Созданные ответы форума
-
Сообщения
-
А это второй лог.
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: DeviceHarddiskVolume1
Install Date: 11.02.2010 23:36:38
System Uptime: 08.05.2011 7:48:52 (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5SD2-VM
Processor: Процессор Intel Pentium II | LGA 775 | 1599/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) — 29 GiB total, 9,824 GiB free.
D: is FIXED (NTFS) — 45 GiB total, 9,854 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP208: 03.04.2011 18:33:30 — Системная контрольная точка
RP209: 04.04.2011 19:25:33 — Системная контрольная точка
RP210: 06.04.2011 7:37:00 — Системная контрольная точка
RP211: 07.04.2011 18:36:30 — Системная контрольная точка
RP212: 09.04.2011 17:56:31 — Системная контрольная точка
RP213: 10.04.2011 19:08:41 — Системная контрольная точка
RP214: 11.04.2011 20:52:36 — Системная контрольная точка
RP215: 12.04.2011 22:16:00 — Системная контрольная точка
RP216: 14.04.2011 8:45:31 — Системная контрольная точка
RP217: 15.04.2011 19:03:23 — Removed Opera 11.01.
RP218: 15.04.2011 20:00:35 — Software Distribution Service 3.0
RP219: 16.04.2011 20:03:14 — Системная контрольная точка
RP220: 18.04.2011 23:20:35 — Системная контрольная точка
RP221: 20.04.2011 19:55:36 — Системная контрольная точка
RP222: 21.04.2011 20:02:24 — Системная контрольная точка
RP223: 23.04.2011 9:37:04 — Системная контрольная точка
RP224: 24.04.2011 12:09:15 — Системная контрольная точка
RP225: 25.04.2011 17:08:03 — Системная контрольная точка
RP226: 26.04.2011 22:45:19 — Системная контрольная точка
RP227: 27.04.2011 18:44:34 — Операция восстановления
RP228: 27.04.2011 20:00:23 — Software Distribution Service 3.0
RP229: 30.04.2011 9:39:31 — Системная контрольная точка
RP230: 01.05.2011 10:01:59 — Системная контрольная точка
RP231: 01.05.2011 11:48:15 — Advanced SystemCare RestorePoint
RP232: 03.05.2011 19:36:53 — Системная контрольная точка
RP233: 06.05.2011 8:34:53 — Системная контрольная точка
RP234: 07.05.2011 11:30:47 — Системная контрольная точка
RP235: 07.05.2011 20:46:22 — Removed Java(TM) 6 Update 23
RP236: 07.05.2011 23:40:34 — Installed Microsoft Fix it 50267
.
==== Installed Programs ======================
.
Древо Жизни
Архиватор WinRAR
Исправление для Windows XP (KB2158563)
Исправление для Windows XP (KB2443685)
Исправление для Windows XP (KB942288-v3)
Исправление для Windows XP (KB952287)
Исправление для Windows XP (KB961118)
Исправление для Windows XP (KB981793)
µTorrent
Проигрыватель Windows Media 10
Русская версия mp3DirectCut 2.11
Пакет обеспечения совместимости для выпуска 2007 системы Microsoft Office
Обновление безопасности для Windows Internet Explorer 8 (KB2183461)
Обновление безопасности для Windows Internet Explorer 8 (KB2360131)
Обновление безопасности для Windows Internet Explorer 8 (KB2416400)
Обновление безопасности для Windows Internet Explorer 8 (KB2482017)
Обновление безопасности для Windows Internet Explorer 8 (KB2497640)
Обновление безопасности для Windows Internet Explorer 8 (KB2510531)
Обновление безопасности для Windows Internet Explorer 8 (KB971961)
Обновление безопасности для Windows Internet Explorer 8 (KB981332)
Обновление безопасности для Windows Internet Explorer 8 (KB982381)
Обновление безопасности для Windows XP — (KB941569)
Обновление безопасности для Windows XP (KB2079403)
Обновление безопасности для Windows XP (KB2115168)
Обновление безопасности для Windows XP (KB2121546)
Обновление безопасности для Windows XP (KB2160329)
Обновление безопасности для Windows XP (KB2229593)
Обновление безопасности для Windows XP (KB2259922)
Обновление безопасности для Windows XP (KB2279986)
Обновление безопасности для Windows XP (KB2286198)
Обновление безопасности для Windows XP (KB2296011)
Обновление безопасности для Windows XP (KB2296199)
Обновление безопасности для Windows XP (KB2347290)
Обновление безопасности для Windows XP (KB2360937)
Обновление безопасности для Windows XP (KB2387149)
Обновление безопасности для Windows XP (KB2393802)
Обновление безопасности для Windows XP (KB2412687)
Обновление безопасности для Windows XP (KB2419632)
Обновление безопасности для Windows XP (KB2423089)
Обновление безопасности для Windows XP (KB2436673)
Обновление безопасности для Windows XP (KB2440591)
Обновление безопасности для Windows XP (KB2443105)
Обновление безопасности для Windows XP (KB2476687)
Обновление безопасности для Windows XP (KB2478960)
Обновление безопасности для Windows XP (KB2478971)
Обновление безопасности для Windows XP (KB2479628)
Обновление безопасности для Windows XP (KB2479943)
Обновление безопасности для Windows XP (KB2481109)
Обновление безопасности для Windows XP (KB2483185)
Обновление безопасности для Windows XP (KB2485376)
Обновление безопасности для Windows XP (KB2485663)
Обновление безопасности для Windows XP (KB2503658)
Обновление безопасности для Windows XP (KB2506212)
Обновление безопасности для Windows XP (KB2506223)
Обновление безопасности для Windows XP (KB2507618)
Обновление безопасности для Windows XP (KB2508272)
Обновление безопасности для Windows XP (KB2508429)
Обновление безопасности для Windows XP (KB2509553)
Обновление безопасности для Windows XP (KB2511455)
Обновление безопасности для Windows XP (KB2524375)
Обновление безопасности для Windows XP (KB923561)
Обновление безопасности для Windows XP (KB946648)
Обновление безопасности для Windows XP (KB950760)
Обновление безопасности для Windows XP (KB950762)
Обновление безопасности для Windows XP (KB950974)
Обновление безопасности для Windows XP (KB951376-v2)
Обновление безопасности для Windows XP (KB951748)
Обновление безопасности для Windows XP (KB952004)
Обновление безопасности для Windows XP (KB952954)
Обновление безопасности для Windows XP (KB955069)
Обновление безопасности для Windows XP (KB956572)
Обновление безопасности для Windows XP (KB956744)
Обновление безопасности для Windows XP (KB956802)
Обновление безопасности для Windows XP (KB956803)
Обновление безопасности для Windows XP (KB956844)
Обновление безопасности для Windows XP (KB958644)
Обновление безопасности для Windows XP (KB958869)
Обновление безопасности для Windows XP (KB959426)
Обновление безопасности для Windows XP (KB960225)
Обновление безопасности для Windows XP (KB960803)
Обновление безопасности для Windows XP (KB960859)
Обновление безопасности для Windows XP (KB961501)
Обновление безопасности для Windows XP (KB969059)
Обновление безопасности для Windows XP (KB969947)
Обновление безопасности для Windows XP (KB970238)
Обновление безопасности для Windows XP (KB970430)
Обновление безопасности для Windows XP (KB971468)
Обновление безопасности для Windows XP (KB971657)
Обновление безопасности для Windows XP (KB971961)
Обновление безопасности для Windows XP (KB972270)
Обновление безопасности для Windows XP (KB973507)
Обновление безопасности для Windows XP (KB973869)
Обновление безопасности для Windows XP (KB973904)
Обновление безопасности для Windows XP (KB974112)
Обновление безопасности для Windows XP (KB974318)
Обновление безопасности для Windows XP (KB974392)
Обновление безопасности для Windows XP (KB974571)
Обновление безопасности для Windows XP (KB975025)
Обновление безопасности для Windows XP (KB975467)
Обновление безопасности для Windows XP (KB975560)
Обновление безопасности для Windows XP (KB975561)
Обновление безопасности для Windows XP (KB975562)
Обновление безопасности для Windows XP (KB975713)
Обновление безопасности для Windows XP (KB977816)
Обновление безопасности для Windows XP (KB977914)
Обновление безопасности для Windows XP (KB978037)
Обновление безопасности для Windows XP (KB978262)
Обновление безопасности для Windows XP (KB978338)
Обновление безопасности для Windows XP (KB978542)
Обновление безопасности для Windows XP (KB978601)
Обновление безопасности для Windows XP (KB978706)
Обновление безопасности для Windows XP (KB979309)
Обновление безопасности для Windows XP (KB979482)
Обновление безопасности для Windows XP (KB979559)
Обновление безопасности для Windows XP (KB979683)
Обновление безопасности для Windows XP (KB979687)
Обновление безопасности для Windows XP (KB980195)
Обновление безопасности для Windows XP (KB980218)
Обновление безопасности для Windows XP (KB980232)
Обновление безопасности для Windows XP (KB980436)
Обновление безопасности для Windows XP (KB981322)
Обновление безопасности для Windows XP (KB981349)
Обновление безопасности для Windows XP (KB981852)
Обновление безопасности для Windows XP (KB981957)
Обновление безопасности для Windows XP (KB981997)
Обновление безопасности для Windows XP (KB982132)
Обновление безопасности для Windows XP (KB982214)
Обновление безопасности для Windows XP (KB982665)
Обновление безопасности для Windows XP (KB982802)
Обновление безопасности для проигрывателя Windows Media — (KB2378111)
Обновление безопасности для проигрывателя Windows Media — (KB952069)
Обновление безопасности для проигрывателя Windows Media — (KB954155)
Обновление безопасности для проигрывателя Windows Media — (KB968816)
Обновление безопасности для проигрывателя Windows Media — (KB973540)
Обновление безопасности для проигрывателя Windows Media — (KB975558)
Обновление безопасности для проигрывателя Windows Media — (KB978695)
Обновление для Windows Internet Explorer 8 (KB976662)
Обновление для Windows XP (KB2141007)
Обновление для Windows XP (KB2345886)
Обновление для Windows XP (KB2467659)
Обновление для Windows XP (KB898461)
Обновление для Windows XP (KB951978)
Обновление для Windows XP (KB955759)
Обновление для Windows XP (KB967715)
Обновление для Windows XP (KB968389)
Обновление для Windows XP (KB971029)
Обновление для Windows XP (KB971737)
Обновление для Windows XP (KB973687)
Обновление для Windows XP (KB973815)
Обновление для Windows XP (KB980182)
32 Bit HP CIO Components Installer
ABBYY FineReader 8.0 Professional Edition
ACDSee 10 Photo Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0.5 — Russian
AIO_Scan
Apple Application Support
Apple Software Update
ArcSoft Panorama Maker 5
BufferChm
Canopus Codec Option
Compatibility Pack for the 2007 Office system
Copy
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DJ_AIO_Software
DJ_AIO_Software_min
Dump.ru file uploader
ESET NOD32 Antivirus
eSupportQFolder
File Uploader
FormatFactory 2.30
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
HP Customer Participation Program 9.0
HP Deskjet All-In-One Software 9.0
HP Imaging Device Functions 9.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Solution Center 9.0
HP Update
HPDiagnosticAlert
HPProductAssistant
HPSSupply
Java Auto Updater
Java(TM) 6 Update 23
K-Lite Codec Pack 6.5.0 (Full)
Leawo PowerPoint to Video Free version 1.8.0.45
Malwarebytes’ Anti-Malware
MarketResearch
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Office — профессиональный выпуск версии 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable — x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable — x86 9.0.30729.17
Microsoft Visual C++ Run Time Lib Setup
Mozilla Firefox (3.5.16)
MSVCRT Redists
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB925673)
Nero 7 Premium
neroxml
Nikon Message Center
Nikon Transfer
Opera 11.10
Photodex Presenter
Picture Control Utility
PowerDVD
PSSWCORE
QuickTime
Realtek High Definition Audio Driver
Recuva
Scan
Security Task Manager 1.8c
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
SiS VGA Utilities
SiSAGP driver
SolutionCenter
Sony Vegas Pro 8.0
Stamina 2.5
Status
SUPERAntiSpyware
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VideoToolkit01
Vidicor Plugin for Browsers 4.9.9.72
Vit Registry Fix 10 (remove only)
WebFldrs XP
WebReg
WinDjView 1.0.3
Windows Feature Pack for Storage (32-bit) — IMAPI update for Blu-Ray
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Presentation Foundation
Xilisoft AVI to DVD Converter
XML Paper Specification Shared Components Pack 1.0
.
==== End Of File ===========================А что мне делать с этим? Не удаление программы для принтера, не переустановка ее не помогает. Это выскакивает при любой попытке открыть мои папки в компе.
Malwarebytes’ Anti-Malware 1.46
http://www.malwarebytes.orgВерсия базы данных: 5185
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.1870225.11.2010 9:47:08
mbam-log-2010-11-25 (09-47-08).txtТип сканирования: Быстрое сканирование
Просканированные объекты: 150018
Времени прошло: 7 минут, 46 секундЗараженные процессы в памяти: 0
Зараженные модули в памяти: 0
Зараженные ключи в реестре: 0
Зараженные параметры в реестре: 0
Объекты реестра заражены: 0
Зараженные папки: 0
Зараженные файлы: 0Зараженные процессы в памяти:
(Вредоносных программ не обнаружено)Зараженные модули в памяти:
(Вредоносных программ не обнаружено)Зараженные ключи в реестре:
(Вредоносных программ не обнаружено)Зараженные параметры в реестре:
(Вредоносных программ не обнаружено)Объекты реестра заражены:
(Вредоносных программ не обнаружено)Зараженные папки:
(Вредоносных программ не обнаружено)Зараженные файлы:
(Вредоносных программ не обнаружено)Еще забыла написать, что комп очень редко, но вдруг стал сам по себе перезагружаться. Примерно один раз в день.
======Scheduled tasks folder======
C:WINDOWStasksGoogleUpdateTaskMachineCore.job
C:WINDOWStasksGoogleUpdateTaskMachineUA.job
C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-1659004503-2052111302-1606980848-1003.job
C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-1659004503-2052111302-1606980848-1003.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_printenhancer.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer — C:Documents and SettingsAll UsersApplication DataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll [2010-10-03 341600][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2007-09-19 16844800]
«SkyTel»=C:WINDOWSSkyTel.EXE [2007-08-03 1826816]
«RemoteControl»=C:Program FilesCyberLinkPowerDVDPDVDServ.exe [2005-01-12 32768]
«Nikon Transfer Monitor»=C:Program FilesCommon FilesNikonMonitorNkMonitor.exe [2009-09-15 479232]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2009-03-19 2029640]
«TkBellExe»=C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [2010-10-03 202256]
«HP Software Update»=C:Program FilesHPHP Software UpdateHPWuSchd2.exe [2007-03-11 49152][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-06-09 15360]
«NBJ»=C:Program FilesAheadNero BackItUpNBJ.exe [2004-09-24 1916928]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Utility Tray.lnk]
C:WINDOWSsystem32sistray.exe [2008-12-03 262144]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
HP Digital Imaging Monitor.lnk — C:Program FilesHPDigital Imagingbinhpqtra08.exeC:Documents and Settings1Главное менюПрограммыАвтозагрузка
Интернет.lnk —[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]
WgaLogon.dll [][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkhitmanpro35]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkhitmanpro35.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkHitmanPro35Crusader]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=1[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesHPDigital Imagingbinhpqste08.exe»=»C:Program FilesHPDigital Imagingbinhpqste08.exe:*:Enabled:hpqste08.exe»
«C:Program FilesHPDigital Imagingbinhpqscnvw.exe»=»C:Program FilesHPDigital Imagingbinhpqscnvw.exe:*:Enabled:hpqscnvw.exe»
«C:Program FilesHPDigital Imagingbinhpqkygrp.exe»=»C:Program FilesHPDigital Imagingbinhpqkygrp.exe:*:Enabled:hpqkygrp.exe»
«C:Program FilesHPDigital Imagingbinhpqnrs08.exe»=»C:Program FilesHPDigital Imagingbinhpqnrs08.exe:*:Enabled:hpqnrs08.exe»
«C:Program FilesCommon FilesHPDigital ImagingbinhpqPhotoCrm.exe»=»C:Program FilesCommon FilesHPDigital ImagingbinhpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe»
«C:Program FilesHPDigital Imagingbinhpqpsapp.exe»=»C:Program FilesHPDigital Imagingbinhpqpsapp.exe:*:Enabled:hpqpsapp.exe»
«C:Program FilesHPDigital Imagingbinhpqpse.exe»=»C:Program FilesHPDigital Imagingbinhpqpse.exe:*:Enabled:hpqpse.exe»
«C:Program FilesHPDigital Imagingbinhpqusgm.exe»=»C:Program FilesHPDigital Imagingbinhpqusgm.exe:*:Enabled:hpqusgm.exe»
«C:Program FilesHPDigital Imagingbinhpqusgh.exe»=»C:Program FilesHPDigital Imagingbinhpqusgh.exe:*:Enabled:hpqusgh.exe»
«C:Program FilesHPHP Software UpdateHPWUCli.exe»=»C:Program FilesHPHP Software UpdateHPWUCli.exe:*:Enabled:hpwucli.exe»
«C:Program FilesHPDigital Imagingsmart web printingSmartWebPrintExe.exe»=»C:Program FilesHPDigital Imagingsmart web printingSmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe»
«C:Program FilesOperaopera.exe»=»C:Program FilesOperaopera.exe:*:Enabled:Opera Internet Browser»
«C:Program FilesMail.RuSputnikSputnikFlashPlayer.exe»=»C:Program FilesMail.RuSputnikSputnikFlashPlayer.exe:*:Enabled:Sputnik@Mail.Ru flash player»
«C:Program FilesMail.RuSputnikSputnikHelper.exe»=»C:Program FilesMail.RuSputnikSputnikHelper.exe:*:Enabled:Sputnik@Mail.Ru helper object»
«C:Program FilesHPDigital Imagingbinhposid01.exe»=»C:Program FilesHPDigital Imagingbinhposid01.exe:*:Enabled:hposid01.exe»
«C:Program FilesHPDigital Imagingbinhpqcopy2.exe»=»C:Program FilesHPDigital Imagingbinhpqcopy2.exe:*:Enabled:hpqcopy2.exe»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesHPDigital Imagingbinhpqste08.exe»=»C:Program FilesHPDigital Imagingbinhpqste08.exe:*:Enabled:hpqste08.exe»
«C:Program FilesHPDigital Imagingbinhposid01.exe»=»C:Program FilesHPDigital Imagingbinhposid01.exe:*:Enabled:hposid01.exe»
«C:Program FilesHPDigital Imagingbinhpqscnvw.exe»=»C:Program FilesHPDigital Imagingbinhpqscnvw.exe:*:Enabled:hpqscnvw.exe»
«C:Program FilesHPDigital Imagingbinhpqkygrp.exe»=»C:Program FilesHPDigital Imagingbinhpqkygrp.exe:*:Enabled:hpqkygrp.exe»
«C:Program FilesHPDigital Imagingbinhpqcopy2.exe»=»C:Program FilesHPDigital Imagingbinhpqcopy2.exe:*:Enabled:hpqcopy2.exe»
«C:Program FilesHPDigital Imagingbinhpqnrs08.exe»=»C:Program FilesHPDigital Imagingbinhpqnrs08.exe:*:Enabled:hpqnrs08.exe»
«C:Program FilesCommon FilesHPDigital ImagingbinhpqPhotoCrm.exe»=»C:Program FilesCommon FilesHPDigital ImagingbinhpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe»
«C:Program FilesHPDigital Imagingbinhpqpsapp.exe»=»C:Program FilesHPDigital Imagingbinhpqpsapp.exe:*:Enabled:hpqpsapp.exe»
«C:Program FilesHPDigital Imagingbinhpqpse.exe»=»C:Program FilesHPDigital Imagingbinhpqpse.exe:*:Enabled:hpqpse.exe»
«C:Program FilesHPDigital Imagingbinhpqusgm.exe»=»C:Program FilesHPDigital Imagingbinhpqusgm.exe:*:Enabled:hpqusgm.exe»
«C:Program FilesHPDigital Imagingbinhpqusgh.exe»=»C:Program FilesHPDigital Imagingbinhpqusgh.exe:*:Enabled:hpqusgh.exe»
«C:Program FilesHPHP Software UpdateHPWUCli.exe»=»C:Program FilesHPHP Software UpdateHPWUCli.exe:*:Enabled:hpwucli.exe»
«C:Program FilesHPDigital Imagingsmart web printingSmartWebPrintExe.exe»=»C:Program FilesHPDigital Imagingsmart web printingSmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe»======List of files/folders created in the last 1 months======
2010-11-22 16:52:00 —-D—- C:Documents and SettingsAll UsersApplication DataHPSSUPPLY
2010-11-22 16:50:24 —-D—- C:Documents and SettingsAll UsersApplication DataHP Product Assistant
2010-11-22 16:49:58 —-D—- C:Program FilesHewlett-Packard
2010-11-21 23:10:08 —-D—- C:Program FilesCarambis
2010-11-21 23:09:56 —-D—- C:Documents and Settings1Application DataWinRAR
2010-11-21 18:56:28 —-D—- C:Documents and Settings1Application DataDeviceDoctorSoftware
2010-11-21 18:20:57 —-D—- C:Documents and Settings1Application DataCarambis
2010-11-20 14:56:35 —-D—- C:WINDOWSsystem32GroupPolicy
2010-11-20 00:17:27 —-D—- C:Documents and SettingsAll UsersApplication DataMSScanAppDataDir
2010-11-18 22:46:20 —-D—- C:Documents and Settings1Application DataMail.Ru
2010-11-18 22:45:43 —-D—- C:ProgramData
2010-11-17 23:29:48 —-D—- C:Documents and Settings1Application DataBaisvik
2010-11-17 21:52:08 —-D—- C:WINDOWSXSxS
2010-11-17 21:52:08 —-D—- C:Program FilesXenocode
2010-11-17 21:46:15 —-D—- C:Documents and Settings1Application DataThinstall
2010-11-14 09:10:22 —-D—- C:Documents and Settings1Application DataHamsterSoft
2010-11-13 20:34:58 —-A—- C:WINDOWSavisplitter.ini
2010-11-13 20:34:53 —-A—- C:WINDOWSsystem32yv12vfw.dll
2010-11-13 20:34:53 —-A—- C:WINDOWSsystem32xvidvfw.dll
2010-11-13 20:34:53 —-A—- C:WINDOWSsystem32xvidcore.dll
2010-11-13 20:34:53 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
2010-11-13 20:34:52 —-A—- C:WINDOWSsystem32ff_vfw.dll
2010-11-02 22:48:36 —-D—- C:Documents and Settings1Application DataIDM
2010-11-02 22:48:04 —-D—- C:Program FilesInternet Download Manager======List of files/folders modified in the last 1 months======
2010-11-23 23:09:04 —-D—- C:Program Filestrend micro
2010-11-23 23:09:01 —-D—- C:WINDOWStemp
2010-11-23 23:00:05 —-D—- C:Program FilesMozilla Firefox
2010-11-23 22:50:25 —-SHD—- C:WINDOWSInstaller
2010-11-23 22:38:06 —-HD—- C:Config.Msi
2010-11-23 12:26:26 —-A—- C:WINDOWSSchedLgU.Txt
2010-11-23 12:24:21 —-D—- C:WINDOWSsystem32drivers
2010-11-23 11:44:03 —-D—- C:WINDOWSSoftwareDistribution
2010-11-22 23:29:02 —-SD—- C:WINDOWSTasks
2010-11-22 22:42:35 —-D—- C:WINDOWS
2010-11-22 20:02:43 —-D—- C:WINDOWSsystem32CatRoot
2010-11-22 20:01:15 —-HD—- C:WINDOWSinf
2010-11-22 16:52:00 —-D—- C:Program FilesHP
2010-11-22 16:51:23 —-D—- C:WINDOWSWinSxS
2010-11-22 16:50:43 —-D—- C:WINDOWSsystem32
2010-11-22 16:50:23 —-D—- C:Documents and SettingsAll UsersApplication DataHP
2010-11-22 16:50:04 —-D—- C:WINDOWStwain_32
2010-11-22 16:49:58 —-RD—- C:Program Files
2010-11-22 16:37:39 —-DC—- C:WINDOWSsystem32DRVSTORE
2010-11-22 16:37:08 —-RSHDC—- C:WINDOWSsystem32dllcache
2010-11-22 16:35:42 —-D—- C:WINDOWSsystem32CatRoot2
2010-11-22 06:10:30 —-D—- C:WINDOWSWBEM
2010-11-22 01:07:47 —-D—- C:Program FilesOpera
2010-11-21 23:19:10 —-D—- C:Documents and Settings1Application DataHPAppData
2010-11-21 23:10:08 —-HD—- C:Program FilesInstallShield Installation Information
2010-11-21 18:55:44 —-D—- C:Program FilesAsk.com
2010-11-21 16:35:43 —-RASH—- C:boot.ini
2010-11-21 16:35:43 —-A—- C:WINDOWSwin.ini
2010-11-21 16:35:43 —-A—- C:WINDOWSsystem.ini
2010-11-21 09:31:06 —-D—- C:WINDOWSsystem32config
2010-11-21 09:30:49 —-D—- C:WINDOWSsystem32wbem
2010-11-21 09:30:48 —-D—- C:WINDOWSRegistration
2010-11-21 09:02:17 —-D—- C:WINDOWSpss
2010-11-21 00:25:36 —-D—- C:WINDOWSPrefetch
2010-11-17 23:29:36 —-D—- C:rsit
2010-11-16 22:24:30 —-D—- C:Program Files7-Zip
2010-11-14 09:27:14 —-A—- C:WINDOWSNeroDigital.ini
2010-11-13 20:35:14 —-D—- C:Program FilesK-Lite Codec Pack
2010-11-13 06:16:06 —-D—- C:Documents and SettingsAll UsersApplication DataReal
2010-11-13 06:15:38 —-D—- C:Documents and Settings1Application DataReal
2010-11-10 20:00:38 —-A—- C:WINDOWSsystem32MRT.exe
2010-11-07 23:58:59 —-RD—- C:Program FilesCommon Files
2010-10-31 07:58:30 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2010-10-27 14:29:11 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2010-10-27 05:35:34 —-D—- C:Program FilesWinRAR======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 uagp35;Microsoft AGPv3.5 фильтр; C:WINDOWSsystem32DRIVERSuagp35.sys [2008-04-14 44672]
R1 ehdrv;ehdrv; C:WINDOWSsystem32DRIVERSehdrv.sys [2009-03-19 107256]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2009-03-19 93848]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-06-09 40704]
R1 SiSkp;SiSkp; C:WINDOWSsystem32DRIVERSsrvkp.sys [2008-12-03 19072]
R1 uzezmjy3;AVZ-RK Kernel Driver; ??C:WINDOWSsystem32Driversuzezmjy3.sys []
R2 eamon;eamon; C:WINDOWSsystem32DRIVERSeamon.sys [2009-03-19 113960]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-06-09 144384]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2007-03-08 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2007-03-08 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2007-03-08 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-09-19 4617728]
R3 MTsensor;ATK0100 ACPI UTILITY; C:WINDOWSsystem32DRIVERSATKACPI.sys [2007-08-24 5760]
R3 SiS315;SiS315; C:WINDOWSsystem32DRIVERSsisgrp.sys [2008-12-03 324096]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:WINDOWSsystem32DRIVERSSiSGbeXP.sys [2006-12-20 41600]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-14 32128]
R3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
R3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
R3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-14 14720]
S3 catchme;catchme; ??C:DOCUME~11LOCALS~1Tempcatchme.sys []
S3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-14 10368]
S3 StarOpen;StarOpen; C:WINDOWSsystem32driversStarOpen.sys [2009-11-12 7168]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1); C:WINDOWSsystem32driversWsAudio_DeviceS(1).sys [2009-12-04 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2); C:WINDOWSsystem32driversWsAudio_DeviceS(2).sys [2009-12-04 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3); C:WINDOWSsystem32driversWsAudio_DeviceS(3).sys [2009-12-04 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4); C:WINDOWSsystem32driversWsAudio_DeviceS(4).sys [2009-12-04 25704]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5); C:WINDOWSsystem32driversWsAudio_DeviceS(5).sys [2009-12-04 25704]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe [2010-03-18 113152]
R2 ekrn;ESET Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2009-03-19 731840]
R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:WINDOWSsystem32svchost.exe [2008-06-09 14336]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-06-09 14336]
R2 NMSAccess;NMSAccess; C:Program FilesCDBurnerXPNMSAccessU.exe [2010-03-04 71096]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-06-09 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
R3 hpqcxs08;hpqcxs08; C:WINDOWSsystem32svchost.exe [2008-06-09 14336]
S2 gupdate;Служба Google Update (gupdate); C:Program FilesGoogleUpdateGoogleUpdate.exe [2010-10-03 136176]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2009-03-19 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S4 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]
EOF
Сейчас нормально. Не могу попасть на сайт, которым пользовалась все время detsad-kitty.ru. При попытке туда попасть постоянно меня куда-то перенаправляет. Не могу понять — это что-то с компьютером или на сайте.
ComboFix 10-09-27.05 — 1 28.09.2010 23:31:54.2.1 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.383.110 [GMT 4:00]
Running from: c:documents and settings1Рабочий столComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
—- Previous Run
.
c:documents and settings1Application Datanetprotdrvss
c:windowssystem32AutoRun.inf.
((((((((((((((((((((((((( Files Created from 2010-08-28 to 2010-09-28 )))))))))))))))))))))))))))))))
.2010-09-27 19:43 . 2010-09-27 19:43
d
w- c:program filesRecuva
2010-09-27 15:06 . 2010-09-27 15:08
d
w- c:program filesCommon Filese2660288
2010-09-27 14:21 . 2010-09-27 14:21 67480 —-a-w- c:documents and settingsАдминистраторLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2010-09-27 13:47 . 2010-09-27 13:47
d
w- c:program filesCommon Filese2660261
2010-09-27 13:22 . 2010-09-27 13:22
d-sh—w- c:documents and settings1IECompatCache
2010-09-27 12:24 . 2010-09-27 12:24
d
w- c:windowssystem32wbemRepository
2010-09-26 11:59 . 2010-09-26 11:59
d
w- c:documents and settings1Local SettingsApplication DataThinstall
2010-09-26 11:10 . 2010-09-26 11:10
d
w- c:windowsDownloaded Installations
2010-09-07 11:34 . 2010-09-07 11:34
d
w- c:documents and settings1Application DataUniblue.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-28 19:01 . 2010-07-21 16:14
d
w- c:program filesAsk.com
2010-09-28 03:48 . 2010-05-30 13:35 11264 —-a-w- c:windowssystem32driversuzezmjy3.sys
2010-09-27 21:15 . 2010-05-30 21:31
d
w- c:program filestrend micro
2010-09-27 15:09 . 2010-09-26 10:54 30175 —-a-w- c:program filesCommon Filesjqyrg4inedzz13m
2010-09-27 14:18 . 2010-02-13 11:31
d
w- c:program filesGoogle
2010-09-27 14:16 . 2010-02-13 11:31
d
w- c:program filesGRETECH
2010-09-27 13:28 . 2010-08-20 16:24
d
w- c:documents and settings1Application DataHPAppData
2010-09-27 13:21 . 2010-06-20 19:32
d
w- c:program filesMyAshampoo
2010-09-26 11:59 . 2010-02-11 20:44 67480 —-a-w- c:documents and settings1Local SettingsApplication DataGDIPFONTCACHEV1.DAT
2010-09-10 19:07 . 2010-02-12 13:05
d
w- c:program filesOpera
2010-09-09 09:33 . 2010-07-23 19:19 16968 —-a-w- c:windowssystem32drivershitmanpro35.sys
2010-09-02 07:27 . 2010-02-15 20:44
d
w- c:documents and settings1Application DataHP
2010-09-02 07:27 . 2010-02-13 14:14
d
w- c:documents and settingsAll UsersApplication DataHP
2010-09-01 14:29 . 2010-05-23 18:38 20 —h—w- c:documents and settingsAll UsersApplication DataPKP_DLdu.DAT
2010-08-25 05:08 . 2008-06-09 12:00 538050 —-a-w- c:windowssystem32perfh019.dat
2010-08-25 05:08 . 2008-06-09 12:00 106948 —-a-w- c:windowssystem32perfc019.dat
2010-08-17 13:17 . 2008-06-09 12:00 58880 —-a-w- c:windowssystem32spoolsv.exe
2010-08-15 14:21 . 2010-08-15 14:20 23189 —-a-w- c:windowshpqins15.dat
2010-08-15 14:20 . 2010-02-13 14:11
d
w- c:program filesHP
2010-08-11 15:25 . 2010-08-11 15:25 2944904 —-a-w- c:documents and settings1Application DataMozillaFirefoxProfiles3wrq95e.defaultextensionstoolbar@ask.comchrometempaskToolbar.exe
2010-08-07 05:08 . 2010-08-07 05:08
d
w- c:program filesTipard Studio
2010-07-31 05:13 . 2010-07-31 05:12
d
w- c:program filesStamina
2010-07-23 19:32 . 2010-07-23 19:32 12872 —-a-w- c:windowssystem32bootdelete.exe
2010-07-22 15:46 . 2008-06-09 12:00 590848 —-a-w- c:windowssystem32rpcrt4.dll
2010-07-22 11:54 . 2010-05-23 18:41 0 —h—w- c:documents and settingsAll UsersApplication DataPKP_DLdw.DAT
2010-07-22 06:19 . 2008-05-05 03:25 5120 —-a-w- c:windowssystem32xpsp4res.dll
.
Sigcheck
[-] 2010-02-12 . FAD4579B18A9E134B5BAC0A88874E2FD . 509440 . . [5.1.2600.5512] . . c:windowssystem32winlogon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{00000000-6E41-4FD3-8538-502F5495E5FC}»= «c:program filesAsk.comGenericAskToolbar.dll» [2010-02-04 1197448]
«{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}»= «c:program filesMyAshampootbMyA0.dll» [2010-09-27 2735200][HKEY_CLASSES_ROOTclsid{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_CLASSES_ROOTclsid{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_LOCAL_MACHINE~Browser Helper Objects{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2010-09-27 13:21 2735200 —-a-w- c:program filesMyAshampootbMyA0.dll[HKEY_LOCAL_MACHINE~Browser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 12:50 1197448 —-a-w- c:program filesAsk.comGenericAskToolbar.dll[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}»= «c:program filesMyAshampootbMyA0.dll» [2010-09-27 2735200]
«{D4027C7F-154A-4066-A1AD-4243D8127440}»= «c:program filesAsk.comGenericAskToolbar.dll» [2010-02-04 1197448][HKEY_CLASSES_ROOTclsid{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CLASSES_ROOTclsid{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOTGenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOTTypeLib{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOTGenericAskToolbar.ToolbarWnd][HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}»= «c:program filesMyAshampootbMyA0.dll» [2010-09-27 2735200]
«{D4027C7F-154A-4066-A1AD-4243D8127440}»= «c:program filesAsk.comGenericAskToolbar.dll» [2010-02-04 1197448][HKEY_CLASSES_ROOTclsid{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CLASSES_ROOTclsid{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOTGenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOTTypeLib{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOTGenericAskToolbar.ToolbarWnd][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«swg»=»c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe» [BU][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«RTHDCPL»=»RTHDCPL.EXE» [2007-09-19 16844800]
«SkyTel»=»SkyTel.EXE» [2007-08-03 1826816]
«RemoteControl»=»c:program filesCyberLinkPowerDVDPDVDServ.exe» [2005-01-12 32768]
«HP Software Update»=»c:program filesHPHP Software UpdateHPWuSchd2.exe» [2007-03-11 49152]
«Nikon Transfer Monitor»=»c:program filesCommon FilesNikonMonitorNkMonitor.exe» [2009-09-15 479232]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2009-03-19 2029640][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-06-09 15360]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
HP Digital Imaging Monitor.lnk — c:program filesHPDigital Imagingbinhpqtra08.exe [2007-3-11 210520][HKLM~startupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Utility Tray.lnk]
path=c:documents and settingsAll UsersГлавное менюПрограммыАвтозагрузкаUtility Tray.lnk
backup=c:windowspssUtility Tray.lnkCommon Startup[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
2008-04-14 18:41 1695232
w- c:program filesMessengermsmsgs.exe[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\HP\Digital Imaging\bin\hpqste08.exe»=
«c:\Program Files\HP\Digital Imaging\bin\hposid01.exe»=
«c:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe»=
«c:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe»=
«c:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe»=
«c:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe»=
«c:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe»=
«c:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe»=
«c:\Program Files\HP\Digital Imaging\bin\hpqpse.exe»=
«c:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe»=
«c:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe»=
«c:\Program Files\HP\HP Software Update\HPWUCli.exe»=
«c:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe»=
«c:\Program Files\Opera\opera.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«33:TCP»= 33:TCPR1 ehdrv;ehdrv;c:windowssystem32driversehdrv.sys [19.03.2009 11:44 107256]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [19.03.2009 11:45 93848]
R1 uzezmjy3;AVZ-RK Kernel Driver;c:windowssystem32driversuzezmjy3.sys [30.05.2010 17:35 11264]
R2 ekrn;ESET Service;c:program filesESETESET NOD32 Antivirusekrn.exe [19.03.2009 11:44 731840]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:windowssystem32driversWsAudio_DeviceS(1).sys [27.02.2010 23:43 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:windowssystem32driversWsAudio_DeviceS(2).sys [27.02.2010 23:44 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:windowssystem32driversWsAudio_DeviceS(3).sys [27.02.2010 23:44 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:windowssystem32driversWsAudio_DeviceS(4).sys [27.02.2010 23:44 25704]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:windowssystem32driversWsAudio_DeviceS(5).sys [27.02.2010 23:44 25704][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the ‘Scheduled Tasks’ folder2010-09-28 c:windowsTasksScheduled Update for Ask Toolbar.job
— c:program filesAsk.comUpdateTask.exe [2010-02-04 12:50]
.
.
Supplementary Scan
.
uStart Page = about:blank
uDefault_Search_URL =
mStart Page = about:blank
mSearch Bar =
uSearchAssistant = about:blank
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: Google Sidewiki…
TCP: {9929AFD7-A871-4379-BB43-3B69CF54309E} = 78.36.171.200 212.48.193.36
FF — ProfilePath — c:documents and settings1Application DataMozillaFirefoxProfiles3wrq95e.default
FF — prefs.js: browser.search.selectedEngine — Ask.com
FF — prefs.js: browser.startup.homepage — hxxp://www.yandex.ru/?clid=40795
FF — prefs.js: keyword.URL — hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=FF&o=14594&locale=ru_RU&apn_uid=124CA19D-8CC8-42C2-AB71-A5173625E661&apn_ptnrs=FV&apn_sauid=058B7BDF-2382-46C3-8A01-403F25BEE587&apn_dtid=YYYYYYYYRU&q=
FF — component: c:documents and settings1Application DataMozillaFirefoxProfiles3wrq95e.defaultextensions{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}componentsFFExternalAlert.dll
FF — component: c:documents and settings1Application DataMozillaFirefoxProfiles3wrq95e.defaultextensions{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}componentsRadioWMPCore.dll
FF — component: c:program filesHPDigital ImagingSmart Web PrintingMozillaAddOn3componentshpClipBook.dll
FF — component: c:program filesHPDigital ImagingSmart Web PrintingMozillaAddOn3componentshpClipBookDB.dll
FF — component: c:program filesHPDigital ImagingSmart Web PrintingMozillaAddOn3componentshpNeoLogger.dll
FF — component: c:program filesHPDigital ImagingSmart Web PrintingMozillaAddOn3componentshpSaturn.dll
FF — component: c:program filesHPDigital ImagingSmart Web PrintingMozillaAddOn3componentshpSmartSelect.dll
FF — component: c:program filesHPDigital ImagingSmart Web PrintingMozillaAddOn3componentshpSmartWebPrinting.dll
FF — component: c:program filesHPDigital ImagingSmart Web PrintingMozillaAddOn3componentshpSWPOperation.dll
FF — component: c:program filesHPDigital ImagingSmart Web PrintingMozillaAddOn3componentshpXPLogging.dll
FF — component: c:program filesHPDigital ImagingSmart Web PrintingMozillaAddOn3componentshpXPMTC.dll
FF — component: c:program filesHPDigital ImagingSmart Web PrintingMozillaAddOn3componentshpXPMTL.dll
FF — component: c:program filesHPDigital ImagingSmart Web PrintingMozillaAddOn3componentshpXREStub.dll
FF — plugin: c:program filesHPDigital ImagingSmart Web PrintingMozillaAddOn3pluginsnphpclipbook.dll
FF — plugin: c:program filesPhotodex PresenternpPxPlay.dll
FF — HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} — c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension
.
— — — — ORPHANS REMOVED — — — —AddRemove-GOM Player — c:program filesGRETECHGomPlayerUninstall.exe
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesGoogleGoogle ToolbarComponentGoogleToolbarManager_E582EA556D8DE101.exe**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-28 23:37
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘explorer.exe'(3220)
c:windowssystem32WININET.dll
c:windowssystem32webcheck.dll
.
Completion time: 2010-09-28 23:41:21
ComboFix-quarantined-files.txt 2010-09-28 19:41Pre-Run: 13 687 496 704 байт свободно
Post-Run: 13 674 254 336 байт свободно— — End Of File — — 74B58DBBF1483D4E849C75D3D199EF0D
Вот второй лог
======Scheduled tasks folder======
C:WINDOWStasksScheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_printenhancer.dll [2009-10-22 328248][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar — C:Program FilesMyAshampootbMyA0.dll [2010-09-27 2735200][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.6.5612.1312swg.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar — C:Program FilesAsk.comGenericAskToolbar.dll [2010-02-04 1197448][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll [2009-10-22 517688][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll []
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} — MyAshampoo Toolbar — C:Program FilesMyAshampootbMyA0.dll [2010-09-27 2735200]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
{D4027C7F-154A-4066-A1AD-4243D8127440} — Ask Toolbar — C:Program FilesAsk.comGenericAskToolbar.dll [2010-02-04 1197448][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2007-09-19 16844800]
«SkyTel»=C:WINDOWSSkyTel.EXE [2007-08-03 1826816]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«RemoteControl»=C:Program FilesCyberLinkPowerDVDPDVDServ.exe [2005-01-12 32768]
«HP Software Update»=C:Program FilesHPHP Software UpdateHPWuSchd2.exe [2007-03-11 49152]
«Nikon Transfer Monitor»=C:Program FilesCommon FilesNikonMonitorNkMonitor.exe [2009-09-15 479232]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2009-03-19 2029640][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-06-09 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Utility Tray.lnk]
C:WINDOWSsystem32sistray.exe [2008-12-03 262144]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
HP Digital Imaging Monitor.lnk — C:Program FilesHPDigital Imagingbinhpqtra08.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]
WgaLogon.dll [][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkhitmanpro35]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkhitmanpro35.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkHitmanPro35Crusader]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesHPDigital Imagingbinhpqste08.exe»=»C:Program FilesHPDigital Imagingbinhpqste08.exe:*:Enabled:hpqste08.exe»
«C:Program FilesHPDigital Imagingbinhposid01.exe»=»C:Program FilesHPDigital Imagingbinhposid01.exe:*:Enabled:hposid01.exe»
«C:Program FilesHPDigital Imagingbinhpqscnvw.exe»=»C:Program FilesHPDigital Imagingbinhpqscnvw.exe:*:Enabled:hpqscnvw.exe»
«C:Program FilesHPDigital Imagingbinhpqkygrp.exe»=»C:Program FilesHPDigital Imagingbinhpqkygrp.exe:*:Enabled:hpqkygrp.exe»
«C:Program FilesHPDigital Imagingbinhpqcopy2.exe»=»C:Program FilesHPDigital Imagingbinhpqcopy2.exe:*:Enabled:hpqcopy2.exe»
«C:Program FilesHPDigital Imagingbinhpqnrs08.exe»=»C:Program FilesHPDigital Imagingbinhpqnrs08.exe:*:Enabled:hpqnrs08.exe»
«C:Program FilesCommon FilesHPDigital ImagingbinhpqPhotoCrm.exe»=»C:Program FilesCommon FilesHPDigital ImagingbinhpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe»
«C:Program FilesHPDigital Imagingbinhpqpsapp.exe»=»C:Program FilesHPDigital Imagingbinhpqpsapp.exe:*:Enabled:hpqpsapp.exe»
«C:Program FilesHPDigital Imagingbinhpqpse.exe»=»C:Program FilesHPDigital Imagingbinhpqpse.exe:*:Enabled:hpqpse.exe»
«C:Program FilesHPDigital Imagingbinhpqusgm.exe»=»C:Program FilesHPDigital Imagingbinhpqusgm.exe:*:Enabled:hpqusgm.exe»
«C:Program FilesHPDigital Imagingbinhpqusgh.exe»=»C:Program FilesHPDigital Imagingbinhpqusgh.exe:*:Enabled:hpqusgh.exe»
«C:Program FilesHPHP Software UpdateHPWUCli.exe»=»C:Program FilesHPHP Software UpdateHPWUCli.exe:*:Enabled:hpwucli.exe»
«C:Program FilesHPDigital Imagingsmart web printingSmartWebPrintExe.exe»=»C:Program FilesHPDigital Imagingsmart web printingSmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe»
«C:Program FilesOperaopera.exe»=»C:Program FilesOperaopera.exe:*:Enabled:Opera Internet Browser»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesHPDigital Imagingbinhpqste08.exe»=»C:Program FilesHPDigital Imagingbinhpqste08.exe:*:Enabled:hpqste08.exe»
«C:Program FilesHPDigital Imagingbinhposid01.exe»=»C:Program FilesHPDigital Imagingbinhposid01.exe:*:Enabled:hposid01.exe»
«C:Program FilesHPDigital Imagingbinhpqscnvw.exe»=»C:Program FilesHPDigital Imagingbinhpqscnvw.exe:*:Enabled:hpqscnvw.exe»
«C:Program FilesHPDigital Imagingbinhpqkygrp.exe»=»C:Program FilesHPDigital Imagingbinhpqkygrp.exe:*:Enabled:hpqkygrp.exe»
«C:Program FilesHPDigital Imagingbinhpqcopy2.exe»=»C:Program FilesHPDigital Imagingbinhpqcopy2.exe:*:Enabled:hpqcopy2.exe»
«C:Program FilesHPDigital Imagingbinhpqnrs08.exe»=»C:Program FilesHPDigital Imagingbinhpqnrs08.exe:*:Enabled:hpqnrs08.exe»
«C:Program FilesCommon FilesHPDigital ImagingbinhpqPhotoCrm.exe»=»C:Program FilesCommon FilesHPDigital ImagingbinhpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe»
«C:Program FilesHPDigital Imagingbinhpqpsapp.exe»=»C:Program FilesHPDigital Imagingbinhpqpsapp.exe:*:Enabled:hpqpsapp.exe»
«C:Program FilesHPDigital Imagingbinhpqpse.exe»=»C:Program FilesHPDigital Imagingbinhpqpse.exe:*:Enabled:hpqpse.exe»
«C:Program FilesHPDigital Imagingbinhpqusgm.exe»=»C:Program FilesHPDigital Imagingbinhpqusgm.exe:*:Enabled:hpqusgm.exe»
«C:Program FilesHPDigital Imagingbinhpqusgh.exe»=»C:Program FilesHPDigital Imagingbinhpqusgh.exe:*:Enabled:hpqusgh.exe»
«C:Program FilesHPHP Software UpdateHPWUCli.exe»=»C:Program FilesHPHP Software UpdateHPWUCli.exe:*:Enabled:hpwucli.exe»
«C:Program FilesHPDigital Imagingsmart web printingSmartWebPrintExe.exe»=»C:Program FilesHPDigital Imagingsmart web printingSmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe»======List of files/folders created in the last 1 months======
2010-09-27 23:43:07 —-D—- C:Program FilesRecuva
2010-09-27 21:33:22 —-D—- C:WINDOWSLastGood
2010-09-27 19:39:59 —-A—- C:WINDOWSresetlog.txt
2010-09-27 19:06:32 —-D—- C:Program FilesCommon Filese2660288
2010-09-27 17:47:10 —-D—- C:Program FilesCommon Filese2660261
2010-09-27 17:15:09 —-A—- C:WINDOWSsystem323347a350.exe
2010-09-26 15:10:06 —-D—- C:WINDOWSDownloaded Installations
2010-09-15 22:03:35 —-HDC—- C:WINDOWS$NtUninstallKB2259922$
2010-09-15 22:03:27 —-HDC—- C:WINDOWS$NtUninstallKB975558_WM8$
2010-09-15 22:03:20 —-HDC—- C:WINDOWS$NtUninstallKB2347290$
2010-09-15 22:03:13 —-HDC—- C:WINDOWS$NtUninstallKB2121546$
2010-09-15 22:03:04 —-HDC—- C:WINDOWS$NtUninstallKB982802$
2010-09-15 22:02:49 —-HDC—- C:WINDOWS$NtUninstallKB981322$
2010-09-15 21:59:55 —-A—- C:WINDOWSimsins.BAK
2010-09-15 21:59:46 —-HDC—- C:WINDOWS$NtUninstallKB2141007$
2010-09-07 15:34:13 —-D—- C:Documents and Settings1Application DataUniblue======List of files/folders modified in the last 1 months======
2010-09-28 01:15:58 —-D—- C:Program Filestrend micro
2010-09-28 01:15:54 —-D—- C:WINDOWSPrefetch
2010-09-28 01:15:49 —-D—- C:WINDOWSTemp
2010-09-28 01:01:21 —-SHD—- C:WINDOWSInstaller
2010-09-28 01:01:19 —-D—- C:Program FilesAsk.com
2010-09-28 01:01:18 —-HD—- C:Config.Msi
2010-09-27 23:43:07 —-RD—- C:Program Files
2010-09-27 23:16:02 —-SHD—- C:RECYCLER
2010-09-27 21:33:28 —-HD—- C:WINDOWSinf
2010-09-27 21:33:22 —-D—- C:WINDOWS
2010-09-27 20:25:04 —-D—- C:WINDOWSsystem32
2010-09-27 20:03:34 —-D—- C:WINDOWSsystem32CatRoot2
2010-09-27 20:00:25 —-A—- C:WINDOWSSchedLgU.Txt
2010-09-27 19:40:01 —-D—- C:WINDOWSsystem32driversetc
2010-09-27 19:27:46 —-SH—- C:boot.ini
2010-09-27 19:27:46 —-A—- C:WINDOWSwin.ini
2010-09-27 19:27:46 —-A—- C:WINDOWSsystem.ini
2010-09-27 19:27:45 —-D—- C:WINDOWSpss
2010-09-27 19:06:32 —-RD—- C:Program FilesCommon Files
2010-09-27 18:41:38 —-A—- C:WINDOWSntbtlog.txt
2010-09-27 18:39:51 —-D—- C:WINDOWSsystem32drivers
2010-09-27 18:18:47 —-D—- C:Program FilesGoogle
2010-09-27 18:18:47 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle
2010-09-27 18:16:46 —-D—- C:Program FilesGRETECH
2010-09-27 18:15:12 —-D—- C:WINDOWSsystem32appmgmt
2010-09-27 17:28:18 —-D—- C:Documents and Settings1Application DataHPAppData
2010-09-27 17:21:10 —-D—- C:Program FilesMyAshampoo
2010-09-27 17:19:34 —-D—- C:Program FilesMozilla Firefox
2010-09-27 16:25:53 —-D—- C:WINDOWSsystem32config
2010-09-27 16:24:54 —-D—- C:WINDOWSsystem32wbem
2010-09-27 16:24:47 —-D—- C:WINDOWSRegistration
2010-09-27 06:09:26 —-SHD—- C:System Volume Information
2010-09-27 06:09:26 —-D—- C:WINDOWSsystem32Restore
2010-09-26 15:53:02 —-RSD—- C:WINDOWSFonts
2010-09-26 15:18:04 —-A—- C:WINDOWSNeroDigital.ini
2010-09-15 22:03:34 —-HD—- C:WINDOWS$hf_mig$
2010-09-15 22:03:30 —-RSHDC—- C:WINDOWSsystem32dllcache
2010-09-15 22:00:14 —-A—- C:WINDOWSsystem32MRT.exe
2010-09-15 21:01:51 —-D—- C:WINDOWSsystem32CatRoot
2010-09-12 23:57:37 —-SD—- C:WINDOWSTasks
2010-09-10 23:07:53 —-D—- C:Program FilesOpera
2010-09-06 10:40:19 —-HDC—- C:WINDOWS$NtUninstallKB981852$
2010-09-02 11:27:57 —-D—- C:Documents and SettingsAll UsersApplication DataHP
2010-09-02 11:27:57 —-D—- C:Documents and Settings1Application DataHP======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 uagp35;Microsoft AGPv3.5 фильтр; C:WINDOWSsystem32DRIVERSuagp35.sys [2008-04-14 44672]
R1 ehdrv;ehdrv; C:WINDOWSsystem32DRIVERSehdrv.sys [2009-03-19 107256]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2009-03-19 93848]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-06-09 40704]
R1 SiSkp;SiSkp; C:WINDOWSsystem32DRIVERSsrvkp.sys [2008-12-03 19072]
R1 uzezmjy3;AVZ-RK Kernel Driver; ??C:WINDOWSsystem32Driversuzezmjy3.sys []
R2 eamon;eamon; C:WINDOWSsystem32DRIVERSeamon.sys [2009-03-19 113960]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-06-09 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-09-19 4617728]
R3 MTsensor;ATK0100 ACPI UTILITY; C:WINDOWSsystem32DRIVERSATKACPI.sys [2007-08-24 5760]
R3 SiS315;SiS315; C:WINDOWSsystem32DRIVERSsisgrp.sys [2008-12-03 324096]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:WINDOWSsystem32DRIVERSSiSGbeXP.sys [2006-12-20 41600]
S1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-14 14720]
S3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2007-03-08 21568]
S3 MBAMSwissArmy;MBAMSwissArmy; ??C:WINDOWSsystem32driversmbamswissarmy.sys []
S3 StarOpen;StarOpen; C:WINDOWSsystem32driversStarOpen.sys [2009-11-12 7168]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-14 32128]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1); C:WINDOWSsystem32driversWsAudio_DeviceS(1).sys [2009-12-04 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2); C:WINDOWSsystem32driversWsAudio_DeviceS(2).sys [2009-12-04 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3); C:WINDOWSsystem32driversWsAudio_DeviceS(3).sys [2009-12-04 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4); C:WINDOWSsystem32driversWsAudio_DeviceS(4).sys [2009-12-04 25704]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5); C:WINDOWSsystem32driversWsAudio_DeviceS(5).sys [2009-12-04 25704]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe [2010-03-18 113152]
R2 ekrn;ESET Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2009-03-19 731840]
R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:WINDOWSsystem32svchost.exe [2008-06-09 14336]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-06-09 14336]
R2 NMSAccess;NMSAccess; C:Program FilesCDBurnerXPNMSAccessU.exe [2010-03-04 71096]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-06-09 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
R3 hpqcxs08;hpqcxs08; C:WINDOWSsystem32svchost.exe [2008-06-09 14336]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2009-03-19 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S4 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]
EOF
И еще вот это.
Logfile of random’s system information tool 1.06 (written by random/random)
Run by 1 at 2010-06-19 00:08:33
Microsoft Windows XP Professional Service Pack 3
System drive C: has 19 GB (64%) free of 30 GB
Total RAM: 383 MB (47% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:08:41, on 19.06.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesCommon FilesArcSoftConnection ServiceBinACDaemon.exe
C:Program FilesCommon FilesNikonMonitorNkMonitor.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCommon FilesArcSoftConnection ServiceBinArcCon.ac
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
C:WINDOWSsystem32sistray.exe
C:Program FilesHPDigital ImagingbinhpqSTE08.exe
C:Program FilesOperaopera.exe
D:Program FilesRSIT.exe
C:Program Filestrend micro1.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
F2 — REG:system.ini: UserInit=C:WINDOWSSYSTEM32Userinit.exe,\?globalrootsystemrootsystem328rCVJ2I.exe,\?globalrootsystemrootsystem32XdssLB6.exe,\?globalrootsystemrootsystem32G4gDwDl.exe,\?globalrootsystemrootsystem32WiO5mkm.exe,
O2 — BHO: HP Print Enhancer — {0347C33E-8762-4905-BF09-768834316C61} — C:Program FilesHPSmart Web Printinghpswp_printenhancer.dll
O2 — BHO: HP Print Clips — {053F9267-DC04-4294-A72C-58F732D338C0} — C:Program FilesHPSmart Web Printinghpswp_framework.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.2.4204.1700swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [RemoteControl] «C:Program FilesCyberLinkPowerDVDPDVDServ.exe»
O4 — HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 — HKLM..Run: [ArcSoft Connection Service] C:Program FilesCommon FilesArcSoftConnection ServiceBinACDaemon.exe
O4 — HKLM..Run: [Nikon Transfer Monitor] C:Program FilesCommon FilesNikonMonitorNkMonitor.exe
O4 — HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [swg] «C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imagingbinhpqtra08.exe
O4 — Global Startup: Utility Tray.lnk = C:WINDOWSsystem32sistray.exe
O4 — Global Startup: Ускоренный запуск Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Google Sidewiki… — res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 — Extra button: Альбом клипов HP — {58ECB495-38F0-49cb-A538-10282ABF65E7} — C:Program FilesHPSmart Web Printinghpswp_extensions.dll
O9 — Extra button: Расширенный выбор HP — {700259D7-1666-479a-93B1-3250410481E8} — C:Program FilesHPSmart Web Printinghpswp_extensions.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{9929AFD7-A871-4379-BB43-3B69CF54309E}: NameServer = 78.36.171.200 212.48.193.36
O23 — Service: ArcSoft Connect Daemon (ACDaemon) — ArcSoft Inc. — C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба Google Update (gupdate) (gupdate) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 7791 bytes======Scheduled tasks folder======
C:WINDOWStasksGoogleUpdateTaskMachineCore.job
C:WINDOWStasksGoogleUpdateTaskMachineUA.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer — C:Program FilesHPSmart Web Printinghpswp_printenhancer.dll [2007-03-02 1298024][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips — C:Program FilesHPSmart Web Printinghpswp_framework.dll [2007-03-02 177768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-06-07 256112][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.2.4204.1700swg.dll [2010-06-07 761840][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll [2010-06-07 458736][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-06-07 256112][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2007-09-19 16844800]
«SkyTel»=C:WINDOWSSkyTel.EXE [2007-08-03 1826816]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«SiSPower»=SiSPower.dll,ModeAgent []
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
«RemoteControl»=C:Program FilesCyberLinkPowerDVDPDVDServ.exe [2005-01-12 32768]
«HP Software Update»=C:Program FilesHPHP Software UpdateHPWuSchd2.exe [2007-03-11 49152]
«ArcSoft Connection Service»=C:Program FilesCommon FilesArcSoftConnection ServiceBinACDaemon.exe [2010-03-18 207360]
«Nikon Transfer Monitor»=C:Program FilesCommon FilesNikonMonitorNkMonitor.exe [2009-09-15 479232]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-06-09 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2010-06-07 39408]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
HP Digital Imaging Monitor.lnk — C:Program FilesHPDigital Imagingbinhpqtra08.exe
Utility Tray.lnk — C:WINDOWSsystem32sistray.exe
Ускоренный запуск Adobe Reader.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]
C:WINDOWSsystem32WgaLogon.dll [2009-03-10 265096][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2010-06-18 23:20:16 —-A—- C:WINDOWSsystem32cam9NnG.exe
2010-06-18 22:30:56 —-A—- C:WINDOWSsystem32MUOXhxQ.exe
2010-06-18 21:46:57 —-A—- C:WINDOWSsystem32oEXRVat.exe
2010-06-18 21:38:43 —-A—- C:WINDOWSsystem32MHWDGA9.exe
2010-06-18 21:07:04 —-A—- C:WINDOWSsystem32i5REoQy.exe
2010-06-18 20:05:10 —-A—- C:WINDOWSsystem32GpVepYv.exe
2010-06-16 00:05:15 —-A—- C:WINDOWSsystem32apexchanger.exe
2010-06-16 00:03:15 —-D—- C:Program FilesApex Video Converter Pro
2010-06-16 00:03:15 —-D—- C:Apex
2010-06-15 23:19:45 —-D—- C:Program FilesCommon FilesAVSMedia
2010-06-15 23:19:24 —-A—- C:WINDOWSsystem32msxml3a.dll
2010-06-15 21:50:17 —-D—- C:Program Filesmp3DirectCut
2010-06-11 21:35:23 —-D—- C:Documents and Settings1Application DataXilisoft Corporation
2010-06-11 03:03:26 —-HDC—- C:WINDOWS$NtUninstallKB980218$
2010-06-11 03:03:14 —-HDC—- C:WINDOWS$NtUninstallKB980195$
2010-06-11 03:03:08 —-HDC—- C:WINDOWS$NtUninstallKB979559$
2010-06-11 03:01:07 —-HDC—- C:WINDOWS$NtUninstallKB978695_WM9$
2010-06-11 03:00:56 —-HDC—- C:WINDOWS$NtUninstallKB979482$
2010-06-11 03:00:50 —-HDC—- C:WINDOWS$NtUninstallKB975562$
2010-06-11 03:00:36 —-D—- C:WINDOWSie8updates
2010-06-10 21:27:16 —-D—- C:Movavi files
2010-06-10 20:37:42 —-D—- C:Program FilesMovavi Видео Конвертер 8
2010-06-10 12:17:09 —-D—- C:Documents and Settings1Application DataMOVAVI
2010-06-09 06:22:05 —-HDC—- C:WINDOWS$NtUninstallKB970430$
2010-06-09 06:21:38 —-HDC—- C:WINDOWS$NtUninstallKB971737$
2010-06-09 05:37:34 —-A—- C:WINDOWSsystem32MRT.exe
2010-06-09 05:36:18 —-D—- C:WINDOWSWBEM
2010-06-09 05:33:27 —-HDC—- C:WINDOWSie8
2010-06-07 14:46:32 —-D—- C:Documents and SettingsAll UsersApplication DataWindows Genuine Advantage
2010-06-07 05:31:38 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2010-06-07 05:31:31 —-HDC—- C:WINDOWS$NtUninstallKB959426$
2010-06-07 05:31:18 —-HDC—- C:WINDOWS$NtUninstallKB960859$
2010-06-07 05:31:00 —-HDC—- C:WINDOWS$NtUninstallKB974318$
2010-06-07 05:30:52 —-HDC—- C:WINDOWS$NtUninstallKB951978$
2010-06-07 05:30:44 —-HDC—- C:WINDOWS$NtUninstallKB969059$
2010-06-07 05:30:37 —-HDC—- C:WINDOWS$NtUninstallKB981349$
2010-06-07 05:30:27 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2010-06-07 05:30:21 —-HDC—- C:WINDOWS$NtUninstallKB975713$
2010-06-07 05:30:14 —-HDC—- C:WINDOWS$NtUninstallKB971657$
2010-06-07 05:30:05 —-HDC—- C:WINDOWS$NtUninstallKB978338$
2010-06-07 05:29:58 —-HDC—- C:WINDOWS$NtUninstallKB974112$
2010-06-07 05:29:52 —-HDC—- C:WINDOWS$NtUninstallKB961501$
2010-06-07 05:29:45 —-HDC—- C:WINDOWS$NtUninstallKB975025$
2010-06-07 05:29:29 —-HDC—- C:WINDOWS$NtUninstallKB952004$
2010-06-07 05:29:22 —-HDC—- C:WINDOWS$NtUninstallKB974571$
2010-06-07 05:29:15 —-HDC—- C:WINDOWS$NtUninstallKB975560$
2010-06-07 05:29:04 —-HDC—- C:WINDOWS$NtUninstallKB973507$
2010-06-07 05:28:57 —-HDC—- C:WINDOWS$NtUninstallKB977816$
2010-06-07 05:28:23 —-HDC—- C:WINDOWS$NtUninstallKB980182$
2010-06-07 05:27:27 —-HDC—- C:WINDOWS$NtUninstallKB974392$
2010-06-07 05:25:35 —-HDC—- C:WINDOWS$NtUninstallKB977914$
2010-06-07 05:23:54 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2010-06-07 05:23:37 —-HDC—- C:WINDOWS$NtUninstallKB978542$
2010-06-07 05:23:24 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2010-06-07 05:22:52 —-HDC—- C:WINDOWS$NtUninstallKB975467$
2010-06-07 05:21:39 —-HDC—- C:WINDOWS$NtUninstallKB968389$
2010-06-06 18:19:24 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle
2010-06-06 18:14:16 —-A—- C:WINDOWSavisplitter.ini
2010-06-06 18:13:55 —-A—- C:WINDOWSsystem32yv12vfw.dll
2010-06-06 18:13:40 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
2010-06-06 18:13:40 —-A—- C:WINDOWSsystem32ff_vfw.dll
2010-06-06 18:13:31 —-D—- C:Program FilesK-Lite Codec Pack
2010-06-06 17:23:28 —-HDC—- C:WINDOWS$NtUninstallKB978262$
2010-06-06 17:23:11 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2010-06-06 17:22:54 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2010-06-06 17:22:37 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2010-06-06 17:22:20 —-HDC—- C:WINDOWS$NtUninstallKB971468$
2010-06-06 17:21:59 —-HDC—- C:WINDOWS$NtUninstallKB979683$
2010-06-06 17:21:42 —-HDC—- C:WINDOWS$NtUninstallKB958869$
2010-06-06 17:21:25 —-HDC—- C:WINDOWS$NtUninstallKB980232$
2010-06-06 17:21:04 —-HDC—- C:WINDOWS$NtUninstallKB955759$
2010-06-06 17:20:46 —-HDC—- C:WINDOWS$NtUninstallKB968816_WM9$
2010-06-06 17:20:30 —-HDC—- C:WINDOWS$NtUninstallKB978037$
2010-06-06 17:20:13 —-HDC—- C:WINDOWS$NtUninstallKB954155_WM9$
2010-06-06 17:19:57 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2010-06-06 17:19:28 —-HDC—- C:WINDOWS$NtUninstallKB956572$
2010-06-06 17:19:08 —-HDC—- C:WINDOWS$NtUninstallKB956844$
2010-06-06 17:18:48 —-HDC—- C:WINDOWS$NtUninstallKB973904$
2010-06-06 17:18:25 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2010-06-06 17:18:06 —-HDC—- C:WINDOWS$NtUninstallKB970238$
2010-06-06 17:17:45 —-HDC—- C:WINDOWS$NtUninstallKB978706$
2010-06-06 17:17:23 —-HDC—- C:WINDOWS$NtUninstallKB960803$
2010-06-06 17:17:06 —-HDC—- C:WINDOWS$NtUninstallKB973815$
2010-06-06 17:16:42 —-HDC—- C:WINDOWS$NtUninstallKB969947$
2010-06-06 16:22:49 —-D—- C:FlashVideos
2010-06-06 08:15:39 —-HDC—- C:WINDOWS$NtUninstallKB972270$
2010-06-06 08:15:31 —-HDC—- C:WINDOWS$NtUninstallKB956744$
2010-06-06 08:15:20 —-HDC—- C:WINDOWS$NtUninstallKB973869$
2010-06-06 08:15:07 —-HDC—- C:WINDOWS$NtUninstallKB941569$
2010-06-06 08:14:28 —-HDC—- C:WINDOWS$NtUninstallKB973687$
2010-06-06 08:14:19 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2010-06-06 08:14:09 —-HDC—- C:WINDOWS$NtUninstallKB981793$
2010-06-06 08:13:59 —-HDC—- C:WINDOWS$NtUninstallKB978601$
2010-06-06 08:13:52 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2010-06-06 08:13:36 —-HDC—- C:WINDOWS$NtUninstallKB973540_WM9$
2010-06-06 08:13:30 —-HDC—- C:WINDOWS$NtUninstallKB950760$
2010-06-06 08:13:22 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2010-06-06 08:13:13 —-HDC—- C:WINDOWS$NtUninstallKB979309$
2010-06-06 08:13:05 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2010-06-06 08:12:23 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2010-06-06 08:11:51 —-D—- C:Program FilesMSXML 4.0
2010-06-06 08:11:31 —-HDC—- C:WINDOWS$NtUninstallKB923561$
2010-06-06 08:10:52 —-HDC—- C:WINDOWS$NtUninstallKB971961$
2010-06-05 08:29:12 —-HDC—- C:WINDOWS$NtUninstallKB975561$
2010-06-04 23:32:50 —-D—- C:WINDOWSsystem32PreInstall
2010-06-04 23:32:48 —-N—- C:WINDOWSsystem32spmsg.dll
2010-06-04 23:32:47 —-A—- C:WINDOWSsystem32spupdsvc.exe
2010-06-04 23:32:45 —-HDC—- C:WINDOWS$NtUninstallKB898461$
2010-06-04 23:32:45 —-HD—- C:WINDOWS$hf_mig$
2010-06-04 22:08:19 —-D—- C:WINDOWSMinidump
2010-06-03 06:38:42 —-D—- C:WINDOWSsystem32SoftwareDistribution
2010-06-02 09:08:50 —-D—- C:Documents and Settings1Application DataMalwarebytes
2010-06-02 09:08:31 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2010-05-31 01:31:49 —-D—- C:Program Filestrend micro
2010-05-31 01:31:47 —-D—- C:rsit
2010-05-31 00:45:58 —-D—- C:WINDOWSsystem32appmgmt
2010-05-30 22:15:10 —-A—- C:SAFEBOOT_REPAIR.TXT
2010-05-30 17:10:58 —-D—- C:Documents and Settings1Application DataHelp
2010-05-27 23:55:59 —-D—- C:Program FilesQuickTime
2010-05-27 22:58:36 —-D—- C:32788R22FWJFW(2)
2010-05-27 22:35:36 —-D—- C:WINDOWSpss
2010-05-26 21:00:24 —-D—- C:Program FilesCommon FilesSysAware Soft
2010-05-23 23:05:18 —-A—- C:WINDOWSViewNX.INI
2010-05-23 22:52:06 —-D—- C:Documents and Settings1Application DataApple Computer
2010-05-23 22:46:32 —-D—- C:Documents and Settings1Application DataNikon
2010-05-23 22:41:49 —-D—- C:Documents and SettingsAll UsersApplication DataSync Schema
2010-05-23 22:40:45 —-D—- C:Program FilesCommon Filesmuvee Technologies
2010-05-23 22:40:32 —-D—- C:Program FilesCommon FilesNikon
2010-05-23 22:40:32 —-D—- C:Documents and SettingsAll UsersApplication DataNikon
2010-05-23 22:40:24 —-D—- C:Program FilesNikon
2010-05-23 22:38:54 —-D—- C:Documents and SettingsAll UsersApplication DataUltima_T15
2010-05-23 22:38:54 —-D—- C:Documents and SettingsAll UsersApplication DataSpeech Enhancer
2010-05-23 22:38:54 —-D—- C:Documents and SettingsAll UsersApplication DataEnterNHelp
2010-05-23 22:34:11 —-HD—- C:Documents and SettingsAll UsersApplication DataArcSoft
2010-05-23 22:32:59 —-D—- C:Program FilesCommon FilesArcSoft
2010-05-23 22:32:59 —-D—- C:Program FilesArcSoft
2010-05-23 22:29:44 —-D—- C:Documents and Settings1Application DataArcSoft
2010-05-23 13:45:26 —-D—- C:Program FilesVirtualDub
2010-05-22 07:17:22 —-D—- C:FlashAudio
2010-05-22 02:09:52 —-A—- C:WINDOWSsystem32xvidvfw.dll
2010-05-22 02:09:50 —-A—- C:WINDOWSsystem32xvidcore.dll
2010-05-21 19:30:43 —-A—- C:WINDOWSsystem32ptpusb.dll
2010-05-21 19:30:41 —-A—- C:WINDOWSsystem32ptpusd.dll======List of files/folders modified in the last 1 months======
2010-06-18 23:34:24 —-D—- C:WINDOWSTemp
2010-06-18 23:32:56 —-SHD—- C:WINDOWSInstaller
2010-06-18 23:32:56 —-HD—- C:Config.Msi
2010-06-18 23:32:56 —-D—- C:WINDOWS
2010-06-18 23:32:51 —-D—- C:WINDOWSsystem32
2010-06-18 23:32:48 —-D—- C:WINDOWSsystem32drivers
2010-06-18 23:31:55 —-A—- C:WINDOWSSchedLgU.Txt
2010-06-18 23:23:14 —-RD—- C:Program FilesCommon Files
2010-06-18 23:22:45 —-D—- C:WINDOWSPrefetch
2010-06-18 22:26:10 —-RD—- C:Program Files
2010-06-18 22:19:02 —-HD—- C:WINDOWSinf
2010-06-18 22:16:09 —-D—- C:WINDOWSsystem32CatRoot2
2010-06-18 21:46:27 —-D—- C:Program FilesMozilla Firefox
2010-06-18 10:50:58 —-D—- C:WINDOWSsystem32config
2010-06-18 10:50:47 —-D—- C:WINDOWSsystem32wbem
2010-06-18 10:50:46 —-D—- C:WINDOWSRegistration
2010-06-17 15:19:41 —-SHD—- C:System Volume Information
2010-06-17 15:19:41 —-D—- C:WINDOWSsystem32Restore
2010-06-16 22:27:02 —-A—- C:WINDOWSNeroDigital.ini
2010-06-14 22:37:40 —-D—- C:Program Filestotalcmd
2010-06-14 22:32:15 —-A—- C:WINDOWSntbtlog.txt
2010-06-11 21:58:01 —-D—- C:Program FilesXilisoft
2010-06-11 21:32:39 —-A—- C:WINDOWSIE4 Error Log.txt
2010-06-11 03:03:28 —-RSHDC—- C:WINDOWSsystem32dllcache
2010-06-11 03:03:23 —-A—- C:WINDOWSimsins.BAK
2010-06-11 03:02:52 —-D—- C:Program FilesInternet Explorer
2010-06-10 23:45:21 —-SD—- C:Documents and Settings1Application DataMicrosoft
2010-06-10 23:22:55 —-D—- C:Documents and SettingsAll UsersApplication Dataxml_param
2010-06-09 16:02:23 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2010-06-09 06:05:14 —-D—- C:WINDOWSsystem32ru-ru
2010-06-09 06:05:13 —-D—- C:WINDOWSHelp
2010-06-09 05:37:35 —-D—- C:WINDOWSDebug
2010-06-09 05:36:08 —-D—- C:WINDOWSMedia
2010-06-07 17:34:17 —-D—- C:Program FilesGoogle
2010-06-07 14:49:05 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2010-06-07 14:46:56 —-SD—- C:WINDOWSTasks
2010-06-07 05:23:41 —-D—- C:Program FilesOutlook Express
2010-06-06 17:45:12 —-D—- C:WINDOWSAppPatch
2010-06-06 17:22:56 —-D—- C:Program FilesMessenger
2010-06-06 17:21:42 —-D—- C:WINDOWSWinSxS
2010-06-05 08:29:19 —-D—- C:Program FilesMovie Maker
2010-06-03 06:38:59 —-D—- C:WINDOWSSoftwareDistribution
2010-06-02 09:47:25 —-D—- C:WINDOWSime
2010-05-30 22:26:33 —-D—- C:Documents and Settings
2010-05-30 17:12:07 —-SH—- C:boot.ini
2010-05-30 17:12:07 —-A—- C:WINDOWSwin.ini
2010-05-30 17:12:07 —-A—- C:WINDOWSsystem.ini
2010-05-30 10:41:14 —-D—- C:Documents and Settings1Application DataYandex
2010-05-27 23:55:50 —-D—- C:Program FilesOpera
2010-05-25 22:58:26 —-HD—- C:Program FilesInstallShield Installation Information
2010-05-23 22:38:47 —-A—- C:WINDOWSsystem32ATL71.DLL
2010-05-23 22:38:40 —-D—- C:Program FilesCommon FilesInstallShield
2010-05-23 22:29:17 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2010-05-22 23:21:51 —-A—- C:WINDOWSsystem32ASPRTMM1.DLL======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-06-09 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-14 14720]
R1 SiSkp;SiSkp; C:WINDOWSsystem32DRIVERSsrvkp.sys [2008-12-03 19072]
R1 uzezmjy3;AVZ-RK Kernel Driver; ??C:WINDOWSsystem32Driversuzezmjy3.sys []
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-06-09 144384]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-14 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2007-03-08 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2007-03-08 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2007-03-08 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-09-19 4617728]
R3 MTsensor;ATK0100 ACPI UTILITY; C:WINDOWSsystem32DRIVERSATKACPI.sys [2007-08-24 5760]
R3 SiS315;SiS315; C:WINDOWSsystem32DRIVERSsisgrp.sys [2008-12-03 324096]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:WINDOWSsystem32DRIVERSSiSGbeXP.sys [2006-12-20 41600]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-14 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-06-09 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-06-09 59520]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-06-09 17152]
R3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
R3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1); C:WINDOWSsystem32driversWsAudio_DeviceS(1).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2); C:WINDOWSsystem32driversWsAudio_DeviceS(2).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3); C:WINDOWSsystem32driversWsAudio_DeviceS(3).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4); C:WINDOWSsystem32driversWsAudio_DeviceS(4).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5); C:WINDOWSsystem32driversWsAudio_DeviceS(5).sys [2009-12-04 25704]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S3 utezmjy3;AVZ Kernel Driver; ??C:WINDOWSsystem32Driversutezmjy3.sys []
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe [2010-03-18 113152]
R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:WINDOWSsystem32svchost.exe [2008-06-09 14336]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-06-09 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-06-09 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
R3 hpqcxs08;hpqcxs08; C:WINDOWSsystem32svchost.exe [2008-06-09 14336]
S2 gupdate;Служба Google Update (gupdate); C:Program FilesGoogleUpdateGoogleUpdate.exe [2010-02-16 135664]
S3 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2010-06-07 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
Malwarebytes’ Anti-Malware 1.46
http://www.malwarebytes.orgВерсия базы данных: 4213
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.1870219.06.2010 0:06:35
mbam-log-2010-06-19 (00-06-35).txtТип сканирования: Полное сканирование (A:|C:|D:|E:|)
Просканированные объекты: 177909
Времени прошло: 28 минут, 15 секундЗараженные процессы в памяти: 0
Зараженные модули в памяти: 0
Зараженные ключи в реестре: 0
Зараженные параметры в реестре: 204
Объекты реестра заражены: 0
Зараженные папки: 0
Зараженные файлы: 0Зараженные процессы в памяти:
(Вредоносных программ не обнаружено)Зараженные модули в памяти:
(Вредоносных программ не обнаружено)Зараженные ключи в реестре:
(Вредоносных программ не обнаружено)Зараженные параметры в реестре:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftoption_1 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftoption_2 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftoption_3 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes128.111.48.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes128.130.56.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes128.130.60.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes139.91.222.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes141.202.248.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes149.101.225.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes150.70.93.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes155.35.248.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes162.40.10.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes165.160.15.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes166.70.98.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes174.120.184.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes174.120.185.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes174.120.186.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes174.133.38.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes18.85.2.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes188.40.74.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes188.93.8.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes192.150.94.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.0.6.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.1.193.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.110.109.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.17.85.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.193.194.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.24.237.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.66.251.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.69.114.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.71.68.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.0.200.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.109.142.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.112.106.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.206.126.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.33.180.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.137.160.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.146.235.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.2.240.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.210.42.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.55.72.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.64.225.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.70.37.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes198.6.49.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes199.203.243.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes203.160.188.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes204.14.90.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes205.178.145.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes205.227.136.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes206.204.52.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.44.154.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.44.254.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.46.18.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.46.20.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.46.232.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.66.0.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes208.43.44.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes208.43.71.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes208.79.250.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.124.55.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.157.69.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.160.22.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.216.46.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.51.167.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.62.112.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.62.68.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.87.209.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes212.47.219.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes212.67.88.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes212.72.62.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes212.8.79.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.133.34.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.171.218.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.198.89.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.220.100.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.31.172.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.10.192.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.12.145.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.239.122.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.246.90.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.49.88.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.49.94.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.55.183.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.99.133.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes217.106.234.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes217.16.16.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes217.170.21.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes217.174.103.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes38.113.1.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.14.249.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.146.210.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.146.66.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.189.194.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.213.110.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.67.184.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.75.163.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.75.216.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes63.85.36.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.128.133.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.13.134.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.202.189.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.246.4.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.41.142.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.41.151.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.66.190.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.78.182.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes65.175.38.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes65.55.184.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes65.55.240.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes66.223.50.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes66.249.17.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes66.77.70.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.134.208.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.15.103.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.15.231.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.19.34.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.192.135.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.225.206.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.227.172.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes68.177.102.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.162.79.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.18.148.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.20.104.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.57.142.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.93.226.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes70.84.211.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.232.246.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.3.254.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.32.125.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.32.149.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.32.70.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.125.77.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.208.158.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.208.20.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.50.0.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.52.233.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.53.201.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.53.70.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.54.130.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.54.139.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.54.46.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.55.40.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.55.74.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.86.125.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.86.232.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.185.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.189.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.212.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.29.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.43.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.82.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes78.108.86.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes78.137.164.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes78.47.87.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes79.125.5.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.153.193.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.190.130.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.190.154.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.237.132.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.86.107.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes81.176.66.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes81.176.67.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes81.177.31.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes81.24.35.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes82.117.238.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes82.151.107.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes82.165.103.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes82.98.86.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.102.130.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.202.175.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.222.23.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.222.31.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.223.117.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes84.40.30.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.12.57.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.17.210.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.214.106.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.255.19.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.31.222.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.106.242.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.106.254.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.230.79.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.238.48.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.242.72.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.242.74.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.242.75.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.242.79.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes88.221.119.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes89.108.66.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes89.111.176.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes89.202.149.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes89.202.157.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes90.156.159.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes90.183.101.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes91.121.97.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes91.199.212.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes91.209.196.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes92.123.155.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes92.53.106.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes93.184.71.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes93.191.13.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes94.23.206.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes94.236.0.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes95.140.225.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.Объекты реестра заражены:
(Вредоносных программ не обнаружено)Зараженные папки:
(Вредоносных программ не обнаружено)Зараженные файлы:
(Вредоносных программ не обнаружено)Сделала, как рекомендуют. Вот результат.
Logfile of random’s system information tool 1.06 (written by random/random)
Run by 1 at 2010-06-18 11:33:18
Microsoft Windows XP Professional Service Pack 3
System drive C: has 20 GB (66%) free of 30 GB
Total RAM: 383 MB (31% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:33:31, on 18.06.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:Program FilesCommon FilesNikonMonitorNkMonitor.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
C:WINDOWSsystem32sistray.exe
C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe
C:Program FilesESETESET NOD32 Antivirusekrn.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32wscntfy.exe
C:Program FilesHPDigital ImagingbinhpqSTE08.exe
C:Program FilesOperaopera.exe
D:Program FilesRSIT.exe
C:Program Filestrend micro1.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
F2 — REG:system.ini: UserInit=C:WINDOWSSYSTEM32Userinit.exe,\?globalrootsystemrootsystem328rCVJ2I.exe,\?globalrootsystemrootsystem32XdssLB6.exe,\?globalrootsystemrootsystem32G4gDwDl.exe,\?globalrootsystemrootsystem32WiO5mkm.exe,
O2 — BHO: HP Print Enhancer — {0347C33E-8762-4905-BF09-768834316C61} — C:Program FilesHPSmart Web Printinghpswp_printenhancer.dll
O2 — BHO: HP Print Clips — {053F9267-DC04-4294-A72C-58F732D338C0} — C:Program FilesHPSmart Web Printinghpswp_framework.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.2.4204.1700swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [RemoteControl] «C:Program FilesCyberLinkPowerDVDPDVDServ.exe»
O4 — HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKLM..Run: [ArcSoft Connection Service] C:Program FilesCommon FilesArcSoftConnection ServiceBinACDaemon.exe
O4 — HKLM..Run: [Nikon Transfer Monitor] C:Program FilesCommon FilesNikonMonitorNkMonitor.exe
O4 — HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [swg] «C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imagingbinhpqtra08.exe
O4 — Global Startup: Utility Tray.lnk = C:WINDOWSsystem32sistray.exe
O4 — Global Startup: Ускоренный запуск Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Google Sidewiki… — res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 — Extra button: Альбом клипов HP — {58ECB495-38F0-49cb-A538-10282ABF65E7} — C:Program FilesHPSmart Web Printinghpswp_extensions.dll
O9 — Extra button: Расширенный выбор HP — {700259D7-1666-479a-93B1-3250410481E8} — C:Program FilesHPSmart Web Printinghpswp_extensions.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{9929AFD7-A871-4379-BB43-3B69CF54309E}: NameServer = 78.36.171.200 212.48.193.36
O23 — Service: ArcSoft Connect Daemon (ACDaemon) — ArcSoft Inc. — C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба Google Update (gupdate) (gupdate) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 8089 bytes======Scheduled tasks folder======
C:WINDOWStasksGoogleUpdateTaskMachineCore.job
C:WINDOWStasksGoogleUpdateTaskMachineUA.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer — C:Program FilesHPSmart Web Printinghpswp_printenhancer.dll [2007-03-02 1298024][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips — C:Program FilesHPSmart Web Printinghpswp_framework.dll [2007-03-02 177768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-06-07 256112][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.2.4204.1700swg.dll [2010-06-07 761840][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll [2010-06-07 458736][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2010-06-07 256112][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2007-09-19 16844800]
«SkyTel»=C:WINDOWSSkyTel.EXE [2007-08-03 1826816]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«SiSPower»=SiSPower.dll,ModeAgent []
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
«RemoteControl»=C:Program FilesCyberLinkPowerDVDPDVDServ.exe [2005-01-12 32768]
«HP Software Update»=C:Program FilesHPHP Software UpdateHPWuSchd2.exe [2007-03-11 49152]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2009-10-07 1461080]
«ArcSoft Connection Service»=C:Program FilesCommon FilesArcSoftConnection ServiceBinACDaemon.exe [2010-03-18 207360]
«Nikon Transfer Monitor»=C:Program FilesCommon FilesNikonMonitorNkMonitor.exe [2009-09-15 479232]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-06-09 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2010-06-07 39408]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
HP Digital Imaging Monitor.lnk — C:Program FilesHPDigital Imagingbinhpqtra08.exe
Utility Tray.lnk — C:WINDOWSsystem32sistray.exe
Ускоренный запуск Adobe Reader.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]
C:WINDOWSsystem32WgaLogon.dll [2009-03-10 265096][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2010-06-18 11:29:56 —-A—- C:Program FilesCommon Fileskeylog.txt
2010-06-17 05:39:28 —-A—- C:WINDOWSsystem324VEq2VM.exe
2010-06-17 05:38:33 —-A—- C:WINDOWSsystem32WiO5mkm.exe
2010-06-17 05:38:06 —-A—- C:WINDOWSsystem32G4gDwDl.exe
2010-06-16 00:05:15 —-A—- C:WINDOWSsystem32apexchanger.exe
2010-06-16 00:03:15 —-D—- C:Program FilesApex Video Converter Pro
2010-06-16 00:03:15 —-D—- C:Apex
2010-06-15 23:19:45 —-D—- C:Program FilesCommon FilesAVSMedia
2010-06-15 23:19:24 —-A—- C:WINDOWSsystem32msxml3a.dll
2010-06-15 21:50:17 —-D—- C:Program Filesmp3DirectCut
2010-06-11 21:35:23 —-D—- C:Documents and Settings1Application DataXilisoft Corporation
2010-06-11 03:03:26 —-HDC—- C:WINDOWS$NtUninstallKB980218$
2010-06-11 03:03:14 —-HDC—- C:WINDOWS$NtUninstallKB980195$
2010-06-11 03:03:08 —-HDC—- C:WINDOWS$NtUninstallKB979559$
2010-06-11 03:01:07 —-HDC—- C:WINDOWS$NtUninstallKB978695_WM9$
2010-06-11 03:00:56 —-HDC—- C:WINDOWS$NtUninstallKB979482$
2010-06-11 03:00:50 —-HDC—- C:WINDOWS$NtUninstallKB975562$
2010-06-11 03:00:36 —-D—- C:WINDOWSie8updates
2010-06-10 21:27:16 —-D—- C:Movavi files
2010-06-10 20:37:42 —-D—- C:Program FilesMovavi Видео Конвертер 8
2010-06-10 12:17:09 —-D—- C:Documents and Settings1Application DataMOVAVI
2010-06-09 06:22:05 —-HDC—- C:WINDOWS$NtUninstallKB970430$
2010-06-09 06:21:38 —-HDC—- C:WINDOWS$NtUninstallKB971737$
2010-06-09 05:37:34 —-A—- C:WINDOWSsystem32MRT.exe
2010-06-09 05:36:18 —-D—- C:WINDOWSWBEM
2010-06-09 05:33:27 —-HDC—- C:WINDOWSie8
2010-06-07 14:46:32 —-D—- C:Documents and SettingsAll UsersApplication DataWindows Genuine Advantage
2010-06-07 05:31:38 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2010-06-07 05:31:31 —-HDC—- C:WINDOWS$NtUninstallKB959426$
2010-06-07 05:31:18 —-HDC—- C:WINDOWS$NtUninstallKB960859$
2010-06-07 05:31:00 —-HDC—- C:WINDOWS$NtUninstallKB974318$
2010-06-07 05:30:52 —-HDC—- C:WINDOWS$NtUninstallKB951978$
2010-06-07 05:30:44 —-HDC—- C:WINDOWS$NtUninstallKB969059$
2010-06-07 05:30:37 —-HDC—- C:WINDOWS$NtUninstallKB981349$
2010-06-07 05:30:27 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2010-06-07 05:30:21 —-HDC—- C:WINDOWS$NtUninstallKB975713$
2010-06-07 05:30:14 —-HDC—- C:WINDOWS$NtUninstallKB971657$
2010-06-07 05:30:05 —-HDC—- C:WINDOWS$NtUninstallKB978338$
2010-06-07 05:29:58 —-HDC—- C:WINDOWS$NtUninstallKB974112$
2010-06-07 05:29:52 —-HDC—- C:WINDOWS$NtUninstallKB961501$
2010-06-07 05:29:45 —-HDC—- C:WINDOWS$NtUninstallKB975025$
2010-06-07 05:29:29 —-HDC—- C:WINDOWS$NtUninstallKB952004$
2010-06-07 05:29:22 —-HDC—- C:WINDOWS$NtUninstallKB974571$
2010-06-07 05:29:15 —-HDC—- C:WINDOWS$NtUninstallKB975560$
2010-06-07 05:29:04 —-HDC—- C:WINDOWS$NtUninstallKB973507$
2010-06-07 05:28:57 —-HDC—- C:WINDOWS$NtUninstallKB977816$
2010-06-07 05:28:23 —-HDC—- C:WINDOWS$NtUninstallKB980182$
2010-06-07 05:27:27 —-HDC—- C:WINDOWS$NtUninstallKB974392$
2010-06-07 05:25:35 —-HDC—- C:WINDOWS$NtUninstallKB977914$
2010-06-07 05:23:54 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2010-06-07 05:23:37 —-HDC—- C:WINDOWS$NtUninstallKB978542$
2010-06-07 05:23:24 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2010-06-07 05:22:52 —-HDC—- C:WINDOWS$NtUninstallKB975467$
2010-06-07 05:21:39 —-HDC—- C:WINDOWS$NtUninstallKB968389$
2010-06-06 18:19:24 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle
2010-06-06 18:14:16 —-A—- C:WINDOWSavisplitter.ini
2010-06-06 18:13:55 —-A—- C:WINDOWSsystem32yv12vfw.dll
2010-06-06 18:13:40 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
2010-06-06 18:13:40 —-A—- C:WINDOWSsystem32ff_vfw.dll
2010-06-06 18:13:31 —-D—- C:Program FilesK-Lite Codec Pack
2010-06-06 17:23:28 —-HDC—- C:WINDOWS$NtUninstallKB978262$
2010-06-06 17:23:11 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2010-06-06 17:22:54 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2010-06-06 17:22:37 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2010-06-06 17:22:20 —-HDC—- C:WINDOWS$NtUninstallKB971468$
2010-06-06 17:21:59 —-HDC—- C:WINDOWS$NtUninstallKB979683$
2010-06-06 17:21:42 —-HDC—- C:WINDOWS$NtUninstallKB958869$
2010-06-06 17:21:25 —-HDC—- C:WINDOWS$NtUninstallKB980232$
2010-06-06 17:21:04 —-HDC—- C:WINDOWS$NtUninstallKB955759$
2010-06-06 17:20:46 —-HDC—- C:WINDOWS$NtUninstallKB968816_WM9$
2010-06-06 17:20:30 —-HDC—- C:WINDOWS$NtUninstallKB978037$
2010-06-06 17:20:13 —-HDC—- C:WINDOWS$NtUninstallKB954155_WM9$
2010-06-06 17:19:57 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2010-06-06 17:19:28 —-HDC—- C:WINDOWS$NtUninstallKB956572$
2010-06-06 17:19:08 —-HDC—- C:WINDOWS$NtUninstallKB956844$
2010-06-06 17:18:48 —-HDC—- C:WINDOWS$NtUninstallKB973904$
2010-06-06 17:18:25 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2010-06-06 17:18:06 —-HDC—- C:WINDOWS$NtUninstallKB970238$
2010-06-06 17:17:45 —-HDC—- C:WINDOWS$NtUninstallKB978706$
2010-06-06 17:17:23 —-HDC—- C:WINDOWS$NtUninstallKB960803$
2010-06-06 17:17:06 —-HDC—- C:WINDOWS$NtUninstallKB973815$
2010-06-06 17:16:42 —-HDC—- C:WINDOWS$NtUninstallKB969947$
2010-06-06 16:22:49 —-D—- C:FlashVideos
2010-06-06 08:15:39 —-HDC—- C:WINDOWS$NtUninstallKB972270$
2010-06-06 08:15:31 —-HDC—- C:WINDOWS$NtUninstallKB956744$
2010-06-06 08:15:20 —-HDC—- C:WINDOWS$NtUninstallKB973869$
2010-06-06 08:15:07 —-HDC—- C:WINDOWS$NtUninstallKB941569$
2010-06-06 08:14:28 —-HDC—- C:WINDOWS$NtUninstallKB973687$
2010-06-06 08:14:19 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2010-06-06 08:14:09 —-HDC—- C:WINDOWS$NtUninstallKB981793$
2010-06-06 08:13:59 —-HDC—- C:WINDOWS$NtUninstallKB978601$
2010-06-06 08:13:52 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2010-06-06 08:13:36 —-HDC—- C:WINDOWS$NtUninstallKB973540_WM9$
2010-06-06 08:13:30 —-HDC—- C:WINDOWS$NtUninstallKB950760$
2010-06-06 08:13:22 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2010-06-06 08:13:13 —-HDC—- C:WINDOWS$NtUninstallKB979309$
2010-06-06 08:13:05 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2010-06-06 08:12:23 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2010-06-06 08:11:51 —-D—- C:Program FilesMSXML 4.0
2010-06-06 08:11:31 —-HDC—- C:WINDOWS$NtUninstallKB923561$
2010-06-06 08:10:52 —-HDC—- C:WINDOWS$NtUninstallKB971961$
2010-06-05 08:29:12 —-HDC—- C:WINDOWS$NtUninstallKB975561$
2010-06-04 23:32:50 —-D—- C:WINDOWSsystem32PreInstall
2010-06-04 23:32:48 —-N—- C:WINDOWSsystem32spmsg.dll
2010-06-04 23:32:47 —-A—- C:WINDOWSsystem32spupdsvc.exe
2010-06-04 23:32:45 —-HDC—- C:WINDOWS$NtUninstallKB898461$
2010-06-04 23:32:45 —-HD—- C:WINDOWS$hf_mig$
2010-06-04 22:08:19 —-D—- C:WINDOWSMinidump
2010-06-03 06:38:42 —-D—- C:WINDOWSsystem32SoftwareDistribution
2010-06-02 09:08:50 —-D—- C:Documents and Settings1Application DataMalwarebytes
2010-06-02 09:08:31 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2010-05-31 01:31:49 —-D—- C:Program Filestrend micro
2010-05-31 01:31:47 —-D—- C:rsit
2010-05-31 00:45:58 —-D—- C:WINDOWSsystem32appmgmt
2010-05-30 22:15:10 —-A—- C:SAFEBOOT_REPAIR.TXT
2010-05-30 17:10:58 —-D—- C:Documents and Settings1Application DataHelp
2010-05-27 23:55:59 —-D—- C:Program FilesQuickTime
2010-05-27 22:58:36 —-D—- C:32788R22FWJFW(2)
2010-05-27 22:35:36 —-D—- C:WINDOWSpss
2010-05-26 21:00:24 —-D—- C:Program FilesCommon FilesSysAware Soft
2010-05-23 23:05:18 —-A—- C:WINDOWSViewNX.INI
2010-05-23 22:52:06 —-D—- C:Documents and Settings1Application DataApple Computer
2010-05-23 22:46:32 —-D—- C:Documents and Settings1Application DataNikon
2010-05-23 22:41:49 —-D—- C:Documents and SettingsAll UsersApplication DataSync Schema
2010-05-23 22:40:45 —-D—- C:Program FilesCommon Filesmuvee Technologies
2010-05-23 22:40:32 —-D—- C:Program FilesCommon FilesNikon
2010-05-23 22:40:32 —-D—- C:Documents and SettingsAll UsersApplication DataNikon
2010-05-23 22:40:24 —-D—- C:Program FilesNikon
2010-05-23 22:38:54 —-D—- C:Documents and SettingsAll UsersApplication DataUltima_T15
2010-05-23 22:38:54 —-D—- C:Documents and SettingsAll UsersApplication DataSpeech Enhancer
2010-05-23 22:38:54 —-D—- C:Documents and SettingsAll UsersApplication DataEnterNHelp
2010-05-23 22:34:11 —-HD—- C:Documents and SettingsAll UsersApplication DataArcSoft
2010-05-23 22:32:59 —-D—- C:Program FilesCommon FilesArcSoft
2010-05-23 22:32:59 —-D—- C:Program FilesArcSoft
2010-05-23 22:29:44 —-D—- C:Documents and Settings1Application DataArcSoft
2010-05-23 13:45:26 —-D—- C:Program FilesVirtualDub
2010-05-22 07:17:22 —-D—- C:FlashAudio
2010-05-22 02:09:52 —-A—- C:WINDOWSsystem32xvidvfw.dll
2010-05-22 02:09:50 —-A—- C:WINDOWSsystem32xvidcore.dll
2010-05-21 19:30:43 —-A—- C:WINDOWSsystem32ptpusb.dll
2010-05-21 19:30:41 —-A—- C:WINDOWSsystem32ptpusd.dll======List of files/folders modified in the last 1 months======
2010-06-18 11:29:56 —-RD—- C:Program FilesCommon Files
2010-06-18 11:28:22 —-D—- C:WINDOWSTemp
2010-06-18 11:26:50 —-D—- C:WINDOWSsystem32drivers
2010-06-18 11:26:50 —-D—- C:WINDOWSPrefetch
2010-06-18 11:26:10 —-A—- C:WINDOWSSchedLgU.Txt
2010-06-18 11:12:00 —-D—- C:WINDOWSsystem32CatRoot2
2010-06-18 10:50:58 —-D—- C:WINDOWSsystem32config
2010-06-18 10:50:47 —-D—- C:WINDOWSsystem32wbem
2010-06-18 10:50:46 —-D—- C:WINDOWSRegistration
2010-06-18 10:50:35 —-D—- C:WINDOWS
2010-06-18 10:50:31 —-HD—- C:Config.Msi
2010-06-18 10:50:30 —-SHD—- C:WINDOWSInstaller
2010-06-18 09:27:57 —-D—- C:WINDOWSsystem32
2010-06-17 22:47:49 —-D—- C:Program FilesMozilla Firefox
2010-06-17 15:19:41 —-SHD—- C:System Volume Information
2010-06-17 15:19:41 —-D—- C:WINDOWSsystem32Restore
2010-06-16 22:27:02 —-A—- C:WINDOWSNeroDigital.ini
2010-06-16 00:03:15 —-RD—- C:Program Files
2010-06-14 22:37:40 —-D—- C:Program Filestotalcmd
2010-06-14 22:32:15 —-A—- C:WINDOWSntbtlog.txt
2010-06-11 21:58:01 —-D—- C:Program FilesXilisoft
2010-06-11 21:32:39 —-A—- C:WINDOWSIE4 Error Log.txt
2010-06-11 03:03:29 —-HD—- C:WINDOWSinf
2010-06-11 03:03:28 —-RSHDC—- C:WINDOWSsystem32dllcache
2010-06-11 03:03:23 —-A—- C:WINDOWSimsins.BAK
2010-06-11 03:02:52 —-D—- C:Program FilesInternet Explorer
2010-06-10 23:45:21 —-SD—- C:Documents and Settings1Application DataMicrosoft
2010-06-10 23:22:55 —-D—- C:Documents and SettingsAll UsersApplication Dataxml_param
2010-06-09 16:02:23 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2010-06-09 06:05:14 —-D—- C:WINDOWSsystem32ru-ru
2010-06-09 06:05:13 —-D—- C:WINDOWSHelp
2010-06-09 05:37:35 —-D—- C:WINDOWSDebug
2010-06-09 05:36:08 —-D—- C:WINDOWSMedia
2010-06-07 17:34:17 —-D—- C:Program FilesGoogle
2010-06-07 14:49:05 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2010-06-07 14:46:56 —-SD—- C:WINDOWSTasks
2010-06-07 05:23:41 —-D—- C:Program FilesOutlook Express
2010-06-06 17:45:12 —-D—- C:WINDOWSAppPatch
2010-06-06 17:22:56 —-D—- C:Program FilesMessenger
2010-06-06 17:21:42 —-D—- C:WINDOWSWinSxS
2010-06-05 08:29:19 —-D—- C:Program FilesMovie Maker
2010-06-03 06:38:59 —-D—- C:WINDOWSSoftwareDistribution
2010-06-02 09:47:25 —-D—- C:WINDOWSime
2010-05-30 22:26:33 —-D—- C:Documents and Settings
2010-05-30 17:12:07 —-SH—- C:boot.ini
2010-05-30 17:12:07 —-A—- C:WINDOWSwin.ini
2010-05-30 17:12:07 —-A—- C:WINDOWSsystem.ini
2010-05-30 10:41:14 —-D—- C:Documents and Settings1Application DataYandex
2010-05-27 23:55:50 —-D—- C:Program FilesOpera
2010-05-25 22:58:26 —-HD—- C:Program FilesInstallShield Installation Information
2010-05-23 22:38:47 —-A—- C:WINDOWSsystem32ATL71.DLL
2010-05-23 22:38:40 —-D—- C:Program FilesCommon FilesInstallShield
2010-05-23 22:29:17 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2010-05-22 23:21:51 —-A—- C:WINDOWSsystem32ASPRTMM1.DLL======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:WINDOWSsystem32DRIVERSeasdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2009-10-07 35168]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-06-09 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-14 14720]
R1 SiSkp;SiSkp; C:WINDOWSsystem32DRIVERSsrvkp.sys [2008-12-03 19072]
R1 uzezmjy3;AVZ-RK Kernel Driver; ??C:WINDOWSsystem32Driversuzezmjy3.sys []
R2 eamon;EAMON; C:WINDOWSsystem32DRIVERSeamon.sys [2009-10-07 40824]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-06-09 144384]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-14 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2007-03-08 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2007-03-08 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2007-03-08 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-09-19 4617728]
R3 MTsensor;ATK0100 ACPI UTILITY; C:WINDOWSsystem32DRIVERSATKACPI.sys [2007-08-24 5760]
R3 SiS315;SiS315; C:WINDOWSsystem32DRIVERSsisgrp.sys [2008-12-03 324096]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:WINDOWSsystem32DRIVERSSiSGbeXP.sys [2006-12-20 41600]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-14 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-06-09 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-06-09 59520]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-06-09 17152]
R3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
R3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1); C:WINDOWSsystem32driversWsAudio_DeviceS(1).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2); C:WINDOWSsystem32driversWsAudio_DeviceS(2).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3); C:WINDOWSsystem32driversWsAudio_DeviceS(3).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4); C:WINDOWSsystem32driversWsAudio_DeviceS(4).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5); C:WINDOWSsystem32driversWsAudio_DeviceS(5).sys [2009-12-04 25704]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S3 utezmjy3;AVZ Kernel Driver; ??C:WINDOWSsystem32Driversutezmjy3.sys []
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe [2010-03-18 113152]
R2 ekrn;Eset Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2009-10-07 472280]
R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:WINDOWSsystem32svchost.exe [2008-06-09 14336]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-06-09 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-06-09 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
R3 hpqcxs08;hpqcxs08; C:WINDOWSsystem32svchost.exe [2008-06-09 14336]
S2 gupdate;Служба Google Update (gupdate); C:Program FilesGoogleUpdateGoogleUpdate.exe [2010-02-16 135664]
S3 EhttpSrv;Eset HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2009-10-07 20680]
S3 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2010-06-07 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
Спасибо большое. Флешку отформатировала. Получилось не с первого раза. А то, что в компьютер вирус занесла — это точно. С помощью вашего форума и лечу. Спасибо.
Malwarebytes’ Anti-Malware 1.46
http://www.malwarebytes.orgВерсия базы данных: 4162
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.551202.06.2010 9:42:52
mbam-log-2010-06-02 (09-42-52).txtТип сканирования: Полное сканирование (A:|C:|D:|E:|)
Просканированные объекты: 169750
Времени прошло: 22 минут, 25 секундЗараженные процессы в памяти: 0
Зараженные модули в памяти: 0
Зараженные ключи в реестре: 0
Зараженные параметры в реестре: 203
Объекты реестра заражены: 2
Зараженные папки: 0
Зараженные файлы: 3Зараженные процессы в памяти:
(Вредоносных программ не обнаружено)Зараженные модули в памяти:
(Вредоносных программ не обнаружено)Зараженные ключи в реестре:
(Вредоносных программ не обнаружено)Зараженные параметры в реестре:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftoption_1 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftoption_2 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftoption_3 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes128.111.48.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes128.130.56.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes128.130.60.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes139.91.222.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes141.202.248.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes149.101.225.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes150.70.93.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes155.35.248.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes162.40.10.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes165.160.15.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes166.70.98.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes174.120.184.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes174.120.185.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes174.120.186.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes174.133.38.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes18.85.2.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes188.40.74.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes188.93.8.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes192.150.94.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.0.6.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.1.193.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.110.109.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.17.85.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.193.194.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.24.237.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.66.251.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.69.114.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes193.71.68.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.0.200.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.109.142.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.112.106.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.206.126.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes194.33.180.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.137.160.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.146.235.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.2.240.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.210.42.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.55.72.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.64.225.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes195.70.37.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes198.6.49.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes199.203.243.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes203.160.188.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes204.14.90.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes205.178.145.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes205.227.136.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes206.204.52.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.44.154.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.44.254.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.46.18.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.46.20.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.46.232.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes207.66.0.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes208.43.44.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes208.43.71.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes208.79.250.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.124.55.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.157.69.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.160.22.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.216.46.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.51.167.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.62.112.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.62.68.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes209.87.209.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes212.47.219.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes212.67.88.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes212.72.62.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes212.8.79.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.133.34.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.171.218.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.198.89.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.220.100.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes213.31.172.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.10.192.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.12.145.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.239.122.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.246.90.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.49.88.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.49.94.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.55.183.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes216.99.133.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes217.106.234.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes217.16.16.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes217.170.21.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes217.174.103.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes38.113.1.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.14.249.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.146.210.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.146.66.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.189.194.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.213.110.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.75.163.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes62.75.216.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes63.85.36.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.128.133.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.13.134.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.202.189.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.246.4.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.41.142.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.41.151.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.66.190.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes64.78.182.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes65.175.38.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes65.55.184.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes65.55.240.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes66.223.50.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes66.249.17.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes66.77.70.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.134.208.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.15.103.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.15.231.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.19.34.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.192.135.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.225.206.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes67.227.172.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes68.177.102.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.162.79.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.18.148.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.20.104.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.57.142.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes69.93.226.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes70.84.211.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.232.246.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.3.254.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.32.125.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.32.149.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes72.32.70.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.125.77.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.208.158.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.208.20.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.50.0.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.52.233.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.53.201.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.53.70.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.54.130.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.54.139.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.54.46.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.55.40.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.55.74.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.86.125.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes74.86.232.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.185.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.189.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.212.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.29.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.43.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes75.125.82.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes78.108.86.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes78.137.164.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes78.47.87.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes79.125.5.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.153.193.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.190.130.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.190.154.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.237.132.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes80.86.107.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes81.176.66.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes81.176.67.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes81.177.31.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes81.24.35.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes82.117.238.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes82.151.107.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes82.165.103.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes82.98.86.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.102.130.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.202.175.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.222.23.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.222.31.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes83.223.117.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes84.40.30.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.12.57.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.17.210.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.214.106.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.255.19.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes85.31.222.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.106.242.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.106.254.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.230.79.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.238.48.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.242.72.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.242.74.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.242.75.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes87.242.79.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes88.221.119.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes89.108.66.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes89.111.176.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes89.202.149.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes89.202.157.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes90.156.159.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes90.183.101.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes91.121.97.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes91.199.212.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes91.209.196.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes92.123.155.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes92.53.106.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes93.184.71.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes93.191.13.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes94.23.206.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes94.236.0.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersPersistentRoutes95.140.225.0,255.255.255.0,192.168.1.0,1 (TCPRoute.Hijack) -> Quarantined and deleted successfully.Объекты реестра заражены:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterAntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterUpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.Зараженные папки:
(Вредоносных программ не обнаружено)Зараженные файлы:
C:WINDOWSsystem32oobeAntiWPA_Crypt.dll (Hacktool) -> Quarantined and deleted successfully.
D:Program FilesMalwarebytes.Anti-Malware.1.46_rusMalwarebytes.Anti-Malware.1.46 ruskeygenFFF-MBAM145.exe (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
C:Program FilesCommon Fileskeylog.txt (Malware.Trace) -> Quarantined and deleted successfully.
