- This topic has 4 ответа, 2 участника, and was last updated 15 years, 3 months назад by
.
-
Сообщения
-
- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Начну с того что очень благоданрен вашему сайту!!! Теперь описываю проблему: Хапнул порнобаннер требующий отправки смс на номер 3381, Ни одна прога по подборке кодов не подошла, ни Касперский ни Доктор веб!! Баннер появлялся при выходе в интернет браузер, в интернет пускал, но сразу выкидывал при попытке зайти на какой либо форум подобный вашему, либо скачать какую нибудь антивирусную программу, программа dr.Web Cureit также не помогла, после чего нашел программу combofix на вашем сайте (скачивал на другом компе) Запустил combofix!! Ни каких результатов!! (К сожалению воспользовался этой программой до того как зашел на форум). Затем скачал программу RSIT(также с другого компа) перенес на свой, попытался запустить, но без результатов, появлялось сообщение( Невозможно открыть данную программу из за политики ограничения применения програмного обеспечения) Взял и запустил еще раз combofix после чего баннер исчез, в интернет пускает, на ваш сайт тоже, но антивирус блокируется все равно, выдает тоже самое сообщение ( Невозможно открыть данную программу из за политики ограничения применения програмного обеспечения)затем запустил еще раз РСИТ, он выдал результат. Лог файл комбофикса и РСИТа сохранил, могу выложить если понадобятся. Что делать дальше?? ПОМОГИТЕ! Заранее благодарен!
- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Это лог RSIT:
Logfile of random’s system information tool 1.07 (written by random/random)
Run by Сенатор at 2010-06-01 22:54:47
Microsoft Windows XP Professional Service Pack 2
System drive E: has 24 GB (35%) free of 68 GB
Total RAM: 511 MB (55% free)Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:13:58, on 01.06.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
E:WINDOWSSystem32smss.exe
E:WINDOWSsystem32winlogon.exe
E:WINDOWSsystem32services.exe
E:WINDOWSsystem32lsass.exe
E:WINDOWSsystem32svchost.exe
E:WINDOWSSystem32svchost.exe
E:WINDOWSsystem32svchost.exe
E:WINDOWSsystem32spoolsv.exe
E:WINDOWSExplorer.EXE
E:WINDOWSsystem32nvsvc32.exe
E:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe
C:Program FilesASUSProbeAsusProb.exe
E:Program FilesJavajre1.5.0_09binjusched.exe
E:Program FilesCyberLinkPowerDVDPDVDServ.exe
E:WINDOWSsystem32RUNDLL32.EXE
E:Program FilesWinampwinampa.exe
E:Program FilesAnalog DevicesSoundMAXSMAgent.exe
E:WINDOWSsystem32svchost.exe
E:WINDOWSsystem32UTSCSI.EXE
E:WINDOWSsystem32wscntfy.exe
E:Documents and SettingsСенаторРабочий столRSIT.exe
E:Program Filestrend microСенатор.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40488
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — — (no file)
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — E:Program FilesJavajre1.5.0_09binssv.dll
O4 — HKLM..Run: [SoundMAXPnP] E:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe
O4 — HKLM..Run: [ASUS Probe] C:Program FilesASUSProbeAsusProb.exe
O4 — HKLM..Run: [SunJavaUpdateSched] «E:Program FilesJavajre1.5.0_09binjusched.exe»
O4 — HKLM..Run: [RemoteControl] «E:Program FilesCyberLinkPowerDVDPDVDServ.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE E:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE E:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [NeroFilterCheck] E:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [WinampAgent] E:Program FilesWinampwinampa.exe
O4 — HKLM..Run: [Nokia FastStart] «C:Program FilesNokiaNokia MusicNokiaMusic.exe» /command:faststart
O4 — HKCU..Run: [Sony Ericsson PC Suite] «E:Documents and SettingsСенаторМои документыse pcSony Ericsson PC SuiteSEPCSuite.exe» /systray /nologon
O4 — HKCU..Run: [NBJ] «E:Program FilesAheadNero BackItUpNBJ.exe»
O4 — HKCU..Run: [NokiaOviSuite2] E:Program FilesNokiaNokia Ovi SuiteNokiaOviSuite.exe -tray
O4 — HKCU..Run: [PC Suite Tray] «E:Program FilesNokiaNokia PC Suite 7PCSuite.exe» -onlytray
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] E:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] E:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O7 — HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem, DisableRegedit=1
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://E:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — E:Program FilesJavajre1.5.0_09binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — E:Program FilesJavajre1.5.0_09binssv.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — E:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — E:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — E:Program FilesMessengermsmsgs.exe
O10 — Unknown file in Winsock LSP: e:windowssystem32nwprovau.dll
O20 — AppInit_DLLs: E:WINDOWSHelpnvcpde.hlp:GhtTEv1dmSIY
O22 — SharedTaskScheduler: Предзагрузчик Browseui — {438755C2-A8BA-11D1-B96B-00A0C90312E1} — E:WINDOWSsystem32browseui.dll
O22 — SharedTaskScheduler: Демон кэша категорий компонентов — {8C7461EF-2B13-11d2-BE35-3078302C2030} — E:WINDOWSsystem32browseui.dll
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — E:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — E:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — E:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — E:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — E:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — E:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — E:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — E:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NVIDIA Display Driver Service (Omega 1.6693) (Q) (NVSvc) — NVIDIA Corporation — E:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — E:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — E:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — E:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia — E:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) — Analog Devices, Inc. — E:Program FilesAnalog DevicesSoundMAXSMAgent.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — E:WINDOWSsystem32smlogsvc.exe
O23 — Service: Telnet (TlntSvr) — Корпорация Майкрософт — E:WINDOWSsystem32tlntsvr.exe
O23 — Service: CLCV0 (UTSCSI) — Unknown owner — E:WINDOWSsystem32UTSCSI.EXE
O23 — Service: Virtual Memory Dispatcher — Unknown owner — F:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013winhelp.exe (file missing)
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — E:WINDOWSSystem32vssvc.exe
O23 — Service: Windows_system32 — Unknown owner — E:WINDOWSsystem32systam32.exe (file missing)
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — E:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 6940 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — E:Program FilesJavajre1.5.0_09binssv.dll [2006-09-07 434279][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMAXPnP»=E:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe [2003-05-29 790528]
«ASUS Probe»=C:Program FilesASUSProbeAsusProb.exe [2002-12-06 617984]
«SunJavaUpdateSched»=E:Program FilesJavajre1.5.0_09binjusched.exe [2006-09-07 49263]
«RemoteControl»=E:Program FilesCyberLinkPowerDVDPDVDServ.exe [2004-11-02 32768]
«NvCplDaemon»=E:WINDOWSsystem32NvCpl.dll [2004-10-30 4620288]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=E:WINDOWSsystem32NvMcTray.dll [2004-10-30 86016]
«NeroFilterCheck»=E:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
«WinampAgent»=E:Program FilesWinampwinampa.exe [2003-12-13 33792]
«Nokia FastStart»=C:Program FilesNokiaNokia MusicNokiaMusic.exe /command:faststart [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sony Ericsson PC Suite»=E:Documents and SettingsСенаторМои документыse pcSony Ericsson PC SuiteSEPCSuite.exe [2007-11-20 356352]
«NBJ»=E:Program FilesAheadNero BackItUpNBJ.exe [2005-04-08 1953792]
«NokiaOviSuite2″=E:Program FilesNokiaNokia Ovi SuiteNokiaOviSuite.exe -tray []
«PC Suite Tray»=E:Program FilesNokiaNokia PC Suite 7PCSuite.exe [2009-11-11 1451520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — E:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«authentication packages»=msv1_0
nwprovau[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=323
«NoDriveAutoRun»=67108863
«NoDrives»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=
«NoDriveTypeAutoRun»=
«NoDrives»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«E:Program FilesBonjourmDNSResponder.exe»=»E:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2010-06-01 22:53:05 —-D—- E:WINDOWStemp
2010-06-01 22:53:03 —-A—- E:ComboFix.txt
2010-06-01 22:49:32 —-A—- E:WINDOWSsystem32nxgl.dll
2010-06-01 22:49:25 —-A—- E:WINDOWSsystem32xlejkiycx.dll
2010-06-01 22:49:19 —-A—- E:WINDOWSsystem32vbiyhb.dll
2010-06-01 22:49:17 —-A—- E:WINDOWSsystem32hmbrwcx.dll
2010-06-01 22:49:10 —-A—- E:WINDOWSsystem32rpmm.dll
2010-06-01 22:49:08 —-A—- E:WINDOWSsystem32oqantp.dll
2010-06-01 22:49:02 —-A—- E:WINDOWSsystem32ghw.dll
2010-06-01 22:49:00 —-A—- E:WINDOWSsystem32ws.dll
2010-06-01 22:48:56 —-A—- E:WINDOWSsystem32otyneyca.dll
2010-06-01 22:48:54 —-A—- E:WINDOWSsystem32emd.dll
2010-06-01 22:48:52 —-A—- E:WINDOWSsystem32shaswts.dll
2010-06-01 22:48:50 —-A—- E:WINDOWSsystem32oirk.dll
2010-06-01 22:48:48 —-A—- E:WINDOWSsystem32mxb.dll
2010-06-01 22:48:46 —-A—- E:WINDOWSsystem32lbjdwbkp.dll
2010-06-01 22:48:44 —-A—- E:WINDOWSsystem32dbiqjn.dll
2010-06-01 22:48:42 —-A—- E:WINDOWSsystem32mjmmfjks.dll
2010-06-01 22:48:40 —-A—- E:WINDOWSsystem32jedwwk.dll
2010-06-01 22:48:26 —-A—- E:WINDOWSsystem32ujuedugx.dll
2010-06-01 22:48:24 —-A—- E:WINDOWSsystem32jepiiqm.dll
2010-06-01 22:48:20 —-A—- E:WINDOWSsystem32tcahpsz.dll
2010-06-01 22:48:18 —-A—- E:WINDOWSsystem32nymvntc.dll
2010-06-01 22:48:14 —-A—- E:WINDOWSsystem32rac.dll
2010-06-01 22:48:12 —-A—- E:WINDOWSsystem32reldkqllu.dll
2010-06-01 22:48:10 —-A—- E:WINDOWSsystem32c.dll
2010-06-01 22:48:08 —-A—- E:WINDOWSsystem32btvowcw.dll
2010-06-01 22:48:06 —-A—- E:WINDOWSsystem32esthrnnzx.dll
2010-06-01 22:48:00 —-A—- E:WINDOWSsystem32rivg.dll
2010-06-01 22:47:58 —-A—- E:WINDOWSsystem32jmekxsni.dll
2010-06-01 22:47:48 —-A—- E:WINDOWSsystem32rizmhce.dll
2010-06-01 22:47:42 —-A—- E:WINDOWSsystem32boaigf.dll
2010-06-01 22:47:40 —-A—- E:WINDOWSsystem32arv.dll
2010-06-01 22:47:31 —-A—- E:WINDOWSsystem32sorhzwl.dll
2010-06-01 22:47:29 —-A—- E:WINDOWSsystem32yqvadh.dll
2010-06-01 22:47:23 —-A—- E:WINDOWSsystem32ugrlne.dll
2010-06-01 22:47:19 —-A—- E:WINDOWSsystem32vdalafn.dll
2010-06-01 22:47:17 —-A—- E:WINDOWSsystem32fspdnzqo.dll
2010-06-01 22:47:15 —-A—- E:WINDOWSsystem32vncaskffv.dll
2010-06-01 22:47:09 —-A—- E:WINDOWSsystem32dhjcbn.dll
2010-06-01 22:47:05 —-A—- E:WINDOWSsystem32fqrfhb.dll
2010-06-01 22:47:03 —-A—- E:WINDOWSsystem32lmhyfh.dll
2010-06-01 22:47:01 —-A—- E:WINDOWSsystem32szhghg.dll
2010-06-01 22:46:59 —-A—- E:WINDOWSsystem32alfq.dll
2010-06-01 22:46:57 —-A—- E:WINDOWSsystem32lrgs.dll
2010-06-01 22:46:55 —-A—- E:WINDOWSsystem32fqvi.dll
2010-06-01 22:46:53 —-A—- E:WINDOWSsystem32dyufa.dll
2010-06-01 22:46:49 —-A—- E:WINDOWSsystem32yuk.dll
2010-06-01 22:46:41 —-A—- E:WINDOWSsystem32lxyhvssy.dll
2010-06-01 22:46:35 —-A—- E:WINDOWSsystem32inisblnx.dll
2010-06-01 22:46:31 —-A—- E:WINDOWSsystem32hdswfybmv.dll
2010-06-01 22:46:29 —-A—- E:WINDOWSsystem32hcbpvgcaz.dll
2010-06-01 22:46:27 —-A—- E:WINDOWSsystem32xrtp.dll
2010-06-01 22:46:21 —-A—- E:WINDOWSsystem32lj.dll
2010-06-01 22:46:11 —-A—- E:WINDOWSsystem32omxjmvvjn.dll
2010-06-01 22:46:07 —-A—- E:WINDOWSsystem32gxrphykr.dll
2010-06-01 22:46:03 —-A—- E:WINDOWSsystem32ol.dll
2010-06-01 22:46:01 —-A—- E:WINDOWSsystem32jjzpx.dll
2010-06-01 22:45:59 —-A—- E:WINDOWSsystem32bqefdyslg.dll
2010-06-01 22:45:57 —-A—- E:WINDOWSsystem32zje.dll
2010-06-01 22:45:55 —-A—- E:WINDOWSsystem32izw.dll
2010-06-01 22:45:53 —-A—- E:WINDOWSsystem32vv.dll
2010-06-01 22:45:47 —-A—- E:WINDOWSsystem32ick.dll
2010-06-01 22:45:32 —-A—- E:WINDOWSsystem32ettdocj.dll
2010-06-01 22:45:30 —-A—- E:WINDOWSsystem32ofafe.dll
2010-06-01 22:45:28 —-A—- E:WINDOWSsystem32bqvjpa.dll
2010-06-01 22:45:26 —-A—- E:WINDOWSsystem32w.dll
2010-06-01 22:45:24 —-A—- E:WINDOWSsystem32tit.dll
2010-06-01 22:45:22 —-A—- E:WINDOWSsystem32xozs.dll
2010-06-01 22:45:18 —-A—- E:WINDOWSsystem32tyvfvb.dll
2010-06-01 22:45:16 —-A—- E:WINDOWSsystem32dedoemt.dll
2010-06-01 22:45:06 —-A—- E:WINDOWSsystem32supwrj.dll
2010-06-01 22:45:04 —-A—- E:WINDOWSsystem32kbhv.dll
2010-06-01 22:45:01 —-A—- E:WINDOWSsystem32akjlwu.dll
2010-06-01 22:44:57 —-A—- E:WINDOWSsystem32jaohkexe.dll
2010-06-01 22:44:49 —-A—- E:WINDOWSsystem32gacp.dll
2010-06-01 22:44:43 —-A—- E:WINDOWSsystem32qfa.dll
2010-06-01 22:44:37 —-A—- E:WINDOWSsystem32fobg.dll
2010-06-01 22:44:33 —-A—- E:WINDOWSsystem32raanlzmrh.dll
2010-06-01 22:44:31 —-A—- E:WINDOWSsystem32szrpxw.dll
2010-06-01 22:44:27 —-A—- E:WINDOWSsystem32ajhyx.dll
2010-06-01 22:44:25 —-A—- E:WINDOWSsystem32syrvva.dll
2010-06-01 22:44:23 —-A—- E:WINDOWSsystem32zp.dll
2010-06-01 22:44:21 —-A—- E:WINDOWSsystem32apygjtsv.dll
2010-06-01 22:44:19 —-A—- E:WINDOWSsystem32gc.dll
2010-06-01 22:44:17 —-A—- E:WINDOWSsystem32msshtsp.dll
2010-06-01 22:44:12 —-A—- E:WINDOWSsystem32mfsafm.dll
2010-06-01 22:44:08 —-A—- E:WINDOWSsystem32ymdsgjyt.dll
2010-06-01 22:44:00 —-A—- E:WINDOWSsystem32ensm.dll
2010-06-01 22:43:58 —-A—- E:WINDOWSsystem32t.dll
2010-06-01 22:43:56 —-A—- E:WINDOWSsystem32hrjrxsqv.dll
2010-06-01 22:43:54 —-A—- E:WINDOWSsystem32njo.dll
2010-06-01 22:43:50 —-A—- E:WINDOWSsystem32vcqw.dll
2010-06-01 22:43:42 —-A—- E:WINDOWSsystem32spfal.dll
2010-06-01 22:43:38 —-A—- E:WINDOWSsystem32kguavi.dll
2010-06-01 22:43:33 —-A—- E:WINDOWSsystem32aweoiars.dll
2010-06-01 22:43:27 —-A—- E:WINDOWSsystem32rsmw.dll
2010-06-01 22:43:23 —-A—- E:WINDOWSsystem32lhjl.dll
2010-06-01 22:43:09 —-A—- E:WINDOWSsystem32czwyt.dll
2010-06-01 22:43:07 —-A—- E:WINDOWSsystem32blflsylvx.dll
2010-06-01 22:43:05 —-A—- E:WINDOWSsystem32bdzrt.dll
2010-06-01 22:13:51 —-D—- E:Program Filestrend micro
2010-06-01 22:13:50 —-D—- E:rsit
2010-05-31 23:55:14 —-A—- E:WINDOWSsystem32yeff.dll
2010-05-31 23:37:29 —-A—- E:WINDOWSsystem32tc.dll
2010-05-31 23:32:47 —-A—- E:WINDOWSsystem32ixp.dll
2010-05-31 23:32:45 —-A—- E:WINDOWSsystem32sgur.dll
2010-05-31 23:32:43 —-A—- E:WINDOWSsystem32zjltuaayu.dll
2010-05-31 23:32:41 —-A—- E:WINDOWSsystem32hgcodt.dll
2010-05-31 23:32:39 —-A—- E:WINDOWSsystem32zjh.dll
2010-05-31 23:32:35 —-A—- E:WINDOWSsystem32vpmk.dll
2010-05-31 23:32:33 —-A—- E:WINDOWSsystem32rvatrh.dll
2010-05-31 23:32:31 —-A—- E:WINDOWSsystem32ju.dll
2010-05-31 23:32:27 —-A—- E:WINDOWSsystem32qpv.dll
2010-05-31 23:32:23 —-A—- E:WINDOWSsystem32dylsblcv.dll
2010-05-31 23:32:15 —-A—- E:WINDOWSsystem32wlkr.dll
2010-05-31 23:32:11 —-A—- E:WINDOWSsystem32gn.dll
2010-05-31 23:32:09 —-A—- E:WINDOWSsystem32jubviiz.dll
2010-05-31 23:32:01 —-A—- E:WINDOWSsystem32oszh.dll
2010-05-31 23:31:59 —-A—- E:WINDOWSsystem32xykiil.dll
2010-05-31 23:31:57 —-A—- E:WINDOWSsystem32oggssf.dll
2010-05-31 23:31:55 —-A—- E:WINDOWSsystem32wnhls.dll
2010-05-31 23:31:53 —-A—- E:WINDOWSsystem32vzipv.dll
2010-05-31 23:31:51 —-A—- E:WINDOWSsystem32qad.dll
2010-05-31 23:31:49 —-A—- E:WINDOWSsystem32hllownwhg.dll
2010-05-31 23:31:47 —-A—- E:WINDOWSsystem32nvutsfvtd.dll
2010-05-31 23:31:43 —-A—- E:WINDOWSsystem32avjxns.dll
2010-05-31 23:31:41 —-A—- E:WINDOWSsystem32qstfxw.dll
2010-05-31 23:31:26 —-A—- E:WINDOWSsystem32bbatulp.dll
2010-05-31 23:31:24 —-A—- E:WINDOWSsystem32gzg.dll
2010-05-31 23:31:20 —-A—- E:WINDOWSsystem32fggkkse.dll
2010-05-31 23:31:08 —-A—- E:WINDOWSsystem32boywbladx.dll
2010-05-31 23:31:06 —-A—- E:WINDOWSsystem32pppsfk.dll
2010-05-31 23:31:02 —-A—- E:WINDOWSsystem32bxq.dll
2010-05-31 23:31:00 —-A—- E:WINDOWSsystem32frtp.dll
2010-05-31 23:30:58 —-A—- E:WINDOWSsystem32pdiczz.dll
2010-05-31 23:30:49 —-A—- E:WINDOWSsystem32itncp.dll
2010-05-31 23:30:36 —-A—- E:WINDOWSsystem32pbh.dll
2010-05-31 23:30:27 —-A—- E:WINDOWSsystem32ophn.dll
2010-05-31 23:30:23 —-A—- E:WINDOWSsystem32ea.dll
2010-05-31 23:30:17 —-A—- E:WINDOWSsystem32kmwresfc.dll
2010-05-31 23:30:15 —-A—- E:WINDOWSsystem32tynutp.dll
2010-05-31 23:30:01 —-A—- E:WINDOWSsystem32ssuejmnj.dll
2010-05-31 23:29:57 —-A—- E:WINDOWSsystem32phbmt.dll
2010-05-31 23:29:55 —-A—- E:WINDOWSsystem32xrztfz.dll
2010-05-31 23:29:53 —-A—- E:WINDOWSsystem32jub.dll
2010-05-31 23:29:51 —-A—- E:WINDOWSsystem32hsp.dll
2010-05-31 23:29:49 —-A—- E:WINDOWSsystem32vdvbaxndy.dll
2010-05-31 23:29:41 —-A—- E:WINDOWSsystem32hvryli.dll
2010-05-31 23:29:32 —-A—- E:WINDOWSsystem32lxveaj.dll
2010-05-31 23:29:30 —-A—- E:WINDOWSsystem32rjawj.dll
2010-05-31 23:29:26 —-A—- E:WINDOWSsystem32logzo.dll
2010-05-31 23:29:24 —-A—- E:WINDOWSsystem32gzt.dll
2010-05-31 23:29:18 —-A—- E:WINDOWSsystem32vemr.dll
2010-05-31 23:29:16 —-A—- E:WINDOWSsystem32cravfu.dll
2010-05-31 23:29:14 —-A—- E:WINDOWSsystem32gje.dll
2010-05-31 23:29:06 —-A—- E:WINDOWSsystem32fsa.dll
2010-05-31 23:29:04 —-A—- E:WINDOWSsystem32qi.dll
2010-05-31 23:29:00 —-A—- E:WINDOWSsystem32rakxbx.dll
2010-05-31 23:28:54 —-A—- E:WINDOWSsystem32vt.dll
2010-05-31 23:28:52 —-A—- E:WINDOWSsystem32ezfnpk.dll
2010-05-31 23:28:50 —-A—- E:WINDOWSsystem32uramwadae.dll
2010-05-31 23:28:48 —-A—- E:WINDOWSsystem32glwfcfwl.dll
2010-05-31 23:28:39 —-A—- E:WINDOWSsystem32o.dll
2010-05-31 23:28:37 —-A—- E:WINDOWSsystem32zljfnt.dll
2010-05-31 23:28:29 —-A—- E:WINDOWSsystem32pu.dll
2010-05-31 23:28:19 —-A—- E:WINDOWSsystem32bp.dll
2010-05-31 23:28:17 —-A—- E:WINDOWSsystem32kqlicdxd.dll
2010-05-31 23:28:09 —-A—- E:WINDOWSsystem32muu.dll
2010-05-31 23:28:07 —-A—- E:WINDOWSsystem32qov.dll
2010-05-31 23:28:03 —-A—- E:WINDOWSsystem32dyi.dll
2010-05-31 23:27:57 —-A—- E:WINDOWSsystem32dwwpl.dll
2010-05-31 23:27:53 —-A—- E:WINDOWSsystem32dddi.dll
2010-05-31 23:27:49 —-A—- E:WINDOWSsystem32zwuu.dll
2010-05-31 23:27:41 —-A—- E:WINDOWSsystem32fyazsnl.dll
2010-05-31 23:27:37 —-A—- E:WINDOWSsystem32qkdwcscv.dll
2010-05-31 23:27:35 —-A—- E:WINDOWSsystem32jims.dll
2010-05-31 23:27:33 —-A—- E:WINDOWSsystem32novg.dll
2010-05-31 23:27:26 —-A—- E:WINDOWSsystem32xnkpqiss.dll
2010-05-31 23:27:22 —-A—- E:WINDOWSsystem32pk.dll
2010-05-31 23:27:20 —-A—- E:WINDOWSsystem32amzcktjny.dll
2010-05-31 23:27:18 —-A—- E:WINDOWSsystem32juxfx.dll
2010-05-31 23:27:16 —-A—- E:WINDOWSsystem32irete.dll
2010-05-31 23:27:10 —-A—- E:WINDOWSsystem32byd.dll
2010-05-31 23:27:02 —-A—- E:WINDOWSsystem32pdeoaeg.dll
2010-05-31 23:27:00 —-A—- E:WINDOWSsystem32m.dll
2010-05-31 23:26:58 —-A—- E:WINDOWSsystem32cf.dll
2010-05-31 23:26:52 —-A—- E:WINDOWSsystem32kdm.dll
2010-05-31 23:26:50 —-A—- E:WINDOWSsystem32gpqdik.dll
2010-05-31 23:26:46 —-A—- E:WINDOWSsystem32pi.dll
2010-05-31 23:26:42 —-A—- E:WINDOWSsystem32svgnxhgz.dll
2010-05-31 23:26:40 —-A—- E:WINDOWSsystem32npr.dll
2010-05-31 23:26:38 —-A—- E:WINDOWSsystem32wvbcavvj.dll
2010-05-31 23:26:36 —-A—- E:WINDOWSsystem32nozfqxr.dll
2010-05-31 23:26:34 —-A—- E:WINDOWSsystem32tpymv.dll
2010-05-31 23:26:32 —-A—- E:WINDOWSsystem32dueugwydn.dll
2010-05-31 23:26:28 —-A—- E:WINDOWSsystem32mew.dll
2010-05-31 23:26:21 —-A—- E:WINDOWSsystem32kwkrgox.dll
2010-05-31 23:26:15 —-A—- E:WINDOWSsystem32kvrmww.dll
2010-05-31 23:26:11 —-A—- E:WINDOWSsystem32mtidv.dll
2010-05-31 23:26:09 —-A—- E:WINDOWSsystem32rrljzg.dll
2010-05-31 23:25:59 —-A—- E:WINDOWSsystem32deklkjjq.dll
2010-05-31 23:25:50 —-A—- E:WINDOWSsystem32lntbrtdvt.dll
2010-05-31 23:25:48 —-A—- E:WINDOWSsystem32j.dll
2010-05-31 23:25:46 —-A—- E:WINDOWSsystem32hlbqtyg.dll
2010-05-31 23:25:42 —-A—- E:WINDOWSsystem32ifqzbpqym.dll
2010-05-31 23:25:40 —-A—- E:WINDOWSsystem32ssj.dll
2010-05-31 23:25:38 —-A—- E:WINDOWSsystem32zrzblx.dll
2010-05-31 23:25:34 —-A—- E:WINDOWSsystem32oy.dll
2010-05-31 23:25:28 —-A—- E:WINDOWSsystem32wrjchl.dll
2010-05-31 23:25:22 —-A—- E:WINDOWSsystem32grmh.dll
2010-05-31 23:25:20 —-A—- E:WINDOWSsystem32xfejkr.dll
2010-05-31 23:25:16 —-A—- E:WINDOWSsystem32ilkkts.dll
2010-05-31 23:25:14 —-A—- E:WINDOWSsystem32xqnx.dll
2010-05-31 23:25:10 —-A—- E:WINDOWSsystem32lvxziry.dll
2010-05-31 23:25:08 —-A—- E:WINDOWSsystem32v.dll
2010-05-31 23:25:06 —-A—- E:WINDOWSsystem32icmwofvu.dll
2010-05-31 23:25:02 —-A—- E:WINDOWSsystem32munl.dll
2010-05-31 23:25:00 —-A—- E:WINDOWSsystem32vsgh.dll
2010-05-31 23:24:54 —-A—- E:WINDOWSsystem32clkqqb.dll
2010-05-31 23:24:52 —-A—- E:WINDOWSsystem32rhoer.dll
2010-05-31 23:24:50 —-A—- E:WINDOWSsystem32jlxhjexja.dll
2010-05-31 23:24:46 —-A—- E:WINDOWSsystem32bmgn.dll
2010-05-31 23:24:44 —-A—- E:WINDOWSsystem32deul.dll
2010-05-31 23:24:42 —-A—- E:WINDOWSsystem32gvazp.dll
2010-05-31 23:24:40 —-A—- E:WINDOWSsystem32ozff.dll
2010-05-31 23:24:36 —-A—- E:WINDOWSsystem32n.dll
2010-05-31 23:24:34 —-A—- E:WINDOWSsystem32jgovgtwfe.dll
2010-05-31 23:24:30 —-A—- E:WINDOWSsystem32fehquztj.dll
2010-05-31 23:24:18 —-A—- E:WINDOWSsystem32nthiga.dll
2010-05-31 23:24:09 —-A—- E:WINDOWSsystem32sskland.dll
2010-05-31 23:24:05 —-A—- E:WINDOWSsystem32phropur.dll
2010-05-31 23:24:03 —-A—- E:WINDOWSsystem32z.dll
2010-05-31 23:24:01 —-A—- E:WINDOWSsystem32xzmdhvmod.dll
2010-05-31 23:23:57 —-A—- E:WINDOWSsystem32jkbskrel.dll
2010-05-31 23:23:55 —-A—- E:WINDOWSsystem32qohai.dll
2010-05-31 23:23:53 —-A—- E:WINDOWSsystem32scirhnsk.dll
2010-05-31 23:23:51 —-A—- E:WINDOWSsystem32glestw.dll
2010-05-31 23:23:43 —-A—- E:WINDOWSsystem32xoazga.dll
2010-05-31 23:23:41 —-A—- E:WINDOWSsystem32p.dll
2010-05-31 23:23:35 —-A—- E:WINDOWSsystem32adwow.dll
2010-05-31 23:23:33 —-A—- E:WINDOWSsystem32okaurk.dll
2010-05-31 23:23:31 —-A—- E:WINDOWSsystem32kddaqrd.dll
2010-05-31 23:23:29 —-A—- E:WINDOWSsystem32iv.dll
2010-05-31 23:23:27 —-A—- E:WINDOWSsystem32ft.dll
2010-05-31 23:23:19 —-A—- E:WINDOWSsystem32kjebsm.dll
2010-05-31 23:23:15 —-A—- E:WINDOWSsystem32mtwndl.dll
2010-05-31 23:23:11 —-A—- E:WINDOWSsystem32ngxikksre.dll
2010-05-31 23:23:09 —-A—- E:WINDOWSsystem32ngtduo.dll
2010-05-31 23:23:07 —-A—- E:WINDOWSsystem32a.dll
2010-05-31 23:23:05 —-A—- E:WINDOWSsystem32wzptx.dll
2010-05-31 23:22:56 —-A—- E:WINDOWSsystem32mpzbkn.dll
2010-05-31 23:22:52 —-A—- E:WINDOWSsystem32bryvhb.dll
2010-05-31 23:22:50 —-A—- E:WINDOWSsystem32mvplmujmd.dll
2010-05-31 23:22:48 —-A—- E:WINDOWSsystem32uvdtjx.dll
2010-05-31 23:22:45 —-A—- E:WINDOWSzip.exe
2010-05-31 23:22:45 —-A—- E:WINDOWSSWXCACLS.exe
2010-05-31 23:22:45 —-A—- E:WINDOWSSWSC.exe
2010-05-31 23:22:45 —-A—- E:WINDOWSSWREG.exe
2010-05-31 23:22:45 —-A—- E:WINDOWSsed.exe
2010-05-31 23:22:45 —-A—- E:WINDOWSPEV.exe
2010-05-31 23:22:45 —-A—- E:WINDOWSNIRCMD.exe
2010-05-31 23:22:45 —-A—- E:WINDOWSMBR.exe
2010-05-31 23:22:45 —-A—- E:WINDOWSgrep.exe
2010-05-31 23:22:44 —-A—- E:WINDOWSsystem32msgluvj.dll
2010-05-31 23:22:34 —-A—- E:WINDOWSsystem32yzheertvm.dll
2010-05-31 23:22:32 —-A—- E:WINDOWSsystem32fsxsrfry.dll
2010-05-31 23:22:30 —-A—- E:WINDOWSsystem32xby.dll
2010-05-31 23:22:28 —-A—- E:WINDOWSsystem32zgcqz.dll
2010-05-31 23:22:15 —-A—- E:WINDOWSsystem32zerzqygbq.dll
2010-05-31 23:22:13 —-A—- E:WINDOWSsystem32kwce.dll
2010-05-31 23:22:09 —-A—- E:WINDOWSsystem32dhws.dll
2010-05-31 23:22:07 —-A—- E:WINDOWSsystem32ytnbsnja.dll
2010-05-31 23:22:03 —-A—- E:WINDOWSsystem32kxwbm.dll
2010-05-31 23:22:01 —-A—- E:WINDOWSsystem32ekdd.dll
2010-05-31 23:21:57 —-A—- E:WINDOWSsystem32zi.dll
2010-05-31 23:21:55 —-A—- E:WINDOWSsystem32dt.dll
2010-05-31 23:20:51 —-A—- E:WINDOWSsystem32xnaduql.dll
2010-05-31 23:18:25 —-A—- E:WINDOWSsystem32zbvebm.dll
2010-05-31 23:18:21 —-A—- E:WINDOWSsystem32wlndi.dll
2010-05-31 23:18:17 —-A—- E:WINDOWSsystem32urlhkcxak.dll
2010-05-31 23:18:15 —-A—- E:WINDOWSsystem32oraxap.dll
2010-05-31 23:17:52 —-A—- E:WINDOWSsystem32egnp.dll
2010-05-31 23:17:50 —-A—- E:WINDOWSsystem32gz.dll
2010-05-31 23:17:48 —-A—- E:WINDOWSsystem32fjthxpkv.dll
2010-05-31 23:17:44 —-A—- E:WINDOWSsystem32q.dll
2010-05-31 23:17:40 —-A—- E:WINDOWSsystem32mm.dll
2010-05-31 23:17:36 —-A—- E:WINDOWSsystem32s.dll
2010-05-31 23:17:34 —-A—- E:WINDOWSsystem32nnvlua.dll
2010-05-31 23:17:24 —-A—- E:WINDOWSsystem32xxupc.dll
2010-05-31 23:17:16 —-A—- E:WINDOWSsystem32evqfz.dll
2010-05-31 23:17:14 —-A—- E:WINDOWSsystem32njmbksw.dll
2010-05-31 23:17:12 —-A—- E:WINDOWSsystem32gsofdfl.dll
2010-05-31 23:17:08 —-A—- E:WINDOWSsystem32hvehcm.dll
2010-05-31 23:17:06 —-A—- E:WINDOWSsystem32egmotwmnv.dll
2010-05-31 23:17:04 —-A—- E:WINDOWSsystem32vywordjpi.dll
2010-05-31 23:17:00 —-A—- E:WINDOWSsystem32rsexcd.dll
2010-05-31 23:16:58 —-A—- E:WINDOWSsystem32iaahmxtq.dll
2010-05-31 23:16:51 —-A—- E:WINDOWSsystem32f.dll
2010-05-31 23:16:49 —-A—- E:WINDOWSsystem32lvdqrgde.dll
2010-05-31 23:16:45 —-A—- E:WINDOWSsystem32yrnbczolj.dll
2010-05-31 23:16:44 —-D—- E:WINDOWSERDNT
2010-05-31 23:16:43 —-A—- E:WINDOWSsystem32smjqrrxnh.dll
2010-05-31 23:16:41 —-A—- E:WINDOWSsystem32fqrjznmu.dll
2010-05-31 23:16:39 —-A—- E:WINDOWSsystem32lpg.dll
2010-05-31 23:16:37 —-A—- E:WINDOWSsystem32kmejihyg.dll
2010-05-31 23:16:27 —-A—- E:WINDOWSsystem32rsexgo.dll
2010-05-31 23:16:25 —-A—- E:WINDOWSsystem32kabibu.dll
2010-05-31 23:16:23 —-A—- E:WINDOWSsystem32doruywaq.dll
2010-05-31 23:16:21 —-A—- E:WINDOWSsystem32ay.dll
2010-05-31 23:16:15 —-A—- E:WINDOWSsystem32tgtrybvx.dll
2010-05-31 23:16:13 —-A—- E:WINDOWSsystem32tujzr.dll
2010-05-31 23:16:11 —-A—- E:WINDOWSsystem32yrksxue.dll
2010-05-31 23:16:07 —-A—- E:WINDOWSsystem32slt.dll
2010-05-31 23:16:05 —-A—- E:WINDOWSsystem32orckmqaz.dll
2010-05-31 23:16:01 —-A—- E:WINDOWSsystem32nj.dll
2010-05-31 23:15:53 —-A—- E:WINDOWSsystem32gmhe.dll
2010-05-31 23:15:49 —-A—- E:WINDOWSsystem32l.dll
2010-05-31 23:15:44 —-A—- E:WINDOWSsystem32ejqyquc.dll
2010-05-31 23:15:42 —-A—- E:WINDOWSsystem32x.dll
2010-05-31 23:15:40 —-A—- E:WINDOWSsystem32gmtapdy.dll
2010-05-31 23:15:38 —-D—- E:Qoobox
2010-05-31 23:15:38 —-A—- E:WINDOWSsystem32zn.dll
2010-05-31 23:15:34 —-A—- E:WINDOWSsystem32wdso.dll
2010-05-31 23:15:32 —-A—- E:WINDOWSsystem32qxsv.dll
2010-05-31 07:55:27 —-A—- E:WINDOWSsystem32rwb.dll
2010-05-30 15:38:02 —-A—- E:WINDOWSsystem32aqhzm.dll
2010-05-30 15:37:05 —-A—- E:WINDOWSsystem32jmlvz.dll
2010-05-30 14:56:43 —-A—- E:WINDOWSsystem32uksbjaymq.dll
2010-05-30 14:50:07 —-A—- E:WINDOWSsystem32lnewyayrb.dll
2010-05-30 14:12:23 —-A—- E:WINDOWSsystem32ioipbsruj.dll
2010-05-30 14:08:10 —-D—- E:WINDOWSpss
2010-05-30 13:55:16 —-A—- E:WINDOWSsystem32i.dll
2010-05-30 13:47:36 —-A—- E:WINDOWSsystem32bmyxv.dll
2010-05-30 13:41:40 —-A—- E:WINDOWSsystem32yso.dll
2010-05-30 12:58:00 —-A—- E:WINDOWSsystem32vvevis.dll
2010-05-30 02:14:38 —-A—- E:WINDOWSsystem32wkdg.dll
2010-05-30 01:58:32 —-A—- E:WINDOWSsystem32nosy.dll
2010-05-30 01:53:29 —-A—- E:WINDOWSsystem32khe.dll
2010-05-30 01:13:24 —-A—- E:WINDOWSsystem32dxhma.dll
2010-05-30 00:30:51 —-A—- E:WINDOWSsystem32wngecj.dll
2010-05-22 15:14:31 —-HDC—- E:WINDOWS$NtUninstallWudf01007$
2010-05-22 15:12:14 —-D—- E:Program FilesCommon FilesPCSuite
2010-05-22 15:12:03 —-D—- E:Program FilesCommon FilesNokia
2010-05-22 13:52:53 —-D—- E:Program FilesPC Connectivity Solution
2010-05-22 13:51:58 —-D—- E:Program FilesNokia
2010-05-22 13:49:59 —-D—- E:Documents and SettingsAll Users.WINDOWSApplication DataOviInstallerCache
2010-05-08 12:10:01 —-D—- E:Program FilesD-Link======List of files/folders modified in the last 1 months======
2010-06-01 22:53:05 —-D—- E:WINDOWS
2010-06-01 22:52:12 —-D—- E:WINDOWSsystem32CatRoot2
2010-06-01 22:50:37 —-A—- E:WINDOWSsystem.ini
2010-06-01 22:49:57 —-D—- E:WINDOWSsystem32drivers
2010-06-01 22:49:25 —-D—- E:WINDOWSsystem32
2010-06-01 22:49:21 —-D—- E:WINDOWSsystem32config
2010-06-01 22:49:12 —-RSHDC—- E:WINDOWSsystem32dllcache
2010-06-01 22:48:36 —-A—- E:WINDOWStpUsers2002.ini
2010-06-01 22:48:28 —-A—- E:WINDOWSsystem32certmgr.msc
2010-06-01 22:47:56 —-A—- E:WINDOWSsystem32rasctrs.ini
2010-06-01 22:47:22 —-D—- E:WINDOWSAppPatch
2010-06-01 22:47:21 —-D—- E:Program FilesCommon Files
2010-06-01 22:43:42 —-A—- E:WINDOWSSchedLgU.Txt
2010-06-01 22:43:36 —-A—- E:WINDOWSsystem32prnport.vbs
2010-06-01 22:43:32 —-D—- E:WINDOWSsystem32Restore
2010-06-01 22:43:15 —-A—- E:WINDOWSOEWABLog.txt
2010-06-01 22:43:11 —-A—- E:WINDOWSsystem32eventvwr.msc
2010-06-01 22:13:51 —-RD—- E:Program Files
2010-05-31 23:53:55 —-D—- E:Program FilesOpera
2010-05-31 23:53:55 —-D—- E:Config.Msi
2010-05-31 23:53:53 —-SHD—- E:WINDOWSInstaller
2010-05-31 23:32:21 —-A—- E:WINDOWSsystem32ff_vfw.dll.manifest
2010-05-31 23:31:16 —-A—- E:WINDOWSLSplugin.ini
2010-05-31 23:30:09 —-A—- E:WINDOWSODBCINST.INI
2010-05-31 23:30:03 —-D—- E:WINDOWSsystem
2010-05-31 23:29:10 —-A—- E:WINDOWSwinamp.ini
2010-05-31 23:28:58 —-A—- E:WINDOWSsystem32ntmsoprq.msc
2010-05-31 23:25:36 —-A—- E:WINDOWSODBC.INI
2010-05-31 23:24:16 —-A—- E:WINDOWSNeroDigital.ini
2010-05-31 23:22:44 —-SHD—- E:System Volume Information
2010-05-31 23:18:13 —-A—- E:WINDOWSsystem32services.msc
2010-05-31 23:17:20 —-A—- E:WINDOWSvbaddin.ini
2010-05-31 23:17:10 —-A—- E:WINDOWSsystem32ciadv.msc
2010-05-31 23:16:53 —-A—- E:WINDOWSAscd_tmp.ini
2010-05-31 23:16:19 —-A—- E:WINDOWSntbtlog.txt
2010-05-22 15:15:20 —-A—- E:WINDOWSsystem32PerfStringBackup.INI
2010-05-22 15:14:46 —-HD—- E:WINDOWSinf
2010-05-22 15:14:18 —-D—- E:Documents and SettingsСенаторApplication DataPC Suite
2010-05-22 15:12:51 —-DC—- E:WINDOWSsystem32DRVSTORE
2010-05-22 14:16:55 —-D—- E:Documents and SettingsAll Users.WINDOWSApplication DataInstallations
2010-05-22 14:12:43 —-D—- E:WINDOWSWinSxS
2010-05-22 14:02:50 —-D—- E:Documents and SettingsСенаторApplication DataNokia
2010-05-22 13:53:54 —-D—- E:WINDOWSsystem32CatRoot
2010-05-22 13:53:04 —-D—- E:Program FilesDIFX
2010-05-22 13:27:22 —-A—- E:WINDOWSimsins.BAK
2010-05-08 12:10:00 —-HD—- E:Program FilesInstallShield Installation Information======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; E:WINDOWSsystem32driversAavmker4.sys [2007-12-04 26624]
R1 aslm75;aslm75; ??E:WINDOWSsystem32driversaslm75.sys []
R1 aswTdi;avast! Network Shield Support; E:WINDOWSsystem32driversaswTdi.sys [2007-12-04 42912]
R1 intelppm;Драйвер Intel процессора; E:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R2 aswMon2;avast! Standard Shield Support; E:WINDOWSsystem32driversaswMon2.sys [2007-12-04 94544]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS-совместимый транспортный протокол; E:WINDOWSsystem32DRIVERSnwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;NWLink NetBIOS; E:WINDOWSsystem32DRIVERSnwlnknb.sys [2001-10-20 63232]
R2 NwlnkSpx;Протокол NWLink SPX/SPXII; E:WINDOWSsystem32DRIVERSnwlnkspx.sys [2001-10-20 55936]
R3 aeaudio;aeaudio; E:WINDOWSsystem32driversaeaudio.sys [2003-03-13 100224]
R3 catchme;catchme; ??E:ComboFixcatchme.sys []
R3 nv;nv; E:WINDOWSsystem32DRIVERSnv4_mini.sys [2004-10-30 2826944]
R3 NWRDR;NetWare Rdr; E:WINDOWSsystem32DRIVERSnwrdr.sys [2004-08-03 163584]
R3 smwdm;smwdm; E:WINDOWSsystem32driverssmwdm.sys [2003-06-02 578304]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; E:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 концентратор; E:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-04 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; E:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-04 20480]
S3 aswRdr;aswRdr; E:WINDOWSsystem32driversaswRdr.sys [2007-12-04 23152]
S3 HidUsb;Драйвер класса HID Microsoft; E:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
S3 mbr;mbr; ??E:DOCUME~11181~1LOCALS~1Tempmbr.sys []
S3 MidiSyn;MidiSyn; E:WINDOWSsystem32driversMidiSyn.sys [2002-09-20 235100]
S3 mouhid;Драйвер мыши HID; E:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
S3 nmwcd;Nokia USB Phone Parent; E:WINDOWSsystem32driversccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; E:WINDOWSsystem32driversccdcmbo.sys [2009-12-30 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:WINDOWSsystem32DRIVERSpccsmcfd.sys [2008-08-26 18816]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); E:WINDOWSsystem32DRIVERSs117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; E:WINDOWSsystem32DRIVERSs117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; E:WINDOWSsystem32DRIVERSs117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); E:WINDOWSsystem32DRIVERSs117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); E:WINDOWSsystem32DRIVERSs117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; E:WINDOWSsystem32DRIVERSs117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); E:WINDOWSsystem32DRIVERSs117unic.sys [2007-06-25 98856]
S3 SONYPVU1;Драйвер Sony USB фильтра (SONYPVU1); E:WINDOWSsystem32DRIVERSSONYPVU1.SYS [2001-08-17 7552]
S3 upperdev;upperdev; E:WINDOWSsystem32DRIVERSusbser_lowerflt.sys [2009-12-30 7936]
S3 usb_rndis;DLink USB Remote NDIS Device Driver; E:WINDOWSsystem32DRIVERSusb8023.sys [2004-08-03 12672]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); E:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-04 31616]
S3 usbprint;Класс принтеров Microsoft USB; E:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-04 25856]
S3 usbscan;Драйвер USB-сканера; E:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; E:WINDOWSsystem32driversusbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; E:WINDOWSsystem32DRIVERSusbser_lowerfltj.sys [2009-12-30 7936]
S3 USBSTOR;Драйвер запоминающих устройств для USB; E:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-04 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:WINDOWSSystem32Driverswdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; E:WINDOWSsystem32DRIVERSwpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; E:WINDOWSsystem32DRIVERSwudfrd.sys [2008-01-18 83328]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; E:WINDOWSsystem32DRIVERSyk51x86.sys [2004-08-19 189568]
S4 sr;Драйвер фильтра восстановления системы; E:WINDOWSsystem32DRIVERSsr.sys [2004-08-17 73472]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 NVSvc;NVIDIA Display Driver Service (Omega 1.6693) (Q); E:WINDOWSsystem32nvsvc32.exe [2004-10-30 127043]
R2 NWCWorkstation;Клиент для сетей NetWare; E:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; E:Program FilesAnalog DevicesSoundMAXSMAgent.exe [2002-09-20 45056]
R2 UTSCSI;CLCV0; E:WINDOWSsystem32UTSCSI.EXE [2009-02-06 45056]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; E:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R3 ServiceLayer;ServiceLayer; E:Program FilesPC Connectivity SolutionServiceLayer.exe [2010-01-26 652800]
S2 aswUpdSv;avast! iAVS4 Control Service; E:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2007-12-04 17272]
S2 avast! Antivirus;avast! Antivirus; E:Program FilesAlwil SoftwareAvast4ashServ.exe [2007-12-04 140664]
S2 Virtual Memory Dispatcher;Virtual Memory Dispatcher; F:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013winhelp.exe []
S2 Windows_system32;Windows_system32; E:WINDOWSsystem32systam32.exe []
S3 aspnet_state;ASP.NET State Service; E:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; E:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2007-12-04 247160]
S3 avast! Web Scanner;avast! Web Scanner; E:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2007-12-04 345464]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2009-04-30 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; E:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; E:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]
EOF
- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Это лог Combofix :
ComboFix 10-05-30.09 — Сенатор 01.06.2010 22:44:05.2.1 — x86
Microsoft Windows XP Professional 5.1.2600.2.1251.7.1049.18.511.322 [GMT 4:00]
Running from: e:documents and settingsСенаторРабочий столComboFix.exe
Command switches used :: e:documents and settingsСенаторРабочий столWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
AV: avast! antivirus 4.7.1098 [VPS 080223-0] *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.e:windowssystem32ieuinit.inf
e:windowssystem32xlk.dll.
((((((((((((((((((((((((( Files Created from 2010-05-01 to 2010-06-01 )))))))))))))))))))))))))))))))
.2010-06-01 18:49 . 2010-06-01 18:49 158208 —-a-w- e:windowssystem32nxgl.dll
2010-06-01 18:49 . 2010-06-01 18:49 158208 —-a-w- e:windowssystem32xlejkiycx.dll
2010-06-01 18:49 . 2010-06-01 18:49 158208 —-a-w- e:windowssystem32vbiyhb.dll
2010-06-01 18:49 . 2010-06-01 18:49 158208 —-a-w- e:windowssystem32hmbrwcx.dll
2010-06-01 18:49 . 2010-06-01 18:49 158208 —-a-w- e:windowssystem32rpmm.dll
2010-06-01 18:49 . 2010-06-01 18:49 158208 —-a-w- e:windowssystem32oqantp.dll
2010-06-01 18:49 . 2010-06-01 18:49 158208 —-a-w- e:windowssystem32ghw.dll
2010-06-01 18:49 . 2010-06-01 18:49 158208 —-a-w- e:windowssystem32ws.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32jmekxsni.dll
2010-06-01 18:46 . 2010-06-01 18:46 158208 —-a-w- e:windowssystem32alfq.dll
2010-06-01 18:45 . 2010-06-01 18:45 158208 —-a-w- e:windowssystem32bqefdyslg.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32jaohkexe.dll
2010-06-01 18:43 . 2010-06-01 18:43 158208 —-a-w- e:windowssystem32t.dll
2010-06-01 18:43 . 2010-06-01 18:43 158208 —-a-w- e:windowssystem32hrjrxsqv.dll
2010-06-01 18:43 . 2010-06-01 18:43 158208 —-a-w- e:windowssystem32njo.dll
2010-06-01 18:43 . 2010-06-01 18:43 158208 —-a-w- e:windowssystem32vcqw.dll
2010-06-01 18:43 . 2010-06-01 18:43 158208 —-a-w- e:windowssystem32spfal.dll
2010-06-01 18:43 . 2010-06-01 18:43 158208 —-a-w- e:windowssystem32kguavi.dll
2010-06-01 18:43 . 2010-06-01 18:43 158208 —-a-w- e:windowssystem32aweoiars.dll
2010-06-01 18:43 . 2010-06-01 18:43 158208 —-a-w- e:windowssystem32rsmw.dll
2010-06-01 18:43 . 2010-06-01 18:43 158208 —-a-w- e:windowssystem32lhjl.dll
2010-06-01 18:43 . 2010-06-01 18:43 158208 —-a-w- e:windowssystem32czwyt.dll
2010-06-01 18:43 . 2010-06-01 18:43 158208 —-a-w- e:windowssystem32blflsylvx.dll
2010-06-01 18:43 . 2010-06-01 18:43 158208 —-a-w- e:windowssystem32bdzrt.dll
2010-06-01 18:13 . 2010-06-01 18:42
d
w- e:program filestrend micro
2010-06-01 18:13 . 2010-06-01 18:14
d
w- E:rsit
2010-05-31 19:55 . 2010-05-31 19:55 158208 —-a-w- e:windowssystem32yeff.dll
2010-05-31 19:37 . 2010-05-31 19:37 158208 —-a-w- e:windowssystem32tc.dll
2010-05-31 19:31 . 2010-05-31 19:31 158208 —-a-w- e:windowssystem32xykiil.dll
2010-05-31 19:30 . 2010-05-31 19:30 158208 —-a-w- e:windowssystem32pdiczz.dll
2010-05-31 19:30 . 2010-05-31 19:30 158208 —-a-w- e:windowssystem32itncp.dll
2010-05-31 19:30 . 2010-05-31 19:30 158208 —-a-w- e:windowssystem32pbh.dll
2010-05-31 19:30 . 2010-05-31 19:30 158208 —-a-w- e:windowssystem32ophn.dll
2010-05-31 19:30 . 2010-05-31 19:30 158208 —-a-w- e:windowssystem32ea.dll
2010-05-31 19:30 . 2010-05-31 19:30 158208 —-a-w- e:windowssystem32kmwresfc.dll
2010-05-31 19:30 . 2010-05-31 19:30 158208 —-a-w- e:windowssystem32tynutp.dll
2010-05-31 19:30 . 2010-05-31 19:30 158208 —-a-w- e:windowssystem32ssuejmnj.dll
2010-05-31 19:28 . 2010-05-31 19:28 158208 —-a-w- e:windowssystem32vt.dll
2010-05-31 19:28 . 2010-05-31 19:28 158208 —-a-w- e:windowssystem32ezfnpk.dll
2010-05-31 19:28 . 2010-05-31 19:28 158208 —-a-w- e:windowssystem32uramwadae.dll
2010-05-31 19:28 . 2010-05-31 19:28 158208 —-a-w- e:windowssystem32glwfcfwl.dll
2010-05-31 19:28 . 2010-05-31 19:28 158208 —-a-w- e:windowssystem32o.dll
2010-05-31 19:28 . 2010-05-31 19:28 158208 —-a-w- e:windowssystem32zljfnt.dll
2010-05-31 19:28 . 2010-05-31 19:28 158208 —-a-w- e:windowssystem32pu.dll
2010-05-31 19:28 . 2010-05-31 19:28 158208 —-a-w- e:windowssystem32bp.dll
2010-05-31 19:28 . 2010-05-31 19:28 158208 —-a-w- e:windowssystem32kqlicdxd.dll
2010-05-31 19:28 . 2010-05-31 19:28 158208 —-a-w- e:windowssystem32muu.dll
2010-05-31 19:28 . 2010-05-31 19:28 158208 —-a-w- e:windowssystem32qov.dll
2010-05-31 19:28 . 2010-05-31 19:28 158208 —-a-w- e:windowssystem32dyi.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32cf.dll
2010-05-31 19:25 . 2010-05-31 19:25 158208 —-a-w- e:windowssystem32deklkjjq.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32clkqqb.dll
2010-05-31 19:23 . 2010-05-31 19:23 158208 —-a-w- e:windowssystem32jkbskrel.dll
2010-05-31 19:22 . 2010-05-31 19:22 158208 —-a-w- e:windowssystem32mpzbkn.dll
2010-05-31 19:21 . 2010-05-31 19:21 158208 —-a-w- e:windowssystem32zi.dll
2010-05-31 19:21 . 2010-05-31 19:21 158208 —-a-w- e:windowssystem32dt.dll
2010-05-31 19:20 . 2010-05-31 19:20 158208 —-a-w- e:windowssystem32xnaduql.dll
2010-05-31 19:18 . 2010-05-31 19:18 158208 —-a-w- e:windowssystem32zbvebm.dll
2010-05-31 19:18 . 2010-05-31 19:18 158208 —-a-w- e:windowssystem32wlndi.dll
2010-05-31 19:18 . 2010-05-31 19:18 158208 —-a-w- e:windowssystem32urlhkcxak.dll
2010-05-31 19:18 . 2010-05-31 19:18 158208 —-a-w- e:windowssystem32oraxap.dll
2010-05-31 19:16 . 2010-05-31 19:16 158208 —-a-w- e:windowssystem32iaahmxtq.dll
2010-05-31 19:15 . 2010-05-31 19:15 158208 —-a-w- e:windowssystem32gmhe.dll
2010-05-31 19:15 . 2010-05-31 19:15 158208 —-a-w- e:windowssystem32l.dll
2010-05-31 19:15 . 2010-05-31 19:15 158208 —-a-w- e:windowssystem32ejqyquc.dll
2010-05-31 19:15 . 2010-05-31 19:15 158208 —-a-w- e:windowssystem32x.dll
2010-05-31 19:15 . 2010-05-31 19:15 158208 —-a-w- e:windowssystem32gmtapdy.dll
2010-05-31 19:15 . 2010-05-31 19:15 158208 —-a-w- e:windowssystem32zn.dll
2010-05-31 19:15 . 2010-05-31 19:15 158208 —-a-w- e:windowssystem32wdso.dll
2010-05-31 19:15 . 2010-05-31 19:15 158208 —-a-w- e:windowssystem32qxsv.dll
2010-05-31 03:55 . 2010-05-31 03:55 158208 —-a-w- e:windowssystem32rwb.dll
2010-05-30 11:38 . 2010-05-30 11:38 158208 —-a-w- e:windowssystem32aqhzm.dll
2010-05-30 11:37 . 2010-05-30 11:37 158208 —-a-w- e:windowssystem32jmlvz.dll
2010-05-30 10:56 . 2010-05-30 10:56 158208 —-a-w- e:windowssystem32uksbjaymq.dll
2010-05-30 10:50 . 2010-05-30 10:50 158208 —-a-w- e:windowssystem32lnewyayrb.dll
2010-05-30 10:12 . 2010-05-30 10:12 158208 —-a-w- e:windowssystem32ioipbsruj.dll
2010-05-30 09:55 . 2010-05-30 09:55 158208 —-a-w- e:windowssystem32i.dll
2010-05-30 09:47 . 2010-05-30 09:47 158208 —-a-w- e:windowssystem32bmyxv.dll
2010-05-30 09:41 . 2010-05-30 09:41 158208 —-a-w- e:windowssystem32yso.dll
2010-05-30 08:58 . 2010-05-30 08:58 158208 —-a-w- e:windowssystem32vvevis.dll
2010-05-29 22:14 . 2010-05-29 22:14 158208 —-a-w- e:windowssystem32wkdg.dll
2010-05-29 21:58 . 2010-05-29 21:58 158208 —-a-w- e:windowssystem32nosy.dll
2010-05-29 21:53 . 2010-05-29 21:53 158208 —-a-w- e:windowssystem32khe.dll
2010-05-29 21:13 . 2010-05-29 21:13 158208 —-a-w- e:windowssystem32dxhma.dll
2010-05-29 20:30 . 2010-05-29 20:30 158208 —-a-w- e:windowssystem32wngecj.dll
2010-05-22 11:12 . 2010-05-22 11:12
d
w- e:program filesCommon FilesPCSuite
2010-05-22 11:12 . 2010-05-22 11:12
d
w- e:program filesCommon FilesNokia
2010-05-22 10:16 . 2010-05-22 10:15 34864192 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}Nokia_PC_Suite_rus_web.exe
2010-05-22 10:16 . 2010-05-22 10:16 95232 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionspcswpcsi.exe
2010-05-22 10:16 . 2010-05-22 10:16 8192 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstCCD.exe
2010-05-22 10:16 . 2010-05-22 10:16 61440 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCSFEMsi.exe
2010-05-22 10:16 . 2010-05-22 10:16 10240 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCS.exe
2010-05-22 09:53 . 2008-08-26 05:26 18816 —-a-w- e:windowssystem32driverspccsmcfd.sys
2010-05-22 09:52 . 2010-05-22 09:52
d
w- e:program filesPC Connectivity Solution
2010-05-22 09:51 . 2010-05-22 11:12
d
w- e:program filesNokia
2010-05-22 09:50 . 2010-05-22 09:50 12212040 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}InstallerCommonCustomActionsWMFDist11-WindowsXP-X86-ENU.exe
2010-05-22 09:50 . 2010-05-22 09:50 13930312 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}InstallerCommonCustomActionsWMFDist11-WindowsXP-X64-ENU.exe
2010-05-22 09:50 . 2010-05-22 09:50 77824 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}InstallerCommonCustomActionsRun_XML6_SP1.exe
2010-05-22 09:50 . 2010-05-22 09:50 61440 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}InstallerCommonCustomActionsWMF11Runx86.exe
2010-05-22 09:50 . 2010-05-22 09:50 58880 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}InstallerCommonCustomActionsWMF11Runx64.exe
2010-05-22 09:50 . 2010-05-22 09:50 50000 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}InstallerCommonCustomActionspcswpc.exe
2010-05-22 09:50 . 2010-05-22 09:44 98366952 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}Nokia_Ovi_Suite_webinstaller_ALL.exe
2010-05-22 09:49 . 2010-05-22 09:49
d
w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache
2010-05-08 08:10 . 2010-05-08 08:10
d
w- e:program filesD-Link.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-01 18:49 . 2008-02-23 21:01 13312 —-a-w- e:windowsFontsroman.fon
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32rizmhce.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32boaigf.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32arv.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32sorhzwl.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32yqvadh.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32ugrlne.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32vdalafn.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32fspdnzqo.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32vncaskffv.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32dhjcbn.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32fqrfhb.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32lmhyfh.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32szhghg.dll
2010-06-01 18:45 . 2010-06-01 18:45 158208 —-a-w- e:windowssystem32zje.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32gacp.dll
2010-06-01 18:43 . 2008-02-23 21:01 29599 —-a-w- e:windowssystem32prnport.vbs
2010-06-01 18:43 . 2008-02-23 21:00 2000 —-a-w- e:windowssystem32keyboard.drv
2010-05-31 19:53 . 2008-02-24 17:03
d
w- e:program filesOpera
2010-05-31 19:31 . 2010-05-31 19:31 158208 —-a-w- e:windowssystem32oggssf.dll
2010-05-31 19:30 . 2008-02-23 21:01 79546 —-a-w- e:windowssystem32perfc019.dat
2010-05-31 19:27 . 2010-05-31 19:27 158208 —-a-w- e:windowssystem32dwwpl.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32kdm.dll
2010-05-31 19:25 . 2010-05-31 19:25 158208 —-a-w- e:windowssystem32lntbrtdvt.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32rhoer.dll
2010-05-31 19:23 . 2010-05-31 19:23 158208 —-a-w- e:windowssystem32qohai.dll
2010-05-31 19:22 . 2010-05-31 19:22 158208 —-a-w- e:windowssystem32bryvhb.dll
2010-05-31 19:17 . 2010-05-31 19:17 158208 —-a-w- e:windowssystem32egnp.dll
2010-05-31 19:16 . 2010-05-31 19:16 158208 —-a-w- e:windowssystem32f.dll
2010-05-22 11:15 . 2008-02-23 21:01 474518 —-a-w- e:windowssystem32perfh019.dat
2010-05-22 11:14 . 2010-05-22 11:14 0 —ha-w- e:windowssystem32driversMsft_User_PCCSWpdDriver_01_07_00.Wdf
2010-05-22 11:14 . 2010-05-22 11:14 0 —ha-w- e:windowssystem32driversMsftWdf_user_01_07_00.Wdf
2010-05-22 11:14 . 2008-02-25 11:02
d
w- e:documents and settingsСенаторApplication DataPC Suite
2010-05-22 10:16 . 2008-11-05 08:54
d
w- e:documents and settingsAll Users.WINDOWSApplication DataInstallations
2010-05-22 10:02 . 2008-02-25 11:57
d
w- e:documents and settingsСенаторApplication DataNokia
2010-05-22 09:53 . 2008-02-25 11:03
d
w- e:program filesDIFX
2010-05-08 08:10 . 2008-02-24 16:38
d—h—w- e:program filesInstallShield Installation Information
2004-08-17 12:05 . 2004-08-17 12:05 158208 —sh—w- e:windowssystem32kocon.dll
.((((((((((((((((((((((((((((( SnapShot@2010-05-31_19.30.37 )))))))))))))))))))))))))))))))))))))))))
.
— 2008-02-23 21:01 . 2001-10-20 12:00 15936 e:windowssystem32dllcacheprnqctl.vbs
+ 2008-02-23 21:01 . 2010-05-31 19:31 15936 e:windowssystem32dllcacheprnqctl.vbs
+ 2008-02-23 21:00 . 2010-06-01 18:43 2000 e:windowssystem32dllcachekeyboard.drv
— 2008-02-23 21:00 . 2001-10-20 12:00 2000 e:windowssystem32dllcachekeyboard.drv
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32zp.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32zjltuaayu.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32zjh.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32yuk.dll
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32ymdsgjyt.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32xrtp.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32xozs.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32wnhls.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32wlkr.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32w.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32vzipv.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32vv.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32vpmk.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32ujuedugx.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32tyvfvb.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32tit.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32tcahpsz.dll
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32szrpxw.dll
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32syrvva.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32supwrj.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32shaswts.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32sgur.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32rvatrh.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32rivg.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32reldkqllu.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32rac.dll
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32raanlzmrh.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32qstfxw.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32qpv.dll
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32qfa.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32qad.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32pppsfk.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32otyneyca.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32oszh.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32omxjmvvjn.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32ol.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32oirk.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32ofafe.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32nymvntc.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32nvutsfvtd.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32mxb.dll
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32msshtsp.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32mjmmfjks.dll
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32mfsafm.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32lxyhvssy.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32lrgs.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32lj.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32lbjdwbkp.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32kbhv.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32jubviiz.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32ju.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32jjzpx.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32jepiiqm.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32jedwwk.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32izw.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32ixp.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32inisblnx.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32ick.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32hllownwhg.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32hgcodt.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32hdswfybmv.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32hcbpvgcaz.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32gzg.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32gxrphykr.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32gn.dll
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32gc.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32frtp.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32fqvi.dll
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32fobg.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32fggkkse.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32ettdocj.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32esthrnnzx.dll
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32ensm.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32emd.dll
+ 2010-06-01 18:46 . 2010-06-01 18:46 158208 e:windowssystem32dyufa.dll
+ 2010-05-31 19:32 . 2010-05-31 19:32 158208 e:windowssystem32dylsblcv.dll
+ 2008-02-23 21:00 . 2010-06-01 18:44 673088 e:windowssystem32dllcachemlang.dat
— 2008-02-23 21:00 . 2001-10-20 12:00 673088 e:windowssystem32dllcachemlang.dat
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32dedoemt.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32dbiqjn.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32c.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32bxq.dll
+ 2010-06-01 18:48 . 2010-06-01 18:48 158208 e:windowssystem32btvowcw.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32bqvjpa.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32boywbladx.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32bbatulp.dll
+ 2010-05-31 19:31 . 2010-05-31 19:31 158208 e:windowssystem32avjxns.dll
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32apygjtsv.dll
+ 2010-06-01 18:45 . 2010-06-01 18:45 158208 e:windowssystem32akjlwu.dll
+ 2010-06-01 18:44 . 2010-06-01 18:44 158208 e:windowssystem32ajhyx.dll
— 2008-02-24 00:09 . 2009-07-06 14:56 1413216 e:windowssystem32FNTCACHE.DAT
+ 2008-02-24 00:09 . 2010-05-31 19:37 1413216 e:windowssystem32FNTCACHE.DAT
.
— Snapshot reset to current date —
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«Sony Ericsson PC Suite»=»e:documents and settingsСенаторМои документыse pcSony Ericsson PC SuiteSEPCSuite.exe» [2007-11-20 356352]
«NBJ»=»e:program filesAheadNero BackItUpNBJ.exe» [2005-04-08 1953792]
«NokiaOviSuite2″=»e:program filesNokiaNokia Ovi SuiteNokiaOviSuite.exe» [BU]
«PC Suite Tray»=»e:program filesNokiaNokia PC Suite 7PCSuite.exe» [2009-11-11 1451520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«SoundMAXPnP»=»e:program filesAnalog DevicesSoundMAXSMax4PNP.exe» [2003-05-29 790528]
«ASUS Probe»=»c:program filesASUSProbeAsusProb.exe» [2002-12-06 617984]
«SunJavaUpdateSched»=»e:program filesJavajre1.5.0_09binjusched.exe» [2006-09-07 49263]
«RemoteControl»=»e:program filesCyberLinkPowerDVDPDVDServ.exe» [2004-11-02 32768]
«NvCplDaemon»=»e:windowssystem32NvCpl.dll» [2004-10-29 4620288]
«nwiz»=»nwiz.exe» [2004-10-29 921600]
«NvMediaCenter»=»e:windowssystem32NvMcTray.dll» [2004-10-29 86016]
«NeroFilterCheck»=»e:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«WinampAgent»=»e:program filesWinampwinampa.exe» [2003-12-13 33792]
«Nokia FastStart»=»c:program filesNokiaNokia MusicNokiaMusic.exe» [BU][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»e:windowssystem32CTFMON.EXE» [2004-08-17 15360][HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«e:\Program Files\Bonjour\mDNSResponder.exe»=S2 Virtual Memory Dispatcher;Virtual Memory Dispatcher;»f:recyclerS-1-5-21-1482476501-1644491937-682003330-1013winhelp.exe» —> f:recyclerS-1-5-21-1482476501-1644491937-682003330-1013winhelp.exe [?]
S2 Windows_system32;Windows_system32;e:windowssystem32systam32.exe —> e:windowssystem32systam32.exe [?]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}]
c:recyclerS-1-5-21-1482476501-1644491937-682003330-1013winhelp.exe [BU]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.yandex.ru/?clid=40488
uInternet Settings,ProxyOverride = *.local
IE: &Экспорт в Microsoft Excel — e:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-01 22:50
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
e:windowsNeroDigital.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowsnetfxocm.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsntbtlog.txt:GhtTEv1dmSIY 158208 bytes executable
e:windowsocmsn.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsODBC.INI:GhtTEv1dmSIY 158208 bytes executable
e:windowsODBCINST.INI:GhtTEv1dmSIY 158208 bytes executable
e:windowsOEWABLog.txt:GhtTEv1dmSIY 158208 bytes executable
e:windowstpUsers2002.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowsexplorer.scf:GhtTEv1dmSIY 158208 bytes executable
e:windowsimsins.log:GhtTEv1dmSIY 158208 bytes executable
e:windowswinamp.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowsWindowsUpdate.log:GhtTEv1dmSIY 158208 bytes executable
e:windowscmsetacl.log:GhtTEv1dmSIY 158208 bytes executable
e:windowscomsetup.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsclock.avi:GhtTEv1dmSIY 158208 bytes executable
e:windowssetuperr.log:GhtTEv1dmSIY 158208 bytes executable
e:windowswiaservc.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsregopt.log:GhtTEv1dmSIY 158208 bytes executable
e:windowssetup.log:GhtTEv1dmSIY 158208 bytes executable
e:windowssetupact.log:GhtTEv1dmSIY 158208 bytes executable
e:windowssetupapi.log:GhtTEv1dmSIY 158208 bytes executable
e:windowssetupapi.log.0.old:GhtTEv1dmSIY 158208 bytes executable
e:windowsupdspapi.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsvbaddin.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowsAscd_tmp.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowsKB926239.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsLSplugin.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowsmdv736.pls:GhtTEv1dmSIY 158208 bytes executable
e:windowsMEMORY.DMP:GhtTEv1dmSIY 158208 bytes executable
e:windowsmsmqinst.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsЗеленый камень.bmp:GhtTEv1dmSIY 158208 bytes executable
e:windowsНа рыбалку.bmp:GhtTEv1dmSIY 158208 bytes executable
e:windowsПаркет.bmp:GhtTEv1dmSIY 158208 bytes executable
e:windowsПузыри.bmp:GhtTEv1dmSIY 158208 bytes executable
e:windowsСиреневый пух.bmp:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_28593.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_865.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_866.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_869.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_932.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32certmgr.msc:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32eventvwr.msc:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ff_vfw.dll.manifest:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32mciavi.drv:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ntmsoprq.msc:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32rtl70.bpl:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32unimdm.tsp:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32wbcache.esn:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32wbdbase.nld:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32v7vga.rom:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ctype.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_1255.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_20261.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_20905.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32pschdcnt.h:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32dssec.dat:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ega.cpi:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32imaadp32.acm:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32noise.esn:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32nscompat.tlb:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32perfc019.dat:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32perfh009.dat:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32rasctrs.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32secupd.sig:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32msaud32.acm:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32telephon.cpl:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ir41_32.ax:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32mqoa10.tlb:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32keyboard.drv:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32msdxm.ocx:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32instcat.sql:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ipconf.tsp:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ciadv.msc:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32services.msc:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32nusrmgr.cpl:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32QuickTime.cpl:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32vcl70.bpl:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32prnport.vbs:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32rsaci.rat:GhtTEv1dmSIY 158208 bytes executablescan completed successfully
hidden files: 79**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘explorer.exe'(2960)
e:windowssystem32msi.dll
e:windowssystem32WPDShServiceObj.dll
e:program filesNokiaNokia PC Suite 7PhoneBrowser.dll
e:program filesNokiaNokia PC Suite 7NGSCM.DLL
e:program filesNokiaNokia PC Suite 7LangPhoneBrowser_rus.nlr
e:program filesNokiaNokia PC Suite 7ResourcePhoneBrowser_Nokia.ngr
e:windowssystem32PortableDeviceTypes.dll
e:windowssystem32PortableDeviceApi.dll
.
Other Running Processes
.
e:windowssystem32nvsvc32.exe
e:program filesAnalog DevicesSoundMAXSMAgent.exe
e:windowssystem32UTSCSI.EXE
e:windowssystem32wscntfy.exe
e:windowssystem32RUNDLL32.EXE
e:program filesPC Connectivity SolutionServiceLayer.exe
e:program filesPC Connectivity SolutionTransportsNclUSBSrv.exe
e:program filesPC Connectivity SolutionTransportsNclRSSrv.exe
e:program filesPC Connectivity SolutionTransportsNclMSBTSrv.exe
.
**************************************************************************
.
Completion time: 2010-06-01 22:53:02 — machine was rebooted
ComboFix-quarantined-files.txt 2010-06-01 18:53
ComboFix2.txt 2010-05-31 19:32Pre-Run: 25 459 294 208 байт свободно
Post-Run: 25 362 534 400 байт свободно— — End Of File — — BB07E71CD20E21D9916A438404D4A847
Здравствуйте, добро пожаловать на Spyware-ru форум.
Откройте блокнот (Кликните Пуск, Выполнить, в строке ввода введите notepad и нажмите Enter) и вставьте в него следующий текст:
Driver::
Virtual Memory Dispatcher
Windows_system32
Registry::
[-HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}]
File::
e:windowssystem32nxgl.dll
e:windowssystem32xlejkiycx.dll
e:windowssystem32vbiyhb.dll
e:windowssystem32hmbrwcx.dll
e:windowssystem32rpmm.dll
e:windowssystem32oqantp.dll
e:windowssystem32ghw.dll
e:windowssystem32ws.dll
e:windowssystem32jmekxsni.dll
e:windowssystem32alfq.dll
e:windowssystem32bqefdyslg.dll
e:windowssystem32jaohkexe.dll
e:windowssystem32t.dll
e:windowssystem32hrjrxsqv.dll
e:windowssystem32njo.dll
e:windowssystem32vcqw.dll
e:windowssystem32spfal.dll
e:windowssystem32kguavi.dll
e:windowssystem32aweoiars.dll
e:windowssystem32rsmw.dll
e:windowssystem32lhjl.dll
e:windowssystem32czwyt.dll
e:windowssystem32blflsylvx.dll
e:windowssystem32bdzrt.dll
e:windowssystem32yeff.dll
e:windowssystem32tc.dll
e:windowssystem32xykiil.dll
e:windowssystem32pdiczz.dll
e:windowssystem32itncp.dll
e:windowssystem32pbh.dll
e:windowssystem32ophn.dll
e:windowssystem32ea.dll
e:windowssystem32kmwresfc.dll
e:windowssystem32tynutp.dll
e:windowssystem32ssuejmnj.dll
e:windowssystem32vt.dll
e:windowssystem32ezfnpk.dll
e:windowssystem32uramwadae.dll
e:windowssystem32glwfcfwl.dll
e:windowssystem32o.dll
e:windowssystem32zljfnt.dll
e:windowssystem32pu.dll
e:windowssystem32bp.dll
e:windowssystem32kqlicdxd.dll
e:windowssystem32muu.dll
e:windowssystem32qov.dll
e:windowssystem32dyi.dll
e:windowssystem32cf.dll
e:windowssystem32deklkjjq.dll
e:windowssystem32clkqqb.dll
e:windowssystem32jkbskrel.dll
e:windowssystem32mpzbkn.dll
e:windowssystem32zi.dll
e:windowssystem32dt.dll
e:windowssystem32xnaduql.dll
e:windowssystem32zbvebm.dll
e:windowssystem32wlndi.dll
e:windowssystem32urlhkcxak.dll
e:windowssystem32oraxap.dll
e:windowssystem32iaahmxtq.dll
e:windowssystem32gmhe.dll
e:windowssystem32l.dll
e:windowssystem32ejqyquc.dll
e:windowssystem32x.dll
e:windowssystem32gmtapdy.dll
e:windowssystem32zn.dll
e:windowssystem32wdso.dll
e:windowssystem32qxsv.dll
e:windowssystem32rwb.dll
e:windowssystem32aqhzm.dll
e:windowssystem32jmlvz.dll
e:windowssystem32uksbjaymq.dll
e:windowssystem32lnewyayrb.dll
e:windowssystem32ioipbsruj.dll
e:windowssystem32i.dll
e:windowssystem32bmyxv.dll
e:windowssystem32yso.dll
e:windowssystem32vvevis.dll
e:windowssystem32wkdg.dll
e:windowssystem32nosy.dll
e:windowssystem32khe.dll
e:windowssystem32dxhma.dll
e:windowssystem32wngecj.dllЗапишите получившийся файл на ваш рабочий стол под именем CFScript
Далее перетащите получившийся файл на иконку Combofix, как показано на картинке ниже.
Сombofix запуститься и выполнит процедуры описанные в созданном нами файле.
По результатам работы Combofix будет создан новый лог, его и вставьте в свой следующий ответ.- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Вот что получилось :
ComboFix 10-05-30.09 — Сенатор 10.06.2010 13:13:19.3.1 — x86
Microsoft Windows XP Professional 5.1.2600.2.1251.7.1049.18.511.266 [GMT 4:00]
Running from: e:documents and settingsСенаторРабочий столComboFix.exe
Command switches used :: e:documents and settingsСенаторРабочий столCFScript.txt
AV: avast! antivirus 4.7.1098 [VPS 080223-0] *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
— REDUCED FUNCTIONALITY MODE —FILE ::
«e:windowssystem32alfq.dll»
«e:windowssystem32aqhzm.dll»
«e:windowssystem32aweoiars.dll»
«e:windowssystem32bdzrt.dll»
«e:windowssystem32blflsylvx.dll»
«e:windowssystem32bmyxv.dll»
«e:windowssystem32bp.dll»
«e:windowssystem32bqefdyslg.dll»
«e:windowssystem32cf.dll»
«e:windowssystem32clkqqb.dll»
«e:windowssystem32czwyt.dll»
«e:windowssystem32deklkjjq.dll»
«e:windowssystem32dt.dll»
«e:windowssystem32dxhma.dll»
«e:windowssystem32dyi.dll»
«e:windowssystem32ea.dll»
«e:windowssystem32ejqyquc.dll»
«e:windowssystem32ezfnpk.dll»
«e:windowssystem32ghw.dll»
«e:windowssystem32glwfcfwl.dll»
«e:windowssystem32gmhe.dll»
«e:windowssystem32gmtapdy.dll»
«e:windowssystem32hmbrwcx.dll»
«e:windowssystem32hrjrxsqv.dll»
«e:windowssystem32i.dll»
«e:windowssystem32iaahmxtq.dll»
«e:windowssystem32ioipbsruj.dll»
«e:windowssystem32itncp.dll»
«e:windowssystem32jaohkexe.dll»
«e:windowssystem32jkbskrel.dll»
«e:windowssystem32jmekxsni.dll»
«e:windowssystem32jmlvz.dll»
«e:windowssystem32kguavi.dll»
«e:windowssystem32khe.dll»
«e:windowssystem32kmwresfc.dll»
«e:windowssystem32kqlicdxd.dll»
«e:windowssystem32l.dll»
«e:windowssystem32lhjl.dll»
«e:windowssystem32lnewyayrb.dll»
«e:windowssystem32mpzbkn.dll»
«e:windowssystem32muu.dll»
«e:windowssystem32njo.dll»
«e:windowssystem32nosy.dll»
«e:windowssystem32nxgl.dll»
«e:windowssystem32o.dll»
«e:windowssystem32ophn.dll»
«e:windowssystem32oqantp.dll»
«e:windowssystem32oraxap.dll»
«e:windowssystem32pbh.dll»
«e:windowssystem32pdiczz.dll»
«e:windowssystem32pu.dll»
«e:windowssystem32qov.dll»
«e:windowssystem32qxsv.dll»
«e:windowssystem32rpmm.dll»
«e:windowssystem32rsmw.dll»
«e:windowssystem32rwb.dll»
«e:windowssystem32spfal.dll»
«e:windowssystem32ssuejmnj.dll»
«e:windowssystem32t.dll»
«e:windowssystem32tc.dll»
«e:windowssystem32tynutp.dll»
«e:windowssystem32uksbjaymq.dll»
«e:windowssystem32uramwadae.dll»
«e:windowssystem32urlhkcxak.dll»
«e:windowssystem32vbiyhb.dll»
«e:windowssystem32vcqw.dll»
«e:windowssystem32vt.dll»
«e:windowssystem32vvevis.dll»
«e:windowssystem32wdso.dll»
«e:windowssystem32wkdg.dll»
«e:windowssystem32wlndi.dll»
«e:windowssystem32wngecj.dll»
«e:windowssystem32ws.dll»
«e:windowssystem32x.dll»
«e:windowssystem32xlejkiycx.dll»
«e:windowssystem32xnaduql.dll»
«e:windowssystem32xykiil.dll»
«e:windowssystem32yeff.dll»
«e:windowssystem32yso.dll»
«e:windowssystem32zbvebm.dll»
«e:windowssystem32zi.dll»
«e:windowssystem32zljfnt.dll»
«e:windowssystem32zn.dll»
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.e:windowssystem32alfq.dll
e:windowssystem32aqhzm.dll
e:windowssystem32aweoiars.dll
e:windowssystem32bdzrt.dll
e:windowssystem32blflsylvx.dll
e:windowssystem32bmyxv.dll
e:windowssystem32bp.dll
e:windowssystem32bqefdyslg.dll
e:windowssystem32cf.dll
e:windowssystem32clkqqb.dll
e:windowssystem32czwyt.dll
e:windowssystem32deklkjjq.dll
e:windowssystem32dt.dll
e:windowssystem32dxhma.dll
e:windowssystem32dyi.dll
e:windowssystem32ea.dll
e:windowssystem32ejqyquc.dll
e:windowssystem32ezfnpk.dll
e:windowssystem32ghw.dll
e:windowssystem32glwfcfwl.dll
e:windowssystem32gmhe.dll
e:windowssystem32gmtapdy.dll
e:windowssystem32hmbrwcx.dll
e:windowssystem32hrjrxsqv.dll
e:windowssystem32i.dll
e:windowssystem32iaahmxtq.dll
e:windowssystem32ioipbsruj.dll
e:windowssystem32itncp.dll
e:windowssystem32jaohkexe.dll
e:windowssystem32jkbskrel.dll
e:windowssystem32jmekxsni.dll
e:windowssystem32jmlvz.dll
e:windowssystem32kguavi.dll
e:windowssystem32khe.dll
e:windowssystem32kmwresfc.dll
e:windowssystem32kqlicdxd.dll
e:windowssystem32l.dll
e:windowssystem32lhjl.dll
e:windowssystem32lnewyayrb.dll
e:windowssystem32mpzbkn.dll
e:windowssystem32muu.dll
e:windowssystem32njo.dll
e:windowssystem32nosy.dll
e:windowssystem32nxgl.dll
e:windowssystem32o.dll
e:windowssystem32ophn.dll
e:windowssystem32oqantp.dll
e:windowssystem32oraxap.dll
e:windowssystem32pbh.dll
e:windowssystem32pdiczz.dll
e:windowssystem32pu.dll
e:windowssystem32qov.dll
e:windowssystem32qxsv.dll
e:windowssystem32rpmm.dll
e:windowssystem32rsmw.dll
e:windowssystem32rwb.dll
e:windowssystem32spfal.dll
e:windowssystem32ssuejmnj.dll
e:windowssystem32t.dll
e:windowssystem32tc.dll
e:windowssystem32tynutp.dll
e:windowssystem32uksbjaymq.dll
e:windowssystem32uramwadae.dll
e:windowssystem32urlhkcxak.dll
e:windowssystem32vbiyhb.dll
e:windowssystem32vcqw.dll
e:windowssystem32vt.dll
e:windowssystem32vvevis.dll
e:windowssystem32wdso.dll
e:windowssystem32wkdg.dll
e:windowssystem32wlndi.dll
e:windowssystem32wngecj.dll
e:windowssystem32ws.dll
e:windowssystem32x.dll
e:windowssystem32xlejkiycx.dll
e:windowssystem32xnaduql.dll
e:windowssystem32xykiil.dll
e:windowssystem32yeff.dll
e:windowssystem32yso.dll
e:windowssystem32zbvebm.dll
e:windowssystem32zi.dll
e:windowssystem32zljfnt.dll
e:windowssystem32zn.dll.
((((((((((((((((((((((((( Files Created from 2010-05-10 to 2010-06-10 )))))))))))))))))))))))))))))))
.2010-06-01 19:50 . 2010-06-01 19:50
d
w- e:program filesESET
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32rizmhce.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32boaigf.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32arv.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32sorhzwl.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32yqvadh.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32ugrlne.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32vdalafn.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32fspdnzqo.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32vncaskffv.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32dhjcbn.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32fqrfhb.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32lmhyfh.dll
2010-06-01 18:47 . 2010-06-01 18:47 158208 —-a-w- e:windowssystem32szhghg.dll
2010-06-01 18:45 . 2010-06-01 18:45 158208 —-a-w- e:windowssystem32zje.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32gacp.dll
2010-06-01 18:13 . 2010-06-01 20:16
d
w- e:program filestrend micro
2010-06-01 18:13 . 2010-06-01 18:14
d
w- E:rsit
2010-05-31 19:31 . 2010-05-31 19:31 158208 —-a-w- e:windowssystem32oggssf.dll
2010-05-31 19:29 . 2010-05-31 19:29 158208 —-a-w- e:windowssystem32phbmt.dll
2010-05-31 19:27 . 2010-05-31 19:27 158208 —-a-w- e:windowssystem32dwwpl.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32kdm.dll
2010-05-31 19:25 . 2010-05-31 19:25 158208 —-a-w- e:windowssystem32lntbrtdvt.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32rhoer.dll
2010-05-31 19:23 . 2010-05-31 19:23 158208 —-a-w- e:windowssystem32qohai.dll
2010-05-31 19:22 . 2010-05-31 19:22 158208 —-a-w- e:windowssystem32bryvhb.dll
2010-05-31 19:17 . 2010-05-31 19:17 158208 —-a-w- e:windowssystem32egnp.dll
2010-05-31 19:16 . 2010-05-31 19:16 158208 —-a-w- e:windowssystem32f.dll
2010-05-22 11:12 . 2010-05-22 11:12
d
w- e:program filesCommon FilesPCSuite
2010-05-22 11:12 . 2010-05-22 11:12
d
w- e:program filesCommon FilesNokia
2010-05-22 10:16 . 2010-05-22 10:15 34864192 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}Nokia_PC_Suite_rus_web.exe
2010-05-22 10:16 . 2010-05-22 10:16 95232 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionspcswpcsi.exe
2010-05-22 10:16 . 2010-05-22 10:16 8192 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstCCD.exe
2010-05-22 10:16 . 2010-05-22 10:16 61440 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCSFEMsi.exe
2010-05-22 10:16 . 2010-05-22 10:16 10240 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCS.exe
2010-05-22 09:53 . 2008-08-26 05:26 18816 —-a-w- e:windowssystem32driverspccsmcfd.sys
2010-05-22 09:52 . 2010-05-22 09:52
d
w- e:program filesPC Connectivity Solution
2010-05-22 09:51 . 2010-05-22 11:12
d
w- e:program filesNokia
2010-05-22 09:50 . 2010-05-22 09:50 12212040 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}InstallerCommonCustomActionsWMFDist11-WindowsXP-X86-ENU.exe
2010-05-22 09:50 . 2010-05-22 09:50 13930312 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}InstallerCommonCustomActionsWMFDist11-WindowsXP-X64-ENU.exe
2010-05-22 09:50 . 2010-05-22 09:50 77824 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}InstallerCommonCustomActionsRun_XML6_SP1.exe
2010-05-22 09:50 . 2010-05-22 09:50 61440 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}InstallerCommonCustomActionsWMF11Runx86.exe
2010-05-22 09:50 . 2010-05-22 09:50 58880 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}InstallerCommonCustomActionsWMF11Runx64.exe
2010-05-22 09:50 . 2010-05-22 09:50 50000 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}InstallerCommonCustomActionspcswpc.exe
2010-05-22 09:50 . 2010-05-22 09:44 98366952 —-a-w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}Nokia_Ovi_Suite_webinstaller_ALL.exe
2010-05-22 09:49 . 2010-05-22 09:49
d
w- e:documents and settingsAll Users.WINDOWSApplication DataOviInstallerCache.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-01 18:49 . 2008-02-23 21:01 13312 —-a-w- e:windowsFontsroman.fon
2010-06-01 18:46 . 2010-06-01 18:46 158208 —-a-w- e:windowssystem32lrgs.dll
2010-06-01 18:45 . 2010-06-01 18:45 158208 —-a-w- e:windowssystem32izw.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32qfa.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32fobg.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32raanlzmrh.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32szrpxw.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32ajhyx.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32syrvva.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32zp.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32apygjtsv.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32gc.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32msshtsp.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32mfsafm.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32ymdsgjyt.dll
2010-06-01 18:44 . 2010-06-01 18:44 158208 —-a-w- e:windowssystem32ensm.dll
2010-06-01 18:43 . 2008-02-23 21:01 29599 —-a-w- e:windowssystem32prnport.vbs
2010-06-01 18:43 . 2008-02-23 21:00 2000 —-a-w- e:windowssystem32keyboard.drv
2010-05-31 19:53 . 2008-02-24 17:03
d
w- e:program filesOpera
2010-05-31 19:31 . 2010-05-31 19:31 158208 —-a-w- e:windowssystem32wnhls.dll
2010-05-31 19:30 . 2008-02-23 21:01 79546 —-a-w- e:windowssystem32perfc019.dat
2010-05-31 19:27 . 2010-05-31 19:27 158208 —-a-w- e:windowssystem32dddi.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32gpqdik.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32pi.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32svgnxhgz.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32npr.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32wvbcavvj.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32nozfqxr.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32tpymv.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32dueugwydn.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32mew.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32kwkrgox.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32kvrmww.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32mtidv.dll
2010-05-31 19:26 . 2010-05-31 19:26 158208 —-a-w- e:windowssystem32rrljzg.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32jlxhjexja.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32bmgn.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32deul.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32gvazp.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32ozff.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32n.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32jgovgtwfe.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32fehquztj.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32nthiga.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32sskland.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32phropur.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32z.dll
2010-05-31 19:24 . 2010-05-31 19:24 158208 —-a-w- e:windowssystem32xzmdhvmod.dll
2010-05-31 19:22 . 2010-05-31 19:22 158208 —-a-w- e:windowssystem32mvplmujmd.dll
2010-05-31 19:17 . 2010-05-31 19:17 158208 —-a-w- e:windowssystem32gz.dll
2010-05-31 19:16 . 2010-05-31 19:16 158208 —-a-w- e:windowssystem32lvdqrgde.dll
2010-05-22 11:15 . 2008-02-23 21:01 474518 —-a-w- e:windowssystem32perfh019.dat
2010-05-22 11:14 . 2010-05-22 11:14 0 —ha-w- e:windowssystem32driversMsft_User_PCCSWpdDriver_01_07_00.Wdf
2010-05-22 11:14 . 2010-05-22 11:14 0 —ha-w- e:windowssystem32driversMsftWdf_user_01_07_00.Wdf
2010-05-22 11:14 . 2008-02-25 11:02
d
w- e:documents and settingsСенаторApplication DataPC Suite
2010-05-22 10:16 . 2008-11-05 08:54
d
w- e:documents and settingsAll Users.WINDOWSApplication DataInstallations
2010-05-22 10:02 . 2008-02-25 11:57
d
w- e:documents and settingsСенаторApplication DataNokia
2010-05-22 09:53 . 2008-02-25 11:03
d
w- e:program filesDIFX
2010-05-08 08:10 . 2010-05-08 08:10
d
w- e:program filesD-Link
2010-05-08 08:10 . 2008-02-24 16:38
d—h—w- e:program filesInstallShield Installation Information
2004-08-17 12:05 . 2004-08-17 12:05 158208 —sh—w- e:windowssystem32kocon.dll
.((((((((((((((((((((((((((((( SnapShot_2010-06-01_18.50.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-24 00:09 . 2010-06-01 20:18 1413216 e:windowssystem32FNTCACHE.DAT
— 2008-02-24 00:09 . 2010-05-31 19:37 1413216 e:windowssystem32FNTCACHE.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«Sony Ericsson PC Suite»=»e:documents and settingsСенаторМои документыse pcSony Ericsson PC SuiteSEPCSuite.exe» [2007-11-20 356352]
«NBJ»=»e:program filesAheadNero BackItUpNBJ.exe» [2005-04-08 1953792]
«NokiaOviSuite2″=»e:program filesNokiaNokia Ovi SuiteNokiaOviSuite.exe» [BU]
«PC Suite Tray»=»e:program filesNokiaNokia PC Suite 7PCSuite.exe» [2009-11-11 1451520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«SoundMAXPnP»=»e:program filesAnalog DevicesSoundMAXSMax4PNP.exe» [2003-05-29 790528]
«ASUS Probe»=»c:program filesASUSProbeAsusProb.exe» [2002-12-06 617984]
«SunJavaUpdateSched»=»e:program filesJavajre1.5.0_09binjusched.exe» [2006-09-07 49263]
«RemoteControl»=»e:program filesCyberLinkPowerDVDPDVDServ.exe» [2004-11-02 32768]
«NvCplDaemon»=»e:windowssystem32NvCpl.dll» [2004-10-29 4620288]
«nwiz»=»nwiz.exe» [2004-10-29 921600]
«NvMediaCenter»=»e:windowssystem32NvMcTray.dll» [2004-10-29 86016]
«NeroFilterCheck»=»e:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«WinampAgent»=»e:program filesWinampwinampa.exe» [2003-12-13 33792]
«Nokia FastStart»=»c:program filesNokiaNokia MusicNokiaMusic.exe» [BU][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»e:windowssystem32CTFMON.EXE» [2004-08-17 15360][HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«e:\Program Files\Bonjour\mDNSResponder.exe»=S2 Virtual Memory Dispatcher;Virtual Memory Dispatcher;»f:recyclerS-1-5-21-1482476501-1644491937-682003330-1013winhelp.exe» —> f:recyclerS-1-5-21-1482476501-1644491937-682003330-1013winhelp.exe [?]
S2 Windows_system32;Windows_system32;e:windowssystem32systam32.exe —> e:windowssystem32systam32.exe [?]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.yandex.ru/?clid=40488
uInternet Settings,ProxyOverride = *.local
IE: &Экспорт в Microsoft Excel — e:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-10 13:14
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
e:windowsNeroDigital.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowsnetfxocm.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsntbtlog.txt:GhtTEv1dmSIY 158208 bytes executable
e:windowsocmsn.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsODBC.INI:GhtTEv1dmSIY 158208 bytes executable
e:windowsODBCINST.INI:GhtTEv1dmSIY 158208 bytes executable
e:windowsOEWABLog.txt:GhtTEv1dmSIY 158208 bytes executable
e:windowstpUsers2002.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowsexplorer.scf:GhtTEv1dmSIY 158208 bytes executable
e:windowsimsins.log:GhtTEv1dmSIY 158208 bytes executable
e:windowswinamp.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowsWindowsUpdate.log:GhtTEv1dmSIY 158208 bytes executable
e:windowscmsetacl.log:GhtTEv1dmSIY 158208 bytes executable
e:windowscomsetup.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsclock.avi:GhtTEv1dmSIY 158208 bytes executable
e:windowssetuperr.log:GhtTEv1dmSIY 158208 bytes executable
e:windowswiaservc.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsregopt.log:GhtTEv1dmSIY 158208 bytes executable
e:windowssetup.log:GhtTEv1dmSIY 158208 bytes executable
e:windowssetupact.log:GhtTEv1dmSIY 158208 bytes executable
e:windowssetupapi.log:GhtTEv1dmSIY 158208 bytes executable
e:windowssetupapi.log.0.old:GhtTEv1dmSIY 158208 bytes executable
e:windowsupdspapi.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsvbaddin.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowsAscd_tmp.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowsKB926239.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsLSplugin.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowsmdv736.pls:GhtTEv1dmSIY 158208 bytes executable
e:windowsMEMORY.DMP:GhtTEv1dmSIY 158208 bytes executable
e:windowsmsmqinst.log:GhtTEv1dmSIY 158208 bytes executable
e:windowsЗеленый камень.bmp:GhtTEv1dmSIY 158208 bytes executable
e:windowsНа рыбалку.bmp:GhtTEv1dmSIY 158208 bytes executable
e:windowsПаркет.bmp:GhtTEv1dmSIY 158208 bytes executable
e:windowsПузыри.bmp:GhtTEv1dmSIY 158208 bytes executable
e:windowsСиреневый пух.bmp:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_28593.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_865.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_866.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_869.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_932.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32certmgr.msc:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32eventvwr.msc:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ff_vfw.dll.manifest:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32mciavi.drv:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ntmsoprq.msc:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32rtl70.bpl:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32unimdm.tsp:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32wbcache.esn:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32wbdbase.nld:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32v7vga.rom:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ctype.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_1255.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_20261.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32c_20905.nls:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32pschdcnt.h:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32dssec.dat:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ega.cpi:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32imaadp32.acm:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32noise.esn:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32nscompat.tlb:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32perfc019.dat:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32perfh009.dat:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32rasctrs.ini:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32secupd.sig:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32msaud32.acm:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32telephon.cpl:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ir41_32.ax:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32mqoa10.tlb:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32keyboard.drv:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32msdxm.ocx:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32instcat.sql:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ipconf.tsp:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32ciadv.msc:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32services.msc:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32nusrmgr.cpl:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32QuickTime.cpl:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32vcl70.bpl:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32prnport.vbs:GhtTEv1dmSIY 158208 bytes executable
e:windowssystem32rsaci.rat:GhtTEv1dmSIY 158208 bytes executablescan completed successfully
hidden files: 79**************************************************************************
.
Completion time: 2010-06-10 13:16:44
ComboFix-quarantined-files.txt 2010-06-10 09:16
ComboFix2.txt 2010-06-01 18:53
ComboFix3.txt 2010-05-31 19:32Pre-Run: 24 587 968 512 байт свободно
Post-Run: 24 538 714 112 байт свободно— — End Of File — — A6FDC7DB87B423B9CDAA6CF7554EA4BC
- Для ответа в этой теме необходимо авторизоваться.
