• Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы

SPYWARE-RU.COM
Меню
  • Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы
В начало
Adguard
 

nathan

  • Профиль
  • Начатые темы
  • Созданные ответы
  • Engagements
  • Избранное

Созданные ответы форума

Просмотр 2 сообщений - с 1 по 2 (из 2 всего)
  • Автор
    Сообщения
  • 17 августа, 2009 в 3:52 пп в ответ на: вирус Net-Worm.Win32.Kolab.dkr #25259
    nathan
    Participant
    • Темы:1
    • Сообщений:3
    • ☆

    Спасибо за поддержку. Похоже Нортон удалил вирусы. Сканировать онлайн не стал, пришлось бы отключить Нортон (я так думаю). Windows скачал с торента — насколько это опасно?

    16 августа, 2009 в 7:03 дп в ответ на: вирус Net-Worm.Win32.Kolab.dkr #25256
    nathan
    Participant
    • Темы:1
    • Сообщений:3
    • ☆

    Извините, если что не так. Система потерпела полный крах (на мой взгляд), черви множились на глазах. Проделал следующее: удалил оба раздела с диска, установил винду (скачена с инета), поставил дрова (родные), установил Нортон антивирус. Он с ходу указал вирус — cdclose.dll (System32). Сейчас постоянные попытки атаки и обнаружение угроз.
    Логи:
    Logfile of random’s system information tool 1.06 (written by random/random)
    Run by Администратор at 2009-08-16 11:02:14
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 7 GB (61%) free of 12 GB
    Total RAM: 511 MB (31% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:02:18, on 16.08.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:WINDOWSSystem32smss.exe
    C:WINDOWSsystem32winlogon.exe
    C:WINDOWSsystem32services.exe
    C:WINDOWSsystem32lsass.exe
    C:WINDOWSsystem32Ati2evxx.exe
    C:WINDOWSsystem32svchost.exe
    C:WINDOWSSystem32svchost.exe
    C:WINDOWSsystem32Ati2evxx.exe
    C:WINDOWSsystem32spoolsv.exe
    C:Program FilesSymantecNorton AntiBotagentBinNABAgent.exe
    C:WINDOWSExplorer.EXE
    C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe
    C:Program FilesNorton AntiVirusEngine16.0.0.125ccSvcHst.exe
    C:Program FilesSymantecNorton AntiBotagentBinNABWatcher.exe
    C:Program FilesNorton AntiVirusEngine16.0.0.125ccSvcHst.exe
    C:WINDOWSSOUNDMAN.EXE
    C:WINDOWSsystem32nvraidservice.exe
    C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe
    C:Program FilesSymantecNorton AntiBotagentbinNortonAntiBot.exe
    C:Program FilesVistaDriveIconVistaDrv.exe
    C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
    C:Program FilesATI TechnologiesATI.ACECore-Staticccc.exe
    E:Program FilesYandexPunto Switcherpunto.exe
    C:WINDOWSsystem32wbemunsecapp.exe
    C:Program FilesSymantecNorton AntiBotagentbinNABMonitor.exe
    E:Program FilesRainlendarRainlendar.exe
    C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
    E:Program FilesTotal CommanderTotalcmd.exe
    E:Program FilesMaxthon Ru-Board 2009 EditionMaxthon.exe
    C:WINDOWSsystem32ctfmon.exe
    C:Documents and SettingsАдминистраторРабочий столRSIT.exe
    C:Program Filestrend microАдминистратор.exe

    R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
    R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
    R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
    O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
    O2 — BHO: Symantec Intrusion Prevention — {6D53EC84-6AAE-4787-AEEE-F4628F01010C} — C:Program FilesNorton AntiVirusEngine16.0.0.125IPSBHO.DLL
    O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
    O4 — HKLM..Run: [NVRaidService] C:WINDOWSsystem32nvraidservice.exe
    O4 — HKLM..Run: [StartCCC] «C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe» MSRun
    O4 — HKLM..Run: [Adobe Reader Speed Launcher] «E:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
    O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
    O4 — HKLM..Run: [NortonAntiBot] «C:Program FilesSymantecNorton AntiBotagentbinNortonAntiBot.exe»
    O4 — HKCU..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe
    O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
    O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
    O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..RunOnce: [IE7_011] regsvr32 /s /n /i:u shell32 (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..RunOnce: [IE7_013] rebuild.exe (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
    O4 — HKUSS-1-5-20..RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘NETWORK SERVICE’)
    O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
    O4 — HKUSS-1-5-18..RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘SYSTEM’)
    O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
    O4 — HKUS.DEFAULT..RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘Default user’)
    O4 — Startup: Punto Switcher.lnk = E:Program FilesYandexPunto Switcherpunto.exe
    O4 — Startup: Rainlendar.lnk = E:Program FilesRainlendarRainlendar.exe
    O4 — Startup: Total Commander.lnk = E:Program FilesTotal CommanderTotalcmd.exe
    O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O16 — DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) — http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1250363157984
    O16 — DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) — http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1250367482328
    O17 — HKLMSystemCCSServicesTcpip..{873F13C5-782C-464F-AA2D-5CA4F36B9CAF}: NameServer = 85.234.32.35,85.234.33.23
    O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
    O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
    O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
    O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
    O23 — Service: Norton AntiVirus — Symantec Corporation — C:Program FilesNorton AntiVirusEngine16.0.0.125ccSvcHst.exe
    O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
    O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
    O23 — Service: SymantecAntiBotAgent — Symantec — C:Program FilesSymantecNorton AntiBotagentBinNABAgent.exe
    O23 — Service: SymantecAntiBotWatcher — Symantec — C:Program FilesSymantecNorton AntiBotagentBinNABWatcher.exe
    O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
    O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
    O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

    —
    End of file — 7428 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
    Symantec Intrusion Prevention — C:Program FilesNorton AntiVirusEngine16.0.0.125IPSBHO.DLL [2009-08-15 107896]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
    «SoundMan»=C:WINDOWSSOUNDMAN.EXE [2004-07-27 68096]
    «NVRaidService»=C:WINDOWSsystem32nvraidservice.exe [2004-06-11 83968]
    «StartCCC»=C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe [2008-08-01 61440]
    «Adobe Reader Speed Launcher»=E:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2008-06-12 34672]
    «NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]
    «NortonAntiBot»=C:Program FilesSymantecNorton AntiBotagentbinNortonAntiBot.exe [2007-11-12 1378840]

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
    «VistaIcon»=C:Program FilesVistaDriveIconVistaDrv.exe [2008-01-02 132096]
    «BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-11-16 139264]
    «ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-08-19 30208]

    C:Documents and SettingsАдминистраторГлавное менюПрограммыАвтозагрузка
    Punto Switcher.lnk — E:Program FilesYandexPunto Switcherpunto.exe
    Rainlendar.lnk — E:Program FilesRainlendarRainlendar.exe
    Total Commander.lnk — E:Program FilesTotal CommanderTotalcmd.exe

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
    C:WINDOWSsystem32Ati2evxx.dll [2008-09-24 143360]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]
    C:WINDOWSsystem32WgaLogon.dll [2009-03-10 265096]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
    WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
    «dontdisplaylastusername»=0
    «legalnoticecaption»=
    «legalnoticetext»=
    «shutdownwithoutlogon»=1
    «undockwithoutlogon»=1
    «DisableStatusMessages»=1

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
    «NoDriveTypeAutoRun»=149
    «NoSMHelp»=1
    «NoSMMyPictures»=1
    «NoSMConfigurePrograms»=1
    «StartMenuLogoff»=1
    «ForceStartMenuLogoff»=0
    «ForceClassicControlPanel»=1
    «NoResolveTrack»=1
    «NoResolveSearch»=1
    «NoThumbnailCache»=1

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
    «%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
    «%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
    «%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
    «%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

    [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{5883d6cf-89a1-11de-a8d8-806d6172696f}]
    shellAutoRuncommand — D:setup.exe

    ======List of files/folders created in the last 1 months======

    2009-08-16 10:24:56 —-D—- C:Program Filestrend micro
    2009-08-16 10:24:55 —-D—- C:rsit
    2009-08-16 10:17:19 —-HDC—- C:WINDOWS$NtUninstallKB961118$
    2009-08-16 10:10:00 —-A—- C:WINDOWSsystem32mucltui.dll.mui
    2009-08-16 10:10:00 —-A—- C:WINDOWSsystem32mucltui.dll
    2009-08-16 10:08:54 —-D—- C:WINDOWSsystem32Lang
    2009-08-16 10:07:16 —-D—- C:Documents and SettingsAll UsersApplication DataYandex
    2009-08-16 10:07:15 —-D—- C:Documents and SettingsАдминистраторApplication DataYandex
    2009-08-16 10:06:07 —-D—- C:Documents and SettingsАдминистраторApplication DataRainlendar
    2009-08-16 09:37:52 —-D—- C:Documents and SettingsАдминистраторApplication DataSymantec
    2009-08-16 09:37:15 —-D—- C:Documents and SettingsAll UsersApplication DataDownloaded Installations
    2009-08-16 01:00:53 —-HDC—- C:WINDOWS$NtUninstallKB971657$
    2009-08-16 01:00:36 —-HDC—- C:WINDOWS$NtUninstallKB973815$
    2009-08-16 01:00:21 —-HDC—- C:WINDOWS$NtUninstallKB960859$
    2009-08-16 01:00:05 —-HDC—- C:WINDOWS$NtUninstallKB973507$
    2009-08-16 00:59:44 —-HDC—- C:WINDOWS$NtUninstallKB973354$
    2009-08-16 00:59:13 —-HDC—- C:WINDOWS$NtUninstallKB956744$
    2009-08-16 00:58:57 —-HDC—- C:WINDOWS$NtUninstallKB973869$
    2009-08-16 00:58:33 —-HDC—- C:WINDOWS$NtUninstallKB973540_WM9$
    2009-08-16 00:58:18 —-HDC—- C:WINDOWS$NtUninstallKB971557$
    2009-08-16 00:58:02 —-HDC—- C:WINDOWS$NtUninstallKB968389$
    2009-08-16 00:57:43 —-HDC—- C:WINDOWS$NtUninstallKB961371-v2$
    2009-08-16 00:53:31 —-HDC—- C:WINDOWS$NtUninstallKB973346$
    2009-08-16 00:53:13 —-HDC—- C:WINDOWS$NtUninstallKB971633$
    2009-08-16 00:43:25 —-D—- C:WINDOWSsystem32XPSViewer
    2009-08-16 00:43:16 —-D—- C:Program FilesMSBuild
    2009-08-16 00:43:11 —-D—- C:WINDOWSsystem32en-US
    2009-08-16 00:43:01 —-D—- C:Program FilesReference Assemblies
    2009-08-16 00:41:56 —-N—- C:WINDOWSsystem32prntvpt.dll
    2009-08-16 00:41:55 —-N—- C:WINDOWSsystem32xpssvcs.dll
    2009-08-16 00:41:55 —-N—- C:WINDOWSsystem32xpsshhdr.dll
    2009-08-16 00:35:47 —-HDC—- C:WINDOWS$NtUninstallWIC$
    2009-08-16 00:34:02 —-HDC—- C:WINDOWS$NtUninstallKB970238$
    2009-08-16 00:33:46 —-HDC—- C:WINDOWS$NtUninstallKB968537$
    2009-08-16 00:33:31 —-HDC—- C:WINDOWS$NtUninstallKB961501$
    2009-08-16 00:32:04 —-D—- C:WINDOWSie8updates
    2009-08-16 00:30:02 —-HDC—- C:WINDOWSie8
    2009-08-16 00:26:54 —-A—- C:WINDOWSsystem32MRT.exe
    2009-08-16 00:21:52 —-D—- C:Program FilesMSXML 4.0
    2009-08-16 00:21:39 —-HDC—- C:WINDOWS$NtUninstallKB959426$
    2009-08-16 00:21:28 —-HDC—- C:WINDOWS$NtUninstallKB960803$
    2009-08-16 00:21:14 —-HDC—- C:WINDOWS$NtUninstallKB952004$
    2009-08-16 00:20:53 —-HDC—- C:WINDOWS$NtUninstallKB956572$
    2009-08-15 23:42:03 —-SD—- C:WINDOWSsystem32Microsoft
    2009-08-15 23:28:27 —-HDC—- C:WINDOWS$NtUninstallKB938464-v2$
    2009-08-15 23:28:16 —-HDC—- C:WINDOWS$NtUninstallKB960225$
    2009-08-15 23:28:04 —-HDC—- C:WINDOWS$NtUninstallKB958687$
    2009-08-15 23:27:53 —-HDC—- C:WINDOWS$NtUninstallKB956803$
    2009-08-15 23:27:36 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
    2009-08-15 23:27:25 —-HDC—- C:WINDOWS$NtUninstallKB955839$
    2009-08-15 23:27:04 —-HDC—- C:WINDOWS$NtUninstallKB956802$
    2009-08-15 23:26:52 —-HDC—- C:WINDOWS$NtUninstallKB957097$
    2009-08-15 23:26:38 —-HDC—- C:WINDOWS$NtUninstallKB954459$
    2009-08-15 23:26:24 —-HDC—- C:WINDOWS$NtUninstallKB955069$
    2009-08-15 23:26:12 —-HDC—- C:WINDOWS$NtUninstallKB958644$
    2009-08-15 23:26:01 —-HDC—- C:WINDOWS$NtUninstallKB954154_WM11$
    2009-08-15 23:25:50 —-D—- C:WINDOWSie7updates
    2009-08-15 23:25:49 —-HD—- C:WINDOWS$hf_mig$
    2009-08-15 23:25:05 —-HDC—- C:WINDOWS$NtUninstallKB941569$
    2009-08-15 23:19:44 —-N—- C:WINDOWSsystem32ieencode.dll
    2009-08-15 23:08:14 —-D—- C:Documents and SettingsAll UsersApplication DataWindows Genuine Advantage
    2009-08-15 23:06:54 —-A—- C:WINDOWSsystem32wuauclt.exe
    2009-08-15 23:06:54 —-A—- C:WINDOWSsystem32wuapi.dll.mui
    2009-08-15 23:06:53 —-D—- C:WINDOWSsystem32SoftwareDistribution
    2009-08-15 22:49:49 —-SHD—- C:RECYCLER
    2009-08-15 21:35:29 —-D—- C:Documents and SettingsАдминистраторApplication DataAhead
    2009-08-15 21:33:47 —-D—- C:Documents and SettingsAll UsersApplication DataNero
    2009-08-15 21:33:46 —-D—- C:Program FilesNero
    2009-08-15 21:33:46 —-D—- C:Program FilesCommon FilesAhead
    2009-08-15 21:19:35 —-D—- C:Program FilesSateira
    2009-08-15 21:19:30 —-D—- C:Program FilesAce Utilities
    2009-08-15 21:08:04 —-D—- C:Program FilesAdobe
    2009-08-15 21:07:14 —-D—- C:Program FilesCommon FilesAdobe AIR
    2009-08-15 21:06:17 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
    2009-08-15 21:06:09 —-D—- C:Program FilesCommon FilesAdobe
    2009-08-15 21:02:33 —-A—- C:WINDOWSsystem32rmoc3260.dll
    2009-08-15 21:02:33 —-A—- C:WINDOWSsystem32pndx5032.dll
    2009-08-15 21:02:33 —-A—- C:WINDOWSsystem32pndx5016.dll
    2009-08-15 21:02:33 —-A—- C:WINDOWSsystem32pncrt.dll
    2009-08-15 21:02:30 —-A—- C:WINDOWSsystem32unrar.dll
    2009-08-15 21:02:29 —-A—- C:WINDOWSavisplitter.ini
    2009-08-15 21:02:22 —-A—- C:WINDOWSsystem32yv12vfw.dll
    2009-08-15 21:02:20 —-A—- C:WINDOWSsystem32xvidvfw.dll
    2009-08-15 21:02:20 —-A—- C:WINDOWSsystem32xvidcore.dll
    2009-08-15 21:02:19 —-A—- C:WINDOWSsystem32qt-dx331.dll
    2009-08-15 21:02:19 —-A—- C:WINDOWSsystem32dpl100.dll
    2009-08-15 21:02:14 —-A—- C:WINDOWSsystem32divx.dll
    2009-08-15 21:02:12 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
    2009-08-15 21:02:12 —-A—- C:WINDOWSsystem32ff_vfw.dll
    2009-08-15 21:02:09 —-A—- C:WINDOWSsystem32msvcr71.dll
    2009-08-15 21:02:09 —-A—- C:WINDOWSsystem32msvcp71.dll
    2009-08-15 21:02:07 —-D—- C:Documents and SettingsАдминистраторApplication DataReal
    2009-08-15 21:02:07 —-D—- C:Documents and SettingsAll UsersApplication DataReal
    2009-08-15 20:15:14 —-D—- C:Documents and SettingsАдминистраторApplication DataMxBoost
    2009-08-15 17:49:34 —-A—- C:WINDOWSsystem32usbui.dll
    2009-08-15 17:48:58 —-SHD—- C:WINDOWSInstaller
    2009-08-15 17:48:58 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
    2009-08-15 17:48:57 —-RD—- C:Program Files
    2009-08-15 17:48:57 —-D—- C:Program FilesCommon FilesODBC
    2009-08-15 17:48:57 —-D—- C:Program FilesCommon Files
    2009-08-15 17:48:57 —-A—- C:WINDOWSODBCINST.INI
    2009-08-15 17:48:49 —-A—- C:WINDOWSsystem32irclass.dll
    2009-08-15 17:48:46 —-N—- C:WINDOWSsystem32CONFIG.TMP
    2009-08-15 17:48:46 —-A—- C:WINDOWSTASKMAN.EXE
    2009-08-15 17:48:45 —-A—- C:WINDOWSsystem32batt.dll
    2009-08-15 17:48:44 —-A—- C:WINDOWSsystem32storprop.dll
    2009-08-15 17:48:44 —-A—- C:WINDOWSNOTEPAD.EXE
    2009-08-15 17:48:38 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
    2009-08-15 17:48:32 —-RA—- C:WINDOWSSET4.tmp
    2009-08-15 17:48:31 —-RA—- C:WINDOWSSET3.tmp
    2009-08-15 17:48:26 —-D—- C:WINDOWSsystem32CatRoot2
    2009-08-15 17:48:26 —-D—- C:WINDOWSsystem32CatRoot
    2009-08-15 17:48:20 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
    2009-08-15 17:48:00 —-A—- C:WINDOWSsetuplog.txt
    2009-08-15 17:47:57 —-SHD—- C:System Volume Information
    2009-08-15 17:47:57 —-D—- C:Documents and Settings
    2009-08-15 17:47:16 —-SH—- C:boot.ini
    2009-08-15 17:45:47 —-RSD—- C:WINDOWSFonts
    2009-08-15 17:45:47 —-RD—- C:WINDOWSWeb
    2009-08-15 17:45:47 —-HD—- C:WINDOWSinf
    2009-08-15 17:45:47 —-D—- C:WINDOWSWinSxS
    2009-08-15 17:45:47 —-D—- C:WINDOWStwain_32
    2009-08-15 17:45:47 —-D—- C:WINDOWSTemp
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32wins
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32wbem
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32usmt
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32spool
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32ShellExt
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32Setup
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32ru-ru
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32ru
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32ras
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32npp
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32mui
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32IME
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32icsxml
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32ias
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32export
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32drivers
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32dhcp
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32config
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem323com_dmi
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem323076
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem322052
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem321054
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem321049
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem321042
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem321041
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem321037
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem321033
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem321031
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem321028
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem321025
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem32
    2009-08-15 17:45:47 —-D—- C:WINDOWSsystem
    2009-08-15 17:45:47 —-D—- C:WINDOWSsecurity
    2009-08-15 17:45:47 —-D—- C:WINDOWSResources
    2009-08-15 17:45:47 —-D—- C:WINDOWSrepair
    2009-08-15 17:45:47 —-D—- C:WINDOWSProvisioning
    2009-08-15 17:45:47 —-D—- C:WINDOWSPeerNet
    2009-08-15 17:45:47 —-D—- C:WINDOWSNetwork Diagnostic
    2009-08-15 17:45:47 —-D—- C:WINDOWSmui
    2009-08-15 17:45:47 —-D—- C:WINDOWSmsapps
    2009-08-15 17:45:47 —-D—- C:WINDOWSL2Schemas
    2009-08-15 17:45:47 —-D—- C:WINDOWSjava
    2009-08-15 17:45:47 —-D—- C:WINDOWSime
    2009-08-15 17:45:47 —-D—- C:WINDOWSHelp
    2009-08-15 17:45:47 —-D—- C:WINDOWSDriver Cache
    2009-08-15 17:45:47 —-D—- C:WINDOWSDebug
    2009-08-15 17:45:47 —-D—- C:WINDOWSCursors
    2009-08-15 17:45:47 —-D—- C:WINDOWSConnection Wizard
    2009-08-15 17:45:47 —-D—- C:WINDOWSConfig
    2009-08-15 17:45:47 —-D—- C:WINDOWSAppPatch
    2009-08-15 17:45:47 —-D—- C:WINDOWSaddins
    2009-08-15 17:45:47 —-D—- C:WINDOWS
    2009-08-15 17:06:16 —-D—- C:Documents and SettingsАдминистраторApplication DataMacromedia
    2009-08-15 17:06:15 —-D—- C:Documents and SettingsАдминистраторApplication DataAdobe
    2009-08-15 15:39:57 —-D—- C:Program FilesCommon FilesSymantec Shared
    2009-08-15 15:39:57 —-A—- C:WINDOWSsystem32S32EVNT1.DLL
    2009-08-15 15:39:09 —-D—- C:Program FilesWindows Sidebar
    2009-08-15 15:39:09 —-D—- C:Program FilesNorton AntiVirus
    2009-08-15 15:39:09 —-D—- C:Documents and SettingsAll UsersApplication DataNorton
    2009-08-15 15:38:54 —-D—- C:Program FilesNortonInstaller
    2009-08-15 15:38:54 —-D—- C:Documents and SettingsAll UsersApplication DataNortonInstaller
    2009-08-15 15:21:42 —-D—- C:Documents and SettingsАдминистраторApplication DataATI
    2009-08-15 15:21:42 —-D—- C:Documents and SettingsAll UsersApplication DataATI
    2009-08-15 15:17:27 —-D—- C:Program FilesCommon FilesATI Technologies
    2009-08-15 15:14:05 —-D—- C:WINDOWSPCHEALTH
    2009-08-15 15:13:17 —-N—- C:WINDOWSsystem32ati2sgag.exe
    2009-08-15 15:13:15 —-RA—- C:WINDOWSsystem32atiiiexx.dll
    2009-08-15 15:13:14 —-RA—- C:WINDOWSsystem32ATIDEMGX.dll
    2009-08-15 15:12:50 —-D—- C:Program FilesATI Technologies
    2009-08-15 15:06:23 —-RA—- C:WINDOWSsystem32nvuide.exe
    2009-08-15 15:06:23 —-RA—- C:WINDOWSsystem32NvRaidWizardEnu.dll
    2009-08-15 15:06:23 —-RA—- C:WINDOWSsystem32NvRaidSvEnu.dll
    2009-08-15 15:06:23 —-RA—- C:WINDOWSsystem32nvraidservice.exe
    2009-08-15 15:06:23 —-RA—- C:WINDOWSsystem32NvRaidMan.exe
    2009-08-15 15:06:23 —-RA—- C:WINDOWSsystem32NvRaidEnu.dll
    2009-08-15 15:06:22 —-RA—- C:WINDOWSsystem32NvRaidWizard.dll
    2009-08-15 15:06:19 —-A—- C:WINDOWSsystem32nvraidco.dll
    2009-08-15 15:06:15 —-RA—- C:WINDOWSsystem32idecoi.dll
    2009-08-15 15:05:18 —-A—- C:WINDOWSsystem32ksuser.dll
    2009-08-15 15:05:14 —-D—- C:Program FilesRealtek Sound Manager
    2009-08-15 15:05:13 —-N—- C:WINDOWSavrack.ini
    2009-08-15 15:05:13 —-D—- C:Program FilesAvRack
    2009-08-15 15:05:11 —-A—- C:WINDOWSsystem32Audio3D.dll
    2009-08-15 15:05:11 —-A—- C:WINDOWSsystem32a3d.dll
    2009-08-15 15:05:10 —-A—- C:WINDOWSsystem32RTLCPAPI.dll
    2009-08-15 15:05:10 —-A—- C:WINDOWSSOUNDMAN.EXE
    2009-08-15 15:05:09 —-N—- C:WINDOWSsystem32ChCfg.exe
    2009-08-15 15:05:07 —-A—- C:WINDOWSsystem32RTLCPL.EXE
    2009-08-15 15:05:01 —-N—- C:WINDOWSalcupd.exe
    2009-08-15 15:05:01 —-N—- C:WINDOWSalcrmv.exe
    2009-08-15 15:04:46 —-D—- C:WINDOWSOPTIONS
    2009-08-15 15:04:38 —-D—- C:Program FilesGigabyte
    2009-08-15 15:04:36 —-A—- C:WINDOWSIsUninst.exe
    2009-08-15 15:02:21 —-RA—- C:WINDOWSsystem32fdco1.dll
    2009-08-15 15:02:17 —-RA—- C:WINDOWSsystem32nvconrm.dll
    2009-08-15 15:02:17 —-RA—- C:WINDOWSsystem32bdco1.dll
    2009-08-15 15:02:17 —-A—- C:WINDOWSsystem32nvunrm.exe
    2009-08-15 15:02:16 —-RA—- C:WINDOWSsystem32nvusmb.exe
    2009-08-15 15:02:16 —-A—- C:WINDOWSsystem32NVUNINST.EXE
    2009-08-15 15:02:13 —-RA—- C:WINDOWSsystem32NVCOG.DLL
    2009-08-15 15:02:13 —-A—- C:WINDOWSsystem32nvugart.exe
    2009-08-15 15:02:12 —-D—- C:WINDOWSsystem32ReinstallBackups
    2009-08-15 14:53:50 —-HD—- C:Program FilesInstallShield Installation Information
    2009-08-15 14:53:19 —-D—- C:Program FilesSymantec
    2009-08-15 14:52:14 —-D—- C:Program FilesCommon FilesInstallShield
    2009-08-15 14:03:10 —-HD—- C:Program FilesUninstall Information
    2009-08-15 14:03:00 —-SD—- C:Documents and SettingsАдминистраторApplication DataMicrosoft
    2009-08-15 14:03:00 —-ASH—- C:Documents and SettingsАдминистраторApplication Datadesktop.ini
    2009-08-15 13:58:46 —-D—- C:Program FilesWindows Media Connect 2
    2009-08-15 13:58:24 —-D—- C:Program FilesWindows Media Player
    2009-08-15 13:58:10 —-N—- C:WINDOWSsystem32spmsg.dll
    2009-08-15 13:58:10 —-A—- C:WINDOWSsystem32spupdsvc.exe
    2009-08-15 13:58:02 —-N—- C:WINDOWSsystem32WUDFx.dll
    2009-08-15 13:58:02 —-N—- C:WINDOWSsystem32WudfSvc.dll
    2009-08-15 13:58:02 —-N—- C:WINDOWSsystem32WudfPlatform.dll
    2009-08-15 13:58:02 —-N—- C:WINDOWSsystem32WUDFCoinstaller.dll
    2009-08-15 13:58:01 —-N—- C:WINDOWSsystem32wpdsp.dll
    2009-08-15 13:58:01 —-N—- C:WINDOWSsystem32WPDShServiceObj.dll
    2009-08-15 13:58:01 —-N—- C:WINDOWSsystem32WpdShext.dll
    2009-08-15 13:58:01 —-N—- C:WINDOWSsystem32wpdmtpus.dll
    2009-08-15 13:58:01 —-N—- C:WINDOWSsystem32wpdmtp.dll
    2009-08-15 13:58:01 —-N—- C:WINDOWSsystem32wpdconns.dll
    2009-08-15 13:58:01 —-N—- C:WINDOWSsystem32wpd_ci.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32WMVXENCD.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32WMVSENCD.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32WMVSDECD.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32WMVENCOD.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32wmvdmoe2.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32wmvdmod.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32WMVDECOD.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32WMVADVE.DLL
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32WMVADVD.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32wmspdmoe.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32WMSPDMOD.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32wmsdmoe2.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32wmsdmod.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32wmpsrcwp.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32wmpshell.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32wmpps.dll
    2009-08-15 13:58:00 —-N—- C:WINDOWSsystem32wmpmde.dll
    2009-08-15 13:57:59 —-N—- C:WINDOWSsystem32wmpencen.dll
    2009-08-15 13:57:59 —-N—- C:WINDOWSsystem32wmpeffects.dll
    2009-08-15 13:57:59 —-N—- C:WINDOWSsystem32wmpdxm.dll
    2009-08-15 13:57:59 —-N—- C:WINDOWSsystem32wmpasf.dll
    2009-08-15 13:57:58 —-N—- C:WINDOWSsystem32wmp.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32WudfHost.exe
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32wpdshextautoplay.exe
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32wmerror.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32wmdrmsdk.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32wmdrmnet.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32wmdrmdev.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32wmdmps.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32wmdmlog.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32WMADMOE.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32WMADMOD.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32wdfapi.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32PortableDeviceWMDRM.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32PortableDeviceWiaCompat.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32PortableDeviceTypes.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32PortableDeviceClassExtension.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32PortableDeviceApi.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32mswmdm.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32msscp.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32mspmsp.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32mspmsnsv.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32msnetobj.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32msdelta.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32MPG4DMOD.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32MPG4DECD.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32MP4SDMOD.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32MP4SDECD.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32MP43DMOD.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32MP43DECD.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32MFPLAT.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32LAPRXY.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32drmv2clt.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32cewmdm.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32blackbox.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32audiodev.dll
    2009-08-15 13:57:57 —-N—- C:WINDOWSsystem32asferror.dll
    2009-08-15 13:57:57 —-A—- C:WINDOWSsystem32WMNetmgr.dll
    2009-08-15 13:57:56 —-N—- C:WINDOWSsystem32wdfmgr.exe
    2009-08-15 13:57:56 —-N—- C:WINDOWSsystem32uwdf.exe
    2009-08-15 13:57:56 —-N—- C:WINDOWSsystem32logagent.exe
    2009-08-15 13:57:56 —-N—- C:WINDOWSsystem32drmupgds.exe
    2009-08-15 13:57:34 —-N—- C:WINDOWSsystem32wpdshextres.dll
    2009-08-15 13:57:29 —-AD—- C:WINDOWSMedia
    2009-08-15 13:57:20 —-A—- C:WINDOWSsystem32rebuild.exe
    2009-08-15 13:57:18 —-RSD—- C:WINDOWSassembly
    2009-08-15 13:57:15 —-D—- C:WINDOWSMicrosoft.NET
    2009-08-15 13:56:41 —-A—- C:WINDOWScontrol.ini
    2009-08-15 13:56:41 —-A—- C:AUTOEXEC.BAT
    2009-08-15 13:56:38 —-A—- C:WINDOWSOEWABLog.txt
    2009-08-15 13:56:34 —-A—- C:WINDOWSsystem32mapi32.dll
    2009-08-15 13:56:32 —-D—- C:WINDOWSsystem32dllcache
    2009-08-15 13:56:25 —-D—- C:WINDOWS%TempDir%
    2009-08-15 13:55:43 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
    2009-08-15 13:55:37 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
    2009-08-15 13:55:30 —-HD—- C:Program FilesWindowsUpdate
    2009-08-15 13:55:19 —-A—- C:WINDOWSsystem32desktop.ini
    2009-08-15 13:55:19 —-A—- C:WINDOWSdesktop.ini
    2009-08-15 13:55:14 —-D—- C:Program FilesCommon FilesServices
    2009-08-15 13:55:14 —-A—- C:WINDOWSsystem32acctres.dll
    2009-08-15 13:55:10 —-A—- C:WINDOWSsystem32icfgnt5.dll
    2009-08-15 13:55:08 —-D—- C:Program FilesCommon FilesMSSoap
    2009-08-15 13:55:05 —-D—- C:WINDOWSsystem32Macromed
    2009-08-15 13:55:05 —-A—- C:WINDOWSsystem32wuweb.dll
    2009-08-15 13:55:05 —-A—- C:WINDOWSsystem32wucltui.dll
    2009-08-15 13:55:05 —-A—- C:WINDOWSsystem32wuauserv.dll
    2009-08-15 13:55:05 —-A—- C:WINDOWSsystem32wuaueng1.dll
    2009-08-15 13:55:04 —-A—- C:WINDOWSsystem32wups.dll
    2009-08-15 13:55:04 —-A—- C:WINDOWSsystem32wuaueng.dll
    2009-08-15 13:55:04 —-A—- C:WINDOWSsystem32wuauclt1.exe
    2009-08-15 13:55:03 —-A—- C:WINDOWSsystem32wuapi.dll
    2009-08-15 13:55:03 —-A—- C:WINDOWSsystem32qmgrprxy.dll
    2009-08-15 13:55:03 —-A—- C:WINDOWSsystem32qmgr.dll
    2009-08-15 13:55:03 —-A—- C:WINDOWSsystem32bitsprx4.dll
    2009-08-15 13:55:03 —-A—- C:WINDOWSsystem32bitsprx3.dll
    2009-08-15 13:55:03 —-A—- C:WINDOWSsystem32bitsprx2.dll
    2009-08-15 13:55:01 —-A—- C:WINDOWSsystem32msoert2.dll
    2009-08-15 13:55:01 —-A—- C:WINDOWSsystem32msoeacct.dll
    2009-08-15 13:55:01 —-A—- C:WINDOWSsystem32fltMc.exe
    2009-08-15 13:55:01 —-A—- C:WINDOWSsystem32fltlib.dll
    2009-08-15 13:54:59 —-A—- C:WINDOWSsystem32inetres.dll
    2009-08-15 13:54:59 —-A—- C:WINDOWSsystem32inetcomm.dll
    2009-08-15 13:54:55 —-D—- C:Program FilesOutlook Express
    2009-08-15 13:54:55 —-A—- C:WINDOWSsystem32isign32.dll
    2009-08-15 13:54:55 —-A—- C:WINDOWSsystem32inetcfg.dll
    2009-08-15 13:54:55 —-A—- C:WINDOWSsystem32icwphbk.dll
    2009-08-15 13:54:55 —-A—- C:WINDOWSsystem32icwdial.dll
    2009-08-15 13:54:46 —-D—- C:Program FilesCommon FilesSystem
    2009-08-15 13:54:45 —-D—- C:Program FilesCommon FilesMicrosoft Shared
    2009-08-15 13:54:32 —-D—- C:Program FilesComPlus Applications
    2009-08-15 13:54:30 —-A—- C:WINDOWSvbaddin.ini
    2009-08-15 13:54:30 —-A—- C:WINDOWSvb.ini
    2009-08-15 13:54:25 —-D—- C:WINDOWSRegistration
    2009-08-15 13:53:20 —-D—- C:Program FilesVistaDriveIcon
    2009-08-15 13:53:15 —-SD—- C:WINDOWSDownloaded Program Files
    2009-08-15 13:53:15 —-RD—- C:WINDOWSOffline Web Pages
    2009-08-15 13:53:15 —-A—- C:WINDOWSsystem32WinFXDocObj.exe
    2009-08-15 13:53:14 —-D—- C:WINDOWSwbem
    2009-08-15 13:53:14 —-A—- C:WINDOWSsystem32msfeedssync.exe
    2009-08-15 13:53:14 —-A—- C:WINDOWSsystem32msfeedsbs.dll
    2009-08-15 13:53:12 —-A—- C:WINDOWSsystem32ieframe.dll.mui
    2009-08-15 13:53:11 —-D—- C:Program FilesInternet Explorer
    2009-08-15 13:53:11 —-A—- C:WINDOWSsystem32advpack.dll.mui
    2009-08-15 13:53:09 —-D—- C:WINDOWSsystem32PreInstall
    2009-08-15 13:53:08 —-D—- C:WINDOWSSoftwareDistribution
    2009-08-15 13:53:08 —-A—- C:WINDOWSsystem32muweb.dll
    2009-08-15 13:53:07 —-A—- C:WINDOWSsystem32sndvol32.exe
    2009-08-15 13:53:07 —-A—- C:WINDOWSsystem32gpprefcl.dll
    2009-08-15 13:53:03 —-A—- C:WINDOWSsystem32getuname.dll
    2009-08-15 13:53:02 —-A—- C:WINDOWSsystem32sol.exe
    2009-08-15 13:53:02 —-A—- C:WINDOWSsystem32charmap.exe
    2009-08-15 13:53:02 —-A—- C:WINDOWSsystem32calc.exe
    2009-08-15 13:53:01 —-A—- C:WINDOWSsystem32winmine.exe
    2009-08-15 13:53:01 —-A—- C:WINDOWSsystem32reset.exe
    2009-08-15 13:53:01 —-A—- C:WINDOWSsystem32mshearts.exe
    2009-08-15 13:53:01 —-A—- C:WINDOWSsystem32freecell.exe
    2009-08-15 13:53:00 —-A—- C:WINDOWSsystem32usrlogon.cmd
    2009-08-15 13:53:00 —-A—- C:WINDOWSsystem32tsshutdn.exe
    2009-08-15 13:53:00 —-A—- C:WINDOWSsystem32tslabels.ini
    2009-08-15 13:53:00 —-A—- C:WINDOWSsystem32tskill.exe
    2009-08-15 13:53:00 —-A—- C:WINDOWSsystem32tsdiscon.exe
    2009-08-15 13:53:00 —-A—- C:WINDOWSsystem32tscon.exe
    2009-08-15 13:52:59 —-A—- C:WINDOWSsystem32shadow.exe
    2009-08-15 13:52:59 —-A—- C:WINDOWSsystem32rwinsta.exe
    2009-08-15 13:52:59 —-A—- C:WINDOWSsystem32regini.exe
    2009-08-15 13:52:59 —-A—- C:WINDOWSsystem32rdpcfgex.dll
    2009-08-15 13:52:59 —-A—- C:WINDOWSsystem32qwinsta.exe
    2009-08-15 13:52:59 —-A—- C:WINDOWSsystem32qappsrv.exe
    2009-08-15 13:52:59 —-A—- C:WINDOWSsystem32msg.exe
    2009-08-15 13:52:59 —-A—- C:WINDOWSsystem32logoff.exe
    2009-08-15 13:52:59 —-A—- C:WINDOWSsystem32cdmodem.dll
    2009-08-15 13:52:58 —-A—- C:WINDOWSsystem32msdtcprf.ini
    2009-08-15 13:52:51 —-A—- C:WINDOWSsystem32wmimgmt.msc
    2009-08-15 13:52:51 —-A—- C:WINDOWSsystem32mspaint.exe
    2009-08-15 13:52:50 —-A—- C:WINDOWSsystem32spider.exe
    2009-08-15 13:52:50 —-A—- C:WINDOWSsystem32clipbrd.exe
    2009-08-15 13:52:48 —-A—- C:WINDOWSsystem32tsgqec.dll
    2009-08-15 13:52:48 —-A—- C:WINDOWSsystem32tscfgwmi.dll
    2009-08-15 13:52:47 —-A—- C:WINDOWSsystem32rhttpaa.dll
    2009-08-15 13:52:47 —-A—- C:WINDOWSsystem32aaclient.dll
    2009-08-15 13:52:46 —-A—- C:WINDOWSsystem32remotepg.dll
    2009-08-15 13:52:46 —-A—- C:WINDOWSsystem32mstscax.dll
    2009-08-15 13:52:46 —-A—- C:WINDOWSsystem32mstsc.exe
    2009-08-15 13:52:45 —-A—- C:WINDOWSsystem32sessmgr.exe
    2009-08-15 13:52:45 —-A—- C:WINDOWSsystem32rdshost.exe
    2009-08-15 13:52:45 —-A—- C:WINDOWSsystem32rdsaddin.exe
    2009-08-15 13:52:45 —-A—- C:WINDOWSsystem32rdchost.dll
    2009-08-15 13:52:44 —-A—- C:WINDOWSsystem32termsrv.dll
    2009-08-15 13:52:44 —-A—- C:WINDOWSsystem32rdpwsx.dll
    2009-08-15 13:52:44 —-A—- C:WINDOWSsystem32rdpsnd.dll
    2009-08-15 13:52:44 —-A—- C:WINDOWSsystem32rdpclip.exe
    2009-08-15 13:52:44 —-A—- C:WINDOWSsystem32qprocess.exe
    2009-08-15 13:52:44 —-A—- C:WINDOWSsystem32icaapi.dll
    2009-08-15 13:52:43 —-D—- C:WINDOWSsystem32MsDtc
    2009-08-15 13:52:43 —-A—- C:WINDOWSsystem32mtxoci.dll
    2009-08-15 13:52:43 —-A—- C:WINDOWSsystem32msdtcuiu.dll
    2009-08-15 13:52:43 —-A—- C:WINDOWSsystem32cfgbkend.dll
    2009-08-15 13:52:42 —-A—- C:WINDOWSsystem32xolehlp.dll
    2009-08-15 13:52:42 —-A—- C:WINDOWSsystem32msdtctm.dll
    2009-08-15 13:52:42 —-A—- C:WINDOWSsystem32msdtcprx.dll
    2009-08-15 13:52:42 —-A—- C:WINDOWSsystem32msdtclog.dll
    2009-08-15 13:52:42 —-A—- C:WINDOWSsystem32msdtc.exe
    2009-08-15 13:52:41 —-D—- C:WINDOWSsystem32Com
    2009-08-15 13:52:41 —-A—- C:WINDOWSsystem32mtxlegih.dll
    2009-08-15 13:52:41 —-A—- C:WINDOWSsystem32mtxex.dll
    2009-08-15 13:52:41 —-A—- C:WINDOWSsystem32mtxdm.dll
    2009-08-15 13:52:41 —-A—- C:WINDOWSsystem32dcomcnfg.exe
    2009-08-15 13:52:41 —-A—- C:WINDOWSsystem32comrepl.dll
    2009-08-15 13:52:41 —-A—- C:WINDOWSsystem32comaddin.dll
    2009-08-15 13:52:41 —-A—- C:WINDOWSsystem32colbact.dll
    2009-08-15 13:52:40 —-A—- C:WINDOWSsystem32stclient.dll
    2009-08-15 13:52:40 —-A—- C:WINDOWSsystem32clbcatex.dll
    2009-08-15 13:52:40 —-A—- C:WINDOWSsystem32catsrvut.dll
    2009-08-15 13:52:40 —-A—- C:WINDOWSsystem32catsrvps.dll
    2009-08-15 13:52:40 —-A—- C:WINDOWSsystem32catsrv.dll
    2009-08-15 13:52:39 —-A—- C:WINDOWSsystem32comuid.dll
    2009-08-15 13:52:39 —-A—- C:WINDOWSsystem32comsvcs.dll
    2009-08-15 13:52:39 —-A—- C:WINDOWSsystem32comsnap.dll
    2009-08-15 13:52:39 —-A—- C:WINDOWSsystem32clbcatq.dll
    2009-08-15 13:52:31 —-A—- C:WINDOWSsystem32servdeps.dll
    2009-08-15 13:52:30 —-A—- C:WINDOWSsystem32mmfutil.dll
    2009-08-15 13:52:30 —-A—- C:WINDOWSsystem32licwmi.dll
    2009-08-15 13:52:30 —-A—- C:WINDOWSsystem32cmprops.dll

    ======List of files/folders modified in the last 1 months======

    2009-08-15 17:48:55 —-A—- C:WINDOWSsystem.ini
    2009-08-15 15:11:41 —-A—- C:WINDOWSwin.ini
    2009-08-05 13:01:17 —-A—- C:WINDOWSsystem32mswebdvd.dll
    2009-07-29 08:36:47 —-A—- C:WINDOWSsystem32t2embed.dll
    2009-07-29 08:36:47 —-A—- C:WINDOWSsystem32fontsub.dll
    2009-07-19 18:46:50 —-A—- C:WINDOWSsystem32ieframe.dll
    2009-07-19 17:16:51 —-A—- C:WINDOWSsystem32mshtml.dll
    2009-07-17 23:03:39 —-A—- C:WINDOWSsystem32atl.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 BHDrvx86;Symantec Heuristics Driver; ??C:WINDOWSsystem32driversNAV1000000.07DBHDrvx86.sys []
    R1 ccHP;Symantec Hash Provider; ??C:WINDOWSsystem32driversNAV1000000.07DccHPx86.sys []
    R1 eeCtrl;Symantec Eraser Control driver; ??C:Program FilesCommon FilesSymantec SharedEENGINEeeCtrl.sys []
    R1 IDSxpx86;IDSxpx86; ??C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsipsdefs20090810.001IDSxpx86.sys []
    R1 PQNTDrv;PQNTDrv; C:WINDOWSsystem32driversPQNTDrv.sys [2004-05-05 4228]
    R1 SRTSP;SRTSP; ??C:WINDOWSsystem32driversNAV1000000.07DSRTSP.SYS []
    R1 SRTSPX;SRTSPX; ??C:WINDOWSsystem32driversNAV1000000.07DSRTSPX.SYS []
    R1 SYMTDI;SYMTDI; ??C:WINDOWSsystem32driversNAV1000000.07DSYMTDI.SYS []
    R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2008-07-08 62848]
    R3 ALCXSENS;Service for WDM 3D Audio Driver; C:WINDOWSsystem32driversALCXSENS.SYS [2004-02-24 400384]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2004-08-02 635281]
    R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2008-09-24 3331072]
    R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:WINDOWSsystem32driversAtiHdmi.sys [2008-07-02 89600]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv; ??C:Program FilesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys []
    R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
    R3 NAVENG;NAVENG; ??C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090815.019NAVENG.SYS []
    R3 NAVEX15;NAVEX15; ??C:Documents and SettingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090815.019NAVEX15.SYS []
    R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2004-05-17 12928]
    R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:WINDOWSsystem32DRIVERSRtlnic51.sys [2003-12-31 69504]
    R3 SymantecAntiBotDriver;SymantecAntiBotDriver; ??C:Program FilesSymantecNorton AntiBotagentdriverAntiBotDriver.sys []
    R3 SymantecAntiBotFilter;SymantecAntiBotFilter; ??C:Program FilesSymantecNorton AntiBotagentdriverAntiBotFilter.sys []
    R3 SymantecAntiBotShim;SymantecAntiBotShim; ??C:Program FilesSymantecNorton AntiBotagentdriverAntiBotShim.sys []
    R3 SYMDNS;SYMDNS; ??C:WINDOWSsystem32driversNAV1000000.07DSYMDNS.SYS []
    R3 SymEvent;SymEvent; ??C:WINDOWSsystem32DriversSYMEVENT.SYS []
    R3 SYMFW;SYMFW; ??C:WINDOWSsystem32driversNAV1000000.07DSYMFW.SYS []
    R3 SYMIDS;SYMIDS; ??C:WINDOWSsystem32driversNAV1000000.07DSYMIDS.SYS []
    R3 SymIMMP;SymIMMP; C:WINDOWSsystem32DRIVERSSymIM.sys [2009-08-15 35888]
    R3 SYMNDIS;SYMNDIS; ??C:WINDOWSsystem32driversNAV1000000.07DSYMNDIS.SYS []
    R3 SYMREDRV;SYMREDRV; ??C:WINDOWSsystem32driversNAV1000000.07DSYMREDRV.SYS []
    R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
    R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
    R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-04-15 17152]
    S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2004-05-17 33280]
    S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2008-04-13 20992]
    S3 SymIM;Symantec Network Security Intermediate Filter Service; C:WINDOWSsystem32DRIVERSSymIM.sys [2009-08-15 35888]
    S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2008-09-24 581632]
    R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
    R2 Norton AntiVirus;Norton AntiVirus; C:Program FilesNorton AntiVirusEngine16.0.0.125ccSvcHst.exe [2009-08-15 115560]
    R2 SymantecAntiBotAgent;SymantecAntiBotAgent; C:Program FilesSymantecNorton AntiBotagentBinNABAgent.exe [2007-11-12 4909592]
    R2 SymantecAntiBotWatcher;SymantecAntiBotWatcher; C:Program FilesSymantecNorton AntiBotagentBinNABWatcher.exe [2007-11-12 539160]
    S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2008-09-23 593920]
    S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
    S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
    S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]
    S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]

    EOF

  • Автор
    Сообщения
Просмотр 2 сообщений - с 1 по 2 (из 2 всего)

Добро пожаловать

На нашем сайте размещены инструкции и программы, которые помогут вам абсолютно бесплатно и самостоятельно удалить навязчивую рекламу, вирусы и трояны.

Поиск

Важные инструкции

Удалить всплывающие окна, рекламу, уведомления в Chrome
Удалить вирус, всплывающие окна и рекламу в Mac OS X
Рекламный вирус в Планировщике заданий
Как запустить компьютер в безопасном режиме (Safe Mode)
Какой лучший антивирус ? Как выбрать антивирус ?

СПАЙВАРЕ РУ

  • О Спайваре Ру
  • Контакты
  • Реклама на сайте
  • Политика конфиденциальности
  • Правила использования

Нужна помощь?

Задайте свой вопрос прямо сейчас кликнув по следующей ссылке Задать вопрос.

Или обратитесь на наш форум, где команда Spyware-ru поможет вам. Узнайте, как попросить о помощи здесь.

Ссылки

  • Инструкции
  • Скачать программы
  • Помощь в удалении вирусов
  • Как вылечить компьютер
Copyright © 2008 - 2024 Spyware-RU.com (en)