- This topic has 4 ответа, 2 участника, and was last updated 16 years, 9 months назад by
.
-
Сообщения
-
Предлагает купить себя в антивирусы
уже видел как вы тут помогли одному человеку но по этим рекомендациям не стал делать боюсь чтонить напортачить
буду очень признателен за помощьLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:14:31, on 20.10.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: NormalRunning processes:
C:Windowssystem32taskeng.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesWindows DefenderMSASCui.exe
C:WindowsRtHDVCpl.exe
C:AcerEmpowering TechnologyeDataSecurityeDSLoader.exe
C:AcerEmpowering TechnologyeAudioeAudio.exe
C:Users64D3~1AppDataLocalTempRtkBtMnt.exe
C:Program FilesLaunch ManagerLManager.exe
C:Program FilesAcer Arcade DeluxePlay MoviePMVService.exe
C:WindowsPLFSetI.exe
C:Program FilesApoint2KApoint.exe
C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe
C:Program Filescitysvyazcitysvyaz.exe
C:WindowsSystem32rundll32.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesPhase OneCapture One PRODCIMImp.exe
C:Program FilesWinampwinampa.exe
C:Program FilesESETESET Smart Securityegui.exe
C:WindowsSystem32regsvr32.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesGoogleGoogleToolbarNotifier1.0.720.3640GoogleToolbarNotifier.exe
C:Program FilesCommon FilesYandexYupdateyupdate.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Windowsehomeehtray.exe
C:Program FilesNokiaNokia PC Suite 7PcSync2.exe
C:Program FilesNokiaNokia PC Suite 7PCSuite.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:ProgramDataSolt Lake SoftwarePro Antispyware 2009proas2009.exe
C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
C:Program FilesInternet Exploreriexplore.exe
C:WindowsSystem32rundll32.exe
C:Windowsehomeehmsas.exe
C:Program FilesInternet ExplorerIEUser.exe
C:AcerEmpowering TechnologyENETENMTRAY.EXE
C:Program FilesApoint2KApMsgFwd.exe
C:AcerEmpowering TechnologyEPOWEREPOWER_DMC.EXE
C:AcerEmpowering TechnologyACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:AcerEmpowering TechnologyeRecoveryERAGENT.EXE
C:Program FilesApoint2KApntex.exe
c:Program FilesWIDCOMMBluetooth SoftwareBtStackServer.exe
C:Windowssystem32wbemunsecapp.exe
C:Program FilesCommon FilesNokiaMPAPIMPAPI3s.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Windowsexplorer.exe
C:WindowsSystem32NOTEPAD.EXE
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:Windowssystem32SearchFilterHost.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://vkontakte.ru/login.php?u=1
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yandex.ru/?clid=27130
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=27130
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 — Hosts: ::1 localhost
O2 — BHO: Yahoo! Toolbar Helper — {02478D38-C3F9-4EFB-9B51-7695ECA05670} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: flashget2 urlcatch — {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} — C:Program FilesFlashGet NetworkFlashGet universalComDllsbhoCATCH.dll
O2 — BHO: mxlivemedia browser enhancer — {306CC339-7554-94FA-5F47-AA37498D1AB6} — C:Windowssystem32mziyvunmbffvea.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL
O2 — BHO: ShowBarObj Class — {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} — C:Windowssystem32ActiveToolBand.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: gFlash Class — {F156768E-81EF-470C-9057-481BA8380DBA} — C:Program FilesFlashGetgetflash.dll (file missing)
O3 — Toolbar: Acer eDataSecurity Management — {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} — C:Windowssystem32eDStoolbar.dll
O3 — Toolbar: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O3 — Toolbar: (no name) — {E0E899AB-F487-11D5-8D29-0050BA6940E3} — (no file)
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [ALaunch] C:AcerALaunchAlaunchClient.exe
O4 — HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 — HKLM..Run: [eDataSecurity Loader] C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe
O4 — HKLM..Run: [eAudio] «C:AcerEmpowering TechnologyeAudioeAudio.exe»
O4 — HKLM..Run: [PLFSetL] C:WindowsPLFSetL.exe
O4 — HKLM..Run: [LManager] C:PROGRA~1LAUNCH~1LManager.exe
O4 — HKLM..Run: [PlayMovie] «C:Program FilesAcer Arcade DeluxePlay MoviePMVService.exe»
O4 — HKLM..Run: [PLFSetI] C:WindowsPLFSetI.exe
O4 — HKLM..Run: [Apoint] C:Program FilesApoint2KApoint.exe
O4 — HKLM..Run: [Acer Tour Reminder] C:AcerAcerTourReminder.exe
O4 — HKLM..Run: [WarReg_PopUp] C:AcerWR_PopUpWarReg_PopUp.exe
O4 — HKLM..Run: [Symantec PIF AlertEng] «C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe» /a /m «C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}AlertEng.dll»
O4 — HKLM..Run: [citysvyaz] C:Program Filescitysvyazcitysvyaz.exe
O4 — HKLM..Run: [Skytel] Skytel.exe
O4 — HKLM..Run: [NvSvc] RUNDLL32.EXE C:Windowssystem32nvsvc.dll,nvsvcStart
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [GrooveMonitor] «C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [Phase One Media Reader] C:PROGRA~1PHASEO~1CAPTUR~1DCIMImp.exe /noscan /CheckAutoStart
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 8.0ReaderReader_sl.exe»
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [egui] «C:Program FilesESETESET Smart Securityegui.exe» /hide /waitservice
O4 — HKLM..Run: [bfixallboopaivvw] C:WindowsSystem32regsvr32.exe /s «C:Windowssystem32mziyvunmbffvea.dll»
O4 — HKLM..RunOnce: [Malwarebytes’ Anti-Malware] C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe /install /silent
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifier1.0.720.3640GoogleToolbarNotifier.exe
O4 — HKCU..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe»
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [Nokia.PCSync] «C:Program FilesNokiaNokia PC Suite 7PCSync2.exe» /NoDialog
O4 — HKCU..Run: [PC Suite Tray] «C:Program FilesNokiaNokia PC Suite 7PCSuite.exe» -onlytray
O4 — HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 — HKCU..Run: [Pro Antispyware 2009] «C:ProgramDataSolt Lake SoftwarePro Antispyware 2009proas2009.exe» /autorun
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [] (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [] (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..RunOnce: [] (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..RunOnce: [] (User ‘Default user’)
O4 — Startup: Вырезка экрана и программа запуска для OneNote 2007.lnk = C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
O4 — Global Startup: BTTray.lnk = ?
O4 — Global Startup: Empowering Technology Launcher.lnk = ?
O8 — Extra context menu item: &Download All by FlashGet — C:Program FilesFlashGet NetworkFlashGet universalComDllsBhoall.htm
O8 — Extra context menu item: &Download by FlashGet — C:Program FilesFlashGet NetworkFlashGet universalComDllsBholink.htm
O8 — Extra context menu item: Отправить изображение на &устройство Bluetooth… — c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
O8 — Extra context menu item: Отправить страницу на &устройство Bluetooth… — c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: @btrez.dll,-4015 — {CCA281CA-C863-46ef-9331-5C8D4460577F} — c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 — Extra ‘Tools’ menuitem: @btrez.dll,-12650 — {CCA281CA-C863-46ef-9331-5C8D4460577F} — c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O13 — Gopher Prefix:
O17 — HKLMSystemCCSServicesTcpip..{19AB224A-473D-498E-B539-517E68D4D6CB}: NameServer = 85.113.62.225 85.113.63.225
O17 — HKLMSystemCS1ServicesTcpip..{19AB224A-473D-498E-B539-517E68D4D6CB}: NameServer = 85.113.62.225 85.113.63.225
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~1MICROS~2Office12GR99D3~1.DLL
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: ALaunch Service (ALaunchService) — Unknown owner — C:AcerALaunchALaunchSvc.exe
O23 — Service: Automatic LiveUpdate Scheduler — Symantec Corporation — C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 — Service: Symantec Lic NetConnect service (CLTNetCnService) — Unknown owner — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file missing)
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: eDSService.exe (eDataSecurity Service) — HiTRSUT — C:AcerEmpowering TechnologyeDataSecurityeDSService.exe
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET Smart SecurityEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — C:Program FilesESETESET Smart Securityekrn.exe
O23 — Service: eLock Service (eLockService) — Acer Inc. — C:AcerEmpowering TechnologyeLockServiceeLockServ.exe
O23 — Service: eNet Service — Acer Inc. — C:AcerEmpowering TechnologyeNeteNet Service.exe
O23 — Service: eRecovery Service (eRecoveryService) — Acer Inc. — C:AcerEmpowering TechnologyeRecoveryeRecoveryService.exe
O23 — Service: eSettings Service (eSettingsService) — Unknown owner — C:AcerEmpowering TechnologyeSettingsServicecapuserv.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 — Service: Label Services (LabelServices) — Euro Plus d.o.o. — C:Program FilesCommon FilesEuroPlus SharedLblServices.exe
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 — Service: LiveUpdate — Symantec Corporation — C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 — Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) — Unknown owner — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file missing)
O23 — Service: LiveUpdate Notice Service — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe
O23 — Service: MobilityService — Unknown owner — C:AcerMobility CenterMobilityService.exe
O23 — Service: Cyberlink RichVideo Service(CRVS) (RichVideo) — Unknown owner — C:Program FilesCyberLinkShared FilesRichVideo.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: ePower Service (WMIService) — acer — C:AcerEmpowering TechnologyePowerePowerSvc.exe
O23 — Service: @%systemroot%system32SearchIndexer.exe,-103 (WSearch) — Корпорация Майкрософт — C:Windowssystem32SearchIndexer.exe
O23 — Service: XAudioService — Conexant Systems, Inc. — C:Windowssystem32DRIVERSxaudio.exe—
End of file — 13553 bytesзапустил HijackThis
отметил галочкой O4 — HKCU..Run: [Pro Antispyware 2009] «C:Documents and SettingsAll UsersApplication DataSolt Lake SoftwarePro Antispyware 2009proas2009.exe» /autorun
нажал Fix checkedзапустил COMBOFIX
получил вот такой лог:ComboFix 08-10-24.02 — йц 2008-10-25 12:51:43.1 — NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1251.1.1049.18.1171 [GMT 4:00]
Running from: C:qwerlogoComboFix.exe
* Created a new restore point
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.C:install.exe
C:Program FilesFlashGet Network
C:Program FilesFlashGet NetworkFlashGet universalbtcore.dll
C:Program FilesFlashGet NetworkFlashGet universalbtwrap.dll
C:Program FilesFlashGet NetworkFlashGet universalBugReport.dll
C:Program FilesFlashGet NetworkFlashGet universalBugReport.exe
C:Program FilesFlashGet NetworkFlashGet universalComDllsBhoall.htm
C:Program FilesFlashGet NetworkFlashGet universalComDllsbhoCATCH.dll
C:Program FilesFlashGet NetworkFlashGet universalComDllsBhocfg.ini
C:Program FilesFlashGet NetworkFlashGet universalComDllsBholink.htm
C:Program FilesFlashGet NetworkFlashGet universalComDllsComDlls.ini
C:Program FilesFlashGet NetworkFlashGet universalComDllsflashget.xpi
C:Program FilesFlashGet NetworkFlashGet universalComDllsFlashgetXpi.dll
C:Program FilesFlashGet NetworkFlashGet universalComDllsIFlashgetXpi.xpt
C:Program FilesFlashGet NetworkFlashGet universaldbghelp.dll
C:Program FilesFlashGet NetworkFlashGet universalDBTrans.dll
C:Program FilesFlashGet NetworkFlashGet universaldbtrans_verbose.log
C:Program FilesFlashGet NetworkFlashGet universalDBTransC.exe
C:Program FilesFlashGet NetworkFlashGet universaled2kwrap.dll
C:Program FilesFlashGet NetworkFlashGet universalexplorerbar.dll
C:Program FilesFlashGet NetworkFlashGet universalfgoption.ini
C:Program FilesFlashGet NetworkFlashGet universalFGVer.dll
C:Program FilesFlashGet NetworkFlashGet universalflashget.exe
C:Program FilesFlashGet NetworkFlashGet universalgt.exe
C:Program FilesFlashGet NetworkFlashGet universalhashgen.dll
C:Program FilesFlashGet NetworkFlashGet universalHelplicense.txt
C:Program FilesFlashGet NetworkFlashGet universalHelpReadme.txt
C:Program FilesFlashGet NetworkFlashGet universalHelpWHATSNEW.TXT
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGAddBatchLinksDlg.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGAddBTTask.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGAdded.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGAddEMTask.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGAddHpFpLink.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGAddLinksDlg.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGAddLinksDlgEx.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGAddLinksModern.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGBrowserPlugins.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGBTOption.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGCategoryView.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGComfirmWhenExitDialog.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGCommonDlg.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGConfirmInvalidLinks.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGContextMenu.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGDefaultDownloadsDialog.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGDeleteFilesDialog.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGDetailStatus.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGEMOption.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGEMServers.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGExplorerPane.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGExtensionRuleDlg.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGFG2SearchTopPlugin.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGFileListCtrl.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGFileRemovedDialog.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGFindTaskDialog.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGFlashgetAbout.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGFlashGetDlg.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGFSUStatusBar.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGGarageLoginDialog.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGGarageView.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGHotResource.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGHpFpOption.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGInfo.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGLogsOutput.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGMACReader.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGMainMenu.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGMainToolbar.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGMonitorOption.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGNormalOption.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGNotifyOption.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGOption.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGP4PPluginMain.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGProxySetting.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGSearchBar.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGSecurity.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGSecurityOption.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGSecurityScan.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGSecurityToolbar.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGShutdown.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGStatusBar.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGTaskDefOption.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGTaskListView.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGTaskNotify.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGUserListCtrl.ini
C:Program FilesFlashGet NetworkFlashGet universalLangsFGXL_ENGXpEnhance.ini
C:Program FilesFlashGet NetworkFlashGet universallibupnp.dll
C:Program FilesFlashGet NetworkFlashGet universalLiveUpdateUI.dll
C:Program FilesFlashGet NetworkFlashGet universalmodulesComHelperComHelper.dll
C:Program FilesFlashGet NetworkFlashGet universalmodulesComHelperInfo.ini
C:Program FilesFlashGet NetworkFlashGet universalmodulesDownstatDownstat.dll
C:Program FilesFlashGet NetworkFlashGet universalmodulesDownstatInfo.ini
C:Program FilesFlashGet NetworkFlashGet universalmodulesP4pclientInfo.ini
C:Program FilesFlashGet NetworkFlashGet universalmodulesP4pclientP4pclient.dll
C:Program FilesFlashGet NetworkFlashGet universalmodulesP4pclientThumbs.db
C:Program FilesFlashGet NetworkFlashGet universalmodulesSearchTopInfo.ini
C:Program FilesFlashGet NetworkFlashGet universalmodulesSearchTopResource.ini
C:Program FilesFlashGet NetworkFlashGet universalmodulesSearchTopResourceiexplorer.bmp
C:Program FilesFlashGet NetworkFlashGet universalmodulesSearchTopResourceresource.bmp
C:Program FilesFlashGet NetworkFlashGet universalmodulesSearchTopResourceresource.xml
C:Program FilesFlashGet NetworkFlashGet universalmodulesSearchTopResourcesearch.bmp
C:Program FilesFlashGet NetworkFlashGet universalmodulesSearchTopResourcesubscribe.bmp
C:Program FilesFlashGet NetworkFlashGet universalmodulesSearchTopResourceThumbs.db
C:Program FilesFlashGet NetworkFlashGet universalmodulesSearchTopSearchTop.dll
C:Program FilesFlashGet NetworkFlashGet universalmodulesSecurityFunctionalRepair.bmp
C:Program FilesFlashGet NetworkFlashGet universalmodulesSecurityInfo.ini
C:Program FilesFlashGet NetworkFlashGet universalmodulesSecurityScanning.bmp
C:Program FilesFlashGet NetworkFlashGet universalmodulesSecuritySecurity.bmp
C:Program FilesFlashGet NetworkFlashGet universalmodulesSecuritySECURITY.dll
C:Program FilesFlashGet NetworkFlashGet universalmodulesSecuritySecurity.xml
C:Program FilesFlashGet NetworkFlashGet universalmodulesSecuritySystemFix.bmp
C:Program FilesFlashGet NetworkFlashGet universalmodulesSnapShotInfo.ini
C:Program FilesFlashGet NetworkFlashGet universalmodulesSnapShotSamplerCli.dll
C:Program FilesFlashGet NetworkFlashGet universalmodulesSnapShotSnapShot.dll
C:Program FilesFlashGet NetworkFlashGet universalmodulestasknotifierInfo.ini
C:Program FilesFlashGet NetworkFlashGet universalmodulestasknotifiertasknotifier.dll
C:Program FilesFlashGet NetworkFlashGet universalP2PCfg.ini
C:Program FilesFlashGet NetworkFlashGet universalP2PCore.dll
C:Program FilesFlashGet NetworkFlashGet universalp2pprot.dll
C:Program FilesFlashGet NetworkFlashGet universalp2snetio.dll
C:Program FilesFlashGet NetworkFlashGet universalp2spmgr.dll
C:Program FilesFlashGet NetworkFlashGet universalp2spmgr.ini
C:Program FilesFlashGet NetworkFlashGet universalp2sprot.dll
C:Program FilesFlashGet NetworkFlashGet universalp2spwrap.dll
C:Program FilesFlashGet NetworkFlashGet universalp4spmgr.ini
C:Program FilesFlashGet NetworkFlashGet universalProfilesconfig.dat
C:Program FilesFlashGet NetworkFlashGet universalProfilestasks.dat
C:Program FilesFlashGet NetworkFlashGet universalSkinsclose_default.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsclose_press.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsclose_select.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsmax_default.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsmax_press.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsmax_select.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsmin_default.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsmin_press.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsmin_select.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsnotify.wav
C:Program FilesFlashGet NetworkFlashGet universalSkinsnotify_board.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsnotify_icon.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueBrowserBarCTBack.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueBrowserBarCTBackward.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueBrowserBarCTBrowserBarCT.xml
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueBrowserBarCTFlashgetResource.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueBrowserBarCTForward.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueBrowserBarCTHome.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueBrowserBarDisableCTBackward.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueBrowserBarDisableCTBrowserBarDisableCT.xml
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueBrowserBarDisableCTForward.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueBrowserBarDisableCTHome.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueBrowserBarDisableCTResource.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueCategoryTreeCTAvailable.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueCategoryTreeCTCategoryTreeCT.xml
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueCategoryTreeCTDownloaded.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueCategoryTreeCTDownloading.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueCategoryTreeCTFavorite.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueCategoryTreeCTFlashget.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueCategoryTreeCTRelease.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueCategoryTreeCTRubbish.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueCategoryTreeCTSearch.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueExpBarExpbar.xml
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueExpBargarage.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueExpBarresource.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueExpBartransfer.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueGlobalOptionCTBT.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueGlobalOptionCTEM.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueGlobalOptionCTGlobalOptionCT.xml
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueGlobalOptionCTHpFp.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueGlobalOptionCTMonitor.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueGlobalOptionCTNormal.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueGlobalOptionCTNotify.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueGlobalOptionCTProxy.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueGlobalOptionCTTaskDef.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueInfo.ini
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTAbout.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTDeleteTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTfolder.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTMainMenuCT.xml
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTMoveDownTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTMoveUpTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTNewTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTopen.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTOption.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTPauseTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTResource.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTStartTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainMenuCTTaskProperties.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarCTAbout.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarCTDeleteTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarCTFolder.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarCTMainToolbarCT.xml
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarCTNewTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarCTOpen.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarCTOption.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarCTPauseTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarCTResource.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarCTStartTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarCTTaskProperties.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarDisableCTAbout.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarDisableCTDeleteTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarDisableCTFolder.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarDisableCTMainToolbarDisableCT.xml
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarDisableCTNewTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarDisableCTOpen.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarDisableCTOption.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarDisableCTPauseTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarDisableCTResource.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarDisableCTStartTask.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMainToolbarDisableCTTaskProperties.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMonitorInfoBkg.Bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueMonitorMonitorBkg.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueOutpuLogCTDown.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueOutpuLogCTError.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueOutpuLogCTNormal.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueOutpuLogCTOutpuLogCT.xml
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueOutpuLogCTUp.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueSobarIconCTAll.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueSobarIconCTBook.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueSobarIconCTBt.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueSobarIconCTGame.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueSobarIconCTMovie.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueSobarIconCTMusic.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueSobarIconCTPhone.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueSobarIconCTPicture.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueSobarIconCTSobarIconCT.xml
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueSobarIconCTSoftware.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueTaskListCTError.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueTaskListCThashing.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueTaskListCTOK.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueTaskListCTPause.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueTaskListCTPin.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueTaskListCTSchedule.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueTaskListCTStart.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueTaskListCTTaskListCT.xml
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueTaskListCTUpload.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsShadowGrayBlueTaskListCTWait.bmp
C:Program FilesFlashGet NetworkFlashGet universalSkinsThumbs.db
C:Program FilesFlashGet NetworkFlashGet universalstorage.dll
C:Program FilesFlashGet NetworkFlashGet universalSysOpt.exe
C:Program FilesFlashGet NetworkFlashGet universaltransaction.log
C:Program FilesFlashGet NetworkFlashGet universaluninst.exe
C:Program FilesFlashGet NetworkFlashGet universalzlib.dll
C:ProgramDataMicrosoftNetworkDownloaderqmgr0.dat
C:ProgramDataMicrosoftNetworkDownloaderqmgr1.dat
C:ProgramDataVistaLib32.dll
C:UsersйцAppDataRoamingBITS
C:UsersйцAppDataRoamingBITSBITS.ini
C:UsersйцAppDataRoamingBITSDHTTable.dat
C:UsersйцAppDataRoamingBITSProxyList.ini
C:Windowssystem32x64
C:Windowssystem32x64csnp2uvc.dll
C:Windowssystem32x64rsnpvc64.dll
C:Windowssystem32x64sncduvc.sys
C:Windowssystem32x64snp2uvc.sys
C:Windowssystem32x64vsnpvc64.dll
BITS: Possible infected sites
hxxp://bar.export.yandex.ru
.
((((((((((((((((((((((((( Files Created from 2008-09-25 to 2008-10-25 )))))))))))))))))))))))))))))))
.No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-22 15:24 10,240 —-a-w C:Windowssystem32driversSTLD.SYS
2008-10-25 08:56 2,883,584 —sha-w C:Usersйцntuser.dat
2008-10-25 08:56 2,883,584 —sha-w C:Usersйцntuser.dat
2008-10-25 08:28
d
w C:UsersйцAppDataRoaminguTorrent
2008-10-24 12:54
d
w C:ProgramDataCyberLink
2008-10-20 19:13
d
w C:Program FilesTrend Micro
2008-10-20 15:27
d
w C:UsersйцAppDataRoamingMalwarebytes
2008-10-20 15:27
d
w C:ProgramDataMalwarebytes
2008-10-20 15:27
d
w C:Program FilesMalwarebytes’ Anti-Malware
2008-10-18 09:28
d
w C:Program FilesAlawar.ru
2008-10-18 09:19 27,554 —-a-w C:UsersйцAppDataRoamingnvModes.dat
2008-10-18 09:15 79,085 —-a-w C:WindowsSystem32gdvylsimzkfdoaeld.exe
2008-10-18 09:14
d
w C:ProgramDataSolt Lake Software
2008-10-18 08:16
d
w C:Program FilesAcer GameZone
2008-10-18 06:47
d
w C:ProgramDataFarmFrenzy2
2008-10-18 06:46
d
w C:Program FilesGamesBar
2008-10-18 06:46
d
w C:Program FilesCommon FilesOberon Media
2008-10-18 06:42
d
w C:ProgramDataeMule
2008-10-18 06:36
d
w C:Program FilesESET
2008-10-18 06:31
d
w C:UsersйцAppDataRoamingESET
2008-10-18 06:30
d
w C:ProgramDataESET
2008-10-16 16:25 38,496 —-a-w C:Windowssystem32driversmbamswissarmy.sys
2008-10-16 16:25 15,504 —-a-w C:Windowssystem32driversmbam.sys
2008-10-14 13:55
d
w C:Program FilesDivXCodec
2008-10-14 13:53
d—h—w C:Program FilesInstallShield Installation Information
2008-10-14 13:53
d
w C:Program FilesАкелла
2008-10-14 07:25
d
w C:UsersйцAppDataRoamingCanon
2008-10-13 10:03
d
w C:Program FilesZebra
2008-10-13 06:58
d
w C:Program FilesCyberLink
2008-10-13 05:59
d-s—w C:UsersйцAppDataRoamingMicrosoft
2008-10-13 04:54
d
w C:Program FilesCanon
2008-10-13 04:33 0 —ha-w C:Windowssystem32driversMsft_Kernel_motmodem_01005.Wdf
2008-10-13 04:33
d
w C:Program FilesCommon FilesMotorola Shared
2008-10-08 17:01
d
w C:UsersйцAppDataRoamingskypePM
2008-10-08 17:01
d
w C:UsersйцAppDataRoamingSkype
2008-10-02 03:49 827,392 —-a-w C:WindowsSystem32wininet.dll
2008-09-29 18:35 56 —ha-w C:UsersAll Usersezsidmv.dat
2008-09-29 18:35 56 —ha-w C:ProgramDataezsidmv.dat
2008-09-29 18:04
d
w C:ProgramDataSkype
2008-09-29 18:04
d
w C:Program FilesSkype
2008-09-29 18:04
d
w C:Program FilesCommon FilesSkype
2008-09-28 10:44
d
w C:UsersйцAppDataRoamingDownload Manager
2008-09-26 14:44
d
w C:Program FilesИгры
2008-09-25 21:05
d
w C:UsersйцAppDataRoamingAdobe
2008-09-25 21:02
d
w C:ProgramDataAdobe Systems
2008-09-25 21:02
d
w C:Program FilesCommon FilesAdobe Systems Shared
2008-09-25 20:58
d
w C:Program FilesCommon FilesAdobe
2008-09-25 19:42
d
w C:Program FilesCardFive
2008-09-25 18:44
d
w C:Program FilesGuitar Pro 5
2008-09-24 14:07
d
w C:Program FilesAIMP2
2008-09-24 14:04
d
w C:UsersйцAppDataRoamingWinamp
2008-09-24 13:36
d
w C:Program FilesWinamp
2008-09-21 08:36
d
w C:ProgramData{29833BD5-6998-47CC-8DDC-50D0C5E3A531}
2008-09-21 08:34
d
w C:Program FilesCommon FilesEuroPlus Shared
2008-09-21 08:33
d
w C:ProgramDataEuroPlus
2008-09-21 08:33
d
w C:Program FilesEuroPlus
2008-09-19 12:21
d
w C:Program FilesCommon FilesSymantec Shared
2008-09-19 12:00
d
w C:ProgramDataSymantec
2008-09-19 12:00
d
w C:Program FilesSymantec
2008-09-18 14:44
d
w C:Program FilesFlashGet
2008-09-18 05:09 3,601,464 —-a-w C:WindowsSystem32ntkrnlpa.exe
2008-09-18 05:09 3,549,240 —-a-w C:WindowsSystem32ntoskrnl.exe
2008-09-18 02:16 2,032,640 —-a-w C:WindowsSystem32win32k.sys
2008-09-13 21:04
d
w C:Program FilesSecondLife
2008-09-13 21:03
d
w C:UsersйцAppDataRoamingSecondLife
2008-09-13 20:34
d
w C:UsersйцAppDataRoamingMozilla
2008-09-13 08:49
d
w C:UsersйцAppDataRoamingNokia
2008-09-13 08:46 0 —ha-w C:Windowssystem32driversMsft_User_PCCSWpdDriver_01_05_00.Wdf
2008-09-13 08:46 0 —ha-w C:Windowssystem32driversMsft_Kernel_ccdcmb_01005.Wdf
2008-09-13 08:46
d
w C:UsersйцAppDataRoamingPC Suite
2008-09-13 08:46
d
w C:ProgramDataPC Suite
2008-09-13 07:16
d
w C:Program FilesNokia
2008-09-13 07:16
d
w C:Program FilesCommon FilesPCSuite
2008-09-13 07:16
d
w C:Program FilesCommon FilesNokia
2008-09-13 07:15
d
w C:Program FilesDIFX
2008-09-13 07:14
d
w C:Program FilesPC Connectivity Solution
2008-09-13 07:00
d
w C:ProgramDataDownloaded Installations
2008-09-09 14:02
d
w C:Program FilesCommon FilesCanon
2008-09-09 12:09
d
w C:UsersйцAppDataRoamingACD Systems
2008-09-09 12:08
d
w C:ProgramDataACD Systems
2008-09-09 12:08
d
w C:Program FilesCommon FilesACD Systems
2008-09-09 12:07
d
w C:Program FilesACD Systems
2008-09-08 21:22
d
w C:Program FilesPhase One
2008-09-07 17:12
d
w C:Program FilesPortable Adobe Photoshop CS3
2008-09-07 13:50
d
w C:ProgramDataMicrosoft Help
2008-09-07 13:44
d
w C:Program FilesMSBuild
2008-09-07 13:44
d
w C:Program FilesMicrosoft Works
2008-09-07 13:43
d
w C:Program FilesMicrosoft.NET
2008-09-07 13:38
d
w C:Program FilesMicrosoft Visual Studio 8
2008-09-04 21:08
d
w C:Program Filescitysvyaz
2008-09-01 15:51 0 —ha-w C:Windowssystem32driversMsft_User_WpdFs_01_00_00.Wdf
2008-08-27 10:05 174 —sha-w C:Program Filesdesktop.ini
2008-08-27 09:55
d
w C:Program FilesWindows Sidebar
2008-08-27 09:55
d
w C:Program FilesWindows Mail
2008-08-27 09:55
d
w C:Program FilesWindows Journal
2008-08-27 09:55
d
w C:Program FilesWindows Collaboration
2008-08-27 09:55
d
w C:Program FilesWindows Calendar
2008-08-27 09:54
d
w C:Program FilesWindows Photo Gallery
2008-08-27 09:54
d
w C:Program FilesWindows Defender
2008-08-27 09:45
d
w C:ProgramDataNVIDIA
.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «C:Program FilesYandexYandexBarIEyndbar.dll» [2008-05-04 1549576][HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «C:Program FilesYandexYandexBarIEyndbar.dll» [2008-05-04 1549576][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«Sidebar»=»C:Program FilesWindows Sidebarsidebar.exe» [2008-01-19 1233920]
«swg»=»C:Program FilesGoogleGoogleToolbarNotifier1.0.720.3640GoogleToolbarNotifier.exe» [2008-06-21 155896]
«Yupdate!»=»C:Program FilesCommon FilesYandexYupdateyupdate.exe» [2008-05-07 459528]
«DAEMON Tools Lite»=»C:Program FilesDAEMON Tools Litedaemon.exe» [2008-04-01 486856]
«ehTray.exe»=»C:WindowsehomeehTray.exe» [2008-01-19 125952]
«Nokia.PCSync»=»C:Program FilesNokiaNokia PC Suite 7PCSync2.exe» [2008-06-17 1249280]
«PC Suite Tray»=»C:Program FilesNokiaNokia PC Suite 7PCSuite.exe» [2008-08-11 1124352]
«WMPNSCFG»=»C:Program FilesWindows Media PlayerWMPNSCFG.exe» [2008-01-19 202240][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«eDataSecurity Loader»=»C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe» [2007-04-25 457216]
«eAudio»=»C:AcerEmpowering TechnologyeAudioeAudio.exe» [2007-08-31 1286144]
«PLFSetL»=»C:WindowsPLFSetL.exe» [2007-07-05 94208]
«LManager»=»C:PROGRA~1LAUNCH~1LManager.exe» [2007-10-17 768520]
«PlayMovie»=»C:Program FilesAcer Arcade DeluxePlay MoviePMVService.exe» [2007-12-05 200704]
«PLFSetI»=»C:WindowsPLFSetI.exe» [2007-10-23 200704]
«Apoint»=»C:Program FilesApoint2KApoint.exe» [2007-07-21 159744]
«Acer Tour Reminder»=»C:AcerAcerTourReminder.exe» [2007-08-01 151552]
«WarReg_PopUp»=»C:AcerWR_PopUpWarReg_PopUp.exe» [2006-11-05 57344]
«Symantec PIF AlertEng»=»C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe» [2008-01-29 583048]
«citysvyaz»=»C:Program Filescitysvyazcitysvyaz.exe» [2007-12-28 1941504]
«NvSvc»=»C:Windowssystem32nvsvc.dll» [2007-10-09 86016]
«NvCplDaemon»=»C:Windowssystem32NvCpl.dll» [2007-10-09 8501792]
«NvMediaCenter»=»C:Windowssystem32NvMcTray.dll» [2007-10-09 81920]
«GrooveMonitor»=»C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe» [2006-10-27 31016]
«Phase One Media Reader»=»C:PROGRA~1PHASEO~1CAPTUR~1DCIMImp.exe» [2008-01-31 229376]
«Adobe Reader Speed Launcher»=»C:Program FilesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«WinampAgent»=»C:Program FilesWinampwinampa.exe» [2008-08-04 36352]
«egui»=»C:Program FilesESETESET Smart Securityegui.exe» [2008-03-13 1443072]
«RtHDVCpl»=»RtHDVCpl.exe» [2007-07-06 C:WindowsRtHDVCpl.exe]
«Skytel»=»Skytel.exe» [2007-06-15 C:WindowsSkyTel.exe]C:Users©жAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
‚л१Є нЄа Ё Їа®Ја ¬¬ § ЇгбЄ ¤«п OneNote 2007.lnk — C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE [2006-10-26 98632]C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
BTTray.lnk — C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe [2007-08-28 739880]
Empowering Technology Launcher.lnk — C:AcerEmpowering TechnologyeAPLauncher.exe [2007-12-26 535336][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«DisableStatusMessages»= 0 (0x0)
«EnableUIADesktopToggle»= 0 (0x0)[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«VIDC.ACDV»= ACDV.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«UacDisableNotify»=dword:00000001
«InternetSettingsDisableNotify»=dword:00000001
«AutoUpdateDisableNotify»=dword:00000001[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoring]
«DisableMonitoring»=dword:00000001[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecAntiVirus]
«DisableMonitoring»=dword:00000001[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecFirewall]
«DisableMonitoring»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicyDomainProfile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicyFirewallRules]
«{A2C16C38-689F-4ACA-A12D-2AE6AD3E5CC5}»= UDP:C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
«{C17E2B9C-0D85-4D64-8699-FD3A9378EF32}»= TCP:C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
«{767EDBDD-446A-4EC2-88B8-5D99273F2814}»= C:Program FilesAcer Arcade DeluxeAcer Arcade DeluxeAcer Arcade Deluxe.exe:Acer Arcade Deluxe
«{C9CB821B-EE0F-4ED9-BEFB-93C2C4F48A5D}»= C:Program FilesAcer Arcade DeluxeVideoMagicianVideoMagician.exe:VideoMagician
«{048CD3DA-0FCD-4DFF-9C1F-E968A0B13069}»= C:Program FilesAcer Arcade DeluxeHomeMediaHomeMedia.exe:HomeMedia
«{EFE506DE-0526-4FBA-AF1D-B8F1A3B71477}»= C:Program FilesAcer Arcade DeluxeDV WizardDV Wizard.exe:DV Wizard
«{AB61C6B0-4459-4802-9724-BA7C12E2A593}»= C:Program FilesAcer Arcade DeluxeDVDivineDVDivine.exe:DVDivine
«{D165C034-FDE4-438A-A52B-F28A7E819166}»= C:Program FilesAcer Arcade DeluxePlay MoviePlayMovie.exe:Play Movie
«{7EFED61A-92F4-42BC-AFEF-F72A88892F08}»= C:Program FilesAcer Arcade DeluxePlay MoviePMVService.exe:Play Movie Resident Program
«{7D030C90-3C46-4EBE-8EDF-AF176D59CF5C}»= UDP:C:Program FilesuTorrentuTorrent.exe:µTorrent (TCP-In)
«{5A13C791-D141-4FA2-B75B-5AEDCE41ECF2}»= TCP:C:Program FilesuTorrentuTorrent.exe:µTorrent (UDP-In)
«{C7A88CD8-F50E-4E3C-BD47-0B5316B3BB76}»= UDP:C:Program FilesEmpire InteractiveFlatOut Ultimate CarnageFouc.exe:FlatOut Ultimate Carnage
«{430A0E8A-58A5-49D9-925E-46EB6F7EE8FC}»= TCP:C:Program FilesEmpire InteractiveFlatOut Ultimate CarnageFouc.exe:FlatOut Ultimate Carnage
«{700A4B1D-F991-4883-A3B4-56284FD02E4C}»= TCP:6004|C:Program FilesMicrosoft OfficeOffice12outlook.exe:Microsoft Office Outlook
«{479CC6DE-B5BD-4728-961E-FEDB47F8D896}»= UDP:C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:Microsoft Office Groove
«{DEB1CBE9-8795-4CD3-8C49-4C75B67AD4EB}»= TCP:C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:Microsoft Office Groove
«{C54F1E86-CDAA-415C-9ABC-8C564A396B31}»= UDP:C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
«{58ACAE2D-5E7D-4B04-90C3-0CCBACA3EA44}»= TCP:C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
«{62E58C39-F7F3-4410-A827-ED220AEDA3D0}»= C:Program FilesSkypePhoneSkype.exe:Skype[HKLM~servicessharedaccessparametersfirewallpolicyPublicProfile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicyStandardProfile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicyStandardProfileAuthorizedApplicationsList]
«C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe»= C:Program FilesFlashGet NetworkFlashGet universalFlashGet.exe:*:Enabled:Flashget2
«C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe»= C:Program FilesFlashGet NetworkFlashGet universalLiveUpdate.exe:*:Enabled:FGLiveUpdate
«C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe»= C:Program FilesFlashGet NetworkFlashGet universalLiveUpdateEx.exe:*:Enabled:FGLiveUpdateExR2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:Program FilesAcer Arcade DeluxePlay Movie000.fcl [2007-12-05 11:48 41456]
R2 ALaunchService;ALaunch Service;C:AcerALaunchALaunchSvc.exe [2007-09-19 51200]
R2 LabelServices;Label Services;C:Program FilesCommon FilesEuroPlus SharedLblServices.exe [2007-03-06 1494112]
R2 n5lpt.sys;N5 Print Device;C:Windowssystem32Driversn5lpt.sys [2003-10-27 21132]
R2 P1C1394;Phase One 1394 Camera Driver;C:Windowssystem32Driversp1c1394.sys [2005-10-27 23168]
R2 Stld;Stld;C:Windowssystem32driversStld.sys [2009-04-22 10240]
R3 enecir;ENE CIR Receiver;C:Windowssystem32DRIVERSenecir.sys [2007-05-16 32256]
S3 btwaudio;Аудиоустройствоi Bluetooth;C:Windowssystem32driversbtwaudio.sys [2007-08-29 81448]
S3 btwavdt;Bluetooth AVDT;C:Windowssystem32driversbtwavdt.sys [2007-08-29 99880]
S3 btwl2cap;Bluetooth L2CAP Service;C:Windowssystem32DRIVERSbtwl2cap.sys [2007-05-17 28464]
S3 btwrchid;btwrchid;C:Windowssystem32DRIVERSbtwrchid.sys [2007-08-29 17448][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
bthsvcs REG_MULTI_SZ BthServ[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{9d0c8224-796f-11dd-a571-001b38d30b68}]
shellAutoRuncommand — G:d6fagcs8.cmd
shellexploreCommand — G:d6fagcs8.cmd
shellopenCommand — G:d6fagcs8.cmd[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a638847f-99ec-11dd-a86e-9e1125bd7fe2}]
shellAutoRuncommand — H:autorun.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{cbd729c7-45df-11dd-ae9c-001b38d30b68}]
shellAutoRuncommand — F:autorun.exe
shellsetupcommand — F:autorun.exe*Newly Created Service* — CATCHME
*Newly Created Service* — PROCEXP90
.
— — — — ORPHANS REMOVED — — — —HKCU-Run-Acer Tour Reminder — (no file)
HKLM-Run-ALaunch — C:AcerALaunchAlaunchClient.exe
HKLM-Run-Acer Tour — (no file)
HKLM-Run-eRecoveryService — (no file)
HKU-Default-RunOnce-— (no file) .
Supplementary Scan
.
FireFox -: Profile — C:UsersйцAppDataRoamingMozillaFirefoxProfilesmkpz1xba.default
FF -: plugin — C:Program FilesOperaprogrampluginsNPOFF12.DLL
.
.
File Associations
.
inifile=%SystemRoot%System32NOTEPAD.EXE %1″
.**************************************************************************
catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-25 12:56:00
Windows 6.0.6001 Service Pack 1 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
Completion time: 2008-10-25 12:57:38
ComboFix-quarantined-files.txt 2008-10-25 08:57:25Pre-Run: Не удается найти текст сообщения с номером 0x2379 в файле сообщений Application.
Post-Run: 44,888,915,968 байт свободно522 — E O F — 2008-10-25 08:29:25
Здравствуйте, добро пожаловать на Spyware-ru форум.
Кроме описанной вами проблемы ваш компьютер заражён autorun.inf вирусом.
Для начала вам необходимо прочитать эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов. Скачайте и запустите Flash_Disinfector, не забудьте при этом по требованию программы вставить ваш флэш диск или подключить другие внешние устройства хранения информации.После окончания работы с Flash_Disinfector откройте блокнот и вставьте в него следующий текст:
Registry::
[HKLM~servicessharedaccessparametersfirewallpolicyStandardProfileAuthorizedApplicationsList]
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"=-
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"=-
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"=-
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{9d0c8224-796f-11dd-a571-001b38d30b68}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a638847f-99ec-11dd-a86e-9e1125bd7fe2}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{cbd729c7-45df-11dd-ae9c-001b38d30b68}]Запишите получившийся файл на ваш рабочий стол под именем CFScript
Далее перетащите получившийся файл на иконку Combofix, как показано на картинке ниже.
Сombofix запуститься и выполнит процедуры описанные в созданном нами файле.
По результатам работы Combofix будет создан новый лог, его и вставьте в свой следующий ответ.спасибо огромное)) (Pro Antispywarw уже исчес.. ) вот лог:
ComboFix 08-10-24.02 — йц 2008-10-25 15:43:40.3 — NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1251.1.1049.18.1027 [GMT 4:00]
Running from: C:UsersйцDesktopComboFix.exe
Command switches used :: C:UsersйцDesktopCFScript.txt
* Created a new restore point
.((((((((((((((((((((((((( Files Created from 2008-09-25 to 2008-10-25 )))))))))))))))))))))))))))))))
.2008-10-20 23:13 . 2008-10-20 23:13
d
C:Program FilesTrend Micro
2008-10-20 19:27 . 2008-10-20 19:27d
C:UsersйцAppDataRoamingMalwarebytes
2008-10-20 19:27 . 2008-10-20 19:27d
C:UsersAll UsersMalwarebytes
2008-10-20 19:27 . 2008-10-20 19:27d
C:ProgramDataMalwarebytes
2008-10-20 19:27 . 2008-10-20 19:27d
C:Program FilesMalwarebytes’ Anti-Malware
2008-10-20 19:27 . 2008-10-16 20:25 38,496 —a
C:WindowsSystem32driversmbamswissarmy.sys
2008-10-20 19:27 . 2008-10-16 20:25 15,504 —a
C:WindowsSystem32driversmbam.sys
2008-10-18 13:28 . 2008-07-27 08:32d
C:UsersAll UsersEgoset
2008-10-18 13:28 . 2008-07-27 08:32d
C:ProgramDataEgoset
2008-10-18 13:28 . 2008-10-18 13:28d
C:Program FilesAlawar.ru
2008-10-18 13:15 . 2008-10-18 13:15 79,085 —a
C:WindowsSystem32gdvylsimzkfdoaeld.exe
2008-10-18 13:14 . 2008-10-18 13:14d
C:UsersAll UsersSolt Lake Software
2008-10-18 13:14 . 2008-10-18 13:14d
C:ProgramDataSolt Lake Software
2008-10-18 10:47 . 2008-10-18 10:47d
C:UsersAll UsersFarmFrenzy2
2008-10-18 10:47 . 2008-10-18 10:47d
C:ProgramDataFarmFrenzy2
2008-10-18 10:46 . 2008-10-18 10:46d
C:Program FilesGamesBar
2008-10-18 10:31 . 2008-10-18 10:31d
C:UsersйцAppDataRoamingESET
2008-10-15 09:05 . 2008-09-18 06:16 2,032,640 —a
C:WindowsSystem32win32k.sys
2008-10-15 09:05 . 2008-10-02 05:32 1,383,424 —a
C:WindowsSystem32mshtml.tlb
2008-10-15 09:05 . 2008-10-02 07:49 827,392 —a
C:WindowsSystem32wininet.dll
2008-10-15 09:01 . 2008-09-18 09:09 3,601,464 —a
C:WindowsSystem32ntkrnlpa.exe
2008-10-15 09:01 . 2008-09-18 09:09 3,549,240 —a
C:WindowsSystem32ntoskrnl.exe
2008-10-15 08:50 . 2008-08-27 05:06 288,768 —a
C:WindowsSystem32driverssrv.sys
2008-10-14 17:55 . 2008-10-14 17:55d
C:Program FilesDivXCodec
2008-10-14 17:53 . 2008-10-14 17:53d
C:Program FilesАкелла
2008-10-13 14:03 . 2008-10-13 14:03d
C:Windowspfziusb
2008-10-13 14:03 . 2008-10-13 14:03d
C:Program FilesZebra
2008-10-13 14:02 . 2008-10-13 14:02dr
C:WindowsSystem32configsystemprofileVideos
2008-10-13 14:02 . 2008-10-13 14:02dr
C:WindowsSystem32configsystemprofileSearches
2008-10-13 14:02 . 2008-10-13 14:02dr
C:WindowsSystem32configsystemprofileSaved Games
2008-10-13 14:02 . 2008-10-13 14:02dr
C:WindowsSystem32configsystemprofilePictures
2008-10-13 14:02 . 2008-10-13 14:02dr
C:WindowsSystem32configsystemprofileMusic
2008-10-13 14:02 . 2008-10-13 14:02dr
C:WindowsSystem32configsystemprofileLinks
2008-10-13 14:02 . 2008-10-13 14:02dr
C:WindowsSystem32configsystemprofileDownloads
2008-10-13 14:02 . 2008-10-13 14:02dr
C:WindowsSystem32configsystemprofileDocuments
2008-10-13 08:52 . 2008-10-13 08:52d—h
C:WindowsSystem32CanonMF Uninstaller Information
2008-10-13 08:52 . 2005-12-05 15:49 196,608 —a
C:WindowsSystem32CNCC3200.DLL
2008-10-13 08:52 . 2005-12-05 15:49 131,072 —a
C:WindowsSystem32CNCLSD21.DLL
2008-10-13 08:52 . 2005-12-05 15:49 110,592 —a
C:WindowsSystem32CNCLST21.DLL
2008-10-13 08:52 . 2005-12-05 15:49 110,592 —a
C:WindowsSystem32CNCLSI21.DLL
2008-10-13 08:52 . 2005-12-05 15:49 98,304 —a
C:WindowsSystem32CNCLSU21.DLL
2008-10-13 08:52 . 2005-12-05 15:49 77,824 —a
C:WindowsSystem32CNCLSC21.DLL
2008-10-13 08:52 . 2005-12-05 15:49 69,632 —a
C:WindowsSystem32CNCL3200.DLL
2008-10-13 08:52 . 2005-12-05 15:49 69,632 —a
C:WindowsSystem32CNCI3200.DLL
2008-10-13 08:52 . 2005-12-05 15:50 49,152 —a
C:WindowsSystem32cncilsc.dll
2008-10-13 08:52 . 2005-08-11 15:37 332 —a
C:WindowsSystem32CNCMFP21.INI
2008-10-13 08:51 . 2008-10-13 08:51d—h
C:CanonMF
2008-10-13 08:51 . 2005-07-22 09:34 53,248 —a
C:WindowsSystem32CnAS0MMK.DLL
2008-10-13 08:33 . 2008-10-13 08:33d
C:Program FilesCommon FilesMotorola Shared
2008-10-13 08:33 . 2008-10-13 08:33 0 —ah
C:WindowsSystem32driversMsft_Kernel_motmodem_01005.Wdf
2008-10-12 18:16 . 2008-10-12 18:53d
C:secondlife
2008-10-12 15:03 . 2008-10-23 14:13d
C:qwer
2008-09-29 22:35 . 2008-10-08 21:01d
C:UsersйцAppDataRoamingskypePM
2008-09-29 22:35 . 2008-09-29 22:35 56 —ah
C:UsersAll Usersezsidmv.dat
2008-09-29 22:35 . 2008-09-29 22:35 56 —ah
C:ProgramDataezsidmv.dat
2008-09-29 22:11 . 2008-10-08 21:01d
C:UsersйцAppDataRoamingSkype
2008-09-29 22:04 . 2008-09-29 22:04d
C:UsersAll UsersSkype
2008-09-29 22:04 . 2008-09-29 22:04d
C:ProgramDataSkype
2008-09-29 22:04 . 2008-09-29 22:04d
C:Program FilesSkype
2008-09-29 22:04 . 2008-09-29 22:04d
C:Program FilesCommon FilesSkype
2008-09-28 14:45 . 2008-09-28 14:45d
C:dvdXsoftoutput
2008-09-28 14:44 . 2008-09-28 14:44d
C:UsersйцAppDataRoamingDownload Manager
2008-09-26 18:40 . 2008-09-26 18:44d
C:Program FilesИгры
2008-09-26 01:44 . 2008-09-26 01:50 13,030 —a
C:PDOXUSRS.NET
2008-09-26 01:02 . 2008-09-26 01:02d
C:UsersAll UsersAdobe Systems
2008-09-26 01:02 . 2008-09-26 01:02d
C:ProgramDataAdobe Systems
2008-09-26 01:02 . 2008-09-26 01:02d
C:Program FilesCommon FilesAdobe Systems Shared
2008-09-25 23:41 . 2008-09-25 23:42d
C:Program FilesCardFive
2008-09-25 23:41 . 2001-06-04 02:32 208,896 —a
C:WindowsSystem32sccpanel.cpl
2008-09-25 23:41 . 2002-04-15 11:42 110,592 —a
C:WindowsSystem32scos3api.dll
2008-09-25 23:41 . 2003-10-27 15:22 21,132 —a
C:WindowsSystem32driversn5lpt.sys
2008-09-25 23:41 . 2009-04-22 19:24 10,240 —a
C:WindowsSystem32driversSTLD.SYS
2008-09-25 23:41 . 2003-10-23 17:02 8,284 —a
C:WindowsSystem32N5LPT.vxd
2008-09-25 23:38 . 2002-05-13 19:31 17,332 —a
C:WindowsSystem32driverskey5usb.sys.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-25 11:47 2,883,584 —sha-w C:Usersйцntuser.dat
2008-10-25 11:47 2,883,584 —sha-w C:Usersйцntuser.dat
2008-10-25 10:19
d
w C:UsersйцAppDataRoaminguTorrent
2008-10-24 12:54
d
w C:ProgramDataCyberLink
2008-10-20 15:27
d
w C:UsersйцAppDataRoamingMalwarebytes
2008-10-18 09:19 27,554 —-a-w C:UsersйцAppDataRoamingnvModes.dat
2008-10-18 08:16
d
w C:Program FilesAcer GameZone
2008-10-18 06:46
d
w C:Program FilesCommon FilesOberon Media
2008-10-18 06:42
d
w C:ProgramDataeMule
2008-10-18 06:36
d
w C:Program FilesESET
2008-10-18 06:31
d
w C:UsersйцAppDataRoamingESET
2008-10-18 06:30
d
w C:ProgramDataESET
2008-10-14 13:53
d—h—w C:Program FilesInstallShield Installation Information
2008-10-14 13:53
d
w C:Program FilesАкелла
2008-10-14 07:25
d
w C:UsersйцAppDataRoamingCanon
2008-10-13 06:58
d
w C:Program FilesCyberLink
2008-10-13 05:59
d-s—w C:UsersйцAppDataRoamingMicrosoft
2008-10-13 04:54
d
w C:Program FilesCanon
2008-10-08 17:01
d
w C:UsersйцAppDataRoamingskypePM
2008-10-08 17:01
d
w C:UsersйцAppDataRoamingSkype
2008-09-28 10:44
d
w C:UsersйцAppDataRoamingDownload Manager
2008-09-26 14:44
d
w C:Program FilesИгры
2008-09-25 21:05
d
w C:UsersйцAppDataRoamingAdobe
2008-09-25 20:58
d
w C:Program FilesCommon FilesAdobe
2008-09-25 18:44
d
w C:Program FilesGuitar Pro 5
2008-09-24 14:07
d
w C:Program FilesAIMP2
2008-09-24 14:04
d
w C:UsersйцAppDataRoamingWinamp
2008-09-24 13:36
d
w C:Program FilesWinamp
2008-09-21 08:36
d
w C:ProgramData{29833BD5-6998-47CC-8DDC-50D0C5E3A531}
2008-09-21 08:34
d
w C:Program FilesCommon FilesEuroPlus Shared
2008-09-21 08:33
d
w C:ProgramDataEuroPlus
2008-09-21 08:33
d
w C:Program FilesEuroPlus
2008-09-19 12:21
d
w C:Program FilesCommon FilesSymantec Shared
2008-09-19 12:00
d
w C:ProgramDataSymantec
2008-09-19 12:00
d
w C:Program FilesSymantec
2008-09-18 14:44
d
w C:Program FilesFlashGet
2008-09-13 21:04
d
w C:Program FilesSecondLife
2008-09-13 21:03
d
w C:UsersйцAppDataRoamingSecondLife
2008-09-13 20:34
d
w C:UsersйцAppDataRoamingMozilla
2008-09-13 08:49
d
w C:UsersйцAppDataRoamingNokia
2008-09-13 08:46 0 —ha-w C:Windowssystem32driversMsft_User_PCCSWpdDriver_01_05_00.Wdf
2008-09-13 08:46 0 —ha-w C:Windowssystem32driversMsft_Kernel_ccdcmb_01005.Wdf
2008-09-13 08:46
d
w C:UsersйцAppDataRoamingPC Suite
2008-09-13 08:46
d
w C:ProgramDataPC Suite
2008-09-13 07:16
d
w C:Program FilesNokia
2008-09-13 07:16
d
w C:Program FilesCommon FilesPCSuite
2008-09-13 07:16
d
w C:Program FilesCommon FilesNokia
2008-09-13 07:15
d
w C:Program FilesDIFX
2008-09-13 07:14
d
w C:Program FilesPC Connectivity Solution
2008-09-13 07:00
d
w C:ProgramDataDownloaded Installations
2008-09-09 14:02
d
w C:Program FilesCommon FilesCanon
2008-09-09 12:09
d
w C:UsersйцAppDataRoamingACD Systems
2008-09-09 12:08
d
w C:ProgramDataACD Systems
2008-09-09 12:08
d
w C:Program FilesCommon FilesACD Systems
2008-09-09 12:07
d
w C:Program FilesACD Systems
2008-09-08 21:22
d
w C:Program FilesPhase One
2008-09-07 17:12
d
w C:Program FilesPortable Adobe Photoshop CS3
2008-09-07 13:50
d
w C:ProgramDataMicrosoft Help
2008-09-07 13:44
d
w C:Program FilesMSBuild
2008-09-07 13:44
d
w C:Program FilesMicrosoft Works
2008-09-07 13:43
d
w C:Program FilesMicrosoft.NET
2008-09-07 13:38
d
w C:Program FilesMicrosoft Visual Studio 8
2008-09-04 21:08
d
w C:Program Filescitysvyaz
2008-09-01 15:51 0 —ha-w C:Windowssystem32driversMsft_User_WpdFs_01_00_00.Wdf
2008-08-27 10:05 174 —sha-w C:Program Filesdesktop.ini
2008-08-27 09:55
d
w C:Program FilesWindows Sidebar
2008-08-27 09:55
d
w C:Program FilesWindows Mail
2008-08-27 09:55
d
w C:Program FilesWindows Journal
2008-08-27 09:55
d
w C:Program FilesWindows Collaboration
2008-08-27 09:55
d
w C:Program FilesWindows Calendar
2008-08-27 09:54
d
w C:Program FilesWindows Photo Gallery
2008-08-27 09:54
d
w C:Program FilesWindows Defender
2008-08-27 09:45
d
w C:ProgramDataNVIDIA
2008-08-27 06:58 82,432 —-a-w C:WindowsSystem32axaltocm.dll
2008-08-27 06:58 101,888 —-a-w C:WindowsSystem32ifxcardm.dll
2008-08-02 03:26 36,864 —-a-w C:WindowsSystem32cdd.dll
.((((((((((((((((((((((((((((( snapshot@2008-10-25_12.56.56,66 )))))))))))))))))))))))))))))))))))))))))
.
— 2008-10-25 08:31:12 2,048 —sha-w C:WindowsServiceProfilesLocalServiceAppDataLocallastalive0.dat
+ 2008-10-25 11:37:59 2,048 —sha-w C:WindowsServiceProfilesLocalServiceAppDataLocallastalive0.dat
— 2008-10-25 08:31:12 2,048 —sha-w C:WindowsServiceProfilesLocalServiceAppDataLocallastalive1.dat
+ 2008-10-25 11:37:59 2,048 —sha-w C:WindowsServiceProfilesLocalServiceAppDataLocallastalive1.dat
— 2008-10-25 08:32:01 262,144 —sha-w C:WindowsServiceProfilesLocalServicentuser.dat
+ 2008-10-25 11:39:48 262,144 —sha-w C:WindowsServiceProfilesLocalServicentuser.dat
— 2008-10-25 08:55:54 262,144 —sha-w C:WindowsServiceProfilesNetworkServicentuser.dat
+ 2008-10-25 11:46:58 262,144 —sha-w C:WindowsServiceProfilesNetworkServicentuser.dat
+ 2008-10-25 11:46:58 262,144 —ha-w C:WindowsServiceProfilesNetworkServicentuser.dat.LOG1
— 2008-10-25 08:31:15 16,384 —sha-w C:WindowsSystem32configsystemprofileAppDataLocalMicrosoftWindowsHistoryHistory.IE5index.dat
+ 2008-10-25 10:51:51 16,384 —sha-w C:WindowsSystem32configsystemprofileAppDataLocalMicrosoftWindowsHistoryHistory.IE5index.dat
— 2008-10-25 08:31:15 49,152 —sha-w C:WindowsSystem32configsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5index.dat
+ 2008-10-25 10:51:51 49,152 —sha-w C:WindowsSystem32configsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5index.dat
— 2008-10-25 08:31:15 16,384 —sha-w C:WindowsSystem32configsystemprofileAppDataRoamingMicrosoftWindowsCookiesindex.dat
+ 2008-10-25 10:51:51 16,384 —sha-w C:WindowsSystem32configsystemprofileAppDataRoamingMicrosoftWindowsCookiesindex.dat
— 2008-10-25 08:37:46 101,250 —-a-w C:WindowsSystem32perfc009.dat
+ 2008-10-25 11:45:17 101,250 —-a-w C:WindowsSystem32perfc009.dat
— 2008-10-25 08:37:46 125,800 —-a-w C:WindowsSystem32perfc019.dat
+ 2008-10-25 11:45:17 125,800 —-a-w C:WindowsSystem32perfc019.dat
— 2008-10-25 08:37:46 587,178 —-a-w C:WindowsSystem32perfh009.dat
+ 2008-10-25 11:45:17 587,178 —-a-w C:WindowsSystem32perfh009.dat
— 2008-10-25 08:37:46 653,312 —-a-w C:WindowsSystem32perfh019.dat
+ 2008-10-25 11:45:17 653,312 —-a-w C:WindowsSystem32perfh019.dat
— 2008-10-25 08:33:08 10,108 —-a-w C:WindowsSystem32WDI{86432a0b-3c7d-4ddf-a89c-172faa90485d}S-1-5-21-240411459-683746978-4204776879-1000_UserData.bin
+ 2008-10-25 11:40:37 10,124 —-a-w C:WindowsSystem32WDI{86432a0b-3c7d-4ddf-a89c-172faa90485d}S-1-5-21-240411459-683746978-4204776879-1000_UserData.bin
— 2008-10-25 08:33:08 101,614 —-a-w C:WindowsSystem32WDIBootPerformanceDiagnostics_SystemData.bin
+ 2008-10-25 11:40:37 101,912 —-a-w C:WindowsSystem32WDIBootPerformanceDiagnostics_SystemData.bin
— 2008-10-25 08:33:06 61,102 —-a-w C:WindowsSystem32WDIShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-10-25 11:40:35 61,224 —-a-w C:WindowsSystem32WDIShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «C:Program FilesYandexYandexBarIEyndbar.dll» [2008-05-04 1549576][HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «C:Program FilesYandexYandexBarIEyndbar.dll» [2008-05-04 1549576][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«Sidebar»=»C:Program FilesWindows Sidebarsidebar.exe» [2008-01-19 1233920]
«swg»=»C:Program FilesGoogleGoogleToolbarNotifier1.0.720.3640GoogleToolbarNotifier.exe» [2008-06-21 155896]
«Yupdate!»=»C:Program FilesCommon FilesYandexYupdateyupdate.exe» [2008-05-07 459528]
«DAEMON Tools Lite»=»C:Program FilesDAEMON Tools Litedaemon.exe» [2008-04-01 486856]
«ehTray.exe»=»C:WindowsehomeehTray.exe» [2008-01-19 125952]
«Nokia.PCSync»=»C:Program FilesNokiaNokia PC Suite 7PCSync2.exe» [2008-06-17 1249280]
«PC Suite Tray»=»C:Program FilesNokiaNokia PC Suite 7PCSuite.exe» [2008-08-11 1124352]
«WMPNSCFG»=»C:Program FilesWindows Media PlayerWMPNSCFG.exe» [2008-01-19 202240]
«Acer Tour Reminder»=»» [BU][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«eDataSecurity Loader»=»C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe» [2007-04-25 457216]
«eAudio»=»C:AcerEmpowering TechnologyeAudioeAudio.exe» [2007-08-31 1286144]
«PLFSetL»=»C:WindowsPLFSetL.exe» [2007-07-05 94208]
«LManager»=»C:PROGRA~1LAUNCH~1LManager.exe» [2007-10-17 768520]
«PlayMovie»=»C:Program FilesAcer Arcade DeluxePlay MoviePMVService.exe» [2007-12-05 200704]
«PLFSetI»=»C:WindowsPLFSetI.exe» [2007-10-23 200704]
«Apoint»=»C:Program FilesApoint2KApoint.exe» [2007-07-21 159744]
«Acer Tour Reminder»=»C:AcerAcerTourReminder.exe» [2007-08-01 151552]
«WarReg_PopUp»=»C:AcerWR_PopUpWarReg_PopUp.exe» [2006-11-05 57344]
«Symantec PIF AlertEng»=»C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe» [2008-01-29 583048]
«citysvyaz»=»C:Program Filescitysvyazcitysvyaz.exe» [2007-12-28 1941504]
«NvSvc»=»C:Windowssystem32nvsvc.dll» [2007-10-09 86016]
«NvCplDaemon»=»C:Windowssystem32NvCpl.dll» [2007-10-09 8501792]
«NvMediaCenter»=»C:Windowssystem32NvMcTray.dll» [2007-10-09 81920]
«GrooveMonitor»=»C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe» [2006-10-27 31016]
«Phase One Media Reader»=»C:PROGRA~1PHASEO~1CAPTUR~1DCIMImp.exe» [2008-01-31 229376]
«Adobe Reader Speed Launcher»=»C:Program FilesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«WinampAgent»=»C:Program FilesWinampwinampa.exe» [2008-08-04 36352]
«egui»=»C:Program FilesESETESET Smart Securityegui.exe» [2008-03-13 1443072]
«RtHDVCpl»=»RtHDVCpl.exe» [2007-07-06 C:WindowsRtHDVCpl.exe]
«Skytel»=»Skytel.exe» [2007-06-15 C:WindowsSkyTel.exe]C:Users©жAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
‚л१Є нЄа Ё Їа®Ја ¬¬ § ЇгбЄ ¤«п OneNote 2007.lnk — C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE [2006-10-26 98632]C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
BTTray.lnk — C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe [2007-08-28 739880]
Empowering Technology Launcher.lnk — C:AcerEmpowering TechnologyeAPLauncher.exe [2007-12-26 535336][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«DisableStatusMessages»= 0 (0x0)
«EnableUIADesktopToggle»= 0 (0x0)[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«VIDC.ACDV»= ACDV.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«UacDisableNotify»=dword:00000001
«InternetSettingsDisableNotify»=dword:00000001
«AutoUpdateDisableNotify»=dword:00000001[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoring]
«DisableMonitoring»=dword:00000001[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecAntiVirus]
«DisableMonitoring»=dword:00000001[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecFirewall]
«DisableMonitoring»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicyDomainProfile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicyFirewallRules]
«{A2C16C38-689F-4ACA-A12D-2AE6AD3E5CC5}»= UDP:C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
«{C17E2B9C-0D85-4D64-8699-FD3A9378EF32}»= TCP:C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
«{767EDBDD-446A-4EC2-88B8-5D99273F2814}»= C:Program FilesAcer Arcade DeluxeAcer Arcade DeluxeAcer Arcade Deluxe.exe:Acer Arcade Deluxe
«{C9CB821B-EE0F-4ED9-BEFB-93C2C4F48A5D}»= C:Program FilesAcer Arcade DeluxeVideoMagicianVideoMagician.exe:VideoMagician
«{048CD3DA-0FCD-4DFF-9C1F-E968A0B13069}»= C:Program FilesAcer Arcade DeluxeHomeMediaHomeMedia.exe:HomeMedia
«{EFE506DE-0526-4FBA-AF1D-B8F1A3B71477}»= C:Program FilesAcer Arcade DeluxeDV WizardDV Wizard.exe:DV Wizard
«{AB61C6B0-4459-4802-9724-BA7C12E2A593}»= C:Program FilesAcer Arcade DeluxeDVDivineDVDivine.exe:DVDivine
«{D165C034-FDE4-438A-A52B-F28A7E819166}»= C:Program FilesAcer Arcade DeluxePlay MoviePlayMovie.exe:Play Movie
«{7EFED61A-92F4-42BC-AFEF-F72A88892F08}»= C:Program FilesAcer Arcade DeluxePlay MoviePMVService.exe:Play Movie Resident Program
«{7D030C90-3C46-4EBE-8EDF-AF176D59CF5C}»= UDP:C:Program FilesuTorrentuTorrent.exe:µTorrent (TCP-In)
«{5A13C791-D141-4FA2-B75B-5AEDCE41ECF2}»= TCP:C:Program FilesuTorrentuTorrent.exe:µTorrent (UDP-In)
«{C7A88CD8-F50E-4E3C-BD47-0B5316B3BB76}»= UDP:C:Program FilesEmpire InteractiveFlatOut Ultimate CarnageFouc.exe:FlatOut Ultimate Carnage
«{430A0E8A-58A5-49D9-925E-46EB6F7EE8FC}»= TCP:C:Program FilesEmpire InteractiveFlatOut Ultimate CarnageFouc.exe:FlatOut Ultimate Carnage
«{700A4B1D-F991-4883-A3B4-56284FD02E4C}»= TCP:6004|C:Program FilesMicrosoft OfficeOffice12outlook.exe:Microsoft Office Outlook
«{479CC6DE-B5BD-4728-961E-FEDB47F8D896}»= UDP:C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:Microsoft Office Groove
«{DEB1CBE9-8795-4CD3-8C49-4C75B67AD4EB}»= TCP:C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:Microsoft Office Groove
«{C54F1E86-CDAA-415C-9ABC-8C564A396B31}»= UDP:C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
«{58ACAE2D-5E7D-4B04-90C3-0CCBACA3EA44}»= TCP:C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
«{62E58C39-F7F3-4410-A827-ED220AEDA3D0}»= C:Program FilesSkypePhoneSkype.exe:Skype[HKLM~servicessharedaccessparametersfirewallpolicyPublicProfile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicyStandardProfile]
«EnableFirewall»= 0 (0x0)R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:Program FilesAcer Arcade DeluxePlay Movie000.fcl [2007-12-05 11:48 41456]
R2 ALaunchService;ALaunch Service;C:AcerALaunchALaunchSvc.exe [2007-09-19 51200]
R2 LabelServices;Label Services;C:Program FilesCommon FilesEuroPlus SharedLblServices.exe [2007-03-06 1494112]
R2 n5lpt.sys;N5 Print Device;C:Windowssystem32Driversn5lpt.sys [2003-10-27 21132]
R2 P1C1394;Phase One 1394 Camera Driver;C:Windowssystem32Driversp1c1394.sys [2005-10-27 23168]
R2 Stld;Stld;C:Windowssystem32driversStld.sys [2009-04-22 10240]
R3 enecir;ENE CIR Receiver;C:Windowssystem32DRIVERSenecir.sys [2007-05-16 32256]
S3 btwaudio;Аудиоустройствоi Bluetooth;C:Windowssystem32driversbtwaudio.sys [2007-08-29 81448]
S3 btwavdt;Bluetooth AVDT;C:Windowssystem32driversbtwavdt.sys [2007-08-29 99880]
S3 btwl2cap;Bluetooth L2CAP Service;C:Windowssystem32DRIVERSbtwl2cap.sys [2007-05-17 28464]
S3 btwrchid;btwrchid;C:Windowssystem32DRIVERSbtwrchid.sys [2007-08-29 17448][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
bthsvcs REG_MULTI_SZ BthServ
.
— — — — ORPHANS REMOVED — — — —HKU-Default-RunOnce-
— (no file) **************************************************************************
catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-25 15:47:22
Windows 6.0.6001 Service Pack 1 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
Completion time: 2008-10-25 15:49:22
ComboFix-quarantined-files.txt 2008-10-25 11:48:55
ComboFix2.txt 2008-10-25 08:57:39Pre-Run: 44,172,275,712 байт свободно
Post-Run: 44,141,244,416 байт свободно319 — E O F — 2008-10-25 08:29:25
Теперь Combofix лог чистый.
Можете удалить Combofix. Сделайте это согласно инструкции Как правильно удалить combofix с компьютера.
Кроме этого не забудьте включить ваш антивирус.Всего доброго!
- Для ответа в этой теме необходимо авторизоваться.
