Созданные ответы форума
-
Сообщения
-
все я закрыл этот значек,он меня постоянно просил обновить компоненты Windows.Спасибо за помощь,ваш ворум мне очень помог 😀
Компьютер работает вроде нормально,окна с предуприждениями уже не вылазят.Но внизу в углу экрана остался значек(оповещение системы безопасности Windows),который переодически меня предупреждает о «опасности»,и урать его не как не могу 🙁
ComboFix 09-08-27.A3 — Admin 28.08.2009 21:36.8.1 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.7.1049.18.511.150 [GMT 4:00]
Running from: c:анти вирусыComboFix.exe
Command switches used :: c:documents and settingsAdminРабочий столCFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: R-Firewall *enabled* {5BD9A3DC-50A1-4B8B-9FFF-1BDFBD36831B}
.((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-28 )))))))))))))))))))))))))))))))
.2009-08-28 13:26 . 2009-08-25 08:00 1647984 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090827.053NAVEX32A.DLL
2009-08-28 13:26 . 2009-08-26 08:00 371248 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090827.053EECTRL.SYS
2009-08-28 13:26 . 2009-08-26 08:00 2747440 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090827.053CCERASER.DLL
2009-08-28 13:26 . 2009-08-26 08:00 102448 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090827.053ERASER.SYS
2009-08-28 13:26 . 2009-08-25 08:00 84912 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090827.053NAVENG.SYS
2009-08-28 13:26 . 2009-08-25 08:00 259440 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090827.053ECMSVR32.DLL
2009-08-28 13:26 . 2009-08-25 08:00 177520 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090827.053NAVENG32.DLL
2009-08-28 13:26 . 2009-08-25 08:00 1323568 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090827.053NAVEX15.SYS
2009-08-19 17:32 . 2009-08-03 09:36 38160 —-a-w- c:windowssystem32driversmbamswissarmy.sys
2009-08-19 17:32 . 2009-08-03 09:36 19096 —-a-w- c:windowssystem32driversmbam.sys
2009-08-19 17:32 . 2009-08-19 17:32
d
w- c:program filesMalwarebytes’ Anti-Malware
2009-08-17 13:36 . 2009-08-26 18:51
d
w- c:program filestrend micro
2009-08-17 13:36 . 2009-08-17 13:37
d
w- C:rsit
2009-08-17 12:25 . 2009-08-17 12:25 0 —-a-w- C:backup.reg
2009-08-17 12:12 . 2009-08-17 12:32 574 —-a-w- C:cleanup.bat
2009-08-17 09:02 . 2009-07-11 19:34 276344 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090810.001IDSXpx86.sys
2009-08-17 09:02 . 2009-07-11 19:34 293424 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090810.001IDSvix86.sys
2009-08-17 09:02 . 2009-07-11 19:34 533880 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090810.001Scxpx86.dll
2009-08-17 09:02 . 2009-07-11 19:34 451960 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090810.001IDSxpx86.dll
2009-08-17 09:02 . 2009-07-11 19:34 397360 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090810.001IDSviA64.sys
2009-08-16 19:39 . 2009-08-16 19:39 36400 —-a-r- c:windowssystem32driversSymIM.sys
2009-08-16 19:39 . 2009-08-16 20:00
d
w- c:program filesCommon FilesSymantec Shared
2009-08-16 19:39 . 2009-08-16 19:39 60808 —-a-w- c:windowssystem32S32EVNT1.DLL
2009-08-16 19:39 . 2009-08-16 19:39 124464 —-a-w- c:windowssystem32driversSYMEVENT.SYS
2009-08-16 19:39 . 2009-08-16 19:39 136840 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonSyKnAppSpatch25.dll
2009-08-16 19:39 . 2009-08-16 19:39 1290592 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonSyKnAppSSyKnAppS.dll
2009-08-16 19:39 . 2009-08-16 19:39 796016 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonCLTcltLMSx.dll
2009-08-16 19:39 . 2009-08-16 19:39
d
w- c:windowssystem32driversNAV
2009-08-16 19:38 . 2009-08-17 08:23
d
w- c:documents and settingsAll UsersApplication DataSymantec
2009-08-16 19:38 . 2009-08-16 19:39
d
w- c:program filesNorton AntiVirus
2009-08-16 19:38 . 2009-08-16 19:39
d
w- c:program filesWindows Sidebar
2009-08-16 19:38 . 2009-08-16 19:40
d
w- c:documents and settingsAll UsersApplication DataNorton
2009-08-16 16:59 . 2009-08-16 16:59
d
w- c:program filesInstallShield Installation Information
2009-08-16 16:14 . 2009-08-16 19:38
d
w- c:documents and settingsAll UsersApplication DataNortonInstaller
2009-08-16 16:14 . 2009-08-16 16:14
d
w- c:program filesNortonInstaller
2009-08-16 10:26 . 2009-07-28 12:33 55656 —-a-w- c:windowssystem32driversavgntflt.sys
2009-08-16 10:26 . 2009-03-30 06:33 96104 —-a-w- c:windowssystem32driversavipbb.sys
2009-08-16 10:26 . 2009-02-13 08:29 22360 —-a-w- c:windowssystem32driversavgntmgr.sys
2009-08-16 10:26 . 2009-02-13 08:17 45416 —-a-w- c:windowssystem32driversavgntdd.sys
2009-08-16 10:26 . 2009-08-16 10:26
d
w- c:program filesAvira
2009-08-16 10:26 . 2009-08-16 10:26
d
w- c:documents and settingsAll UsersApplication DataAvira
2009-08-13 09:54 . 2009-08-16 20:01
d
w- c:documents and settingsAdminApplication DataTranslateIt7.5
2009-08-13 09:54 . 2009-08-24 17:29
d
w- c:program filesTranslateIt!
2009-07-31 19:17 . 2009-07-31 19:17
d-sh—w- c:documents and settingsLocalServiceIETldCache
2009-07-31 18:53 . 2009-07-31 18:53
d-sh—w- c:documents and settingsAdminPrivacIE
2009-07-31 18:51 . 2009-07-31 18:51
d-sh—w- c:documents and settingsAdminIETldCache
2009-07-31 18:49 . 2009-07-31 18:49
d
w- c:program filesYandex
2009-07-31 18:49 . 2009-07-31 18:49
d
w- c:documents and settingsAdminLocal SettingsApplication DataYandex
2009-07-31 18:49 . 2009-07-31 18:49
d
w- c:documents and settingsAdminApplication DataYandex
2009-07-31 18:49 . 2009-07-31 18:49
d—h—w- c:windowsmsdownld.tmp
2009-07-31 18:48 . 2009-07-31 18:49
d
w- c:windowssystem32ru-RU
2009-07-31 18:48 . 2009-07-31 18:48
dc-h—w- c:windowsie8.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-27 15:22 . 2007-01-29 09:38 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2009-08-22 19:36 . 2009-07-18 11:14
d
w- c:documents and settingsAll UsersApplication DataKaspersky Lab Setup Files
2009-08-16 21:23 . 2009-01-11 14:03
d
w- c:documents and settingsAll UsersApplication DataPanda Security
2009-08-16 19:39 . 2009-08-16 19:39 805 —-a-w- c:windowssystem32driversSYMEVENT.INF
2009-08-16 19:39 . 2009-08-16 19:39 7386 —-a-w- c:windowssystem32driversSYMEVENT.CAT
2009-08-16 17:00 . 2009-07-25 06:39
d
w- c:documents and settingsAdminApplication DataPanda Security
2009-08-16 16:59 . 2007-01-29 09:53 65144 —-a-w- c:documents and settingsAdminLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-08-13 10:40 . 2008-08-15 16:40
d
w- c:program filesasd
2009-07-26 17:46 . 2009-07-26 17:46
d
w- c:program filesAGEIA Technologies
2009-07-26 17:46 . 2009-07-26 17:46
d
w- c:program filesCommon FilesWise Installation Wizard
2009-07-26 17:46 . 2007-02-23 13:21 413696 —-a-w- c:windowssystem32wrap_oal.dll
2009-07-26 17:46 . 2007-02-23 13:21
d
w- c:program filesOpenAL
2009-07-26 17:46 . 2007-02-23 13:21 110592 —-a-w- c:windowssystem32OpenAL32.dll
2009-07-25 07:56 . 2004-08-18 16:00 83306 —-a-w- c:windowssystem32perfc019.dat
2009-07-25 07:56 . 2004-08-18 16:00 481958 —-a-w- c:windowssystem32perfh019.dat
2009-07-25 06:36 . 2009-07-18 14:54
d
w- c:documents and settingsAll UsersApplication DataKaspersky Lab
2009-07-25 06:36 . 2007-12-06 12:14
d
w- c:program filesKaspersky Lab
2009-07-18 14:53 . 2008-10-12 15:21
d
w- c:program filesDrWeb
2009-07-18 13:45 . 2009-07-18 13:45
d
w- c:documents and settingsAdminApplication DataAvant Profiles
2009-07-18 11:24 . 2009-05-14 16:17
d
w- c:documents and settingsAll UsersApplication DataSpybot — Search & Destroy
2009-07-11 19:34 . 2009-07-11 19:34 276344 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefsBinHubIDSXpx86.sys
2009-07-11 19:34 . 2009-07-11 19:34 293424 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefsBinHubIDSvix86.sys
2009-07-11 19:34 . 2009-07-11 19:34 533880 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefsBinHubScxpx86.dll
2009-07-11 19:34 . 2009-07-11 19:34 451960 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefsBinHubIDSxpx86.dll
2009-07-11 19:34 . 2009-07-11 19:34 397360 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefsBinHubIDSviA64.sys
2009-07-03 12:02 . 2009-07-03 12:02 59992 —-a-w- c:documents and settingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Internet Security 2010 9.0.0.463Russiansetup.exe
2009-06-18 11:42 . 2009-06-18 11:42 152512 —-a-w- c:documents and settingsLocalServiceLocal SettingsApplication DataFontCache3.0.0.0.dat
2009-06-17 16:48 . 2008-10-12 15:21 77824 —-atw- c:windowssystem32DRWEBSP.DLL
2007-06-04 11:16 . 2007-12-06 12:11 11454953 —-a-w- c:program filesav-i386-cumul.zip
.
Sigcheck
[-] 2006-04-08 13:42 360448 0F0EBDF4CE077111713D11CE5FAB877E c:windowssystem32driverstcpip.sys[-] 2006-04-14 18:17 1548288 EE700620B6CFE585350F64A603F6F3E3 c:windowssystem32sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-08-28_17.23.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-28 17:42 . 2009-08-28 17:42 53248 c:windowsTempcatchme.dll
— 2009-08-28 17:23 . 2009-08-28 17:23 53248 c:windowsTempcatchme.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-03-24 3697952][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-03-24 3697952][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«PcSync»=»c:program filesNokiaNokia PC Suite 6PcSync2.exe» [2004-11-24 880640]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=»c:program filesCommon FilesAheadlibNMBgMonitor.exe» [2005-10-28 94208]
«swg»=»c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe» [2009-01-11 39408][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Punto Switcher»=»c:program filespunto switcherps.exe» [2004-11-13 205824]
«VolumeControl»=»c:program filesVolumeControlvolume.exe» [2003-09-15 36864]
«ATIPTA»=»c:program filesATI TechnologiesATI Control Panelatiptaxx.exe» [2004-03-03 335872]
«mouseElf»=»c:progra~1NAVIGA~1MouseElf.EXE» [2004-09-20 196608]
«PCSuiteTrayApplication»=»c:program filesNokiaNokia PC Suite 6Launch Application 2.exe» [2004-11-25 143360]
«DAEMON Tools»=»c:program filesDAEMON Toolsdaemon.exe» [2005-11-08 128920]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«HP Software Update»=»c:program filesHewlett-PackardHP Software UpdateHPWuSchd2.exe» [2007-03-11 49152]
«Sony Ericsson PC Suite»=»c:program filesSony EricssonMobile2Application LauncherApplication Launcher.exe» [2007-03-27 593920]
«TkBellExe»=»c:program filesCommon FilesRealUpdate_OBrealsched.exe» [2008-12-16 185896]
«Google Quick Search Box»=»c:program filesGoogleQuick Search BoxGoogleQuickSearchBox.exe» [2009-05-14 68592]
«WinampAgent»=»c:program filesWinampwinampa.exe» [2009-04-10 37888]
«avgnt»=»c:program filesAviraAntiVir Desktopavgnt.exe» [2009-03-02 209153]
«CHotkey»=»mHotkey.exe» — c:windowsmHotkey.exe [2002-07-05 491008]
«SoundMan»=»SOUNDMAN.EXE» — c:windowssoundman.exe [2006-04-22 65024]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
hp psc 1000 series.lnk — c:program filesHewlett-PackardDigital Imagingbinhpohmr08.exe [2003-4-6 147456]
hpoddt01.exe.lnk — c:program filesHewlett-PackardDigital Imagingbinhpotdd01.exe [2003-4-6 28672]
InterVideo WinCinema Manager.lnk — c:program filesInterVideoCommonBinWinCinemaMgr.exe [2007-1-30 98304]
“бЄ®аҐл© § ЇгбЄ Adobe Reader.lnk — c:program filesAdobeAcrobat 7.0Readerreader_sl.exe [2005-9-24 29696][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«SynchronousMachineGroupPolicy»= 0 (0x0)
«SynchronousUserGroupPolicy»= 0 (0x0)[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoSMConfigurePrograms»= 1 (0x1)
«ForceCopyACLWithFile»= 1 (0x1)[HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«ForceClassicControlPanel»= 1 (0x1)
«NoSMConfigurePrograms»= 1 (0x1)
«NoSMHelp»= 1 (0x1)
«ForceCopyACLWithFile»= 1 (0x1)[HKEY_LOCAL_MACHINEsoftwarepoliciesmicrosoftwindowswindowsupdateau]
«NoAutoUpdate»= 1 (0x1)[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSymEFA.sys]
@=»FSFilter Activity Monitor»[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001
«Start»=dword:00000004[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\TotalCmd\TOTALCMD.EXE»=
«c:\Program Files\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe»=
«c:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe»=
«d:\Games\Counter-Strike 1.6 Melan\HL.EXE»=R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:windowssystem32driverssfsync03.sys [06.12.2005 19:11 35328]
R0 SymEFA;Symantec Extended File Attributes;c:windowssystem32driversNAV1005000.086SymEFA.sys [16.08.2009 23:39 310320]
R0 zmNTMon;zmNTMon;c:windowssystem32driversZmNTMon.sys [26.03.2007 23:23 5760]
R1 BHDrvx86;Symantec Heuristics Driver;c:windowssystem32driversNAV1005000.086BHDrvx86.sys [16.08.2009 23:39 258608]
R1 ccHP;Symantec Hash Provider;c:windowssystem32driversNAV1005000.086cchpx86.sys [16.08.2009 23:39 482352]
R1 IDSxpx86;IDSxpx86;c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090810.001IDSXpx86.sys [17.08.2009 13:02 276344]
R1 VD_FileDisk;VD_FileDisk;c:windowssystem32driversvd_filedisk.sys [16.04.2005 15:48 15232]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:program filesAviraAntiVir Desktopsched.exe [16.08.2009 14:26 108289]
R2 Norton AntiVirus;Norton AntiVirus;c:program filesNorton AntiVirusEngine16.5.0.134ccSvcHst.exe [16.08.2009 23:39 115560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:program filesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [26.08.2009 12:00 102448]
S3 genmcmnUSB;USB Scroll Mouse Driver;c:windowssystem32driversgflmouhid.sys [06.02.2007 15:31 6656]
S3 zlportio;zlportio;??c:игрыD-DAYD-DayDriver1zlportio.sys —> c:игрыD-DAYD-DayDriver1zlportio.sys [?]
S3 zmNTZip;zmNTZip;??c:program filesZipMagiczmNTZip.sys —> c:program filesZipMagiczmNTZip.sys [?]— Other Services/Drivers In Memory —
*Deregistered* — uphcleanhlp
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the ‘Scheduled Tasks’ folder2007-02-01 c:windowsTasksFRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1100 series5E771253C1676EBED677BF361FDFC537825E15B8170355636.job
— c:program filesHewlett-PackardDigital ImagingBinhpqfrucl.exe [2003-04-05 21:52]2007-02-01 c:windowsTasksWebReg 20070201214811.job
— c:program filesHewlett-PackardDigital ImagingBinhpqwrg.exe [2007-03-11 17:27]
.
.
Supplementary Scan
.
uStart Page = hxxp://vdonsk.ru/
uInternet Connection Wizard,ShellNext = hxxp://hosting.conduit.com/Uninstall?toolbarid=&version=4.5.189.21&uid=
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
TCP: {8AD3F6FA-5DCA-45DD-8BD4-5168DB8463EF} = 193.111.3.1,193.111.2.6
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-28 21:42
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERSS-1-5-21-823518204-1957994488-854245398-500SoftwareMicrosoftSystemCertificatesAddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(876)
c:windowssystem32Ati2evxx.dll— — — — — — — > ‘explorer.exe'(1040)
c:program filesTranslateIt!GetWordNT.dll
c:program filesVolumeControlwheel.dll
c:windowssystem32ieframe.dll
c:windowssystem32msi.dll
c:windowssystem32webcheck.dll
.
Completion time: 2009-08-28 21:44
ComboFix-quarantined-files.txt 2009-08-28 17:44
ComboFix2.txt 2009-08-28 17:26
ComboFix3.txt 2009-08-26 18:11Pre-Run: 13 599 436 800 байт свободно
Post-Run: 13 582 884 864 байт свободно234
вот еще лог »Malwarebytes’ Anti- Malware’,может поможет
Malwarebytes’ Anti-Malware 1.40
Версия базы данных: 2657
Windows 5.1.2600 Service Pack 219.08.2009 22:29:45
mbam-log-2009-08-19 (22-29-45).txtТип проверки: Полная (C:|D:|E:|F:|)
Проверено объектов: 160035
Прошло времени: 52 minute(s), 52 second(s)Заражено процессов в памяти: 1
Заражено модулей в памяти: 0
Заражено ключей реестра: 0
Заражено значений реестра: 1
Заражено параметров реестра: 0
Заражено папок: 0
Заражено файлов: 1Заражено процессов в памяти:
C:WINDOWSsystem324bm8hfs5.exe (Trojan.FakeAlert) -> Failed to unload process.Заражено модулей в памяти:
(Вредоносные программы не обнаружены)Заражено ключей реестра:
(Вредоносные программы не обнаружены)Заражено значений реестра:
HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun4bm8hfs5.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.Заражено параметров реестра:
(Вредоносные программы не обнаружены)Заражено папок:
(Вредоносные программы не обнаружены)Заражено файлов:
C:WINDOWSsystem324bm8hfs5.exe (Trojan.FakeAlert) -> Delete on reboot..
((((((((((((((((((((((((( Files Created from 2009-07-17 to 2009-08-17 )))))))))))))))))))))))))))))))
.2009-12-27 15:24 . 2009-12-27 15:24 13863 —-a-w- c:windowssystem324553spy9are2629z.exe
2009-12-23 18:38 . 2009-12-23 18:38 10531 —-a-w- c:windowssystem32z3958not-a-vir5s71f.bin
2009-12-19 12:04 . 2009-12-19 12:04 2955 —-a-w- c:windowssystem3256zaddware1692.dll
2009-12-18 02:13 . 2009-12-18 02:13 11200 —-a-w- c:windowssystem32518wo9m155z.exe
2009-12-14 20:02 . 2009-12-14 20:02 16261 —-a-w- c:windowssystem324007thizf1519.bin
2009-12-14 11:39 . 2009-12-14 11:39 16071 —-a-w- c:windowssystem32z6898t9oj35f.dll
2009-12-13 05:05 . 2009-12-13 05:05 7636 —-a-w- c:windowssystem3255979n9z-a-virus79.exe
2009-12-12 11:41 . 2009-12-12 11:41 4150 —-a-w- c:windowssystem32zcb7d5wnloader4379.bin
2009-12-12 05:37 . 2009-12-12 05:37 10189 —-a-w- c:windowssystem323e65ac9door65z.exe
2009-12-08 23:48 . 2009-12-08 23:48 8362 —-a-w- c:windowssystem325cd3s9arse5463z.bin
2009-12-03 16:24 . 2009-12-03 16:24 16378 —-a-w- c:windowssystem326149h5ef2z6.bin
2009-12-03 14:02 . 2009-12-03 14:02 3297 —-a-w- c:windowssystem3256fbspyware291z.exe
2009-12-03 07:53 . 2009-12-03 07:53 14004 —-a-w- c:windowssystem324b56downloade91121z.dll
2009-12-02 21:30 . 2009-12-02 21:30 13376 —-a-w- c:windowssystem32978eaddwar51z17.bin
2009-12-01 22:07 . 2009-12-01 22:07 11841 —-a-w- c:windowssystem325d59szarse359.dll
2009-12-01 00:28 . 2009-12-01 00:28 9489 —-a-w- c:windowssystem326485sparze5299.exe
2009-11-26 14:07 . 2009-11-26 14:07 4306 —-a-w- c:windowssystem324163sp9rz5234.bin
2009-11-26 07:30 . 2009-11-26 07:30 16072 —-a-w- c:windowssystem324e35szarse954.exe
2009-11-22 16:41 . 2009-11-22 16:41 13722 —-a-w- c:windowssystem326119st5alz177.exe
2009-11-17 17:59 . 2009-11-17 17:59 3157 —-a-w- c:windowssystem329d25addware1z50.dll
2009-11-16 08:10 . 2009-11-16 08:10 18229 —-a-w- c:windowssystem32968woz56d9.exe
2009-11-14 09:30 . 2009-11-14 09:30 11490 —-a-w- c:windowssystem3250e5addwar9739z.dll
2009-11-14 03:49 . 2009-11-14 03:49 13161 —-a-w- c:windowssystem323acabackdo9z22505.dll
2009-11-07 09:56 . 2009-11-07 09:56 17853 —-a-w- c:windowssystem32434ead5warez2569.exe
2009-10-28 20:53 . 2009-10-28 20:53 8282 —-a-w- c:windowssystem325912stza5878.exe
2009-10-25 23:41 . 2009-10-25 23:41 2553 —-a-w- c:windowssystem329fd35zreat16271.exe
2009-10-24 22:23 . 2009-10-24 22:23 3011 —-a-w- c:windowssystem326193vir53z9.bin
2009-10-21 11:46 . 2009-10-21 11:46 12911 —-a-w- c:windowssystem3256cdthre9t10019z.exe
2009-10-13 06:21 . 2009-10-13 06:21 9216 —-a-w- c:windowssystem32557dthreatz9750.bin
2009-10-12 02:29 . 2009-10-12 02:29 9182 —-a-w- c:windowssystem32z255hackto9l5ef.exe
2009-10-09 22:40 . 2009-10-09 22:40 10790 —-a-w- c:windowssystem324e8fsp5zse9482.bin
2009-10-09 13:53 . 2009-10-09 13:53 3682 —-a-w- c:windowssystem3259d7szarse755.exe
2009-10-05 22:54 . 2009-10-05 22:54 17112 —-a-w- c:windowssystem3275e9bac5door894z.bin
2009-10-03 04:43 . 2009-10-03 04:43 3053 —-a-w- c:windowssystem32z35s9ambot608.bin
2009-10-01 07:13 . 2009-10-01 07:13 15949 —-a-w- c:windowssystem3259thr5at26953z.bin
2009-09-11 20:51 . 2009-09-11 20:51 17953 —-a-w- c:windowssystem32z91th5ef2439.bin
2009-09-09 16:54 . 2009-09-09 16:54 14168 —-a-w- c:windowssystem32569spyware295z5.bin
2009-09-08 06:12 . 2009-09-08 06:12 3166 —-a-w- c:windowssystem32z3b5hi9f2318.bin
2009-09-03 19:46 . 2009-09-03 19:46 14617 —-a-w- c:windowssystem327a20a9dzare2305.dll
2009-08-25 17:04 . 2009-08-25 17:04 2683 —-a-w- c:windowssystem325a36v5r69z.exe
2009-08-17 13:36 . 2009-08-17 13:36
d
w- c:program filestrend micro
2009-08-17 13:36 . 2009-08-17 13:37
d
w- C:rsit
2009-08-17 12:25 . 2009-08-17 12:25 0 —-a-w- C:backup.reg
2009-08-17 12:12 . 2009-08-17 12:32 574 —-a-w- C:cleanup.bat
2009-08-17 12:12 . 2009-08-17 12:32 135168 —-a-w- C:zip.exe
2009-08-16 21:36 . 2009-08-16 21:36 2524 —-a-w- c:windowssystem32fb5h9eatz1268.bin
2009-08-16 21:36 . 2009-08-16 21:36 11054 —-a-w- c:windowssystem323dz9downloader1005.bin
2009-08-16 21:36 . 2009-08-16 21:36 8728 —-a-w- c:windowssystem3296152hacktzol476.dll
2009-08-16 21:36 . 2009-08-16 21:36 14999 —-a-w- c:windowssystem324189h9ckto5l31z.bin
2009-08-16 19:39 . 2009-08-16 19:39 36400 —-a-r- c:windowssystem32driversSymIM.sys
2009-08-16 19:39 . 2009-08-16 20:00
d
w- c:program filesCommon FilesSymantec Shared
2009-08-16 19:39 . 2009-08-16 19:39 60808 —-a-w- c:windowssystem32S32EVNT1.DLL
2009-08-16 19:39 . 2009-08-16 19:39 124464 —-a-w- c:windowssystem32driversSYMEVENT.SYS
2009-08-16 19:39 . 2009-08-16 19:39 136840 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonSyKnAppSpatch25.dll
2009-08-16 19:39 . 2009-08-16 19:39 1290592 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonSyKnAppSSyKnAppS.dll
2009-08-16 19:39 . 2009-08-16 19:39 796016 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonCLTcltLMSx.dll
2009-08-16 19:39 . 2009-08-16 19:39
d
w- c:windowssystem32driversNAV
2009-08-16 19:38 . 2009-08-17 08:23
d
w- c:documents and settingsAll UsersApplication DataSymantec
2009-08-16 19:38 . 2009-08-16 19:39
d
w- c:program filesNorton AntiVirus
2009-08-16 19:38 . 2009-08-16 19:39
d
w- c:program filesWindows Sidebar
2009-08-16 19:38 . 2009-08-16 19:40
d
w- c:documents and settingsAll UsersApplication DataNorton
2009-08-16 16:59 . 2009-08-16 16:59
d
w- c:program filesInstallShield Installation Information
2009-08-16 16:14 . 2009-08-16 19:38
d
w- c:documents and settingsAll UsersApplication DataNortonInstaller
2009-08-16 16:14 . 2009-08-16 16:14
d
w- c:program filesNortonInstaller
2009-08-16 10:26 . 2009-07-28 12:33 55656 —-a-w- c:windowssystem32driversavgntflt.sys
2009-08-16 10:26 . 2009-03-30 06:33 96104 —-a-w- c:windowssystem32driversavipbb.sys
2009-08-16 10:26 . 2009-02-13 08:29 22360 —-a-w- c:windowssystem32driversavgntmgr.sys
2009-08-16 10:26 . 2009-02-13 08:17 45416 —-a-w- c:windowssystem32driversavgntdd.sys
2009-08-16 10:26 . 2009-08-16 10:26
d
w- c:program filesAvira
2009-08-16 10:26 . 2009-08-16 10:26
d
w- c:documents and settingsAll UsersApplication DataAvira
2009-08-15 01:04 . 2009-08-15 01:04 5628 —-a-w- c:windowssystem323a565zwnloade91093.dll
2009-08-14 10:28 . 2009-08-14 10:28
d
w- c:program filesAlwil Software
2009-08-13 19:16 . 2009-08-13 19:16 4200 —-a-w- c:windowssystem32z829th9eat56923.exe
2009-08-13 18:56 . 2009-08-13 18:56 4851 —-a-w- c:windowssystem32z0390v9r5s4f9.bin
2009-08-13 09:54 . 2009-08-16 20:01
d
w- c:documents and settingsAdminApplication DataTranslateIt7.5
2009-08-13 09:54 . 2009-08-16 19:48
d
w- c:program filesTranslateIt!
2009-08-11 22:08 . 2009-08-11 22:08 11808 —-a-w- c:windowssystem326b2fsp9zare26505.dll
2009-08-05 15:33 . 2009-08-05 15:33 8185 —-a-w- c:windowssystem3241e5threat98576z.exe
2009-08-04 00:53 . 2009-08-04 00:53 4918 —-a-w- c:windowssystem325097za9ktool5f7.bin
2009-08-02 06:58 . 2009-08-02 06:58 7916 —-a-w- c:windowssystem323dcbt9zeat223945.exe
2009-07-31 19:17 . 2009-07-31 19:17
d-sh—w- c:documents and settingsLocalServiceIETldCache
2009-07-31 18:53 . 2009-07-31 18:53
d-sh—w- c:documents and settingsAdminPrivacIE
2009-07-31 18:51 . 2009-07-31 18:51
d-sh—w- c:documents and settingsAdminIETldCache
2009-07-31 18:49 . 2009-07-31 18:49
d
w- c:program filesYandex
2009-07-31 18:49 . 2009-07-31 18:49
d
w- c:documents and settingsAdminLocal SettingsApplication DataYandex
2009-07-31 18:49 . 2009-07-31 18:49
d
w- c:documents and settingsAdminApplication DataYandex
2009-07-31 18:49 . 2009-07-31 18:49
d—h—w- c:windowsmsdownld.tmp
2009-07-31 18:48 . 2009-07-31 18:49
d
w- c:windowssystem32ru-RU
2009-07-31 18:48 . 2009-07-31 18:48
dc-h—w- c:windowsie8
2009-07-26 17:46 . 2009-07-26 17:46
d
w- c:windowssystem32AGEIA
2009-07-26 17:46 . 2009-07-26 17:46
d
w- c:program filesAGEIA Technologies
2009-07-26 17:46 . 2009-07-26 17:46
d
w- c:program filesCommon FilesWise Installation Wizard
2009-07-26 11:04 . 2009-07-26 11:04 15082 —-a-w- c:windowssystem327ec8addwar5z592.dll
2009-07-25 06:42 . 2009-07-25 06:42
d
w- c:documents and settingsAdminLocal SettingsApplication DataPanda Security
2009-07-25 06:39 . 2009-08-16 17:00
d
w- c:documents and settingsAdminApplication DataPanda Security
2009-07-24 20:02 . 2009-07-24 20:02
d
w- c:documents and settingsLocalServiceРабочий стол
2009-07-24 05:32 . 2009-07-24 05:32 5930 —-a-w- c:windowssystem326513sparse194z.dll
2009-07-23 06:57 . 2009-07-23 06:57 12256 —-a-w- c:windowssystem3293z2threat24557.dll.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-16 21:23 . 2009-01-11 14:03
d
w- c:documents and settingsAll UsersApplication DataPanda Security
2009-08-16 19:39 . 2009-08-16 19:39 805 —-a-w- c:windowssystem32driversSYMEVENT.INF
2009-08-16 19:39 . 2009-08-16 19:39 7386 —-a-w- c:windowssystem32driversSYMEVENT.CAT
2009-08-16 19:39 . 2009-08-17 09:02 371248 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090816.022EECTRL.SYS
2009-08-16 19:39 . 2009-08-17 09:02 101936 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090816.022ERASER.SYS
2009-08-16 19:39 . 2009-08-17 09:02 177520 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090816.022NAVENG32.DLL
2009-08-16 19:39 . 2009-08-17 09:02 1181040 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090816.022NAVEX32A.DLL
2009-08-16 19:39 . 2009-08-17 09:02 259368 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090816.022ECMSVR32.DLL
2009-08-16 19:39 . 2009-08-17 09:02 2414128 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090816.022CCERASER.DLL
2009-08-16 16:59 . 2007-01-29 09:53 65144 —-a-w- c:documents and settingsAdminLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-08-16 08:00 . 2009-08-17 09:02 87888 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090816.022NAVENG.SYS
2009-08-16 08:00 . 2009-08-17 09:02 875728 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsVirusDefs20090816.022NAVEX15.SYS
2009-08-13 10:40 . 2008-08-15 16:40
d
w- c:program filesasd
2009-07-26 17:46 . 2007-02-23 13:21 413696 —-a-w- c:windowssystem32wrap_oal.dll
2009-07-26 17:46 . 2007-02-23 13:21
d
w- c:program filesOpenAL
2009-07-26 17:46 . 2007-02-23 13:21 110592 —-a-w- c:windowssystem32OpenAL32.dll
2009-07-25 07:56 . 2004-08-18 16:00 83306 —-a-w- c:windowssystem32perfc019.dat
2009-07-25 07:56 . 2004-08-18 16:00 481958 —-a-w- c:windowssystem32perfh019.dat
2009-07-25 06:36 . 2009-07-18 14:54
d
w- c:documents and settingsAll UsersApplication DataKaspersky Lab
2009-07-25 06:36 . 2007-12-06 12:14
d
w- c:program filesKaspersky Lab
2009-07-18 14:53 . 2008-10-12 15:21
d
w- c:program filesDrWeb
2009-07-18 13:45 . 2009-07-18 13:45
d
w- c:documents and settingsAdminApplication DataAvant Profiles
2009-07-18 11:24 . 2009-05-14 16:17
d
w- c:documents and settingsAll UsersApplication DataSpybot — Search & Destroy
2009-07-18 11:14 . 2009-07-18 11:14
d
w- c:documents and settingsAll UsersApplication DataKaspersky Lab Setup Files
2009-07-13 14:25 . 2009-07-13 14:25 6106 —-a-w- c:windowssystem324fd9t5iefz919.exe
2009-07-11 19:34 . 2009-08-17 09:02 276344 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090810.001IDSXpx86.sys
2009-07-11 19:34 . 2009-07-11 19:34 276344 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefsBinHubIDSXpx86.sys
2009-07-11 19:34 . 2009-08-17 09:02 293424 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090810.001IDSvix86.sys
2009-07-11 19:34 . 2009-07-11 19:34 293424 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefsBinHubIDSvix86.sys
2009-07-11 19:34 . 2009-08-17 09:02 533880 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090810.001Scxpx86.dll
2009-07-11 19:34 . 2009-07-11 19:34 533880 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefsBinHubScxpx86.dll
2009-07-11 19:34 . 2009-08-17 09:02 451960 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090810.001IDSxpx86.dll
2009-07-11 19:34 . 2009-07-11 19:34 451960 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefsBinHubIDSxpx86.dll
2009-07-11 19:34 . 2009-08-17 09:02 397360 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090810.001IDSviA64.sys
2009-07-11 19:34 . 2009-07-11 19:34 397360 —-a-w- c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefsBinHubIDSviA64.sys
2009-07-09 15:54 . 2009-07-09 15:54 17209 —-a-w- c:windowssystem324a74steaz593.bin
2009-07-05 14:43 . 2009-07-05 14:43 11556 —-a-w- c:windowssystem32580zownlo9der2075.exe
2009-07-04 23:24 . 2009-07-04 23:24 15398 —-a-w- c:windowssystem326945ackzoolf1.dll
2009-07-04 07:07 . 2009-07-04 07:07 3684 —-a-w- c:windowssystem327709spzmb59765.bin
2009-07-02 18:48 . 2009-07-02 18:48 6559 —-a-w- c:windowssystem324f8c9oznloa5er2907.dll
2009-06-25 17:05 . 2009-06-25 17:05 5525 —-a-w- c:windowssystem3247935rzj8b.dll
2009-06-25 09:20 . 2009-06-25 09:20 4244 —-a-w- c:windowssystem32z91vir3535.bin
2009-06-23 20:48 . 2009-06-23 20:48 17401 —-a-w- c:windowssystem32e9caddz5re929.dll
2009-06-18 17:31 . 2009-06-18 17:31 9877 —-a-w- c:windowssystem3295855spyz2.exe
2009-06-18 11:42 . 2009-06-18 11:42 152512 —-a-w- c:documents and settingsLocalServiceLocal SettingsApplication DataFontCache3.0.0.0.dat
2009-06-17 16:48 . 2008-10-12 15:21 77824 —-atw- c:windowssystem32DRWEBSP.DLL
2009-06-15 07:04 . 2009-06-15 07:04 16539 —-a-w- c:windowssystem3239662w5rm24z.bin
2009-06-12 04:53 . 2009-06-12 04:53 15379 —-a-w- c:windowssystem32607zownloade5919.exe
2009-06-06 06:02 . 2009-06-06 06:02 14396 —-a-w- c:windowssystem32922dsteaz18695.exe
2009-06-05 06:19 . 2009-06-05 06:19 5985 —-a-w- c:windowssystem3252938zot-a-vir9s63a.exe
2009-06-04 08:47 . 2009-06-04 08:47 14258 —-a-w- c:windowssystem3256031notza-viru957b.dll
2009-05-27 14:51 . 2009-05-27 14:51 390664 —-a-w- c:documents and settingsAdminApplication DataRealRealPlayerUpdateRealPlayer11.exe
2009-05-25 16:16 . 2009-05-25 16:15 152521 —-a-w- c:windowshpoins14.dat
2007-06-04 11:16 . 2007-12-06 12:11 11454953 —-a-w- c:program filesav-i386-cumul.zip
.
Sigcheck
[-] 2006-04-08 13:42 360448 0F0EBDF4CE077111713D11CE5FAB877E c:windowssystem32driverstcpip.sys[-] 2006-04-14 18:17 1548288 EE700620B6CFE585350F64A603F6F3E3 c:windowssystem32sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-03-24 3697952][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-03-24 3697952][HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«PcSync»=»c:program filesNokiaNokia PC Suite 6PcSync2.exe» [2004-11-24 880640]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=»c:program filesCommon FilesAheadlibNMBgMonitor.exe» [2005-10-28 94208]
«swg»=»c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe» [2009-01-11 39408]
«4bm8hfs5.exe»=»c:windowssystem324bm8hfs5.exe» [2009-08-16 326656][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Punto Switcher»=»c:program filespunto switcherps.exe» [2004-11-13 205824]
«VolumeControl»=»c:program filesVolumeControlvolume.exe» [2003-09-15 36864]
«ATIPTA»=»c:program filesATI TechnologiesATI Control Panelatiptaxx.exe» [2004-03-03 335872]
«mouseElf»=»c:progra~1NAVIGA~1MouseElf.EXE» [2004-09-20 196608]
«PCSuiteTrayApplication»=»c:program filesNokiaNokia PC Suite 6Launch Application 2.exe» [2004-11-25 143360]
«DAEMON Tools»=»c:program filesDAEMON Toolsdaemon.exe» [2005-11-08 128920]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«HP Software Update»=»c:program filesHewlett-PackardHP Software UpdateHPWuSchd2.exe» [2007-03-11 49152]
«Sony Ericsson PC Suite»=»c:program filesSony EricssonMobile2Application LauncherApplication Launcher.exe» [2007-03-27 593920]
«TkBellExe»=»c:program filesCommon FilesRealUpdate_OBrealsched.exe» [2008-12-16 185896]
«Google Quick Search Box»=»c:program filesGoogleQuick Search BoxGoogleQuickSearchBox.exe» [2009-05-14 68592]
«WinampAgent»=»c:program filesWinampwinampa.exe» [2009-04-10 37888]
«avgnt»=»c:program filesAviraAntiVir Desktopavgnt.exe» [2009-03-02 209153]
«CHotkey»=»mHotkey.exe» — c:windowsmHotkey.exe [2002-07-05 491008]
«SoundMan»=»SOUNDMAN.EXE» — c:windowssoundman.exe [2006-04-22 65024]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
hp psc 1000 series.lnk — c:program filesHewlett-PackardDigital Imagingbinhpohmr08.exe [2003-4-6 147456]
hpoddt01.exe.lnk — c:program filesHewlett-PackardDigital Imagingbinhpotdd01.exe [2003-4-6 28672]
InterVideo WinCinema Manager.lnk — c:program filesInterVideoCommonBinWinCinemaMgr.exe [2007-1-30 98304]
“бЄ®аҐл© § ЇгбЄ Adobe Reader.lnk — c:program filesAdobeAcrobat 7.0Readerreader_sl.exe [2005-9-24 29696][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«SynchronousMachineGroupPolicy»= 0 (0x0)
«SynchronousUserGroupPolicy»= 0 (0x0)[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoSMConfigurePrograms»= 1 (0x1)
«ForceCopyACLWithFile»= 1 (0x1)[HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«ForceClassicControlPanel»= 1 (0x1)
«NoSMConfigurePrograms»= 1 (0x1)
«NoSMHelp»= 1 (0x1)
«ForceCopyACLWithFile»= 1 (0x1)[HKEY_LOCAL_MACHINEsoftwarepoliciesmicrosoftwindowswindowsupdateau]
«NoAutoUpdate»= 1 (0x1)[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSymEFA.sys]
@=»FSFilter Activity Monitor»[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001
«Start»=dword:00000004[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\TotalCmd\TOTALCMD.EXE»=
«c:\Program Files\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe»=
«c:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe»=R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:windowssystem32driverssfsync03.sys [06.12.2005 19:11 35328]
R0 SymEFA;Symantec Extended File Attributes;c:windowssystem32driversNAV1005000.086SymEFA.sys [16.08.2009 23:39 310320]
R0 zmNTMon;zmNTMon;c:windowssystem32driversZmNTMon.sys [26.03.2007 23:23 5760]
R1 BHDrvx86;Symantec Heuristics Driver;c:windowssystem32driversNAV1005000.086BHDrvx86.sys [16.08.2009 23:39 258608]
R1 ccHP;Symantec Hash Provider;c:windowssystem32driversNAV1005000.086cchpx86.sys [16.08.2009 23:39 482352]
R1 IDSxpx86;IDSxpx86;c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090810.001IDSXpx86.sys [17.08.2009 13:02 276344]
R1 VD_FileDisk;VD_FileDisk;c:windowssystem32driversvd_filedisk.sys [16.04.2005 15:48 15232]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:program filesAviraAntiVir Desktopsched.exe [16.08.2009 14:26 108289]
R2 Norton AntiVirus;Norton AntiVirus;c:program filesNorton AntiVirusEngine16.5.0.134ccSvcHst.exe [16.08.2009 23:39 115560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:program filesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [17.08.2009 0:10 101936]
S3 genmcmnUSB;USB Scroll Mouse Driver;c:windowssystem32driversgflmouhid.sys [06.02.2007 15:31 6656]
S3 zlportio;zlportio;??c:игрыD-DAYD-DayDriver1zlportio.sys —> c:игрыD-DAYD-DayDriver1zlportio.sys [?]
S3 zmNTZip;zmNTZip;??c:program filesZipMagiczmNTZip.sys —> c:program filesZipMagiczmNTZip.sys [?]— Other Services/Drivers In Memory —
*NewlyCreated* — BITS
*NewlyCreated* — SRSERVICE
*Deregistered* — uphcleanhlp[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the ‘Scheduled Tasks’ folder2007-02-01 c:windowsTasksFRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1100 series5E771253C1676EBED677BF361FDFC537825E15B8170355636.job
— c:program filesHewlett-PackardDigital ImagingBinhpqfrucl.exe [2003-04-05 21:52]2007-02-01 c:windowsTasksWebReg 20070201214811.job
— c:program filesHewlett-PackardDigital ImagingBinhpqwrg.exe [2007-03-11 17:27]
.
— — — — ORPHANS REMOVED — — — —Toolbar-{dfbeb35b-444d-4f25-8d7d-eb2683c206ec} — (no file)
WebBrowser-{DFBEB35B-444D-4F25-8D7D-EB2683C206EC} — (no file)
HKCU-Run-SpybotSD TeaTimer — c:program filesSpybot — Search & DestroyTeaTimer.exe
HKLM-Run-d:ssclientssclientssClient.exe — d:ssclientssclientssClient.exe
HKLM-Run-d:internet explorerinstall_flash_player_10_active_x.exe — d:internet explorerinstall_flash_player_10_active_x.exe
HKLM-Run-DrWebScheduler — c:program filesDrWebDRWEBSCD.EXE
HKLM-Run-SpIDerNT — c:progra~1DrWebspiderui.exe
HKLM-Run-SpIDerMail — c:program filesDrWebspiderml.exe
HKLM-Run-oSecurity — c:program filesSmartfix2009osecurity.exe
HKLM-Explorer_Run-sysmgr — c:windowssystem32sysmgr.exe
SSODL-UpdateCheck-{FCFDF40A-03B2-41BB-B099-B7964DABC60C} — c:windowssystem32regjpi.dll
Notify-avldr — avldr.dll
SafeBoot-PskSvcRetail.
Supplementary Scan
.
uStart Page = hxxp://vdonsk.ru/
uInternet Connection Wizard,ShellNext = hxxp://hosting.conduit.com/Uninstall?toolbarid=&version=4.5.189.21&uid=
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
TCP: {8AD3F6FA-5DCA-45DD-8BD4-5168DB8463EF} = 193.111.3.1,193.111.2.6
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-17 23:07
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
E:autorun.exe [1976] 0xFDBBFB50
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERSS-1-5-21-823518204-1957994488-854245398-500SoftwareMicrosoftInternet ExplorerUser Preferences]
@Denied: (2) (Administrator)
«88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977″=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fe,d8,7e,93,dd,91,a1,49,ac,7b,38,
«2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81″=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fe,d8,7e,93,dd,91,a1,49,ac,7b,38,[HKEY_USERSS-1-5-21-823518204-1957994488-854245398-500SoftwareMicrosoftSystemCertificatesAddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(880)
c:windowsSYSTEM32Ati2evxx.dll
.
Completion time: 2009-08-17 23:11
ComboFix-quarantined-files.txt 2009-08-17 19:11Pre-Run: 12 765 179 904 байт свободно
Post-Run: 13 879 906 304 байт свободноWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS
[operating systems]
c:cmdconsBOOTSECT.DAT=»Microsoft Windows Recovery Console» /cmdcons
multi(0)disk(0)rdisk(0)partition(1)WINDOWS=»Microsoft Windows XP Professional RU» /execute=optin /fastdetect /noguiboot /NOPAE1352
ComboFix 09-08-10.06 — Admin 17.08.2009 22:48.1.1 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.7.1049.18.511.116 [GMT 4:00]
Running from: c:documents and settingsAdminРабочий столComboFix.exe
Command switches used :: c:documents and settingsAdminРабочий столWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: R-Firewall *enabled* {5BD9A3DC-50A1-4B8B-9FFF-1BDFBD36831B}
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:documents and settingsAdminLocal SettingsTemporary Internet FilesEB9F12C_6E6B_4c03_AEBA_8C04CFA98AA4.gif
c:documents and settingsAdminLocal SettingsTemporary Internet Files15913497_F86C_4218_8817_F50940D1E1B2.gif
c:documents and settingsAdminLocal SettingsTemporary Internet Files29887DDE_00B9_4011_9CF7_59511F1ECC1B.gif
c:documents and settingsAdminLocal SettingsTemporary Internet Files2A665EDD_5758_480c_8366_66DFC5F23877.gif
c:documents and settingsAdminLocal SettingsTemporary Internet Files35B7DFFA_884F_4fbc_8E60_DA601BDC7BF7.gif
c:documents and settingsAdminLocal SettingsTemporary Internet Files362FD6E8_8CDA_4c2a_A8AA-BDA22B321711.jpg
c:documents and settingsAdminLocal SettingsTemporary Internet Files3DF04940_9866_4241_A998_0CDDFAFD147A.gif
c:documents and settingsAdminLocal SettingsTemporary Internet Files426500D7_0FF3_426c_828D_065DBAEA0581.gif
c:documents and settingsAdminLocal SettingsTemporary Internet Files478BD4AE_2691_438d_BDCA_3485DC022700.gif
c:documents and settingsAdminLocal SettingsTemporary Internet Files5C6C645F_BAA8_4149_BFEB_2031230FF0FD.gif
c:documents and settingsAdminLocal SettingsTemporary Internet Files61EA7D69_19D4_421a_A899_0DF4D58CD119.jpg
c:documents and settingsAdminLocal SettingsTemporary Internet Files777FDAFB_83CF_4960_AA71_4E5D7BCD8E57.gif
c:documents and settingsAdminLocal SettingsTemporary Internet Files8DA878D5_E80B_4721_B75A_17EFFAF1A700.gif
c:documents and settingsAdminLocal SettingsTemporary Internet Files98F6DF79_7171_452d_9C26_C0193E12DBDF.gif
c:documents and settingsAdminLocal SettingsTemporary Internet FilesA2B240D6_0386_419e_91C5_3F7D90437CD0.jpg
c:documents and settingsAdminLocal SettingsTemporary Internet FilesC75CEF8D_5AF4_4563_8594_C45A45E14E63.gif
c:documents and settingsAdminLocal SettingsTemporary Internet FilesE21285C1_40E6_435c_A69F_3387E7BD89CB.gif
c:documents and settingsAdminLocal SettingsTemporary Internet FilesE9A4D648_ED73_4ea7_88B2_18332DBA4F3E.jpg
c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr0.dat
c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr1.dat
c:windows1012sp9ware51z4.exe
c:windows10149tr5j6z9.dll
c:windows10221zpa59ot319.bin
c:windows1045zt5oj9e.bin
c:windows1065zhreat124529.cpl
c:windows10952z59m305.cpl
c:windows1097tzief2505.ocx
c:windows10985worz593.exe
c:windows10z95not9a5virus7fe.cpl
c:windows1110ad5wzre1910.cpl
c:windows11119hac5tooz260.dll
c:windows11679v5rus5d3z.cpl
c:windows1181295ojz76.cpl
c:windows11z00hac9tool54c.dll
c:windows11z72v9ru56a6.ocx
c:windows1205zpamb9t76.cpl
c:windows12198hackt9ol5z7.dll
c:windows12409virzs975.bin
c:windows12491spambzt55b9.exe
c:windows1265395t-a-virus1ez.dll
c:windows1277d5w9loader149z.bin
c:windows1283zspamb5t3df9.dll
c:windows131945azk9ool119.dll
c:windows13360not-z-vi95s2e1.dll
c:windows1349thr5at211z3.dll
c:windows13553sp59bot5c5z.dll
c:windows13664tzoj5b69.cpl
c:windows13927z5ojcb9.dll
c:windows139z39roj7fd5.bin
c:windows13z69a5kdoor2741.bin
c:windows140169ot-a-5irus72z.cpl
c:windows14097s5azbot1c8.cpl
c:windows14445viru928dz.ocx
c:windows14515not-a-9irus3a2z.dll
c:windows14579owzload5r1914.cpl
c:windows1462downlzad5r2495.dll
c:windows14912not59-viruz407.exe
c:windows14f2do9nzoader31485.dll
c:windows14z12not-a9virus654.dll
c:windows15007viru9555z.cpl
c:windows1511zhacktool7c9.ocx
c:windows151639orm7z3.bin
c:windows15194vizus6995.dll
c:windows15279pywzre1507.bin
c:windows15299hazktool35d.bin
c:windows153909zrm685.dll
c:windows15391notz9-virus556.dll
c:windows153955ot-a-virus5z59.exe
c:windows15458notz9-virus89.bin
c:windows15557vi9zs354.dll
c:windows15579zcktool4b5.bin
c:windows15595hacktool2e6z.dll
c:windows15689not-a-zi5us1529.cpl
c:windows156e5iz1239.bin
c:windows15766spambot5z9.bin
c:windows15858sp9mbot5z.bin
c:windows15911nzt-a-v9rus458.ocx
c:windows15985virus51fz.dll
c:windows159evzr1990.exe
c:windows159fa9dwar52993z.ocx
c:windows159fba9kdooz2477.exe
c:windows15z30spamb9t51.exe
c:windows15z935py93.bin
c:windows16042viruz956.cpl
c:windows16043wor59e0z.exe
c:windows16125spamb9t25bz.cpl
c:windows16276wor5z92.exe
c:windows16610ha95tozl2d4.ocx
c:windows16695spz94.bin
c:windows16793worm6z5.cpl
c:windows16896h5cktoz9136.dll
c:windows1699t9oz558.ocx
c:windows17759wozm5ad.cpl
c:windows17857spz5da9.dll
c:windows17896zpambot531.cpl
c:windows17d5backdoor1z9.dll
c:windows17z13sp9mb5t2ab.exe
c:windows17z37spa5bot695.dll
c:windows17z9v5r9773.cpl
c:windows18092spaz59t3f0.bin
c:windows18552troj65z9.bin
c:windows18775not-z-vi9u528d.dll
c:windows189zthief3578.dll
c:windows18a99hi5f2z63.dll
c:windows18cc9dd5arez190.bin
c:windows18dbspa9z5976.dll
c:windows1941azdware605.bin
c:windows195409orm5z2.bin
c:windows1956threat19z95.cpl
c:windows1967sparse2z025.cpl
c:windows197z6troj5d1.exe
c:windows19936not-a-5izu96fc.bin
c:windows199dadzware3574.exe
c:windows19z725orm689.cpl
c:windows19z729py5d7.exe
c:windows1aae9owzloader15575.bin
c:windows1b2zste5l9313.bin
c:windows1c8eb5ckdoor16z19.cpl
c:windows1dafv9r2z65.ocx
c:windows1db5downz59der2156.exe
c:windows1e39zpywa5e1670.ocx
c:windows1e5d9hreat599z.bin
c:windows1ee9downzoader2555.cpl
c:windows1fb9zi5492.cpl
c:windows1z3threa55619.cpl
c:windows1z554t9oj692.bin
c:windows1z55virus39c.ocx
c:windows1z5ba5kdo9r3235.bin
c:windows1z785not-a-vir5s4279.ocx
c:windows1z838no9-a-viru56a6.ocx
c:windows1z94spywa5e190.dll
c:windows1z9549ackto5l1f5.dll
c:windows1za3backdo5r9529.cpl
c:windows1zb05h9ef185.dll
c:windows1zc6thie91595.cpl
c:windows1ze5sparse917.ocx
c:windows20031vir95299z.ocx
c:windows2009zspy353.bin
c:windows201z95roj665.dll
c:windows20309hackz9ol4d85.exe
c:windows205529roj16dz.bin
c:windows20582zpy97c.bin
c:windows205dv9rz43.cpl
c:windows2064downlzad9r2533.cpl
c:windows2095spazse1175.exe
c:windows209769iru5zd7.cpl
c:windows21089s5yz8c.dll
c:windows21348not-azviru53259.dll
c:windows21369teal2075z.bin
c:windows21465nzt-a-9irus619.cpl
c:windows21513wo9mz62.ocx
c:windows21586szy98.exe
c:windows2166spz59e1335.cpl
c:windows21940szy5f75.ocx
c:windows2195virus3z9.exe
c:windows21efs5ywzre9958.cpl
c:windows21z87viru5692.ocx
c:windows22099viru5zdc.cpl
c:windows2225zownloade92513.ocx
c:windows22295i9us56z.dll
c:windows223259acktool593z.dll
c:windows224z0n5t-a-virus698.cpl
c:windows2259spambot92z.bin
c:windows22606zp9mbot3345.cpl
c:windows22611wor59az.bin
c:windows226705py9z5.cpl
c:windows22739n5t-a-vizus5d9.dll
c:windows2287s95mbot6c2z.ocx
c:windows22882s5am9ot98z.ocx
c:windows22z09worm5f59.cpl
c:windows22z14not-9-viru550f.dll
c:windows23353zp59bot1c7.cpl
c:windows2347w9r536z.ocx
c:windows23495hackto5z401.exe
c:windows235z7spambot4599.ocx
c:windows236caddw9re5218z.dll
c:windows23732v9ruz5ce.bin
c:windows2379zt9oj257.ocx
c:windows238119zt-a-vir5s623.exe
c:windows23979zacktool5459.ocx
c:windows23b05zdware1795.dll
c:windows24052tr9j51z.cpl
c:windows24072sz5mbot297.dll
c:windows24929wzrm54e.cpl
c:windows24935wormz1.ocx
c:windows2494z5ot-a-virus79.exe
c:windows24zead9ware5103.ocx
c:windows25008spy495z.bin
c:windows25050spamzo9446.bin
c:windows25097zirus59c.bin
c:windows250zsp559b.exe
c:windows2514hackzo9l5c9.ocx
c:windows25173wormz95.ocx
c:windows25209spy57bz.dll
c:windows25212not9azvirus2f3.ocx
c:windows253daddwarez974.bin
c:windows2557zpyware1469.bin
c:windows255athief709z.exe
c:windows25644zackt9ol2e5.ocx
c:windows25675h9cktozl45a.bin
c:windows25793s9azbot5d85.dll
c:windows258885zrus9e0.exe
c:windows258z4tro5289.cpl
c:windows2596ba9kdoor2073z.ocx
c:windows25995spambotz9.ocx
c:windows25d4vi91z72.dll
c:windows25z36hackto9l3ec.bin
c:windows25z58no5-a-virus79f.cpl
c:windows25za9ownloader295.ocx
c:windows26039n9t-azviru5635.cpl
c:windows266929a5kzool517.dll
c:windows27090hackz5ol391.dll
c:windows270995zckt9ol6a6.cpl
c:windows2715zw9rm43e.ocx
c:windows272169or5z63.bin
c:windows272z195ambot710.cpl
c:windows27516v9rus400z.dll
c:windows2765z59rm66f.bin
c:windows276965ot-a-virus1za.cpl
c:windows277595oz-a-virus749.exe
c:windows279955rzj3549.cpl
c:windows27d3zown95ader1307.dll
c:windows2818sp5rsz9076.bin
c:windows28212hackzo59409.bin
c:windows285599zambot59.exe
c:windows2859s5y7z.bin
c:windows28639sp569dz.dll
c:windows28851zo5m19a.cpl
c:windows28890v59us75dz.dll
c:windows28931not-z-viru556a.ocx
c:windows289az9r2351.cpl
c:windows28z599orm571.cpl
c:windows291115pamzot168.exe
c:windows2911zspamb5t395.ocx
c:windows2939threa519511z.ocx
c:windows294dviz2853.dll
c:windows2950th5ef52z.bin
c:windows29557hacktool43z.dll
c:windows2965stzal159.exe
c:windows297bzteal650.bin
c:windows29942vir5z48b.dll
c:windows29961tro52cz9.bin
c:windows299865acktooz174.cpl
c:windows29995roz166.dll
c:windows299z5spy45e.bin
c:windows29dev9rz528.ocx
c:windows29eastea593z.dll
c:windows29fds59zl1628.dll
c:windows29z00vi5us98f.ocx
c:windows2ab1thzeat52095.exe
c:windows2aezsp95are818.exe
c:windows2ba19pa5se2875z.exe
c:windows2c72adzw59e19.bin
c:windows2f7zd5wn9oader1772.ocx
c:windows2z240spam9ot4745.exe
c:windows2z4359eal2560.exe
c:windows2z523wor9250.exe
c:windows2z529wo9m40d.cpl
c:windows2z6spa59e150.ocx
c:windows2z91worm752.exe
c:windows3025thre5z30988.ocx
c:windows305569pambotbz.exe
c:windows3059zhief5442.cpl
c:windows305z4spy492.ocx
c:windows30695t9al2z49.cpl
c:windows3091troj57z9.exe
c:windows30939t5o951z.bin
c:windows31009zo5m506.dll
c:windows310b5ckz9or1698.dll
c:windows3135zspy9e5.dll
c:windows3152zir1190.dll
c:windows31536spamzot1019.exe
c:windows31552w5rm49z9.exe
c:windows31675no9-a-virus5z8.cpl
c:windows31891wo5m579z.cpl
c:windows31931hacktzol58c.cpl
c:windows31959zot9a-virus5d7.bin
c:windows31bct9zeat17453.exe
c:windows31z9thie5100.ocx
c:windows3217vzr2295.dll
c:windows32458hzcktoo93c4.cpl
c:windows32497tzo95d5.cpl
c:windows32576wo597f5z.bin
c:windows3259s9arse635z.bin
c:windows32653vi9u560z.bin
c:windows32b8zh5ef2879.cpl
c:windows32z45virus7519.ocx
c:windows3349s9azbot56.bin
c:windows3359vir20z29.exe
c:windows33855zarse1119.ocx
c:windows3397h5cktooz528.cpl
c:windows341addzar95001.exe
c:windows34859pyware16z5.bin
c:windows34b89z5ef1925.exe
c:windows3552downloazer1193.exe
c:windows3559ir237z.exe
c:windows355fzir20379.bin
c:windows3571vir2z59.cpl
c:windows3593th9ez1519.ocx
c:windows359ds5eal142z.dll
c:windows35a7addwar9z201.cpl
c:windows35d9downloazer380.ocx
c:windows35dzthief9871.bin
c:windows35z2t5ief2937.bin
c:windows368spyza591966.exe
c:windows3695wormcz9.bin
c:windows3699sparsz1587.exe
c:windows369znot-a-virus595.exe
c:windows36e6tzi5f9532.exe
c:windows378fsz5al1495.ocx
c:windows3799hackto5l7z.ocx
c:windows3800zpars53449.ocx
c:windows3896backdzor3225.dll
c:windows38d4zpyw5re1190.dll
c:windows38vi5uz3f19.bin
c:windows3949zspam5ot536.dll
c:windows39585py9ze.dll
c:windows3983d9wnlz5der1787.dll
c:windows3997ad5waze689.exe
c:windows3998hackz5ol4239.bin
c:windows3998s5eaz1661.exe
c:windows39zbvi5797.ocx
c:windows3ab9threat15151z.cpl
c:windows3afzvir593.dll
c:windows3b63thrza594601.exe
c:windows3bbc9ackdoor530z.dll
c:windows3bf3sp9wzre2405.cpl
c:windows3bfad5warez469.cpl
c:windows3c73zown5oader2913.cpl
c:windows3cb9downloadzr545.ocx
c:windows3d06bac9door55z.exe
c:windows3d1e9ddwa5e1z51.exe
c:windows3d76ad5war928z8.cpl
c:windows3dz5thr9at10074.bin
c:windows3dz5vi92091.ocx
c:windows3f379h5ef2228z.ocx
c:windows3fz2a5dware17769.ocx
c:windows3z14t5rea98925.dll
c:windows3z23thr9at14355.ocx
c:windows3z559teal26515.exe
c:windows3z56troj359.ocx
c:windows3z9athie52372.exe
c:windows3zcedownl9a5er3089.cpl
c:windows405dad9warez62.ocx
c:windows405zr5j65e9.dll
c:windows4095sparsez38.dll
c:windows409a5zr3016.ocx
c:windows4182z9arse655.ocx
c:windows4322not-a-9ir5s2z1.dll
c:windows43e0spy9zre3057.bin
c:windows451z9pamb5t790.dll
c:windows455fdo9nloade5z243.cpl
c:windows4579v5zus6e4.bin
c:windows457bbackdo9r1z26.cpl
c:windows4591wor59cz.dll
c:windows459e5hreat13z19.cpl
c:windows45ac9ackdooz761.cpl
c:windows45dest59l2400z.ocx
c:windows45eftzief1639.cpl
c:windows46b8sp9z5e2062.bin
c:windows46bste9l9z5.dll
c:windows46zasteal29365.exe
c:windows4702hackt9ol56bz.cpl
c:windows4771zownloade5499.bin
c:windows4852backdoorz940.exe
c:windows48645parse99z9.exe
c:windows48d05ddware2492z.bin
c:windows49135pambzt2fe.dll
c:windows4992d5wnloadzr2425.dll
c:windows4a58spywaze2964.ocx
c:windows4a59steal915z.bin
c:windows4b5bdownlzad9r781.ocx
c:windows4b65viz3966.cpl
c:windows4b9zthief175.cpl
c:windows4c9athiefz1385.ocx
c:windows4c9fth5ef6z19.cpl
c:windows4d4fdo59lzader1039.dll
c:windows4d65stezl7799.dll
c:windows4d93th5ef16z9.cpl
c:windows4e9ethreaz39952.ocx
c:windows4ec2t9ze5t2025.cpl
c:windows4ef2threatz2259.dll
c:windows4f2cbackd5oz394.exe
c:windows4f84spywa9e252z.dll
c:windows4fa9sparse9512z.ocx
c:windows4fz79ir1524.exe
c:windows4z9dspar9e29255.cpl
c:windows4zbthr9a515291.dll
c:windows5044h9ckto5l7z0.dll
c:windows5084vir9sb0z.dll
c:windows50948worm4d8z.cpl
c:windows5116zorm569.exe
c:windows511tro94d7z.exe
c:windows51249zirus19b.exe
c:windows5145st9zl2993.exe
c:windows5147zwo9m5e0.exe
c:windows5155sp9rse9z4.bin
c:windows5155st9zl995.exe
c:windows5157addzare3091.dll
c:windows515bsze9l5322.dll
c:windows5165thief99z7.exe
c:windows5169sza5se675.ocx
c:windows5199th5ez359.exe
c:windows51e95ownzoader2407.dll
c:windows51not-a5vzrus999.cpl
c:windows51z3sp9ware1251.exe
c:windows520z8troj95b.dll
c:windows5255thzef956.cpl
c:windows526eback9oo52456z.dll
c:windows52954spz14a.bin
c:windows52b5zief30539.exe
c:windows52zdth9ef1583.exe
c:windows53169ddware563z.ocx
c:windows536zvir9s497.dll
c:windows5379zspy7e2.bin
c:windows539thi9z95.exe
c:windows53cbvi5950z.dll
c:windows53f1st9al5157z.cpl
c:windows5420zi9us503.exe
c:windows542z1vir9s264.dll
c:windows54469zrm18d.ocx
c:windows5449spy205z.ocx
c:windows5450addware199z.cpl
c:windows545faddwar92z06.dll
c:windows545zt95eat19537.bin
c:windows5482not-z-virus7139.ocx
c:windows54e3spzrse50689.cpl
c:windows554zhac9tool7ee.bin
c:windows555c9a5kdozr2951.dll
c:windows556e9pywarez94.bin
c:windows5577troj5z99.ocx
c:windows557vi92z89.ocx
c:windows5597not-a-v5ruz2a7.exe
c:windows55d3s9azse1193.ocx
c:windows55dazdware25219.dll
c:windows5628thiefz639.ocx
c:windows5647ad5ware2z96.bin
c:windows56505py590z.ocx
c:windows5650hacktooz4729.bin
c:windows5668v592597z.cpl
c:windows56abackd9oz2065.bin
c:windows56zspyw5r92474.cpl
c:windows5719bzc5door1431.bin
c:windows5752viz9s12b.dll
c:windows57690zacktool7df.ocx
c:windows5793notza-virus926.dll
c:windows5796v95z49.ocx
c:windows5799a9dwarez075.ocx
c:windows57a2downz9ader5746.exe
c:windows57znot-9-5irus115.exe
c:windows58110szy596.exe
c:windows5816viz7995.dll
c:windows58a9ownloadez935.exe
c:windows58z7thief2594.dll
c:windows5918backdoor956z.cpl
c:windows591wormz09.bin
c:windows5922spyz19.dll
c:windows5932nz5-a-vi9use1.bin
c:windows5933not-z-v5rus61a.dll
c:windows5946adz5are1466.exe
c:windows595evir561z9.exe
c:windows595zworm15b.bin
c:windows5966zorm573.ocx
c:windows5968vzr1349.bin
c:windows5991v9r56z.dll
c:windows59977spz501.ocx
c:windows599d5ackzoor247.dll
c:windows59fczt9al762.cpl
c:windows59z0thief685.ocx
c:windows59zcadd5ar91300.cpl
c:windows5a1b5hi9z888.dll
c:windows5a64ba9kdozr2400.bin
c:windows5a85thizf3978.exe
c:windows5aecz5ief1379.ocx
c:windows5b1zack5oor22299.exe
c:windows5b49own5oader2z3.dll
c:windows5b4a9oznlo5der2187.dll
c:windows5c15steal26z9.bin
c:windows5c71ba5kdooz2924.exe
c:windows5c92sparze9025.ocx
c:windows5cz3spa9se5989.bin
c:windows5d75thrzat53359.dll
c:windows5d7stea92965z.exe
c:windows5d9backdzor50.dll
c:windows5e25downlozde92435.cpl
c:windows5ea7thi5z19139.exe
c:windows5f4zsp5wa9e2830.cpl
c:windows5f99zownloader3004.exe
c:windows5fecspywaze5595.cpl
c:windows5z097troj54.cpl
c:windows5z129acktool644.exe
c:windows5z29t5ief119.bin
c:windows5z2athr9at1573.exe
c:windows5z36thie92250.exe
c:windows5z3f5ack9oor2400.cpl
c:windows5z665virus594.dll
c:windows5z84steal695.cpl
c:windows5z88vi912985.bin
c:windows5zaevir1594.dll
c:windows5ze8a5d9are512.dll
c:windows609worz2f95.bin
c:windows60z95ir915.ocx
c:windows616f9te5l315z.bin
c:windows61859orz59a.cpl
c:windows61c9acz5oor3061.ocx
c:windows62009zo5134.cpl
c:windows625z9ir2102.ocx
c:windows6316w9rz5f.dll
c:windows63295hief25z.ocx
c:windows6349spyware95z.exe
c:windows6369spyz59.ocx
c:windows63zb9pyware2185.exe
c:windows6514zir1597.ocx
c:windows6529thizf9424.dll
c:windows6559downloader14z.cpl
c:windows6565sparse79z.cpl
c:windows659bvirz7269.bin
c:windows665zthief9880.cpl
c:windows6725tz9j62e.bin
c:windows67405zy5a9.cpl
c:windows6744vi5uz19.ocx
c:windows6795not5a-zirus4d0.cpl
c:windows67e7dz59loader1934.cpl
c:windows67z2downl5ade92986.exe
c:windows6849th9zat12950.cpl
c:windows688zadd5are2490.dll
c:windows6915thz9at8511.bin
c:windows6925download9r2647z.ocx
c:windows6937s5eal2255z.ocx
c:windows695eth5za92959.ocx
c:windows696caddwar91z95.cpl
c:windows6982s5ywa9e295z.bin
c:windows69979hr5az25547.dll
c:windows699z9teal26185.bin
c:windows69dbad5warz1584.cpl
c:windows6a55thizf9971.dll
c:windows6aae9parse1z155.exe
c:windows6b53th9ez3069.dll
c:windows6ba0st5a9120z.ocx
c:windows6c1dspyza5e2819.ocx
c:windows6ccfthze5t20369.exe
c:windows6cd5zack5oor3249.dll
c:windows6e52doznloa9er2241.cpl
c:windows6f7dt9zea55256.cpl
c:windows6f7zvi91554.cpl
c:windows6f92downlza95r174.ocx
c:windows6fd4stz5l1198.exe
c:windows6z89backdo5r544.ocx
c:windows6z91v5rus3f7.bin
c:windows6za5downloade5539.bin
c:windows705czteal949.dll
c:windows709dba5z9oor1241.exe
c:windows71605zrm6c9.bin
c:windows726thr95t1524z.cpl
c:windows72z8s9ea5548.exe
c:windows7339tzre9t167115.dll
c:windows738thre959z27.bin
c:windows73daddw9ze252.cpl
c:windows74159zcktool6f3.dll
c:windows7429virzs7a95.bin
c:windows7519zackdoor2653.exe
c:windows753a9hiefz358.bin
c:windows753zspy359.dll
c:windows759cstea9132z.dll
c:windows75a9vir35z3.bin
c:windows75abbazkd95r969.dll
c:windows75cbthie949z.bin
c:windows7628s5y79z.bin
c:windows7629sp5rse255z.ocx
c:windows7639haczt95l4c8.cpl
c:windows766zvir9125.exe
c:windows769za5dware293.ocx
c:windows76e6spar5e2z39.ocx
c:windows774sp9zbot45d.bin
c:windows7765w9rz96.dll
c:windows77b59teal1z13.bin
c:windows77z3tr5j599.cpl
c:windows79095ownloader1z9.exe
c:windows79155pz19b.ocx
c:windows7931sp5zare15589.dll
c:windows799z9p5mbot791.cpl
c:windows79d3spywzre1765.exe
c:windows79dbb5ckdoorz104.ocx
c:windows7a06down5oader9z4.cpl
c:windows7a959hreat23z24.exe
c:windows7a97spzrse325.bin
c:windows7aaea5d9are238z.cpl
c:windows7b589zwnloader616.exe
c:windows7b95hizf1543.bin
c:windows7b95zddware1899.bin
c:windows7bz6backdo59557.dll
c:windows7c05stealz995.dll
c:windows7c57downlz5der24289.ocx
c:windows7c6az9w5re2606.exe
c:windows7d3esparse259z.exe
c:windows7d589hrea5702z.bin
c:windows7d70thiez9005.exe
c:windows7e1b9pywa5e2z59.exe
c:windows7e535tea9325z.dll
c:windows7e69b5zkdoor2148.bin
c:windows7f38thzea524959.dll
c:windows7f5ezir29415.cpl
c:windows7f92zownloader15545.cpl
c:windows7fz5ste9l1365.ocx
c:windows7z49thi5f1122.exe
c:windows7z65steal19365.exe
c:windows7z99spy5d5.bin
c:windows7z9backdoor19075.ocx
c:windows8058not-a-virz97f4.exe
c:windows809zpamb5t4ec.ocx
c:windows8126zpam9o5709.exe
c:windows815znot9a-virus40c.bin
c:windows825ad9zare234.dll
c:windows83zbackdoor1459.dll
c:windows8406noz-a5virus779.dll
c:windows841spambotz59.bin
c:windows8456wormz5a9.cpl
c:windows856zot-a-virus19f.ocx
c:windows859viz1081.ocx
c:windows8795z9us47e.exe
c:windows8969s5y3z.exe
c:windows8974worz953.exe
c:windows899doznlo9der1509.ocx
c:windows899wzrm758.ocx
c:windows89abackzoo914415.cpl
c:windows90454zorm595.cpl
c:windows90930spyzd95.bin
c:windows90992zackto5l3a5.exe
c:windows9151trzj95.dll
c:windows9163sparse1495z.ocx
c:windows91994not-a-vizus252.dll
c:windows91c4downl5adzr770.cpl
c:windows9217z5irusb4.ocx
c:windows92494spyz1c5.exe
c:windows926095zt-a-virus5e3.bin
c:windows9366z5ief2652.cpl
c:windows93819notza-5irus47f.exe
c:windows941spyzd5.dll
c:windows9463s9y3z5.dll
c:windows95100trojz615.exe
c:windows95236wo5m25z.bin
c:windows95258troj245z.bin
c:windows9536zvirus695.exe
c:windows9556noz-9-virus7c5.cpl
c:windows9557v9rus35fz.bin
c:windows9559spy3z3.cpl
c:windows9560spazse1501.exe
c:windows956ethreat305z7.cpl
c:windows9570virus49az.bin
c:windows95e4steal2z11.dll
c:windows95zfaddware5008.exe
c:windows9683s9y503z.ocx
c:windows9695zwor56e9.ocx
c:windows96af5ackdooz1448.cpl
c:windows96c5thief1377z.ocx
c:windows9735zea9563.ocx
c:windows97500spyz59.dll
c:windows9791stzal2965.bin
c:windows97z8spyware528.cpl
c:windows97zaddw5re2112.exe
c:windows982viruz575.cpl
c:windows98505irus7z1.exe
c:windows9857wz5m59.exe
c:windows9886backzoor2395.ocx
c:windows98fz5ir2580.ocx
c:windows990dz9nloade5739.ocx
c:windows9969aczd5or3184.ocx
c:windows9985not-azvir5s3b8.cpl
c:windows9989spamz5t782.ocx
c:windows9993sp5191z.exe
c:windows999zrm4f5.ocx
c:windows9a2bsp5zare457.dll
c:windows9a2fthzeat1056.bin
c:windows9a5dtzreat29884.exe
c:windows9afba95door1z92.cpl
c:windows9c1asteal3z45.dll
c:windows9c1dtzr5at8759.exe
c:windows9czbthief3542.bin
c:windows9eb4s5eal326z.ocx
c:windows9edzh5ef1090.exe
c:windows9z045troj1575.bin
c:windows9z05hacktool90.bin
c:windows9z1659y60.bin
c:windows9z5t5ief947.ocx
c:windows9z9ethief2564.ocx
c:windowsa1fvir19z5.cpl
c:windowsa9fvir52z4.bin
c:windowsb4f9parze24035.cpl
c:windowsb89bazk95or1631.ocx
c:windowsbe5zdware9710.ocx
c:windowsc36dow9lzad5r2512.exe
c:windowsc55virz0669.bin
c:windowsc59th5eaz95959.cpl
c:windowsc5as9eaz3249.cpl
c:windowsc5fth9e5190z.bin
c:windowscd1ba5kdzor918.cpl
c:windowscdfth9efz9595.exe
c:windowsd95sp9rse58z4.dll
c:windowsde6back95or2z67.cpl
c:windowsdf9zpywa5e27299.bin
c:windowse90t5ief9719z.dll
c:windowsec9t5iez54.ocx
c:windowsff6ba5k9oor21z3.exe
c:windowsfz0s95rse2591.bin
c:windowssystem3210049hackzool553.cpl
c:windowssystem3210169not-a-vzrus6de5.bin
c:windowssystem3210212sza5bot419.ocx
c:windowssystem3210419n9t-a-vi5zs15e.exe
c:windowssystem3210703spa9bzt1b5.ocx
c:windowssystem3210811s5y99ez.ocx
c:windowssystem3210815hreat12z97.ocx
c:windowssystem3210874sp59bztc9.exe
c:windowssystem32109305zy294.exe
c:windowssystem32109athrz5t26976.cpl
c:windowssystem3210cdspa9sez2545.dll
c:windowssystem3210f7sp5zare295.cpl
c:windowssystem3210z9steal506.ocx
c:windowssystem321129sp5zb6.cpl
c:windowssystem3211380spz3935.exe
c:windowssystem3211495spazbot335.ocx
c:windowssystem3211580spz9fe.dll
c:windowssystem32115fsteaz799.bin
c:windowssystem3211729sp9z95.dll
c:windowssystem3211956hazkt9o526c.bin
c:windowssystem3211z28s9ambot4895.bin
c:windowssystem3211z78vir9s55d.dll
c:windowssystem32120z7spy3549.cpl
c:windowssystem321214ztr59368.cpl
c:windowssystem32122zspars914955.exe
c:windowssystem3212743worm95z.ocx
c:windowssystem32128spzwar51909.cpl
c:windowssystem321291not-a5v9rus592z.exe
c:windowssystem3212993zroj4ba5.dll
c:windowssystem32130bs5ywaze1299.dll
c:windowssystem32134699ir5szba.exe
c:windowssystem32134spzw5re693.bin
c:windowssystem3213525spazbot329.ocx
c:windowssystem321358z9roj696.cpl
c:windowssystem3213665hac5zo9l312.ocx
c:windowssystem32137285orz7d69.bin
c:windowssystem3213743hzc9tool21c5.exe
c:windowssystem3213848hack59oz46.bin
c:windowssystem321398notza-virus651.exe
c:windowssystem3213d4a5dwa9z1897.exe
c:windowssystem3214195hacktzol37a.cpl
c:windowssystem32141c5d9warez60.cpl
c:windowssystem32141z05pambot6c79.ocx
c:windowssystem3214297spamzot185.exe
c:windowssystem3214332not-59virus17dz.cpl
c:windowssystem32144z5sp559.ocx
c:windowssystem321460stea9509z.ocx
c:windowssystem32147925ot9a-virzs77a.bin
c:windowssystem32147z5viru97ef.ocx
c:windowssystem3214849zirus459.exe
c:windowssystem321499sz5al24229.dll
c:windowssystem3214fcback59orz579.bin
c:windowssystem321509hzckto9l40b5.dll
c:windowssystem32150aaddwzr92870.dll
c:windowssystem3215125tro9z5e.bin
c:windowssystem3215309pa5bot46z.dll
c:windowssystem321540z9ot-a-virus1d.exe
c:windowssystem32154359zojd55.dll
c:windowssystem3215450no9-a-virus5ze5.bin
c:windowssystem3215465hackt9ol2f0z.ocx
c:windowssystem321546add9are2782z.ocx
c:windowssystem3215499zacktool530.dll
c:windowssystem3215552virzs9ec.bin
c:windowssystem32155ebaczdo9r2573.cpl
c:windowssystem32155z15ir9s123.ocx
c:windowssystem3215640spy3z9.dll
c:windowssystem3215652not-a-vz9us8f.ocx
c:windowssystem32157035roj579z.dll
c:windowssystem32159199zcktool105.bin
c:windowssystem3215c59ddzare8745.cpl
c:windowssystem3215f0downl9azer1550.ocx
c:windowssystem3215z9spyware905.dll
c:windowssystem32164165ir9s5e8z.bin
c:windowssystem3216515zorm9515.exe
c:windowssystem3216619ha5ktooz596.dll
c:windowssystem3216895t5ojzc9.dll
c:windowssystem321694z5p97da.cpl
c:windowssystem3216z0threat95598.cpl
c:windowssystem321718t5ief9z9.cpl
c:windowssystem321735szeal8389.ocx
c:windowssystem321756bz5kdo9r314.bin
c:windowssystem32175969irzs9a.exe
c:windowssystem3217753zp59bot781.ocx
c:windowssystem3217797spazbot59e.cpl
c:windowssystem3217910vi9us36z5.dll
c:windowssystem32181489acktool19z5.dll
c:windowssystem3218244vz5us25c9.bin
c:windowssystem321841thze958741.exe
c:windowssystem3218486hackto9l549z.bin
c:windowssystem3218536zirus498.dll
c:windowssystem321855zvirus591.exe
c:windowssystem321891ztro551d9.cpl
c:windowssystem32189975ot-a-vizu966a.dll
c:windowssystem3218c65ackd9orz28.ocx
c:windowssystem3218z52not-a-9iru548.dll
c:windowssystem3219057worz72d.cpl
c:windowssystem3219136virusz859.bin
c:windowssystem3219141s5y290z.exe
c:windowssystem321923th5ef169z.dll
c:windowssystem3219405ot-a-vi9us5z5.cpl
c:windowssystem32194zsparse51399.ocx
c:windowssystem3219555wormz78.cpl
c:windowssystem32195espy5are400z.exe
c:windowssystem321965bacz5o9r511.bin
c:windowssystem3219905hac5tool9z5.cpl
c:windowssystem3219927wor5z2.dll
c:windowssystem3219f9zir2045.exe
c:windowssystem321a4dtzief4599.cpl
c:windowssystem321b5zaddwa9e480.bin
c:windowssystem321c129hiez3152.bin
c:windowssystem321c655iz1907.exe
c:windowssystem321c79addw5re1z50.exe
c:windowssystem321c7cth9efz7305.ocx
c:windowssystem321dc2thrzat70599.ocx
c:windowssystem321dc39ir5957z.bin
c:windowssystem321dz2spa9s51579.cpl
c:windowssystem321dz5th9ef492.dll
c:windowssystem321z235spambot9c85.exe
c:windowssystem321z399troj152.cpl
c:windowssystem321z41ha9ktoo55db.ocx
c:windowssystem321z614spam5ot36c9.bin
c:windowssystem321z773vir9s545.exe
c:windowssystem321z955spamb9t591.cpl
c:windowssystem3220010zot-a-viru950a5.dll
c:windowssystem32204459py56z.exe
c:windowssystem32207et9reat1554z.bin
c:windowssystem32209229zya5.exe
c:windowssystem3220z449p5268.bin
c:windowssystem3221052v5rus29z.ocx
c:windowssystem3221096no9-a-virz57d9.exe
c:windowssystem3221115s5amb9tz0b.cpl
c:windowssystem3221290tro95f8z.cpl
c:windowssystem32213z9vi95s2b1.exe
c:windowssystem3221828h9z5tool3cf.dll
c:windowssystem3221eds5az9e3175.ocx
c:windowssystem32220z7troj59e9.dll
c:windowssystem32221019zcktool52f5.dll
c:windowssystem3222292spamb5tzc.exe
c:windowssystem3222628sp59bcz.exe
c:windowssystem3222817vi5z94b9.dll
c:windowssystem3222952virus4fz.ocx
c:windowssystem3222f8downl9zde5957.cpl
c:windowssystem3222z95t9al507.dll
c:windowssystem3223799w5rm4z9.dll
c:windowssystem3223830vir9s3z5.ocx
c:windowssystem322395s5yware62z.bin
c:windowssystem32239ha5k9ozl7f2.dll
c:windowssystem32239n5t-a-vz9us4fd.cpl
c:windowssystem32239zspyware9885.ocx
c:windowssystem3224079spamb9z259.dll
c:windowssystem32244z6not-5-vir9s615.bin
c:windowssystem322459spyz5re2860.ocx
c:windowssystem3224797spambot556z.dll
c:windowssystem322492z5rus579.bin
c:windowssystem3224954szy115.cpl
c:windowssystem3224z12spy7995.exe
c:windowssystem32250dzp9rse1021.bin
c:windowssystem322512sp9rze1563.cpl
c:windowssystem3225189not-a-virus7d8z.bin
c:windowssystem3225509spy4b5z.ocx
c:windowssystem3225559ot-a-viruz5a6.exe
c:windowssystem3225599spy490z.ocx
c:windowssystem3225719not-a-vi9usz50.bin
c:windowssystem322585szeal3579.cpl
c:windowssystem322589szarse950.exe
c:windowssystem322594wor9z62.cpl
c:windowssystem3225952viruzf45.bin
c:windowssystem3225957not5a-virus29fz.dll
c:windowssystem3225999wzr55c9.exe
c:windowssystem3225dzbackd9or13875.cpl
c:windowssystem3225favz52959.cpl
c:windowssystem3225z19tr9j15.bin
c:windowssystem3225z9vir2689.dll
c:windowssystem3226139zywa5e978.bin
c:windowssystem322614dow95oadzr920.dll
c:windowssystem3226193zpam5ot9ec.bin
c:windowssystem322652s9arse3065z.dll
c:windowssystem3226758s5ambzt379.cpl
c:windowssystem3226950szyef.bin
c:windowssystem3227249zirus725.exe
c:windowssystem3227805spy9z35.ocx
c:windowssystem3227z65spy91.bin
c:windowssystem3227z95worm759.cpl
c:windowssystem3228006z5y9f.bin
c:windowssystem3228054h9c5zool5d7.exe
c:windowssystem3228125spambz948b.ocx
c:windowssystem32283z4n9t-a5virus285.bin
c:windowssystem3228435spyz9a.cpl
c:windowssystem322855zs5ambo939.exe
c:windowssystem3228570no9-a-virus31z.dll
c:windowssystem322862t5ief3981z.dll
c:windowssystem32289zvir35.bin
c:windowssystem3228z40vi95s4ab.ocx
c:windowssystem322905threat58z1.ocx
c:windowssystem3229285sz979d.ocx
c:windowssystem3229363vzru59.bin
c:windowssystem3229421z5rus593.ocx
c:windowssystem322942zs5y437.exe
c:windowssystem3229475not-a-virus563z.exe
c:windowssystem32294z99ackto5l28e.cpl
c:windowssystem3229555z9rm3d2.bin
c:windowssystem3229592hazktool753.cpl
c:windowssystem3229599trojzdd.cpl
c:windowssystem32297975py5z6.bin
c:windowssystem32298939pambot55z.bin
c:windowssystem3229ba59ief1160z.ocx
c:windowssystem3229c9thiz5939.dll
c:windowssystem3229z2vi51359.bin
c:windowssystem322a9zvir1354.bin
c:windowssystem322ae5s9ezl1639.ocx
c:windowssystem322b9bthreat2z095.cpl
c:windowssystem322bd6vir169z5.exe
c:windowssystem322bdcbac5doorz990.bin
c:windowssystem322c55ste5l29z5.cpl
c:windowssystem322c91steaz5208.exe
c:windowssystem322d0cs5arz91765.ocx
c:windowssystem322e0a9teaz5301.cpl
c:windowssystem322ecathr5a92654z.ocx
c:windowssystem322f5cspzw9re2206.cpl
c:windowssystem322f5evir95z9.dll
c:windowssystem322f91dowzlo5der2794.ocx
c:windowssystem322f92ba5kd9or148z.cpl
c:windowssystem322z1259pambot366.bin
c:windowssystem322z145h9ef908.bin
c:windowssystem322z5235ackt9ol45c.exe
c:windowssystem322z537virus5109.bin
c:windowssystem322z656virus199.exe
c:windowssystem322z749troj9815.bin
c:windowssystem322z758troj9d.ocx
c:windowssystem322z8ebackd5or9194.ocx
c:windowssystem322z90thie539.exe
c:windowssystem322z91vir9957.cpl
c:windowssystem3230289tzo565e.exe
c:windowssystem323029virus5az9.cpl
c:windowssystem32303859p57eaz.exe
c:windowssystem3230408z9oj7275.bin
c:windowssystem3230550hzcktool94e.cpl
c:windowssystem323076ztro915f.cpl
c:windowssystem3230ddzteal9582.bin
c:windowssystem3231005n9t-a-vizus5535.cpl
c:windowssystem323129thzef31859.bin
c:windowssystem3231567viru9z6c.bin
c:windowssystem3231584zorm9ac.exe
c:windowssystem32317ebz5k9oor1767.ocx
c:windowssystem32318z5ha9ktool245.bin
c:windowssystem3231z60t9oj27c5.bin
c:windowssystem323218backdoor53z89.cpl
c:windowssystem3232605zpy5149.exe
c:windowssystem32327baddzar9155.cpl
c:windowssystem3232912spamz5t1c1.ocx
c:windowssystem3232969not-a5vzrus2e.exe
c:windowssystem3232f35hreat29z769.exe
c:windowssystem3232z57s9y2d5.dll
c:windowssystem3233z5th9eat31358.bin
c:windowssystem323435sp9ware19z.bin
c:windowssystem3234685d9ware19z1.ocx
c:windowssystem32349bbackzoor951.exe
c:windowssystem323526addwa5e9284z.ocx
c:windowssystem32352f9hiez809.bin
c:windowssystem3235390nzt-a-viru9254.ocx
c:windowssystem32354bad5w9rez015.ocx
c:windowssystem323556spa9ze2154.bin
c:windowssystem32355s9ambot5f5z.cpl
c:windowssystem32355v9r3z61.ocx
c:windowssystem323590thief1z595.exe
c:windowssystem3235c9st9az483.bin
c:windowssystem32374cszars53993.dll
c:windowssystem323798n5t-a9zirus7f4.ocx
c:windowssystem323895irzs51.bin
c:windowssystem32msvcrt2.dll
c:windowssystem32tmp24.tmp
c:windowssystem32wmcache.nld
c:windowsTEMPtmp1.tmp
c:windowswiaserviv.log
c:windowsz041t9rea511021.dll
c:windowsz0522not-a5virus96c.dll
c:windowsz07ds9eal19775.exe
c:windowsz0ddownloader19215.ocx
c:windowsz15559rus194.bin
c:windowsz2ffdownloader9562.dll
c:windowsz3397no9-a-vi5us5a5.bin
c:windowsz352t9reat23018.exe
c:windowsz377sp96f05.ocx
c:windowsz394thr5at19728.dll
c:windowsz3978no5-a-vi9us412.dll
c:windowsz39thief1175.dll
c:windowsz421addw5re21209.exe
c:windowsz425spa9bot736.cpl
c:windowsz43dsteal39085.ocx
c:windowsz49fthr5at23956.ocx
c:windowsz4c65pyw9re785.dll
c:windowsz4e9dow9loader155.dll
c:windowsz5099tr9j72b.ocx
c:windowsz515s9eal114.cpl
c:windowsz519steal525.dll
c:windowsz52ath9ef2758.cpl
c:windowsz53f9ddw5re1918.exe
c:windowsz55spambo9e8.dll
c:windowsz56evir1399.ocx
c:windowsz59steal888.exe
c:windowsz5a5thief30189.dll
c:windowsz5davir2955.exe
c:windowsz61sp97d5.dll
c:windowsz6e9t9i5f363.bin
c:windowsz752spy9a.ocx
c:windowsz857spywar95865.ocx
c:windowsz888not-a-vir9s4e5.cpl
c:windowsz8955troj4fa9.bin
c:windowsz8c7addw5re591.dll
c:windowsz908backdoo5431.cpl
c:windowsz9320not-a-virus11f5.dll
c:windowsz959stea5955.ocx
c:windowsz95steal509.exe
c:windowsz9601hackt95l4f4.exe
c:windowsz999spa5se2223.ocx
c:windowsz9e69ackd5or275.cpl
c:windowsz9efs9eal1752.cpl
c:windowszf9downlo5d9r1590.ocx
BITS: Possible infected sites
hxxp://soft.export.yandex.ru
hxxp://download.yandex.ru
