SPYWARE-RU.COM

Созданные ответы форума

Просмотр 1 сообщения - с 1 по 1 (всего 1)

Автор

Сообщения
10 декабря, 2009 в 9:08 дп в ответ на: Требование об уплате доступа на сайт с порновидео. #27290
lalet
Participant
- Темы:0
- Сообщений:1
Logfile of random’s system information tool 1.06 (written by random/random)
Run by lalety at 2009-12-10 17:03:23
Microsoft® Windows Vista™ Ultimate
System drive C: has 662 MB (2%) free of 31 GB
Total RAM: 2046 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:03:37, on 10.12.2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:Windowssystem32taskeng.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesMail.RuAgentmagent.exe
C:Program FilesCyberLinkPowerDVD9PDVD9Serv.exe
C:Program FilesCyberLinkShared Filesbrs.exe
C:Program FilesiTunesiTunesHelper.exe
C:Program FilesWebMoney Agentwmagent.exe
C:Program FilesHTCHTC SyncApplication LauncherApplication Launcher.exe
C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
C:Windowsehomeehtray.exe
C:Windowsehomeehmsas.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Program FilesNokiaNokia PC Suite 7PCSuite.exe
C:Program FilesFree Download Managerfdm.exe
C:UserslaletyAppDataLocalNevoSoftrun.exe
C:Program FilesCommon FilesTeleca SharedCapabilityManager.exe
C:Program FilesCommon FilesTeleca Sharedlogger.exe
C:Program FilesCommon FilesTeleca SharedGeneric.exe
C:Program FilesHTCHTC SyncClientInitiatedStarterClientInitiatedStarter.exe
C:Program FilesHTCHTC SyncMobile Phone Monitorepmworker.exe
C:Program FilesHTCHTC SyncMobile Phone MonitorDbgOut.exe
C:Program FilesHTCHTC SyncMobile Phone MonitorHTCVBTServer.exe
C:Program FilesHTCHTC SyncMobile Phone MonitorFsynSrvStarter.exe
C:WindowsSystem32mobsync.exe
C:Program FilesWindows Media Playerwmplayer.exe
C:Windowssystem32wuauclt.exe
C:Program FilesOperaopera.exe
C:UserslaletyDesktopRSIT.exe
C:Program Filestrend microlalety.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=49121
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Symantec Intrusion Prevention — {6D53EC84-6AAE-4787-AEEE-F4628F01010C} — C:PROGRA~1COMMON~1SYMANT~1IDSIPSBHO.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program filesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: FDMIECookiesBHO Class — {CC59E0F9-7E43-44FA-9FAA-8377850BF205} — C:Program FilesFree Download Manageriefdm2.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: DAEMON Tools Toolbar — {32099AAC-C132-4136-9E9A-4E364A424E17} — C:Program FilesDAEMON Tools ToolbarDTToolbar.dll
O3 — Toolbar: Яндекс.Бар (для НевоСофт) — {17679b4f-3bcc-644b-8f28-a47597fbb905} — C:Program FilesYandexYandexBarIEbarsbarienevosoftyndbar.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [RemoteControl9] «C:Program FilesCyberLinkPowerDVD9PDVD9Serv.exe»
O4 — HKLM..Run: [PDVD9LanguageShortcut] «C:Program FilesCyberLinkPowerDVD9LanguageLanguage.exe»
O4 — HKLM..Run: [BDRegion] C:Program FilesCyberlinkShared Filesbrs.exe
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
O4 — HKLM..Run: [wmagent.exe] «C:Program FilesWebMoney Agentwmagent.exe»
O4 — HKLM..Run: [Mobile Connectivity Suite] «C:Program FilesHTCHTC SyncApplication LauncherApplication Launcher.exe» /startoptions
O4 — HKLM..Run: [ccApp] «C:Program FilesCommon FilesSymantec SharedccApp.exe»
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [PC Suite Tray] «C:Program FilesNokiaNokia PC Suite 7PCSuite.exe» -onlytray
O4 — HKCU..Run: [Free Download Manager] C:Program FilesFree Download Managerfdm.exe -autorun
O4 — HKCU..Run: [NevoDRM] «C:ИгрыNevoDRMNevoDRM.exe»
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Закачать все с помощью FDM — file://C:Program FilesFree Download Managerdlall.htm
O8 — Extra context menu item: Закачать выбранное с помощью FDM — file://C:Program FilesFree Download Managerdlselected.htm
O8 — Extra context menu item: Закачать с помощью FDM — file://C:Program FilesFree Download Managerdllink.htm
O8 — Extra context menu item: Поиск@Mail.Ru — res://c:program filesMail.RuSputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Скачать видео с Free Download Manager — file://C:Program FilesFree Download Managerdlfvideo.htm
O8 — Extra context menu item: Словари@Mail.Ru — res://c:program filesMail.RuSputnikMailRuSputnik.dll/283
O9 — Extra button: @C:WindowsWindowsMobileINetRepl.dll,-222 — {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — C:WindowsWindowsMobileINetRepl.dll
O9 — Extra button: (no name) — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:WindowsWindowsMobileINetRepl.dll
O9 — Extra ‘Tools’ menuitem: @C:WindowsWindowsMobileINetRepl.dll,-223 — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:WindowsWindowsMobileINetRepl.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O17 — HKLMSystemCCSServicesTcpip..{3C7D6704-7819-4982-937E-D41B1A070904}: NameServer = 195.46.116.1 195.46.96.1
O23 — Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) — Unknown owner — C:Program FilesCommon FilesAcronisAcronis Disk Directoross_reinstall_svc.exe (file missing)
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: Планировщик автоматического запуска LiveUpdate (Automatic LiveUpdate Scheduler) — Symantec Corporation — C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Symantec Event Manager (ccEvtMgr) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: Symantec Settings Manager (ccSetMgr) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: Symantec Lic NetConnect service (CLTNetCnService) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: Служба Google Update (gupdate1ca6ff34dc77dc0) (gupdate1ca6ff34dc77dc0) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: LiveUpdate — Symantec Corporation — C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE
O23 — Service: LiveUpdate Notice — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesAheadLibNMIndexingService.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: Protexis Licensing V2 (PSI_SVC_2) — Protexis Inc. — c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) — NVIDIA Corporation — C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe
O23 — Service: Symantec Core LC — Unknown owner — C:PROGRA~1COMMON~1SYMANT~1CCPD-LCsymlcsvc.exe
O23 — Service: @%systemroot%system32SearchIndexer.exe,-103 (WSearch) — Корпорация Майкрософт — C:Windowssystem32SearchIndexer.exe

—
End of file — 9074 bytes

======Scheduled tasks folder======

C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksNorton AntiVirus — Запустить осмотр всей системы — lalety.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention — C:PROGRA~1COMMON~1SYMANT~1IDSIPSBHO.dll [2009-12-10 116088]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — c:program filesMail.RuSputnikMailRuSputnik.dll [2009-11-22 826032]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class — C:Program FilesFree Download Manageriefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-11-19 41760]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-07-24 5586208]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — c:program filesMail.RuSputnikMailRuSputnik.dll [2009-11-22 826032]
{32099AAC-C132-4136-9E9A-4E364A424E17} — DAEMON Tools Toolbar — C:Program FilesDAEMON Tools ToolbarDTToolbar.dll [2008-12-10 929224]
{17679b4f-3bcc-644b-8f28-a47597fbb905} — Яндекс.Бар (для НевоСофт) — C:Program FilesYandexYandexBarIEbarsbarienevosoftyndbar.dll [2009-11-10 5610760]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2009-10-07 1006264]
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2007-03-10 153136]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-11-22 7975608]
«RemoteControl9″=C:Program FilesCyberLinkPowerDVD9PDVD9Serv.exe [2009-02-17 87336]
«PDVD9LanguageShortcut»=C:Program FilesCyberLinkPowerDVD9LanguageLanguage.exe [2008-10-14 50472]
«BDRegion»=C:Program FilesCyberlinkShared Filesbrs.exe [2009-03-01 75048]
«QuickTime Task»=C:Program FilesQuickTimeQTTask.exe [2009-09-05 417792]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2009-10-28 141600]
«wmagent.exe»=C:Program FilesWebMoney Agentwmagent.exe [2009-10-19 210400]
«Mobile Connectivity Suite»=C:Program FilesHTCHTC SyncApplication LauncherApplication Launcher.exe [2009-05-27 598016]
«ccApp»=C:Program FilesCommon FilesSymantec SharedccApp.exe [2008-10-17 51048]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«ehTray.exe»=C:WindowsehomeehTray.exe [2006-11-02 125440]
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools Litedaemon.exe [2008-12-29 687560]
«PC Suite Tray»=C:Program FilesNokiaNokia PC Suite 7PCSuite.exe [2009-06-26 1414144]
«Free Download Manager»=C:Program FilesFree Download Managerfdm.exe [2009-01-31 3399727]
«NevoDRM»=C:ИгрыNevoDRMNevoDRM.exe [2008-12-11 41984]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2007-03-13 153136]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSamsung PanelMgr]
C:WindowsSamsungPanelMgrSSMMgr.exe [2008-03-03 536576]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSidebar]
C:Program FilesWindows Sidebarsidebar.exe [2009-10-07 1232896]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregWindows Mobile Device Center]
C:WindowsWindowsMobilewmdc.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregWindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{AEB6717E-7E19-11d0-97EE-00C04FD91972}»= []

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=0
«NoDrives»=0

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDrives»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1

======List of files/folders created in the last 1 months======

2009-12-10 17:03:24 —-D—- C:Program Filestrend micro
2009-12-10 17:03:23 —-D—- C:rsit
2009-12-10 17:03:23 —-D—- rsit
2009-12-10 16:10:56 —-A—- C:log combofix.txt
2009-12-10 16:10:56 —-A—- log combofix.txt
2009-12-10 16:07:20 —-A—- C:ComboFix.txt
2009-12-10 16:07:20 —-A—- ComboFix.txt
2009-12-10 16:00:32 —-D—- C:$RECYCLE.BIN
2009-12-10 16:00:32 —-D—- $RECYCLE.BIN
2009-12-10 15:50:03 —-A—- C:Windowszip.exe
2009-12-10 15:50:03 —-A—- C:WindowsSWXCACLS.exe
2009-12-10 15:50:03 —-A—- C:WindowsSWSC.exe
2009-12-10 15:50:03 —-A—- C:WindowsSWREG.exe
2009-12-10 15:50:03 —-A—- C:Windowssed.exe
2009-12-10 15:50:03 —-A—- C:WindowsPEV.exe
2009-12-10 15:50:03 —-A—- C:WindowsNIRCMD.exe
2009-12-10 15:50:03 —-A—- C:WindowsMBR.exe
2009-12-10 15:50:03 —-A—- C:Windowsgrep.exe
2009-12-10 15:49:57 —-D—- C:WindowsERDNT
2009-12-10 15:45:53 —-D—- C:Qoobox
2009-12-10 15:45:53 —-D—- Qoobox
2009-12-10 15:45:31 —-D—- C:32788R22FWJFW
2009-12-10 15:45:31 —-D—- 32788R22FWJFW
2009-12-10 03:10:10 —-A—- C:Windowssystem32nshhttp.dll
2009-12-10 03:10:05 —-A—- C:Windowssystem32httpapi.dll
2009-12-10 02:42:29 —-A—- C:Windowssystem32mshtml.dll
2009-12-10 02:42:29 —-A—- C:Windowssystem32ieframe.dll
2009-12-10 02:42:28 —-A—- C:Windowssystem32wininet.dll
2009-12-10 02:42:28 —-A—- C:Windowssystem32urlmon.dll
2009-12-10 02:42:28 —-A—- C:Windowssystem32occache.dll
2009-12-10 02:42:28 —-A—- C:Windowssystem32msfeeds.dll
2009-12-10 02:42:28 —-A—- C:Windowssystem32iertutil.dll
2009-12-10 02:42:28 —-A—- C:Windowssystem32iedkcs32.dll
2009-12-10 02:42:27 —-A—- C:Windowssystem32msfeedssync.exe
2009-12-10 02:42:27 —-A—- C:Windowssystem32msfeedsbs.dll
2009-12-10 02:42:27 —-A—- C:Windowssystem32jsproxy.dll
2009-12-10 02:42:27 —-A—- C:Windowssystem32ieUnatt.exe
2009-12-10 02:42:27 —-A—- C:Windowssystem32ieui.dll
2009-12-10 02:42:27 —-A—- C:Windowssystem32iesysprep.dll
2009-12-10 02:42:27 —-A—- C:Windowssystem32iesetup.dll
2009-12-10 02:42:27 —-A—- C:Windowssystem32iernonce.dll
2009-12-10 02:42:27 —-A—- C:Windowssystem32iepeers.dll
2009-12-10 02:42:27 —-A—- C:Windowssystem32ie4uinit.exe
2009-12-10 02:41:47 —-A—- C:Windowssystem32winhttp.dll
2009-12-10 02:40:34 —-A—- C:Windowssystem32rastls.dll
2009-12-10 02:40:34 —-A—- C:Windowssystem32raschap.dll
2009-12-10 02:13:10 —-D—- C:Program FilesNorton AntiVirus
2009-12-10 02:12:26 —-D—- C:Program FilesSymantec
2009-12-09 16:15:17 —-D—- C:Program FilesNortonInstaller
2009-12-09 02:58:21 —-D—- C:WindowsMinidump
2009-12-03 18:16:48 —-D—- C:UserslaletyAppDataRoamingMedia Player Classic
2009-12-03 18:16:19 —-A—- C:Windowssystem32unrar.dll
2009-12-03 18:16:19 —-A—- C:Windowssystem32pndx5032.dll
2009-12-03 18:16:19 —-A—- C:Windowssystem32pndx5016.dll
2009-12-03 18:16:18 —-A—- C:Windowsavisplitter.ini
2009-12-03 18:16:17 —-A—- C:Windowssystem32yv12vfw.dll
2009-12-03 18:16:17 —-A—- C:Windowssystem32xvidvfw.dll
2009-12-03 18:16:17 —-A—- C:Windowssystem32xvidcore.dll
2009-12-03 18:16:17 —-A—- C:Windowssystem32qt-dx331.dll
2009-12-03 18:16:17 —-A—- C:Windowssystem32dpl100.dll
2009-12-03 18:16:17 —-A—- C:Windowssystem32divx.dll
2009-12-03 18:16:16 —-A—- C:Windowssystem32ff_vfw.dll.manifest
2009-12-03 18:16:15 —-A—- C:Windowssystem32ff_vfw.dll
2009-12-03 18:16:14 —-D—- C:Program FilesK-Lite Codec Pack
2009-12-03 17:39:52 —-D—- C:Program FilesCCleaner
2009-12-01 18:10:34 —-D—- C:Downloads
2009-12-01 18:10:34 —-D—- Downloads
2009-12-01 18:08:53 —-D—- C:UserslaletyAppDataRoamingFree Download Manager
2009-12-01 18:08:51 —-D—- C:Program FilesFree Download Manager
2009-11-30 16:06:03 —-D—- C:UserslaletyAppDataRoamingPlayrix Entertainment
2009-11-30 15:14:14 —-D—- C:UserslaletyAppDataRoamingYoudaGames
2009-11-29 22:01:34 —-D—- C:Program FilesRealore
2009-11-29 17:56:40 —-D—- C:Program FilesМастер Портрета
2009-11-29 17:55:43 —-D—- C:Program FilesСтудия Красоты
2009-11-29 17:55:20 —-D—- C:Program FilesPhotoBEST
2009-11-29 17:50:41 —-D—- C:Program FilesДизайн Календарей
2009-11-28 17:22:39 —-A—- C:Windowssystem32WUDFx.dll
2009-11-28 17:22:39 —-A—- C:Windowssystem32WUDFSvc.dll
2009-11-28 17:22:39 —-A—- C:Windowssystem32WUDFPlatform.dll
2009-11-28 17:22:39 —-A—- C:Windowssystem32WUDFHost.exe
2009-11-28 17:22:39 —-A—- C:Windowssystem32WUDFCoinstaller.dll
2009-11-28 15:19:28 —-D—- C:UserslaletyAppDataRoamingDivX
2009-11-28 15:04:18 —-A—- C:Windowssystem32tzres.dll
2009-11-28 15:03:57 —-D—- C:Program FilesMSXML 4.0
2009-11-28 14:23:30 —-D—- C:Program FilesCommon FilesPX Storage Engine
2009-11-28 14:23:16 —-D—- C:Program FilesGoogle
2009-11-28 14:23:16 —-D—- C:Program FilesDivX
2009-11-28 14:05:22 —-A—- C:Windowssystem32msxml6r.dll
2009-11-28 14:05:22 —-A—- C:Windowssystem32msxml6.dll
2009-11-28 14:05:22 —-A—- C:Windowssystem32msxml3r.dll
2009-11-28 14:05:22 —-A—- C:Windowssystem32msxml3.dll
2009-11-23 01:15:40 —-D—- C:UserslaletyAppDataRoamingXilisoft Corporation
2009-11-23 01:15:15 —-D—- C:Program FilesXilisoft
2009-11-23 00:33:48 —-A—- C:Windowssystem32wmdmps.dll
2009-11-23 00:33:48 —-A—- C:Windowssystem32wmdmlog.dll
2009-11-23 00:33:48 —-A—- C:Windowssystem32mswmdm.dll
2009-11-22 23:35:31 —-D—- C:UserslaletyAppDataRoamingTeleca
2009-11-22 23:34:54 —-D—- C:Program FilesCommon FilesTeleca Shared
2009-11-22 23:33:16 —-D—- C:Program FilesHTC
2009-11-22 23:32:35 —-D—- C:WindowsDownloaded Installations
2009-11-22 22:23:41 —-D—- C:UserslaletyAppDataRoamingCorel
2009-11-22 22:22:18 —-D—- C:Program FilesCommon FilesProtexis
2009-11-22 22:20:25 —-D—- C:Program FilesCommon FilesCorel
2009-11-22 22:19:47 —-D—- C:Program FilesCorel
2009-11-19 01:42:41 —-A—- C:Windowssystem32deploytk.dll
2009-11-19 01:42:40 —-A—- C:Windowssystem32javaws.exe
2009-11-19 01:42:39 —-A—- C:Windowssystem32javaw.exe
2009-11-19 01:42:38 —-A—- C:Windowssystem32java.exe
2009-11-19 01:42:06 —-D—- C:Program FilesJava
2009-11-18 19:35:27 —-D—- C:UserslaletyAppDataRoamingSahmon Games
2009-11-17 21:38:39 —-D—- C:UserslaletyAppDataRoamingTweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
2009-11-17 08:43:21 —-D—- C:Program FilesAlawar
2009-11-13 21:23:08 —-A—- C:Windowssystem32WSDApi.dll
2009-11-13 00:21:38 —-H—- C:Windowsenc.ini
2009-11-13 00:21:38 —-A—- C:Windowsenс.ini
2009-11-12 21:13:02 —-D—- C:vocaljam
2009-11-12 21:13:02 —-D—- vocaljam
2009-11-12 21:12:55 —-A—- C:WindowsGPInstall.exe
2009-11-12 20:55:00 —-D—- C:Program FilesKaraoke GALAXY
2009-11-12 02:23:06 —-D—- C:UserslaletyAppDataRoamingWebMoney
2009-11-12 02:17:15 —-D—- C:Program FilesWebMoney Agent
2009-11-12 02:16:26 —-D—- C:Program FilesWebMoney

======List of files/folders modified in the last 1 months======

2009-12-10 17:03:24 —-RD—- C:Program Files
2009-12-10 17:03:24 —-RD—- Program Files
2009-12-10 17:03:22 —-D—- C:WindowsTemp
2009-12-10 16:41:50 —-D—- C:WindowsSystem32
2009-12-10 16:41:50 —-D—- C:Windowsinf
2009-12-10 16:41:50 —-A—- C:Windowssystem32PerfStringBackup.INI
2009-12-10 16:07:24 —-D—- C:Windowssystem32drivers
2009-12-10 16:00:47 —-D—- C:Windows
2009-12-10 16:00:47 —-D—- Windows
2009-12-10 16:00:47 —-A—- C:Windowssystem.ini
2009-12-10 15:58:49 —-D—- C:WindowsPrefetch
2009-12-10 15:56:19 —-D—- C:WindowsAppPatch
2009-12-10 15:56:19 —-D—- C:Program FilesCommon Files
2009-12-10 15:35:16 —-SHD—- C:WindowsInstaller
2009-12-10 15:35:00 —-D—- C:Program FilesOpera
2009-12-10 15:34:49 —-SHD—- C:System Volume Information
2009-12-10 15:34:49 —-SHD—- System Volume Information
2009-12-10 14:29:42 —-D—- C:ProgramData
2009-12-10 14:29:42 —-D—- ProgramData
2009-12-10 05:05:11 —-D—- C:WindowsDebug
2009-12-10 04:50:42 —-D—- C:Program FilesAdobe
2009-12-10 04:50:21 —-D—- C:Windowssystem32catroot2
2009-12-10 03:29:30 —-D—- C:Windowswinsxs
2009-12-10 03:29:24 —-D—- C:Windowssystem32catroot
2009-12-10 03:26:04 —-D—- C:Windowssystem32migration
2009-12-10 03:25:59 —-D—- C:Program FilesInternet Explorer
2009-12-10 03:25:57 —-D—- C:Windowssystem32en-US
2009-12-10 03:25:56 —-D—- C:Program FilesWindows Mail
2009-12-10 02:47:50 —-D—- C:Program FilesCommon FilesSymantec Shared
2009-12-10 02:15:31 —-D—- C:WindowsTasks
2009-12-10 02:15:31 —-D—- C:Windowssystem32Tasks
2009-12-09 23:17:09 —-D—- C:UserslaletyAppDataRoamingAIMP
2009-12-09 02:14:11 —-D—- C:Program FilesQuake III Arena
2009-12-05 16:12:28 —-D—- C:Игры
2009-12-05 16:12:28 —-D—- Игры
2009-12-05 16:00:07 —-D—- C:UserslaletyAppDataRoamingYandex
2009-12-02 04:06:19 —-A—- C:Windowssystem32mrt.exe
2009-11-30 15:16:46 —-D—- C:Program FilesAlawar.ru
2009-11-29 19:53:28 —-RSD—- C:Windowsassembly
2009-11-26 19:45:48 —-D—- C:Windowssystem32WDI
2009-11-22 22:21:01 —-RSD—- C:WindowsFonts
2009-11-22 22:07:57 —-D—- C:WindowsWindowsMobile
2009-11-21 23:42:03 —-D—- C:Windowssystem32Macromed
2009-11-17 21:37:00 —-D—- C:UserslaletyAppDataRoamingAdobe
2009-11-17 13:59:10 —-D—- C:Program FilesMyPlayCity.ru
2009-11-13 22:45:07 —-D—- C:Windowsehome

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eeCtrl;Symantec Eraser Control driver; ??C:Program FilesCommon FilesSymantec SharedEENGINEeeCtrl.sys [2009-11-16 371248]
R1 HWiNFO32;HWiNFO32 Kernel Driver; ??C:Program FilesHWiNFO32HWiNFO32.SYS [2009-07-17 19064]
R1 IDSvix86;Symantec Intrusion Prevention Driver; ??C:PROGRA~2SymantecDEFINI~1SymcDataipsdefs20091120.002IDSvix86.sys [2009-11-20 286768]
R1 SPBBCDrv;SPBBCDrv; ??C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCDrv.sys [2009-03-17 447024]
R1 SRTSPX;SRTSPX; C:WindowsSystem32DriversSRTSPX.SYS [2008-02-01 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:Windowssystem32DRIVERSSymIMv.sys [2008-02-06 24112]
R1 SYMTDI;SYMTDI; C:WindowsSystem32DriversSYMTDI.SYS [2008-02-05 188464]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/10/26 05:02:37]; ??C:Program FilesCyberLinkPowerDVD900.fcl [2009-03-01 87536]
R2 DgiVecp;DgiVecp; ??C:Windowssystem32DriversDgiVecp.sys [2006-12-08 41984]
R2 SSPORT;SSPORT; ??C:Windowssystem32DriversSSPORT.sys [2006-12-08 5120]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; ??C:Program FilesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [2009-11-16 102448]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:Windowssystem32DRIVERSGEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
R3 NAVENG;NAVENG; ??C:PROGRA~2SymantecDEFINI~1VIRUSD~120091209.041NAVENG.SYS [2009-11-16 84912]
R3 NAVEX15;NAVEX15; ??C:PROGRA~2SymantecDEFINI~1VIRUSD~120091209.041NAVEX15.SYS [2009-11-16 1323568]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2009-09-28 9509832]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:Windowssystem32DRIVERSRtnicxp.sys [2006-11-02 47104]
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh86.sys [2006-11-02 44544]
R3 SRTSP;SRTSP; C:WindowsSystem32DriversSRTSP.SYS [2008-02-01 279088]
R3 SYMDNS;SYMDNS; C:WindowsSystem32DriversSYMDNS.SYS [2008-02-05 13616]
R3 SymEvent;SymEvent; ??C:Windowssystem32DriversSYMEVENT.SYS [2009-12-10 124464]
R3 SYMFW;SYMFW; C:WindowsSystem32DriversSYMFW.SYS [2008-02-05 96432]
R3 SYMNDISV;SYMNDISV; C:WindowsSystem32DriversSYMNDISV.SYS [2008-02-05 41008]
R3 SYMREDRV;SYMREDRV; C:WindowsSystem32DriversSYMREDRV.SYS [2008-02-05 22320]
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-03-26 83328]
S1 eywaiwtu;eywaiwtu; C:Windowssystem32driverseywaiwtu.sys []
S3 azfo663y;azfo663y; C:Windowssystem32driversazfo663y.sys []
S3 catchme;catchme; ??C:ComboFixcatchme.sys []
S3 COH_Mon;COH_Mon; ??C:Windowssystem32DriversCOH_Mon.sys [2008-07-30 23888]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:Windowssystem32driversdrmkaud.sys [2006-11-02 5632]
S3 HTCAND32;HTC Device Driver; C:WindowsSystem32DriversANDROIDUSB.sys [2009-11-22 24576]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:Windowssystem32driversMSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:Windowssystem32driversMSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:Windowssystem32driversMSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:Windowssystem32driversMSTEE.sys [2006-11-02 6016]
S3 nmwcd;Nokia USB Phone Parent; C:Windowssystem32driversccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:Windowssystem32driversccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:Windowssystem32driversnmwcdnsu.sys [2009-03-20 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:Windowssystem32driversnmwcdnsuc.sys [2009-03-20 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:Windowssystem32DRIVERSpccsmcfd.sys [2008-08-27 18816]
S3 SRTSPL;SRTSPL; C:WindowsSystem32DriversSRTSPL.SYS [2008-02-01 317616]
S3 upperdev;upperdev; C:Windowssystem32DRIVERSusbser_lowerflt.sys [2009-02-09 7808]
S3 usbscan;USB Scanner Driver; C:Windowssystem32DRIVERSusbscan.sys [2006-11-02 35328]
S3 usbser;Nokia USB Serial Port; C:Windowssystem32driversusbser.sys [2008-01-19 28160]
S3 UsbserFilt;UsbserFilt; C:Windowssystem32DRIVERSusbser_lowerfltj.sys [2009-02-09 7808]
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys [2006-11-02 39936]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-08-28 144672]
R2 Automatic LiveUpdate Scheduler;Планировщик автоматического запуска LiveUpdate; C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe [2008-02-10 238968]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2006-11-02 22016]
R2 ccEvtMgr;Symantec Event Manager; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2008-10-17 149352]
R2 ccSetMgr;Symantec Settings Manager; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2008-10-17 149352]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2008-10-17 149352]
R2 LiveUpdate Notice;LiveUpdate Notice; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2008-10-17 149352]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2009-09-28 215656]
R2 PSI_SVC_2;Protexis Licensing V2; c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe [2007-07-24 185632]
R2 RapiMgr;@%windir%WindowsMobilerapimgr.dll,-104; C:Windowssystem32svchost.exe [2006-11-02 22016]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe [2009-09-28 240232]
R2 WcesComm;@%windir%WindowsMobilewcescomm.dll,-40079; C:Windowssystem32svchost.exe [2006-11-02 22016]
R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2009-10-28 545568]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2009-06-03 637952]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:Program FilesCommon FilesAcronisAcronis Disk Directoross_reinstall_svc.exe []
S2 gupdate1ca6ff34dc77dc0;Служба Google Update (gupdate1ca6ff34dc77dc0); C:Program FilesGoogleUpdateGoogleUpdate.exe [2009-11-28 133104]
S3 LiveUpdate;LiveUpdate; C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE [2008-09-05 3220856]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2007-01-16 774144]
S3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesAheadLibNMIndexingService.exe [2007-03-13 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-27 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-27 145184]
S3 Symantec Core LC;Symantec Core LC; C:PROGRA~1COMMON~1SYMANT~1CCPD-LCsymlcsvc.exe [2009-12-10 1245064]

EOF
Автор

Сообщения