Созданные ответы форума
-
Сообщения
-
выдает отказано в доступе… кароч спасибо вам за все, у меня нервов нехватает на это все. я знаю адин проверяный способ 💡 ФОРМАТНУТЬ ВСЕЕЕЕ!!!!
No LOP job-files found
Files in Windows Tasks folder
Export App Data folders
Том в устройстве C не имеет метки.
Серийный номер тома: 74E7-FEDAСодержимое папки C:Documents and SettingsАдминистраторApplication Data
12.12.2009 23:30 .
12.12.2009 23:30 ..
11.11.2009 15:41 Adobe
10.11.2009 01:23 APPLEC~1 Apple Computer
10.11.2009 15:29 AUSLOG~1 Auslogics
11.12.2009 23:52 BITTOR~1 BitTorrent
10.11.2009 17:14 Comodo
01.12.2009 06:52 Creative
17.11.2009 17:02 DAEMON~1 DAEMON Tools Lite
10.11.2009 01:38 DESKTO~1 Desktopicon
02.12.2009 00:32 GETRIG~1 GetRightToGo
10.11.2009 00:28 IDENTI~1 Identities
02.12.2009 06:10 ITTERR~1 ITTerritory
10.11.2009 01:38 MACROM~1 Macromedia
10.11.2009 00:58 MEDIAP~1 Media Player Classic
02.12.2009 17:21 MICROS~1 Microsoft
06.12.2009 10:43 MOUNT&~1 Mount&Blade
10.11.2009 01:38 Mozilla
08.12.2009 16:42 NATION~1 NationRed
10.11.2009 01:23 Opera
10.11.2009 00:18 Real
07.12.2009 14:52 RUNICG~1 runic games
11.11.2009 16:56 ScanSoft
04.12.2009 05:53 SecuROM
11.12.2009 17:22 Skype
11.12.2009 17:17 skypePM
10.11.2009 15:15 WinRAR
11.12.2009 20:34 XnView
17.11.2009 16:45 Yandex
0 файлов 0 байт
29 папок 8 812 056 576 байт свободно
Том в устройстве C не имеет метки.
Серийный номер тома: 74E7-FEDAСодержимое папки C:Documents and SettingsAll UsersApplication Data
12.12.2009 19:50 .
12.12.2009 19:50 ..
10.11.2009 00:19 Adobe
10.11.2009 19:26 Autodesk
11.11.2009 16:41 CanonBJ
11.11.2009 17:06 CANONI~1 CanonIJPLM
17.11.2009 16:44 DAEMON~1 DAEMON Tools Lite
10.11.2009 23:13 FLEXnet
11.11.2009 16:56 INSTAL~1 InstallShield
04.12.2009 05:27 MICROS~1 Microsoft
10.11.2009 00:18 Real
11.11.2009 16:56 ScanSoft
10.11.2009 00:05 Skype
11.12.2009 17:06 TEMP
12.12.2009 20:01 TESTDR~1 Test Drive Unlimited
0 файлов 0 байт
15 папок 8 812 056 576 байт свободно
All User Accounts
All Users
Администратор
ComboFix 09-12-11.05 — Администратор 13.12.2009 0:15.1.2 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.1534.1070 [GMT 2:00]
Running from: c:installComboFix.exe
Command switches used :: c:installWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
AV: avast! antivirus 4.8.1368 [VPS 091211-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Outpost Firewall Pro *disabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:documents and settingsАдминистраторГлавное менюПрограммыАвтозагрузкаsiszyd32.exe
c:documents and settingsАдминистраторApplication DataDesktopicon
c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr0.dat
c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr1.dat
c:windowssystem32twain_32.dll
BITS: Possible infected sites
hxxp://soft.export.yandex.ru
hxxp://download.yandex.ru
.
((((((((((((((((((((((((( Files Created from 2009-11-12 to 2009-12-12 )))))))))))))))))))))))))))))))
.2009-12-12 22:11 . 2009-12-12 22:11
d
w- c:documents and settingsАдминистраторApplication DataDAEMON Tools Lite
2009-12-12 21:48 . 2009-12-12 21:48
d
w- c:documents and settingsAll UsersApplication DataFLEXnet
2009-12-12 20:54 . 2009-12-12 22:18 697856 —-a-w- c:windowssystem32driverswbekd.sys
2009-12-12 17:50 . 2009-12-12 18:01
d
w- c:documents and settingsAll UsersApplication DataTest Drive Unlimited
2009-12-12 17:45 . 2009-12-12 17:45 108144 —-a-w- c:windowssystem32CmdLineExt.dll
2009-12-08 14:22 . 2009-12-08 14:42
d
w- c:documents and settingsАдминистраторApplication DataNationRed
2009-12-08 05:05 . 2009-12-11 18:34
d
w- c:program filesOpenAL
2009-12-08 05:05 . 2009-12-08 06:03 444952 —-a-w- c:windowssystem32wrap_oal.dll
2009-12-08 05:05 . 2009-12-08 06:03 109080 —-a-w- c:windowssystem32OpenAL32.dll
2009-12-07 12:52 . 2009-12-07 12:52
d
w- c:documents and settingsАдминистраторApplication Datarunic games
2009-12-07 12:47 . 2009-12-07 12:47
d
w- c:program filesRunic Games
2009-12-06 19:33 . 2009-12-12 17:47
d
w- C:Game Videos from AG
2009-12-06 13:54 . 2009-12-06 13:54 4096 —-a-w- c:windowsd3dx.dat
2009-12-06 04:04 . 2009-12-06 08:43
d
w- c:documents and settingsАдминистраторApplication DataMount&Blade
2009-12-06 03:12 . 2004-06-04 16:33 314368 —-a-w- c:windowsIsUninstR.Exe
2009-12-06 03:10 . 2009-12-06 03:10
d
w- c:documents and settingsАдминистраторWINDOWS
2009-12-05 17:27 . 2009-12-05 17:27
d
w- c:documents and settingsАдминистраторLocal SettingsApplication DataRisen
2009-12-05 17:23 . 2009-12-05 17:23 281760 —-a-w- c:windowssystem32driversatksgt.sys
2009-12-05 17:23 . 2009-12-05 17:23 25888 —-a-w- c:windowssystem32driverslirsgt.sys
2009-12-05 17:10 . 2009-12-05 17:10
d
w- c:windowssystem32AGEIA
2009-12-05 17:10 . 2009-12-05 17:10
d
w- c:program filesAGEIA Technologies
2009-12-05 17:09 . 2009-12-05 17:09
d
w- c:program filesCommon FilesWise Installation Wizard
2009-12-04 04:12 . 2009-12-04 04:12
d
w- c:documents and settingsАдминистраторLocal SettingsApplication DataRockstar Games
2009-12-04 03:53 . 2009-12-12 21:44
d—h—r- c:documents and settingsАдминистраторApplication DataSecuROM
2009-12-02 16:08 . 2009-12-02 16:28
d
w- c:program filesMobile Partner
2009-12-02 08:42 . 2009-12-02 08:42
d
w- c:documents and settingsАдминистраторLocal SettingsApplication DataPunkBuster
2009-12-01 04:52 . 2009-12-01 04:52
d
w- c:documents and settingsАдминистраторApplication DataCreative
2009-12-01 04:22 . 1999-10-10 17:00 41984
w- c:windowsCtregrun.exe
2009-12-01 04:21 . 2006-03-27 17:00 32874 —-a-r- c:windowsV0260Cfg.exe
2009-12-01 04:21 . 2006-03-13 17:00 126976 —-a-r- c:windowssystem32V0260Vfw.dll
2009-12-01 04:21 . 2005-07-12 18:17 86016 —-a-r- c:windowsCtDrvIns.exe
2009-12-01 04:21 . 2005-11-30 17:00 20564 —-a-r- c:windowssystem32V0260Srv.exe
2009-12-01 04:21 . 2006-04-04 17:00 36864 —-a-r- c:windowssystem32V0260Pin.dll
2009-12-01 04:21 . 2006-03-30 17:00 28672 —-a-r- c:windowssystem32V0260Hwx.dll
2009-12-01 04:21 . 2006-03-22 12:23 24829 —-a-r- c:windowssystem32driversV0260Cmd.sys
2009-12-01 04:21 . 2005-07-06 17:07 36864 —-a-r- c:windowssystem32CtCamMgr.dll
2009-12-01 04:21 . 2006-04-01 15:16 162176 —-a-r- c:windowssystem32driversV0260Vid.sys
2009-12-01 04:21 . 2008-04-14 18:40 54272 —-a-w- c:windowssystem32vfwwdm32.dll
2009-12-01 04:18 . 2009-12-01 04:51
d
w- c:program filesCreative
2009-12-01 04:18 . 2009-12-12 17:11
d—h—w- c:program filesInstallShield Installation Information
2009-11-19 16:28 . 2009-11-19 16:28
d
w- c:documents and settingsАдминистраторLocal SettingsApplication DataCodemasters
2009-11-18 13:37 . 2009-12-02 11:58
d
w- c:program filesPES 2010
2009-11-18 01:54 . 2008-07-10 09:01 467984 —-a-w- c:windowssystem32d3dx10_39.dll
2009-11-18 01:54 . 2008-07-10 09:00 1493528 —-a-w- c:windowssystem32D3DCompiler_39.dll
2009-11-18 01:54 . 2008-07-10 09:00 3851784 —-a-w- c:windowssystem32D3DX9_39.dll
2009-11-18 01:47 . 2009-12-11 18:34
d
w- c:windowsLogs
2009-11-17 15:57 . 2007-04-17 22:13 494557 —-a-w- c:windowssystem32dxgi.dll
2009-11-17 15:57 . 2007-04-17 22:13 25037 —-a-w- c:windowssystem32Nucleus.dll
2009-11-17 15:57 . 2007-04-18 22:59 519912 —-a-w- c:windowssystem32d3dx10d_33.dll
2009-11-17 15:57 . 2007-04-18 22:59 519912 —-a-w- c:windowssystem32d3dx10d.dll
2009-11-17 15:57 . 2007-04-17 22:20 566624 —-a-w- c:windowssystem32d3d10.dll
2009-11-17 14:45 . 2009-11-17 14:45
d
w- c:documents and settingsАдминистраторLocal SettingsApplication DataYandex
2009-11-17 14:45 . 2009-11-17 14:45
d
w- c:program filesYandex
2009-11-17 14:44 . 2009-11-17 14:45
d
w- c:program filesDAEMON Tools Lite
2009-11-17 14:44 . 2009-11-17 14:44
d
w- c:documents and settingsAll UsersApplication DataDAEMON Tools Lite
2009-11-17 09:32 . 2009-11-17 09:33 8704 —-a-w- c:windowssystem32driversFStarForce.sys
2009-11-15 12:07 . 2009-12-02 08:46 138576 —-a-w- c:windowssystem32driversPnkBstrK.sys
2009-11-15 12:07 . 2009-12-02 08:45 215104 —-a-w- c:windowssystem32PnkBstrB.exe
2009-11-15 12:07 . 2009-12-02 08:46 75064 —-a-w- c:windowssystem32PnkBstrA.exe
2009-11-15 12:06 . 2009-11-15 12:06
d
w- c:documents and settingsАдминистраторLocal SettingsApplication DataActivision.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-12 21:49 . 2009-11-09 22:05
d
w- c:documents and settingsAll UsersApplication DataSkype
2009-12-12 21:38 . 2009-11-10 15:10
d
w- c:documents and settingsАдминистраторApplication DataBitTorrent
2009-12-12 21:37 . 2009-11-09 23:23
d
w- c:documents and settingsАдминистраторApplication DataApple Computer
2009-12-12 20:53 . 2009-12-09 20:05 20 —-a-w- c:windowssystem32configsystemprofileApplication Datafvgqad.dat
2009-12-11 18:34 . 2009-11-10 15:03
d
w- c:program filesAlcohol 120
2009-12-11 18:34 . 2009-11-09 22:02
d
w- c:program filesTotal Commander
2009-12-11 18:34 . 2009-11-09 22:00
d
w- c:program filesWinamp
2009-12-11 15:17 . 2009-11-10 13:16
d
w- c:documents and settingsАдминистраторApplication DataskypePM
2009-12-09 20:41 . 2009-11-09 22:02
d
w- c:program filesSafari
2009-12-05 02:34 . 2008-04-15 12:00 74670 —-a-w- c:windowssystem32perfc019.dat
2009-12-05 02:34 . 2008-04-15 12:00 442332 —-a-w- c:windowssystem32perfh019.dat
2009-12-01 04:19 . 2009-11-11 14:54
d
w- c:program filesCommon FilesInstallShield
2009-11-24 23:54 . 2009-11-09 22:01 1280480 —-a-w- c:windowssystem32aswBoot.exe
2009-11-24 23:51 . 2009-11-09 22:01 93424 —-a-w- c:windowssystem32driversaswmon.sys
2009-11-24 23:50 . 2009-11-09 22:01 94160 —-a-w- c:windowssystem32driversaswmon2.sys
2009-11-24 23:50 . 2009-11-09 22:01 114768 —-a-w- c:windowssystem32driversaswSP.sys
2009-11-24 23:50 . 2009-11-09 22:01 20560 —-a-w- c:windowssystem32driversaswFsBlk.sys
2009-11-24 23:49 . 2009-11-09 22:01 48560 —-a-w- c:windowssystem32driversaswTdi.sys
2009-11-24 23:48 . 2009-11-09 22:01 23120 —-a-w- c:windowssystem32driversaswRdr.sys
2009-11-24 23:47 . 2009-11-09 22:01 27408 —-a-w- c:windowssystem32driversaavmker4.sys
2009-11-24 23:47 . 2009-11-09 22:01 97480 —-a-w- c:windowssystem32AvastSS.scr
2009-11-18 12:09 . 2009-11-09 22:02
d
w- c:program filesUnlocker
2009-11-17 14:45 . 2009-11-09 21:35 691696 —-a-w- c:windowssystem32driverssptd.sys
2009-11-12 01:38 . 2009-11-09 21:30 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2009-11-11 15:06 . 2009-11-11 15:06
d
w- c:documents and settingsAll UsersApplication DataCanonIJPLM
2009-11-11 15:06 . 2009-11-11 14:39
d
w- c:program filesCanon
2009-11-11 14:56 . 2009-11-11 14:56
d
w- c:documents and settingsАдминистраторApplication DataScanSoft
2009-11-11 14:56 . 2009-11-11 14:56
d
w- c:documents and settingsAll UsersApplication DataScanSoft
2009-11-11 14:56 . 2009-11-11 14:56
d
w- c:program filesCommon FilesScanSoft Shared
2009-11-11 14:55 . 2009-11-11 14:55
d
w- c:program filesScanSoft
2009-11-11 14:53 . 2009-11-11 14:53
d
w- c:program filesCommon FilesCANON
2009-11-11 14:44 . 2009-11-11 14:44
d—h—w- c:program filesCanonBJ
2009-11-11 14:41 . 2009-11-11 14:41
d—h—w- c:documents and settingsAll UsersApplication DataCanonBJ
2009-11-10 17:42 . 2009-11-10 17:42 12720 —-a-w- c:documents and settingsАдминистраторLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-11-10 17:29 . 2009-11-10 17:23
d
w- c:program filesAutodesk
2009-11-10 17:28 . 2009-11-10 17:23
d
w- c:program filesCommon FilesAutodesk Shared
2009-11-10 17:26 . 2009-11-10 17:26
d
w- c:documents and settingsAll UsersApplication DataAutodesk
2009-11-10 15:14 . 2009-11-09 22:02
d
w- c:documents and settingsАдминистраторApplication DataComodo
2009-11-10 15:14 . 2009-11-09 22:02
d
w- c:program filesCOMODO
2009-11-10 15:10 . 2009-11-10 15:04
d
w- c:program filesBitTorrent
2009-11-10 15:04 . 2009-11-10 15:04
d
w- c:program filesCommon FilesAgnitum Shared
2009-11-10 15:04 . 2009-11-10 15:04
d
w- c:program filesAgnitum
2009-11-10 13:29 . 2009-11-10 13:27
d
w- c:documents and settingsАдминистраторApplication DataAuslogics
2009-11-10 13:26 . 2009-11-10 12:42
d
w- c:program filesAuslogics
2009-11-10 13:16 . 2009-11-10 13:16 56 —ha-w- c:windowssystem32ezsidmv.dat
2009-11-10 12:38 . 2009-11-10 12:38
d
w- c:program files7-Zip
2009-11-10 00:25 . 2009-11-10 00:25
d
w- c:program filesAnalog Devices
2009-11-09 23:24 . 2009-11-09 23:24 8940 —ha-w- c:windowssystem32mlfcache.dat
2009-11-09 22:58 . 2009-11-09 22:58
d
w- c:documents and settingsАдминистраторApplication DataMedia Player Classic
2009-11-09 22:19 . 2009-11-09 22:19
d
w- c:program filesFoxit Software
2009-11-09 22:18 . 2009-11-09 22:18
d
w- c:program filesEmule XTreme
2009-11-09 22:18 . 2009-11-09 22:18
d
w- c:program filesK-Lite Codec Pack
2009-11-09 22:12 . 2009-11-09 22:07
d
w- c:program filesCommon FilesAdobe
2009-11-09 22:07 . 2009-11-09 22:07
d
w- c:program filesCommon FilesMacrovision Shared
2009-11-09 22:05 . 2009-11-09 22:05
d
w- c:program filesFastStone Capture
2009-11-09 22:05 . 2009-11-09 22:05
d
w- c:program filesXnView
2009-11-09 22:05 . 2009-11-09 22:05
d
w- c:program filesSkype
2009-11-09 22:05 . 2009-11-09 22:05
d
w- c:program filesCommon FilesSkype
2009-11-09 22:04 . 2009-11-09 22:02
d
w- c:program filesOpera
2009-11-09 22:02 . 2009-11-09 22:02
d
w- c:program filesMy Company Name
2009-11-09 22:01 . 2009-11-09 22:01
d
w- c:program filesAlwil Software
2009-11-09 22:00 . 2009-11-09 22:00
d
w- c:program filesAhead
2009-11-09 22:00 . 2009-11-09 22:00
d
w- c:program filesCommon FilesAhead
2009-11-09 22:00 . 2009-11-09 22:00
d
w- c:program filesLight Alloy
2009-11-09 21:59 . 2009-11-09 21:59
d
w- c:program filesVitSoft
2009-11-09 21:36 . 2009-11-09 21:36
d
w- c:program filesmicrosoft frontpage
2009-11-09 21:36 . 2009-11-09 21:36
d
w- c:program filesVistaDriveIcon
2009-11-09 21:32 . 2009-11-09 21:32
d
w- c:program filesWindows Media Connect 2
2009-11-09 21:28 . 2009-11-09 21:28 22564 —-a-w- c:windowssystem32emptyregdb.dat
2003-04-15 17:27 . 2009-11-11 00:03 793536 —-a-w- c:program fileswmpcdcs8.exe
2002-12-11 20:11 . 2009-11-11 00:03 4085904 —-a-w- c:program fileswmfdist.exe
.
Sigcheck
[-] 2008-04-15 . EAEC6EA32BDABD7622371C10B8D68A17 . 361344 . . [5.1.2600.5512] . . c:windowssystem32driverstcpip.sys[-] 2008-06-25 . 30582E7E4E0626CD0730DCF95BDF66DF . 76632 . . [7.1.6001.65] . . c:windowssystem32wuauclt.exe
[-] 2008-06-25 . FE60732C78B24147B2AD5C3E87F2FD7A . 691200 . . [5.82] . . c:windowssystem32comctl32.dll
[-] 2008-06-25 . 047953A8B30891F5F8F0BF68ABFEA339 . 2286592 . . [5.1.2600.5586] . . c:windowssystem32ntoskrnl.exe
[-] 2008-06-25 . 371C41F777924F3EA3BFAD18C6A04502 . 584192 . . [5.1.2600.5512] . . c:windowssystem32user32.dll
[-] 2008-06-25 . DC2B803BB81968B75128541B96D44744 . 1597952 . . [6.00.2900.5512] . . c:windowsexplorer.exe
[-] 2008-06-25 . 54DDF4FB948B5410D3BEDB47ED832964 . 1571840 . . [5.1.2600.5512] . . c:windowssystem32sfcfiles.dll
[-] 2008-06-25 . DCB049EF4D6AA184601D9CA5B128BF56 . 17408 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
[-] 2008-06-25 . 9C8B91FF9F5CC6C6C17A1593255F46D3 . 2165248 . . [5.1.2600.5586] . . c:windowssystem32ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-07-24 5586208][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-07-24 5586208][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-03-23 132096]
«Auslogics BoostSpeed»=»c:program filesAuslogicsAuslogics BoostSpeedboostspeed.exe» [2009-09-07 480368]
«AlcoholAutomount»=»c:program filesAlcohol 120axcmd.exe» [2007-12-22 221568]
«DAEMON Tools Lite»=»c:program filesDAEMON Tools LiteDTLite.exe» [2009-10-30 369200]
«Creative WebCam Tray»=»c:program filesCreativeShared FilesCamTray.exe» [2005-10-27 299008]
«AdobeUpdater»=»c:program filesCommon FilesAdobeUpdater5AdobeUpdater.exe» [2009-11-11 2356088][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2007-12-05 8523776]
«nwiz»=»nwiz.exe» [2007-12-05 1626112]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2007-12-05 81920]
«SoundMAXPnP»=»c:program filesAnalog DevicesCoresmax4pnp.exe» [2007-03-16 868352]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2006-01-12 155648]
«avast!»=»c:progra~1ALWILS~1Avast4ashDisp.exe» [2009-11-24 81000]
«UnlockerAssistant»=»c:program filesUnlockerUnlockerAssistant.exe» [2008-05-02 15872]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2007-05-11 40048]
«CanonSolutionMenu»=»c:program filesCanonSolutionMenuCNSLMAIN.exe» [2007-04-03 644696]
«CanonMyPrinter»=»c:program filesCanonMyPrinterBJMyPrt.exe» [2007-04-03 1603152]
«SSBkgdUpdate»=»c:program filesCommon FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe» [2006-10-25 210472]
«OpwareSE4″=»c:program filesScanSoftOmniPageSE4OpwareSE4.exe» [2007-02-04 79400][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-06-25 17408]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-03-23 132096][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«ZZZZ2_FirstLogonSetting»=»advpack.dll» [2008-03-03 126464]
«IE7_012″=»advpack.dll» [2008-03-03 126464][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«SynchronousMachineGroupPolicy»= 0 (0x0)
«SynchronousUserGroupPolicy»= 0 (0x0)[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoThumbnailCache»= 1 (0x1)
«NoSMConfigurePrograms»= 1 (0x1)
«NoSMHelp»= 1 (0x1)[HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoThumbnailCache»= 1 (0x1)
«NoSMConfigurePrograms»= 1 (0x1)
«NoSMHelp»= 1 (0x1)[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«FirewallOverride»=dword:00000001
«UpdatesOverride»=dword:00000001
«AntiVirusOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)
«DisableNotifications»= 1 (0x1)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\BitTorrent\bittorrent.exe»=
«c:\Program Files\PES 2010\pes2010.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=R1 aswSP;avast! Self Protection;c:windowssystem32driversaswSP.sys [10.11.2009 0:01 114768]
R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [10.11.2009 0:01 20560]
R3 FStarForce;FStarForce;c:windowssystem32driversFStarForce.sys [17.11.2009 11:32 8704]
R3 V0260VID;Live! Cam Vista IM;c:windowssystem32driversV0260Vid.sys [01.12.2009 6:21 162176]
S0 sptd;sptd;c:windowssystem32driverssptd.sys [09.11.2009 23:35 691696]
S3 GarenaPEngine;GarenaPEngine;??c:docume~19335~1LOCALS~1TempBDS1A0.tmp —> c:docume~19335~1LOCALS~1TempBDS1A0.tmp [?]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:windowssystem32DRIVERSewusbdev.sys —> c:windowssystem32DRIVERSewusbdev.sys [?]— Other Services/Drivers In Memory —
*Deregistered* — wbekd
.
Supplementary Scan
.
uStart Page = hxxp://www.yandex.ru/?clid=41128
FF — ProfilePath —
.
— — — — ORPHANS REMOVED — — — —BHO-{D53CAAF6-9674-DD87-4871-E2EB2328FFFE} — %SYSTEMDRIVE%SysFilesae_ZeIOlXUN.dll
AddRemove-OpenAL — c:program filesOpenALMSI67E.tmp**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-13 00:18
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
[HKEY_LOCAL_MACHINESystemControlSet001ServicesGarenaPEngine]
«ImagePath»=»??c:docume~19335~1LOCALS~1TempBDS1A0.tmp»[HKEY_LOCAL_MACHINESystemControlSet001Serviceswbekd]
.
LOCKED REGISTRY KEYS
[HKEY_USERSS-1-5-21-1708537768-1844237615-1606980848-500SoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved{81A3F6DE-C4D5-D610-C676-991E33780E17}*]
«jabeimllgkabbndlkhij»=hex:62,61,6e,6a,00,00
«jabeimllgkabbndlkhej»=hex:62,61,6d,6a,00,00
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(656)
c:windowssystem32cscui.dll
.
Completion time: 2009-12-13 00:19:42
ComboFix-quarantined-files.txt 2009-12-12 22:19Pre-Run: 8 835 203 072 байт свободно
Post-Run: 8 818 880 512 байт свободноWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS
[operating systems]
c:cmdconsBOOTSECT.DAT=»Microsoft Windows Recovery Console» /cmdcons
multi(0)disk(0)rdisk(0)partition(1)WINDOWS=»Microsoft Windows XP Professional RU» /execute /fastdetect
multi(0)disk(0)rdisk(0)partition(2)WINDOWS.0=»Microsoft Windows XP Professional RU» /execute /fastdetect
multi(0)disk(0)rdisk(0)partition(2)WINDOWS=»Microsoft Windows XP Professional RU» /execute /fastdetect— — End Of File — — E6B0BDCE534063FA4D841190CB489040
Бля!! воше нифига неработает!!!
если я отформатируюю и переустановлю винду… вирусов небудет??? и каким лутчше всего пользоватса антивирусом???
