFMF8ZMJ;9961PFMF8ZMJ; C:WINDOWSQGQ5GS.exe [2009-01-29 53248]
S4 9G1874F;9G1874F; C:WINDOWSSWL8N8F9Z.exe [2009-01-29 53248]
S4 9T1N3X2Q61BO;9T1N3X2Q61BO; C:WINDOWSSKJP42.exe [2009-01-29 53248]
S4 A3QHTJ;A3QHTJ; C:WINDOWSYCXK3U1M.exe [2009-01-29 53248]
S4 B2TKT00VA;B2TKT00VA; C:WINDOWSZBDGAP4VXT2.exe [2009-01-29 53248]
S4 B8JD2;B8JD2; C:WINDOWSTSZ35GD.exe [2009-01-29 53248]
S4 BTRUFF;BTRUFF; C:WINDOWSWS0MUX4U.exe [2009-01-29 53248]
S4 CT7TBYZ;CT7TBYZ; C:WINDOWS�7Z7MA7FC.exe [2009-01-29 53248]
S4 DALNVF;DALNVF; C:WINDOWS1OHWN5QW.exe [2009-01-29 53248]
S4 DX71X90BMD5;DX71X90BMD5; C:WINDOWS1RUCC.exe [2009-01-29 53248]
S4 EKO2O76I37;EKO2O76I37; C:WINDOWS41YIR37WB3RK.exe [2009-01-29 53248]
S4 EO4UOBSHK;EO4UOBSHK; C:WINDOWS6L6VY2T2.exe [2009-01-29 53248]
S4 F6XZG;F6XZG; C:WINDOWS6FGT2QU5.exe [2009-01-29 53248]
S4 H17H5QK;H17H5QK; C:WINDOWSXWK2367F4.exe [2009-01-29 53248]
S4 HPUMGFX;HPUMGFX; C:WINDOWS8P9NZ6R87.exe [2009-01-29 53248]
S4 jlqk;jlqk; C:WINDOWSsystem32jlqk.exe []
S4 jtqk;jtqk; C:WINDOWSsystem32jtqk.exe []
S4 KCEIVY;KCEIVY; C:WINDOWS9GJ3I.exe [2009-01-29 53248]
S4 M5FJMB;M5FJMB; C:WINDOWSNO5MS734.exe [2009-01-29 53248]
S4 MI59JGA723GE;MI59JGA723GE; C:WINDOWSYP4UJQ.exe [2009-01-29 53248]
S4 MK7YLK;MK7YLK; C:WINDOWSW27MZ2E2.exe [2009-01-29 53248]
S4 MSVPJT040FNJ;MSVPJT040FNJ; C:WINDOWSPBWXRXM542H.exe [2009-01-29 53248]
S4 PnkBstrA;PnkBstrA; C:WINDOWSsystem32PnkBstrA.exe []
S4 PTUAGBL62FPM;PTUAGBL62FPM; C:WINDOWSE2B4V0.exe [2009-01-29 53248]
S4 QIWS6H;QIWS6H; C:WINDOWSW69Q60QF.exe [2009-01-29 53248]
S4 QPYPJ8W;QPYPJ8W; C:WINDOWS5H9KKLLGOF.exe [2009-01-29 53248]
S4 QVLUFRQ5;QVLUFRQ5; C:WINDOWS9PRFFIIHLQ.exe [2009-01-29 53248]
S4 TRY0FZ7JG;TRY0FZ7JG; C:WINDOWSC8IFILN4OPF.exe [2009-01-29 53248]
S4 UHLTBW1;UHLTBW1; C:WINDOWSEXPXXCVTF.exe [2009-01-29 53248]
S4 UVY1I1HQ43;UVY1I1HQ43; C:WINDOWSC9HX4.exe [2009-01-29 53248]
S4 UYQU4IL;UYQU4IL; C:WINDOWSVZUVNSD3F.exe [2009-01-29 53248]
S4 WSTF86AWF;WSTF86AWF; C:WINDOWSE8CBN7RLQ5H.exe [2009-01-29 53248]
S4 Z8KSVOIGLA;Z8KSVOIGLA; C:WINDOWSHGMAP1UVHBD4.exe [2009-01-29 53248]
S4 Z9CD1;Z9CD1; C:WINDOWSII5FJ87.exe [2009-01-29 53248]
S4 ZI3IY2;ZI3IY2; C:WINDOWSHN9X31E1.exe [2009-01-29 53248]
S4 ZRUQKI88;ZRUQKI88; C:WINDOWSSBQ3CMNGN3.exe [2009-01-29 53248]
EOF
info.txt logfile of random’s system information tool 1.05 2009-01-31 23:12:27======Uninstall list======
—>MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
—>MsiExec /X{CD6E97C6-310B-487A-945E-18965FF0E20E}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
3DMark05—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime�701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}Setup.exe» -l0x9
3DMark06—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime10�1Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7F3AD00A-1819-4B15-BB7D-08B3586336D7}setup.exe» -l0x9 -removeonly
7-Zip 4.42—>MsiExec.exe /I{23170F69-40C1-2701-0442-000001000000}
ACDSee 8—>MsiExec.exe /I{AE80641A-0C8D-4670-A518-B4EC154B1027}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 7.0—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Advanced IP Scanner v1.4—>C:Program FilesAdvanced IP Scanneruninstal.exe
AVI/MPEG/RM/WMV Splitter 4.28—>»C:Program FilesAVI MPEG RM WMV Splitterunins000.exe»
AVIConverter 5.1.0—>C:Program FilesAVIConverteruninst.exe
AviSynth 2 (remove only)—>»C:Program FilesAviSynth2uninst.exe»
AVS Video Converter 6—>»C:Program FilesAVS4YOUAVSVideoConverter6unins000.exe»
AVS4YOU Software Navigator 1.3—>»C:Program FilesAVS4YOUAVSSoftwareNavigatorunins000.exe»
CCleaner (remove only)—>»C:Program FilesCCleaneruninst.exe»
DAEMON Tools Toolbar—>C:Program FilesDAEMON Tools Toolbaruninst.exe
DFX 8 for Winamp—>»C:Program FilesWinampuninstall_dfx.exe»
DjVuReader 2.0.0.20—>C:Program FilesDjVuReaderuninst.exe
Download Master version 4.3.3.905—>»C:Program FilesDownload Masterunins000.exe»
Dual-Core Optimizer—>MsiExec.exe /X{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}
Easy CD-DA Extractor—>C:WINDOWSuninst.exe -f»C:Program FilesEasy CD-DA ExtractorDeIsL1.isu» -c»C:Program FilesEasy CD-DA Extractor_ISREG32.DLL»
Fraps (remove only)—>»C:Frapsuninstall.exe»
GoldWave4.26—>C:Program FilesGoldWave4.26uninstal.exe
Google Earth Pro—>MsiExec.exe /X{9578C0CD-8108-4379-9026-4601F59859A0}
GreedyTorrent v1.01 beta build 170—>»C:Program FilesGreedyTorrentunins000.exe»
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Windows XP (KB915865)—>»C:WINDOWS$NtUninstallKB915865$spuninstspuninst.exe»
ICQ Toolbar—>regsvr32 /u /s «C:PROGRA~1ICQTOO~1toolbaru.dll»
ICQ6—>C:Program FilesInstallShield Installation Information{60DE4033-9503-48D1-A483-7846BD217CA9}setup.exe -runfromtemp -l0x0009 -removeonly
Kaspersky Internet Security 7.0—>MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0—>MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
KC Softwares VideoInspector—>»C:Program FilesKC SoftwaresVideoInspectorunins000.exe»
K-Lite Mega Codec Pack 4.2.5—>»C:Program FilesK-Lite Codec Packunins000.exe»
Light Alloy 4.1—>C:Program FilesLight Alloyuninst.exe
Marvell Miniport Driver—>MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Memturbo (TM) 4—>»C:Program FilesMemturbo 4unins000.exe»
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0install.exe
Microsoft Office 2003 Russian User Interface Pack—>MsiExec.exe /I{901E0419-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003—>MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)—>MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Nero 6 Ultra Edition—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
NevoSoft Mushroom Age (remove only)—>»H:ageMushroom Ageuninstall.exe»
NVIDIA Drivers—>C:WINDOWSsystem32nvuninst.exe UninstallGUI
NVIDIA PhysX v8.06.12—>MsiExec.exe /X{CD6E97C6-310B-487A-945E-18965FF0E20E}
OpenSource MPEG Splitter (remove only)—>»C:Program FilesOpenSource MPEG Splitteruninstall.exe»
Opera 9.26—>MsiExec.exe /X{1E261C44-C1EF-4732-A503-9F13248F5F5C}
PC-TV FM—>C:WINDOWSIsUninst.exe -f»C:Program FilesKWorldPC-TV FMUninst.isu»
PowerDVD—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}Setup.exe» -uninstall
PowerQuest PartitionMagic 8.0—>C:PROGRA~1COMMON~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
Proactive System Password Recovery (remove only)—>C:Program FilesElcomSoftPSPRuninstall.exe
Realtek AC’97 Audio—>Alcrmv.exe -r -m
Remote Administrator v2.2—>C:Program FilesRadminuninstal.exe
Skype 3.0—>»C:Program FilesSkypePhoneunins000.exe»
Skype Plugin Manager—>MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
Sony DVD Architect 3.0c—>MsiExec.exe /X{19024EBA-7B29-4491-BB4E-ECF9446819E4}
Sony Media Manager 2.0—>MsiExec.exe /X{B13F5727-F12F-4253-B6AD-26AFA880B709}
Sony Vegas 6.0d—>MsiExec.exe /X{4F68B605-2F2B-42A8-8689-0CA7E67797B0}
SuperMegaSpoof 2.0—>»C:Program FilesMegaSpoofunins000.exe»
Total Commander 7.04 PowerPack—>»C:Program FilesTotal Commanderuninstall.exe»
TuneUp Utilities 2006—>MsiExec.exe /I{868D7896-99D4-4513-BC62-2B3AD3E24926}
Video mp3 Extractor 1.2—>»C:Program FilesVideo mp3 Extractorunins000.exe»
Vypress Chat 2.1—>MsiExec.exe /X{32230531-F971-468F-9BD4-7C3369F3468B}
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
WinTasks Trial—>MsiExec.exe /X{8C92D38B-C1DE-490A-B6D1-AAAA8E17DCE2}
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Пакет драйверов Windows — Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)—>C:PROGRA~1DIFX7B44739871F4D539FA473F57A832EA4B6A59EF06DPInst.exe /d /u C:WINDOWSsystem32DRVSTOREamdk8_5F4DE5B38BD0C6463F94F7534C8C84D5EACE412Damdk8.inf======Security center information======
AV: Kaspersky Internet Security
FW: Kaspersky Internet SecuritySystem event log
Computer Name: CG78
Event Code: 10005
Message: Ошибка DCOM «%1058» при попытке запуска службы upnphost с аргументами «»
для запуска сервера:
{204810B9-73B2-11D4-BF42-00B0D0118B56}Record Number: 2538
Source Name: DCOM
Time Written: 20090126000333.000000+300
Event Type: ошибка
User: NT AUTHORITYSYSTEMComputer Name: CG78
Event Code: 10005
Message: Ошибка DCOM «%1058» при попытке запуска службы upnphost с аргументами «»
для запуска сервера:
{204810B9-73B2-11D4-BF42-00B0D0118B56}Record Number: 2537
Source Name: DCOM
Time Written: 20090126000234.000000+300
Event Type: ошибка
User: NT AUTHORITYSYSTEMComputer Name: CG78
Event Code: 10005
Message: Ошибка DCOM «%1058» при попытке запуска службы upnphost с аргументами «»
для запуска сервера:
{204810B9-73B2-11D4-BF42-00B0D0118B56}Record Number: 2536
Source Name: DCOM
Time Written: 20090125235728.000000+300
Event Type: ошибка
User: NT AUTHORITYSYSTEMComputer Name: CG78
Event Code: 10005
Message: Ошибка DCOM «%1058» при попытке запуска службы upnphost с аргументами «»
для запуска сервера:
{204810B9-73B2-11D4-BF42-00B0D0118B56}Record Number: 2535
Source Name: DCOM
Time Written: 20090125235628.000000+300
Event Type: ошибка
User: NT AUTHORITYSYSTEMComputer Name: CG78
Event Code: 10005
Message: Ошибка DCOM «%1058» при попытке запуска службы upnphost с аргументами «»
для запуска сервера:
{204810B9-73B2-11D4-BF42-00B0D0118B56}Record Number: 2534
Source Name: DCOM
Time Written: 20090125235117.000000+300
Event Type: ошибка
User: NT AUTHORITYSYSTEMApplication event log
Computer Name: CG78
Event Code: 100
Message: wuauclt (3428) Ядро базы данных 5.01.2600.2180 запущено.Record Number: 1421
Source Name: ESENT
Time Written: 20080922020239.000000+360
Event Type: информация
User:Computer Name: CG78
Event Code: 1800
Message: Служба центра обеспечения безопасности Windows запущена.Record Number: 1420
Source Name: SecurityCenter
Time Written: 20080922020153.000000+360
Event Type: информация
User:Computer Name: CG78
Event Code: 102
Message: wuaueng.dll (3808) SUS20ClientDataStore: Ядро базы данных запустило новый экземпляр (0).Record Number: 1419
Source Name: ESENT
Time Written: 20080922020000.000000+360
Event Type: информация
User:Computer Name: CG78
Event Code: 100
Message: wuauclt (3808) Ядро базы данных 5.01.2600.2180 запущено.Record Number: 1418
Source Name: ESENT
Time Written: 20080922020000.000000+360
Event Type: информация
User:Computer Name: CG78
Event Code: 1800
Message: Служба центра обеспечения безопасности Windows запущена.Record Number: 1417
Source Name: SecurityCenter
Time Written: 20080922015915.000000+360
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesMicrosoft SQL Server80ToolsBinn
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
«PROCESSOR_REVISION»=2b01
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Очень жду помощи.Здравствуйте, добро пожаловать на Spyware-ru форум.
Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите программу и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:services
vmi386
ajgkm6la
al6rfplt
01SAC
0ZL7203BUH
18WI3V
29YMG3
2I3ZH0U2
2X0GRQN8D
3BUFF
45YHK3J
4NX99N9OJRR1
4Y817PF
66NZGF
9BTAMB4WACI
9LBPU5AU
A0BX03ZP7
ADN2I683
B4TA1G
B5CL9WC2TN
FL5U28QJ
FY37G48K
GF9EY79FI5SX
H1YH7PJQ
H6QF83
HSRJA
K1NJC
KE9XY66KU9C
KL2LA7TC
M0W1GPJ2A
NCCLMMTTEE
ORACFA
OYJC0
REXLJH
T0CUIKB
VSV1XH7B85AM
WWFCZH2D5LU
XCGS7
Z721NPH4TP
ZB1TX34OSW5X
ZJRPWCR9R
0NTFLVSLF8O
0UC2T9RUIS
1HEPQIB6SV
26GPKBZR9
3HZ4EUP5
4KSRIEWX4Q
4VJZO
5YMZR9Q
66YZDJ
830IC
8W3TBGUDZ
9961PFMF8ZMJ
9G1874F
9T1N3X2Q61BO
A3QHTJ
B2TKT00VA
B8JD2
BTRUFF
CT7TBYZ
DALNVF
DX71X90BMD5
EKO2O76I37
EO4UOBSHK
F6XZG
H17H5QK
HPUMGFX
jlqk
jtqk
KCEIVY
M5FJMB
MI59JGA723GE
MK7YLK
MSVPJT040FNJ
PTUAGBL62FPM
QIWS6H
QPYPJ8W
QVLUFRQ5
TRY0FZ7JG
UHLTBW1
UVY1I1HQ43
UYQU4IL
WSTF86AWF
Z8KSVOIGLA
Z9CD1
ZI3IY2
ZRUQKI88
:reg
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
:files
C:windowssystem32msansspc.dll
C:Program Files4ZH8S8BS1WVO7E0I.EXE -DEPKPZB1GKH
C:Program FilesHWVFBQ2PRYK9.EXE
C:Program FilesH5NURRZBZ2B9IFBNA6647OS.EXE
C:Program FilesHDHJ00G0VPWPHCVHL.EXE
C:Program FilesIW470ZFPV.EXE
C:Program FilesKTCWU3YV37AXBYHNFUA9.EXE
C:Program FilesJBV6W0CNFQDDW3FC.EXE
C:Program FilesPYK3E8F69D2FFK470M.EXE
C:Program FilesRD4CS90T2UFHZO5KN96CY.EXE
C:Program FilesSREDEHYGWAP2CH.EXE
C:Program FilesR8ZQL0HF4FJA.EXE
C:Program FilesUW13NDMLI0VADFXRG.EXE
C:Program FilesUKOUFIOI84.EXE
C:Program FilesUTWHIDPKZQVWE5.EXE
C:WINDOWSGZAKADY3STHH.exe
C:WINDOWSH3D6W.exe
C:WINDOWSI3WJUMURBU08.exe
C:WINDOWSIY5JUSFRWFOZ.exe
C:WINDOWSJF6L6CBGB0G.exe
C:WINDOWSKXIX0U7T0G.exe
C:WINDOWSNZBM3.exe
C:WINDOWSO99TW2J.exe
C:WINDOWSOT6176E2T.exe
C:WINDOWSNFHVYK4L.exe
C:WINDOWSSDJBYWQ.exe
C:WINDOWSPNOPCZIODCE.exe
C:WINDOWSQGQ5GS.exe
C:WINDOWSSWL8N8F9Z.exe
C:WINDOWSSKJP42.exe
C:WINDOWSYCXK3U1M.exe
C:WINDOWSZBDGAP4VXT2.exe
C:WINDOWSTSZ35GD.exe
C:WINDOWSWS0MUX4U.exe
C:WINDOWS7Z7MA7FC.exe
C:WINDOWS1OHWN5QW.exe
C:WINDOWS1RUCC.exe
C:WINDOWS41YIR37WB3RK.exe
C:WINDOWS6L6VY2T2.exe
C:WINDOWS6FGT2QU5.exe
C:WINDOWSXWK2367F4.exe
C:WINDOWS8P9NZ6R87.exe
C:WINDOWSsystem32jlqk.exe
C:WINDOWSsystem32jtqk.exe
C:WINDOWS9GJ3I.exe
C:WINDOWSNO5MS734.exe
C:WINDOWSYP4UJQ.exe
C:WINDOWSW27MZ2E2.exe
C:WINDOWSPBWXRXM542H.exe
C:WINDOWSE2B4V0.exe
C:WINDOWSW69Q60QF.exe
C:WINDOWS5H9KKLLGOF.exe
C:WINDOWS9PRFFIIHLQ.exe
C:WINDOWSC8IFILN4OPF.exe
C:WINDOWSEXPXXCVTF.exe
C:WINDOWSC9HX4.exe
C:WINDOWSVZUVNSD3F.exe
C:WINDOWSE8CBN7RLQ5H.exe
C:WINDOWSHGMAP1UVHBD4.exe
C:WINDOWSII5FJ87.exe
C:WINDOWSHN9X31E1.exe
C:WINDOWSSBQ3CMNGN3.exe
C:Program FilesZAM4NC7818E3NEGQ070JCZNC.EXE
C:Program Files22KNYSZ242O6YWUZKCQ7V6.EXE
C:Program FilesZOXGQWFGANSRSIN8B8.EXE
C:WINDOWSKGTQ44Y2.exe
C:Program FilesXANFKLG813G.EXE
C:Program FilesYEEZT519MIAZL1PR1.EXE
C:WINDOWSsystem32driversal6rfplt.sys
C:WINDOWSsystem32driversajgkm6la.sys
C:WINDOWSSystem32driversvmi386.sys
C:Program FilesYVF4ZKWNO1AGHHH0M.EXE
C:Program Files2IKX1D3WHHQMG9K76V23.EXE
C:Program Files27JRQT4QD2QPFJA.EXE -ZG3YXZH6QPT
C:Program Files2RJTLMMLDEQVE5IDK2FY.EXE
C:Program Files2JBH00WY3SNTGWG4VV.EXE
C:Program Files7WEZ62VZBPZ6L.EXE
C:Program Files664PS4337B6U90JXJC7U8E.EXE
C:Program FilesRLXVJLCRYX2K2VG9EDYP2EYZ.EXE
C:Program FilesPZ27MZKW9S753VUQHKC20W0B.EXE
C:Program FilesB7X57R6SONB4.EXE
C:Program FilesI48MH3MZFD.EXE
C:Program FilesD3RBFS6S13S89LN3PSMC56.EXE
C:Program FilesBBOP0OKUN898FJ1HIOFFETL.EXE
C:Program FilesEP7VUTW9T27COG2.EXE
C:WINDOWS5WU3782C38C.exe
C:Program FilesEJVVQAVMR9NS7FEY4JC.EXE
C:Program FilesEC6V44FR9DBQ77KA.EXE
:Commands
[emptytemp]
[start explorer]
[Reboot]Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог, вставьте его в ваш ответ.
Так же приложите к ответу свежий RSIT лог.
- Для ответа в этой теме необходимо авторизоваться.
