SPYWARE-RU.COM

Созданные ответы форума

Просмотр 3 сообщений - с 1 по 3 (из 3 всего)

Автор

Сообщения
14 декабря, 2009 в 8:04 пп в ответ на: Рекламный модуль #27320
natali_KIEV
Participant
- Темы:1
- Сообщений:4
Неужели все так плохо, что вы даже не возьметесь за меня!?
Помогите пожалуйста!
8 декабря, 2009 в 8:50 пп в ответ на: Рекламный модуль #27317
natali_KIEV
Participant
- Темы:1
- Сообщений:4
Добрый вечер!
Я вообще чайник в компьютерах, пожалуйста напишите ответ на «лёгком языке»

Заранее благодарна! 🙄
8 декабря, 2009 в 8:45 пп в ответ на: Рекламный модуль #27316
natali_KIEV
Participant
- Темы:1
- Сообщений:4
вот комбофиксом сделала

ComboFix 09-12-08.03 — Администратор 08.12.2009 22:32:16.3.1 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.1023.627 [GMT 3:00]
Running from: c:documents and settingsАдминистраторРабочий столComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091208-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr0.dat
c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr1.dat

BITS: Possible infected sites

hxxp://soft.export.yandex.ru
hxxp://download.yandex.ru
.
((((((((((((((((((((((((( Files Created from 2009-11-08 to 2009-12-08 )))))))))))))))))))))))))))))))
.

2009-12-08 16:30 . 2009-12-08 16:30

d

w- c:windowsSQLTools9_KB970892_ENU
2009-12-08 16:07 . 2009-12-08 16:07

d

w- c:windowsSQL9_KB970892_ENU
2009-12-08 15:54 . 2009-12-08 15:55

d

w- c:program filestrend micro
2009-12-08 15:54 . 2009-12-08 15:55

d

w- C:rsit
2009-12-07 13:25 . 2009-12-07 13:25

d-sh—w- c:documents and settingsАдминистраторIECompatCache
2009-12-07 12:32 . 2009-12-07 12:32

d

w- c:program filesYandex
2009-12-07 12:00 . 2009-12-07 12:00

d-sh—w- c:documents and settingsАдминистраторPrivacIE
2009-12-07 11:46 . 2008-07-06 12:06 89088 -c—-w- c:windowssystem32dllcachefilterpipelineprintproc.dll
2009-12-07 11:46 . 2008-07-06 12:06 575488 -c—-w- c:windowssystem32dllcachexpsshhdr.dll
2009-12-07 11:46 . 2008-07-06 12:06 1676288 -c—-w- c:windowssystem32dllcachexpssvcs.dll
2009-12-07 11:46 . 2008-07-06 10:50 597504 -c—-w- c:windowssystem32dllcacheprintfilterpipelinesvc.exe
2009-12-07 11:45 . 2009-12-07 12:07

d

w- c:windowsSxsCaPendDel
2009-12-07 11:28 . 2009-12-07 11:28

d-sh—w- c:documents and settingsАдминистраторIETldCache
2009-12-07 11:26 . 2009-12-08 16:59

d

w- c:windowsie8updates
2009-12-07 11:22 . 2009-12-07 11:25

dc-h—w- c:windowsie8
2009-12-07 11:21 . 2009-10-02 04:44 92160 -c—-w- c:windowssystem32dllcacheiecompat.dll
2009-12-07 11:20 . 2009-08-29 07:58 12800 -c—-w- c:windowssystem32dllcachexpshims.dll
2009-12-07 11:20 . 2009-08-29 07:58 1985536 -c—-w- c:windowssystem32dllcacheiertutil.dll
2009-12-07 11:20 . 2009-08-29 07:58 594432 -c—-w- c:windowssystem32dllcachemsfeeds.dll
2009-12-07 11:20 . 2009-08-29 07:58 55296 -c—-w- c:windowssystem32dllcachemsfeedsbs.dll
2009-12-07 11:20 . 2009-08-29 07:58 246272 -c—-w- c:windowssystem32dllcacheieproxy.dll
2009-12-07 11:20 . 2009-08-29 07:58 11069440 -c—-w- c:windowssystem32dllcacheieframe.dll
2009-12-07 00:35 . 2008-04-15 12:00 221184 —-a-w- c:windowssystem32wmpns.dll
2009-12-07 00:07 . 2009-12-07 00:07

d

w- c:program filesMSXML 4.0
2009-12-07 00:01 . 2009-12-08 16:59

d—h—w- c:windows$hf_mig$
2009-12-06 21:06 . 2008-06-24 16:44 74240 -c—-w- c:windowssystem32dllcachemscms.dll
2009-12-06 21:05 . 2009-03-21 14:09 995840 -c—-w- c:windowssystem32dllcachekernel32.dll
2009-12-06 21:05 . 2009-06-15 11:10 80896 -c—-w- c:windowssystem32dllcachetlntsess.exe
2009-12-06 21:05 . 2009-06-15 10:45 79872 -c—-w- c:windowssystem32dllcachetelnet.exe
2009-12-06 21:05 . 2009-07-17 16:17 1438208 -c—-w- c:windowssystem32dllcachequery.dll
2009-12-06 21:05 . 2009-07-29 04:36 81920 -c—-w- c:windowssystem32dllcachefontsub.dll
2009-12-06 21:05 . 2009-07-29 04:36 119808 -c—-w- c:windowssystem32dllcachet2embed.dll
2009-12-06 21:05 . 2008-07-07 20:29 253952 -c—-w- c:windowssystem32dllcachees.dll
2009-12-06 21:05 . 2009-06-10 06:17 134144 -c—-w- c:windowssystem32dllcachewkssvc.dll
2009-12-06 21:05 . 2009-06-10 14:14 85504 -c—-w- c:windowssystem32dllcacheavifil32.dll
2009-12-06 21:04 . 2009-08-26 08:02 247326 -c—-w- c:windowssystem32dllcachestrmdll.dll
2009-12-06 21:04 . 2009-05-07 15:16 347136 -c—-w- c:windowssystem32dllcachelocalspl.dll
2009-12-06 21:04 . 2009-06-03 19:11 1292800 -c—-w- c:windowssystem32dllcachequartz.dll
2009-12-06 21:04 . 2008-06-12 14:23 956928 -c—-w- c:windowssystem32dllcachemsdtctm.dll
2009-12-06 21:04 . 2008-06-12 14:23 66560 -c—-w- c:windowssystem32dllcachemtxclu.dll
2009-12-06 21:04 . 2008-06-12 14:23 161792 -c—-w- c:windowssystem32dllcachemsdtcuiu.dll
2009-12-06 21:04 . 2008-06-12 14:23 91648 -c—-w- c:windowssystem32dllcachemtxoci.dll
2009-12-06 21:04 . 2008-06-12 14:23 58880 -c—-w- c:windowssystem32dllcachemsdtclog.dll
2009-12-06 21:04 . 2009-09-04 21:04 58880 -c—-w- c:windowssystem32dllcachemsasn1.dll
2009-12-06 21:04 . 2009-07-17 19:03 58880 -c—-w- c:windowssystem32dllcacheatl.dll
2009-12-06 21:03 . 2008-06-17 19:02 8478720 -c—-w- c:windowssystem32dllcacheshell32.dll
2009-12-06 21:02 . 2009-07-31 07:05 1372672 -c—-w- c:windowssystem32dllcachemsxml6.dll
2009-12-06 21:00 . 2008-08-14 10:04 138496 -c—-w- c:windowssystem32dllcacheafd.sys
2009-12-06 21:00 . 2008-06-20 11:51 361600 -c—-w- c:windowssystem32dllcachetcpip.sys
2009-12-06 21:00 . 2008-06-20 17:48 247296 -c—-w- c:windowssystem32dllcachemswsock.dll
2009-12-06 21:00 . 2008-06-20 17:48 147968 -c—-w- c:windowssystem32dllcachednsapi.dll
2009-12-06 21:00 . 2008-06-20 11:08 225856 -c—-w- c:windowssystem32dllcachetcpip6.sys
2009-12-06 20:59 . 2009-04-15 14:53 585216 -c—-w- c:windowssystem32dllcacherpcrt4.dll
2009-12-06 20:54 . 2008-12-16 12:32 354304 -c—-w- c:windowssystem32dllcachewinhttp.dll
2009-12-06 20:54 . 2009-08-05 09:01 204800 -c—-w- c:windowssystem32dllcachemswebdvd.dll
2009-12-06 20:53 . 2008-10-23 12:42 286720 -c—-w- c:windowssystem32dllcachegdi32.dll
2009-12-06 20:52 . 2008-06-14 17:40 272512 -c—-w- c:windowssystem32dllcachebthport.sys
2009-12-06 20:35 . 2009-02-09 10:57 473600 -c—-w- c:windowssystem32dllcachefastprox.dll
2009-12-06 20:35 . 2009-02-06 10:15 227840 -c—-w- c:windowssystem32dllcachewmiprvse.exe
2009-12-06 20:35 . 2009-03-06 13:51 284672 -c—-w- c:windowssystem32dllcachepdh.dll
2009-12-06 20:35 . 2009-02-09 10:57 401408 -c—-w- c:windowssystem32dllcacherpcss.dll
2009-12-06 20:35 . 2009-02-09 11:18 111104 -c—-w- c:windowssystem32dllcacheservices.exe
2009-12-06 20:35 . 2009-02-06 10:36 35328 -c—-w- c:windowssystem32dllcachesc.exe
2009-12-06 20:35 . 2009-02-09 10:57 453120 -c—-w- c:windowssystem32dllcachewmiprvsd.dll
2009-12-06 20:35 . 2009-02-09 10:57 719360 -c—-w- c:windowssystem32dllcachentdll.dll
2009-12-06 20:31 . 2009-06-21 21:48 153088 -c—-w- c:windowssystem32dllcachetriedit.dll
2009-12-06 20:27 . 2009-06-25 08:42 54272 -c—-w- c:windowssystem32dllcachewdigest.dll
2009-12-06 20:27 . 2009-06-25 08:42 301568 -c—-w- c:windowssystem32dllcachekerberos.dll
2009-12-06 20:27 . 2009-09-11 14:15 136704 -c—-w- c:windowssystem32dllcachemsv1_0.dll
2009-12-06 20:27 . 2009-06-25 08:42 56832 -c—-w- c:windowssystem32dllcachesecur32.dll
2009-12-06 20:27 . 2009-06-25 08:42 147456 -c—-w- c:windowssystem32dllcacheschannel.dll
2009-12-06 20:27 . 2009-06-24 10:28 92928 -c—-w- c:windowssystem32dllcacheksecdd.sys
2009-12-06 20:24 . 2008-10-24 11:41 455936 -c—-w- c:windowssystem32dllcachemrxsmb.sys
2009-12-06 20:22 . 2008-12-11 10:57 333952 -c—-w- c:windowssystem32dllcachesrv.sys
2009-12-06 20:22 . 2009-07-10 13:28 1315328 -c—-w- c:windowssystem32dllcachemsoe.dll
2009-12-06 20:12 . 2008-04-11 19:06 691712 -c—-w- c:windowssystem32dllcacheinetcomm.dll
2009-12-06 19:51 . 2009-08-04 17:23 2147328 -c—-w- c:windowssystem32dllcachentkrnlmp.exe
2009-12-06 19:50 . 2009-08-04 17:23 2025984 -c—-w- c:windowssystem32dllcachentkrpamp.exe
2009-12-06 19:50 . 2009-08-04 19:53 2067968 -c—-w- c:windowssystem32dllcachentkrnlpa.exe
2009-12-06 19:42 . 2008-10-15 16:37 337408 -c—-w- c:windowssystem32dllcachenetapi32.dll
2009-12-06 19:42 . 2009-07-31 04:35 1172480 -c—-w- c:windowssystem32dllcachemsxml3.dll
2009-12-06 19:39 . 2008-04-21 21:15 218624 -c—-w- c:windowssystem32dllcachewordpad.exe
2009-12-06 19:38 . 2009-06-22 06:48 726528 -c—a-w- c:windowssystem32dllcachejscript.dll
2009-12-06 19:25 . 2009-08-06 16:23 274288 —-a-w- c:windowssystem32mucltui.dll
2009-12-06 17:56 . 2009-12-06 17:56 11 —-a-w- c:windowssss.drv
2009-12-06 17:50 . 2009-12-06 17:50 796672 —-a-w- c:windowsGPInstall.exe
2009-12-06 17:01 . 2009-12-06 17:01

d

w- c:documents and settingsАдминистраторDoctorWeb
2009-12-06 07:19 . 2009-12-06 07:19

d

w- C:SysFiles
2009-11-25 20:30 . 2009-11-25 20:30

d

w- c:program filesVIA Technologies, Inc
2009-11-25 20:30 . 2006-01-07 03:32 6912 —-a-w- c:windowssystem32driversvulfnth.sys
2009-11-25 20:30 . 2006-01-07 03:32 10496 —-a-w- c:windowssystem32driversvulfntr.sys
2009-11-25 20:30 . 2002-12-18 08:57 45056 —-a-w- c:windowssystem32vusetup.dll
2009-11-25 20:30 . 1998-10-29 13:45 306688 —-a-w- c:windowsIsUninst.exe
2009-11-25 20:27 . 2008-04-24 12:11 30336 —-a-w- c:windowssystem32driversusbehci.sys
2009-11-25 20:27 . 2008-04-14 18:40 7168 —-a-w- c:windowssystem32hccoin.dll
2009-11-22 17:37 . 2009-12-06 08:58

d

w- c:documents and settingsАдминистраторLocal SettingsApplication DataGoogle
2009-11-21 17:16 . 2009-12-06 08:58

d

w- c:program filesGoogle
2009-11-12 18:13 . 2009-11-12 18:13

d

w- c:documents and settingsАдминистраторApplication DataVimisoft Studio
2009-11-12 18:13 . 2001-05-16 14:54 309616 —-a-w- c:windowssystem32wmv8dmod.dll
2009-11-12 18:13 . 2001-05-11 10:18 420240 —-a-w- c:windowssystem32mpg4c32.dll
2009-11-12 18:13 . 2009-11-12 18:13

d

w- c:program filesVimicro Corporation
2009-11-12 18:12 . 2009-11-25 06:17

d

w- c:program filesIM Magician
2009-11-12 18:02 . 2008-04-13 21:09 5504 —-a-w- c:windowssystem32driversMSTEE.sys
2009-11-12 18:02 . 2008-04-13 21:16 10880 —-a-w- c:windowssystem32driversNdisIP.sys
2009-11-12 18:02 . 2008-04-13 21:16 15232 —-a-w- c:windowssystem32driversStreamIP.sys
2009-11-12 18:02 . 2008-04-13 21:16 11136 —-a-w- c:windowssystem32driversSLIP.sys
2009-11-12 18:02 . 2008-04-13 21:16 19200 —-a-w- c:windowssystem32driversWSTCODEC.SYS
2009-11-12 18:02 . 2008-04-13 21:16 85248 —-a-w- c:windowssystem32driversNABTSFEC.sys
2009-11-12 18:02 . 2008-04-13 21:16 17024 —-a-w- c:windowssystem32driversCCDECODE.sys
2009-11-12 18:01 . 2008-04-13 21:15 60032 —-a-w- c:windowssystem32driversUSBAUDIO.sys
2009-11-12 18:01 . 2008-04-14 18:40 54272 —-a-w- c:windowssystem32vfwwdm32.dll
2009-11-12 18:01 . 2008-04-13 21:16 121984 —-a-w- c:windowssystem32driversusbvideo.sys
2009-11-12 18:00 . 2008-04-22 14:09 32384 —-a-w- c:windowssystem32driversusbccgp.sys
2009-11-12 10:44 . 2009-11-12 10:47

d

w- c:documents and settingsАдминистраторLocal SettingsApplication DataApplicationHistory
2009-11-12 10:44 . 2009-11-12 10:44 136 —-a-w- c:documents and settingsАдминистраторLocal SettingsApplication Datafusioncache.dat
2009-11-12 09:38 . 2009-12-05 16:39

d

w- c:documents and settingsАдминистраторLocal SettingsApplication DataWinZip
2009-11-11 16:28 . 2009-11-11 16:28

d

w- c:program filesMMEDIA
2009-11-11 16:25 . 2009-03-03 08:55 450560 —-a-w- c:windowssystem32newlistview2.dll
2009-11-11 16:25 . 2009-02-09 08:13 77824 —-a-w- c:windowssystem32vgf.dll
2009-11-11 16:25 . 2009-11-25 06:21

d

w- c:program filesCommon FilesVimisoft Studio
2009-11-11 16:25 . 2009-11-11 16:25

d

w- c:documents and settingsАдминистраторApplication DataInstallShield

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-08 19:31 . 2009-09-22 17:02

d

w- c:documents and settingsАдминистраторApplication DatauTorrent
2009-12-08 19:26 . 2009-10-07 16:48

d

w- c:documents and settingsАдминистраторApplication DataSkype
2009-12-08 17:18 . 2008-04-15 12:00 534458 —-a-w- c:windowssystem32perfh019.dat
2009-12-08 17:18 . 2008-04-15 12:00 102782 —-a-w- c:windowssystem32perfc019.dat
2009-12-08 16:34 . 2009-09-22 17:09

d

w- c:program filesMicrosoft SQL Server
2009-12-08 15:11 . 2009-10-07 16:51

d

w- c:documents and settingsАдминистраторApplication DataskypePM
2009-12-07 12:32 . 2009-09-22 17:04 64472 —-a-w- c:documents and settingsАдминистраторLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-12-07 12:32 . 2009-10-25 21:35

d

w- c:documents and settingsАдминистраторApplication DataYandex
2009-12-07 10:54 . 2009-09-23 13:05 134541 —-a-w- c:windowshpgins24.dat
2009-12-07 00:34 . 2009-09-22 16:48

d

w- c:documents and settingsAll UsersApplication DataMicrosoft Help
2009-12-07 00:34 . 2009-09-22 17:05 343680 —-a-w- c:documents and settingsAll UsersApplication DataMicrosoftVisualStudio9.01033ResourceCache.dll
2009-12-07 00:25 . 2009-10-29 21:25

d

w- c:program filesMicrosoft ActiveSync
2009-12-07 00:14 . 2009-09-22 17:05 18368 —-a-w- c:documents and settingsAll UsersApplication DataMicrosoftVSA9.01033ResourceCache.dll
2009-12-07 00:12 . 2009-09-22 16:51

d

w- c:program filesCommon FilesMerge Modules
2009-12-06 17:28 . 2009-09-22 15:23

d

w- c:program filesDownload Master
2009-12-06 08:56 . 2009-10-24 21:08

d

w- c:program filesYahoo!
2009-11-29 20:44 . 2009-09-23 05:34

d

w- c:program filesPivim Multibar
2009-11-29 20:42 . 2009-10-28 10:07

d

w- c:program filesAlawar
2009-11-28 17:31 . 2009-09-22 18:22

d—a-w- c:documents and settingsAll UsersApplication DataTEMP
2009-11-28 16:25 . 2009-10-28 10:09

d

w- c:documents and settingsAll UsersApplication DataAlawarWrapper
2009-11-24 23:54 . 2009-09-22 15:18 1280480 —-a-w- c:windowssystem32aswBoot.exe
2009-11-24 23:51 . 2009-09-22 15:18 93424 —-a-w- c:windowssystem32driversaswmon.sys
2009-11-24 23:50 . 2009-09-22 15:18 94160 —-a-w- c:windowssystem32driversaswmon2.sys
2009-11-24 23:50 . 2009-09-22 15:18 114768 —-a-w- c:windowssystem32driversaswSP.sys
2009-11-24 23:50 . 2009-09-22 15:18 20560 —-a-w- c:windowssystem32driversaswFsBlk.sys
2009-11-24 23:49 . 2009-09-22 15:18 48560 —-a-w- c:windowssystem32driversaswTdi.sys
2009-11-24 23:48 . 2009-09-22 15:18 23120 —-a-w- c:windowssystem32driversaswRdr.sys
2009-11-24 23:47 . 2009-09-22 15:18 27408 —-a-w- c:windowssystem32driversaavmker4.sys
2009-11-24 23:47 . 2009-09-22 15:18 97480 —-a-w- c:windowssystem32AvastSS.scr
2009-11-23 21:13 . 2009-09-23 05:18

d

w- c:program filesOpera
2009-11-12 09:38 . 2009-09-23 05:40

d

w- c:documents and settingsAll UsersApplication DataWinZip
2009-11-11 16:28 . 2009-09-23 14:24

d—h—w- c:program filesInstallShield Installation Information
2009-10-29 21:25 . 2009-10-29 21:25

d

w- c:program filesWindows Mobile Device Handbook
2009-10-29 21:12 . 2009-10-29 21:12 69632 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{194C47DF-B1F1-436D-B15E-DB8C0B6A61B1}sipprx.exe_194C47DFB1F1436DB15EDB8C0B6A61B1_1.exe
2009-10-29 21:12 . 2009-10-29 21:12 69632 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{194C47DF-B1F1-436D-B15E-DB8C0B6A61B1}ARPPRODUCTICON.exe
2009-10-29 21:12 . 2009-10-29 21:12 65536 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{194C47DF-B1F1-436D-B15E-DB8C0B6A61B1}NewShortcut8_194C47DFB1F1436DB15EDB8C0B6A61B1.exe
2009-10-29 21:12 . 2009-10-29 21:12 65536 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{194C47DF-B1F1-436D-B15E-DB8C0B6A61B1}NewShortcut7_194C47DFB1F1436DB15EDB8C0B6A61B1.exe
2009-10-29 21:12 . 2009-10-29 21:12 65536 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{194C47DF-B1F1-436D-B15E-DB8C0B6A61B1}NewShortcut6_194C47DFB1F1436DB15EDB8C0B6A61B1.exe
2009-10-29 21:12 . 2009-10-29 21:12 65536 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{194C47DF-B1F1-436D-B15E-DB8C0B6A61B1}NewShortcut5_194C47DFB1F1436DB15EDB8C0B6A61B1.exe
2009-10-29 21:12 . 2009-10-29 21:12 65536 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{194C47DF-B1F1-436D-B15E-DB8C0B6A61B1}NewShortcut4_194C47DFB1F1436DB15EDB8C0B6A61B1.exe
2009-10-29 21:12 . 2009-10-29 21:12 65536 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{194C47DF-B1F1-436D-B15E-DB8C0B6A61B1}NewShortcut3_194C47DFB1F1436DB15EDB8C0B6A61B1.exe
2009-10-29 21:12 . 2009-10-29 21:12 65536 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{194C47DF-B1F1-436D-B15E-DB8C0B6A61B1}NewShortcut2_194C47DFB1F1436DB15EDB8C0B6A61B1.exe
2009-10-29 21:12 . 2009-10-29 21:12 65536 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{194C47DF-B1F1-436D-B15E-DB8C0B6A61B1}NewShortcut1_194C47DFB1F1436DB15EDB8C0B6A61B1.exe
2009-10-29 21:12 . 2009-10-29 21:11

d

w- c:program filesTOSHIBA
2009-10-29 21:11 . 2009-10-29 21:11 65536 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{24796DE6-C741-4F42-A133-085BD6E5277B}RAppSelect.exe_ABCA40526BBB4775AAD2BD1CBEF60765.exe
2009-10-29 21:11 . 2009-10-29 21:11 65536 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{24796DE6-C741-4F42-A133-085BD6E5277B}ARPPRODUCTICON.exe
2009-10-28 10:29 . 2009-10-28 10:07

d

w- c:program filesGamesTopDownloads
2009-10-28 10:27 . 2009-10-28 10:09

d

w- c:documents and settingsAll UsersApplication DataВеселаяФерма2
2009-10-27 14:30 . 2009-10-27 14:30

d

w- c:program filesCommon FilesInstallShield
2009-10-27 13:57 . 2009-10-20 14:38

d

w- c:program filesCommon FilesAdobe
2009-10-27 13:50 . 2009-10-27 13:50

d

w- c:documents and settingsAll UsersApplication DataAdobe Systems
2009-10-27 13:50 . 2009-10-27 13:50

d

w- c:program filesCommon FilesAdobe Systems Shared
2009-10-26 14:44 . 2009-09-24 16:09

d

w- c:documents and settingsАдминистраторApplication DataImage Zone Express
2009-10-25 21:53 . 2009-10-25 21:53

d

w- c:program filesVKSaver
2009-10-25 21:08 . 2009-10-07 09:13

d

w- c:program filesFREE Music Downloader
2009-10-24 21:21 . 2009-10-24 21:08

d

w- c:documents and settingsAll UsersApplication DataYahoo!
2009-10-24 21:10 . 2009-10-24 21:10

d

w- c:documents and settingsАдминистраторApplication DataYahoo!
2009-10-19 14:07 . 2009-10-07 10:54

d

w- c:program filesLx_cats
2009-10-18 13:17 . 2009-10-18 13:17

d

w- c:program filesCommon FilesDirectX
2009-10-14 16:48 . 2009-10-14 16:48 49152 —-a-w- c:documents and settingsАдминистраторApplication DataThinstallMathcad 14 Russian Pack%Local AppData%MathsoftMathcad14LocalAssemblyCachemcdunitsystemsi633486076651875000.dll
2009-10-14 16:48 . 2009-10-14 16:48 475136 —-a-w- c:documents and settingsАдминистраторApplication DataThinstallMathcad 14 Russian Pack%Local AppData%MathsoftMathcad14LocalAssemblyCachemcdefi633486076651562500.dll
2009-10-14 16:48 . 2009-10-14 16:48 40960 —-a-w- c:documents and settingsАдминистраторApplication DataThinstallMathcad 14 Russian Pack%Local AppData%MathsoftMathcad14LocalAssemblyCachemcdtranslator633486076651718750.dll
2009-10-14 16:48 . 2009-10-14 16:48 32768 —-a-w- c:documents and settingsАдминистраторApplication DataThinstallMathcad 14 Russian Pack%Local AppData%MathsoftMathcad14LocalAssemblyCachemcdunits633486076651718750.dll
2009-10-14 16:48 . 2009-10-14 16:48 24576 —-a-w- c:documents and settingsАдминистраторApplication DataThinstallMathcad 14 Russian Pack%Local AppData%MathsoftMathcad14LocalAssemblyCacheefiimage633486076651562500.dll
2009-10-14 16:48 . 2009-10-14 16:48 20480 —-a-w- c:documents and settingsАдминистраторApplication DataThinstallMathcad 14 Russian Pack%Local AppData%MathsoftMathcad14LocalAssemblyCacheefiwavelets633486076651562500.dll
2009-10-14 16:48 . 2009-10-14 16:48 10240 —-a-w- c:documents and settingsАдминистраторApplication DataThinstallMathcad 14 Russian Pack%Local AppData%MathsoftMathcad14LocalAssemblyCacheefisignal633486076651562500.dll
2009-10-14 16:48 . 2009-10-14 16:48 73728 —-a-w- c:documents and settingsАдминистраторApplication DataThinstallMathcad 14 Russian Pack%Local AppData%MathsoftMathcad14LocalAssemblyCachemcdrun633486076651718750.dll
2009-10-14 16:48 . 2009-10-14 16:48 16384 —-a-w- c:documents and settingsАдминистраторApplication DataThinstallMathcad 14 Russian Pack%Local AppData%MathsoftMathcad14LocalAssemblyCacheefidata633486076651406250.dll
2009-10-14 16:48 . 2009-10-14 16:48 18432 —-a-w- c:documents and settingsАдминистраторApplication DataThinstallMathcad 14 Russian Pack4000001100002imscorsvw.exe
2009-10-14 16:48 . 2009-10-14 16:48

d

w- c:documents and settingsАдминистраторApplication DataThinstall
2009-10-07 16:51 . 2009-10-07 16:51 56 —ha-w- c:windowssystem32ezsidmv.dat
2009-09-23 17:49 . 2009-09-22 14:50 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2009-09-22 16:48 . 2009-09-22 16:48 416 —-a-w- c:documents and settingsAll UsersApplication DataMicrosoftMSDN9.01033ResourceCache.dll
2009-09-22 15:32 . 2009-09-22 15:32 65536 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}ICON_ScreenshotReader.exe
2009-09-22 15:32 . 2009-09-22 15:32 65536 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}ICON_FineReader.exe
2009-09-22 15:32 . 2009-09-22 15:32 25214 —-a-r- c:documents and settingsАдминистраторApplication DataMicrosoftInstaller{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}ARPPRODUCTICON.exe
2009-09-22 14:56 . 2009-09-22 14:56 717296 —-a-w- c:windowssystem32driverssptd.sys
2009-09-22 14:47 . 2009-09-22 14:47 22564 —-a-w- c:windowssystem32emptyregdb.dat
2009-09-11 14:15 . 2008-06-25 17:55 136704 —-a-w- c:windowssystem32msv1_0.dll
.

Sigcheck

[-] 2008-06-25 . FE60732C78B24147B2AD5C3E87F2FD7A . 691200 . . [5.82] . . c:windowssystem32comctl32.dll

[-] 2008-06-25 . 371C41F777924F3EA3BFAD18C6A04502 . 584192 . . [5.1.2600.5512] . . c:windowssystem32user32.dll

[-] 2008-06-25 . DC2B803BB81968B75128541B96D44744 . 1597952 . . [6.00.2900.5512] . . c:windowsexplorer.exe

[-] 2008-06-25 . 54DDF4FB948B5410D3BEDB47ED832964 . 1571840 . . [5.1.2600.5512] . . c:windowssystem32sfcfiles.dll

[-] 2008-06-25 . DCB049EF4D6AA184601D9CA5B128BF56 . 17408 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-07-24 5586208]

[HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar]

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-07-24 5586208]

[HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-03-23 132096]
«uTorrent»=»c:program filesuTorrentuTorrent.exe» [2009-09-22 288560]
«Download Master»=»c:program filesDownload Masterdmaster.exe» [2008-07-01 3282432]
«H/PC Connection Agent»=»c:program filesMicrosoft ActiveSyncwcescomm.exe» [2006-11-13 1289000]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2006-09-24 7626752]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2006-09-24 86016]
«iTunesHelper»=»c:program filesiTunesiTunesHelper.exe» [2008-03-30 267048]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2006-01-12 155648]
«avast!»=»c:progra~1ALWILS~1Avast4ashDisp.exe» [2009-11-24 81000]
«HP Software Update»=»c:program filesHPHP Software UpdateHPWuSchd2.exe» [2007-03-11 49152]
«lxdcamon»=»c:program filesLexmark 1300 Serieslxdcamon.exe» [2009-04-27 25256]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 9.0ReaderReader_sl.exe» [2009-10-03 35696]
«Adobe ARM»=»c:program filesCommon FilesAdobeARM1.0AdobeARM.exe» [2009-09-04 935288]
«IMMON»=»c:program filesIM MagicianVicamon.exe» [2009-05-07 143360]

[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-06-25 17408]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-03-23 132096]

[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«ZZZZ2_FirstLogonSetting»=»advpack.dll» [2009-03-08 128512]
«IE7_012″=»advpack.dll» [2009-03-08 128512]

c:documents and settingsЂ¤¬ЁЁбва в®аѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Adobe Gamma.lnk — c:program filesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe [2005-3-16 113664]

c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
WinZip Quick Pick.lnk — c:program filesWinZipWZQKPICK.EXE [2009-10-13 495432]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«SynchronousMachineGroupPolicy»= 0 (0x0)
«SynchronousUserGroupPolicy»= 0 (0x0)

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoThumbnailCache»= 1 (0x1)
«NoSMConfigurePrograms»= 1 (0x1)
«NoSMHelp»= 1 (0x1)

[HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoThumbnailCache»= 1 (0x1)
«NoSMConfigurePrograms»= 1 (0x1)
«NoSMHelp»= 1 (0x1)

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«FirewallOverride»=dword:00000001
«UpdatesOverride»=dword:00000001
«AntiVirusOverride»=dword:00000001

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«DisableNotifications»= 1 (0x1)

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Yahoo!\Messenger\YahooMessenger.exe»=
«c:\Program Files\TOSHIBA\Teleport\Rkb.exe»=
«c:\Program Files\TOSHIBA\Teleport\Rsc.exe»=
«c:\Program Files\TOSHIBA\SIPServer\sipprx.exe»=
«c:program filesMicrosoft ActiveSyncrapimgr.exe»= c:program filesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
«c:program filesMicrosoft ActiveSyncwcescomm.exe»= c:program filesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
«c:program filesMicrosoft ActiveSyncWCESMgr.exe»= c:program filesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
«c:\Program Files\Skype\Plugin Manager\skypePM.exe»=
«c:\Program Files\Opera\opera.exe»=
«c:\Program Files\uTorrent\uTorrent.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«26675:TCP»= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 aswSP;avast! Self Protection;c:windowssystem32driversaswSP.sys [22.09.2009 18:18 114768]
R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [22.09.2009 18:18 20560]
R2 ICQ Service;ICQ Service;c:program filesICQ6ToolbarICQ Service.exe [23.09.2009 17:24 222968]
R2 lxdc_device;lxdc_device;c:windowssystem32lxdccoms.exe -service —> c:windowssystem32lxdccoms.exe -service [?]
S0 sptd;sptd;c:windowssystem32driverssptd.sys [22.09.2009 17:56 717296]
S2 lxdcCATSCustConnectService;lxdcCATSCustConnectService;c:windowssystem32spooldriversw32x863lxdcserv.exe [07.10.2009 13:53 99248]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08
.

Supplementary Scan

.
uStart Page = hxxp://www.yandex.ru/?clid=130468
uInternet Settings,ProxyOverride =
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master — c:program filesDownload Masterdmieall.htm
IE: Закачать при помощи Download Master — c:program filesDownload Masterdmie.htm
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — c:program filesDownload Masterdmaster.exe
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-08 22:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully
hidden files: 0

**************************************************************************
.

LOCKED REGISTRY KEYS

[HKEY_USERSS-1-5-21-1292428093-1580818891-839522115-500SoftwareMicrosoftInternet ExplorerUser Preferences]
@Denied: (2) (Administrator)
«88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977″=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a0,26,25,46,1d,73,20,4f,a2,b5,a0,
«2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81″=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a0,26,25,46,1d,73,20,4f,a2,b5,a0,
.

DLLs Loaded Under Running Processes

— — — — — — — > ‘winlogon.exe'(532)
c:windowssystem32COMRes.dll
c:windowssystem32cscui.dll
.
Completion time: 2009-12-08 22:42:32
ComboFix-quarantined-files.txt 2009-12-08 19:42
ComboFix2.txt 2009-12-06 19:07

Pre-Run: 14 380 380 160 байт свободно
Post-Run: 14 471 757 824 байт свободно

— — End Of File — — 5A39D11E0701E603268DD5C2746817B7
Автор

Сообщения

Просмотр 3 сообщений - с 1 по 3 (из 3 всего)

natali_KIEV

Созданные ответы форума

Добро пожаловать

Поиск

Важные инструкции

Как сбросить настройки Firefox (Инструкция)

Нет доступа в интернет после удаления вируса — Как восстановить

Как удалить рекламный вирус в браузере (Chrome, Opera, Firefox, Internet Explorer, Edge)

Как запустить компьютер в безопасном режиме (Safe Mode)

Как удалить вредоносные программы, лучшие утилиты

СПАЙВАРЕ РУ

Нужна помощь?

Ссылки