Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: OTL-LOG vom Verschlüsselungs-Trojaner-Patienten

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 11.06.2012, 17:44   #1
Station-MIR
 
OTL-LOG vom Verschlüsselungs-Trojaner-Patienten - Standard

OTL-LOG vom Verschlüsselungs-Trojaner-Patienten



Hallo Trojaner-Boarder

Ein Freund von mir hat sich den Verschlüsselungs-Trojaner dummerweise eingefangen. Auf der Suche nach Abhilfe bin ich auf Euer tolles Forum gestoßen und bereits viele Themen durchstöbert. Bin so weit gekommen, dass ich den OTL-Log erstellt habe kann aber ohne Eure Hilfe den Fix nicht erstellen.

Bitte erstellt für mich den Fix, mit dem ich dann den Virus erledigen kann... Was dann alles noch verschlüsselt bleibt, muss ich dann schauen.

Riesen-Dank schon mal vorab für Eure Hilfe!!!

Grüße
Max

Code:
ATTFilter
08OTL logfile created on: 6/10/2012 10:25:34 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 195.31 Gb Total Space | 100.47 Gb Free Space | 51.44% Space Free | Partition Type: NTFS
Drive D: | 270.44 Gb Total Space | 245.28 Gb Free Space | 90.69% Space Free | Partition Type: NTFS
Drive F: | 3.77 Gb Total Space | 3.77 Gb Free Space | 99.99% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012/05/06 06:09:17 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/02 14:28:47 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/18 12:04:24 | 001,790,016 | ---- | M] () [Auto] -- C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe -- (Guard.Mail.ru)
SRV - [2012/02/29 02:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/04/22 08:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/09/06 13:56:38 | 000,247,096 | ---- | M] () [Auto] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009/10/07 04:21:14 | 000,020,680 | ---- | M] (ESET) [On_Demand] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/10/07 04:16:50 | 000,472,280 | ---- | M] (ESET) [Auto] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/02/09 07:25:55 | 000,111,104 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009/02/09 07:25:55 | 000,111,104 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2009/02/09 06:54:17 | 000,687,616 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi) Расширения драйверов WMI (Windows Management Instrumentation)
SRV - [2008/12/16 15:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/10/20 14:54:01 | 000,483,840 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/10/20 14:02:12 | 000,175,616 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008/10/20 14:01:49 | 000,247,296 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Служба сетевого расположения (NLA)
SRV - [2008/10/20 14:01:40 | 000,330,752 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) Брандмауэр Windows/Общий доступ к Интернету (ICS)
SRV - [2008/04/15 08:00:00 | 000,409,088 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\qmgr.dll -- (BITS) Фоновая интеллектуальная служба передачи (BITS)
SRV - [2008/04/15 08:00:00 | 000,333,824 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Служба загрузки изображений (WIA)
SRV - [2008/04/15 08:00:00 | 000,295,936 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/15 08:00:00 | 000,249,856 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/15 08:00:00 | 000,198,144 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/15 08:00:00 | 000,193,024 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/15 08:00:00 | 000,186,368 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008/04/15 08:00:00 | 000,171,008 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/15 08:00:00 | 000,171,008 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2008/04/15 08:00:00 | 000,150,528 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/15 08:00:00 | 000,145,408 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/15 08:00:00 | 000,141,824 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008/04/15 08:00:00 | 000,135,680 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/15 08:00:00 | 000,135,680 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/15 08:00:00 | 000,135,680 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/15 08:00:00 | 000,126,464 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008/04/15 08:00:00 | 000,126,464 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/15 08:00:00 | 000,096,768 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008/04/15 08:00:00 | 000,091,648 | ---- | M] (Корпорация Майкрософт) [On_Demand] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/15 08:00:00 | 000,045,568 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/04/15 08:00:00 | 000,024,064 | ---- | M] (Корпорация Майкрософт) [Auto] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [File_System | On_Demand] --  -- (StarOpen)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2009/10/07 04:18:36 | 000,035,168 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009/10/07 04:12:22 | 000,054,184 | ---- | M] (ESET) [Kernel | System] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2009/10/07 04:11:10 | 000,040,824 | ---- | M] (ESET) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008/12/17 02:02:08 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/12/17 02:01:44 | 006,364,440 | R--- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam S7500(UVC)
DRV - [2008/12/17 02:01:22 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/12/17 02:00:14 | 000,768,024 | R--- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/12/16 15:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/11/15 13:39:55 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008/11/15 11:18:06 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008/10/20 14:54:01 | 000,080,128 | ---- | M] (Корпорация Майкрософт) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/10/20 14:54:01 | 000,030,208 | ---- | M] (Корпорация Майкрософт) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/10/20 14:54:01 | 000,023,296 | ---- | M] (Корпорация Майкрософт) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/10/20 14:53:14 | 000,012,160 | ---- | M] (Корпорация Майкрософт) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2008/10/20 14:02:11 | 000,225,856 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) Драйвер протокола IPv6 (Microsoft)
DRV - [2008/07/28 12:19:28 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/04/15 08:00:00 | 000,188,288 | ---- | M] (Корпорация Майкрософт) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/15 08:00:00 | 000,125,440 | ---- | M] (Корпорация Майкрософт) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2008/04/15 08:00:00 | 000,120,192 | ---- | M] (Корпорация Майкрософт) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/15 08:00:00 | 000,073,472 | ---- | M] (Корпорация Майкрософт) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (Sr)
DRV - [2008/04/15 08:00:00 | 000,068,480 | ---- | M] (Корпорация Майкрософт) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/15 08:00:00 | 000,065,024 | ---- | M] (Корпорация Майкрософт) [Kernel | System] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008/04/15 08:00:00 | 000,053,120 | ---- | M] (Корпорация Майкрософт) [Kernel | System] -- C:\WINDOWS\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/15 08:00:00 | 000,044,544 | ---- | M] (Корпорация Майкрософт) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/15 08:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/15 08:00:00 | 000,037,504 | ---- | M] (Корпорация Майкрософт) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/15 08:00:00 | 000,024,832 | ---- | M] (Корпорация Майкрософт) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/15 08:00:00 | 000,014,720 | ---- | M] (Корпорация Майкрософт) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008/04/15 08:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/15 08:00:00 | 000,011,776 | ---- | M] (Корпорация Майкрософт) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2008/04/15 08:00:00 | 000,006,912 | ---- | M] (Корпорация Майкрософт) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2008/04/15 08:00:00 | 000,003,328 | ---- | M] (Корпорация Майкрософт) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2008/04/14 13:11:48 | 000,058,368 | ---- | M] (Корпорация Майкрософт) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2007/09/05 05:31:30 | 004,611,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/28 05:46:42 | 000,020,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007/06/28 05:46:40 | 000,045,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/06/18 16:38:16 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2001/08/17 11:53:32 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\qv2kux.sys -- (QV2KUX)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/04 17:27:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/02 14:28:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/12 10:50:57 | 000,000,000 | ---D | M]
 
[2012/02/18 03:31:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/07/15 04:56:14 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009/08/21 12:24:54 | 000,000,000 | ---D | M] (pdfforge Toolbar Plugin) -- C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[2009/08/21 12:24:54 | 000,000,000 | ---D | M] (Search Settings Plugin) -- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
[2012/05/02 14:28:47 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/02/17 14:52:15 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/12 05:19:39 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/02/12 05:19:39 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/12 05:19:39 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/02/12 05:19:39 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/02/12 05:19:39 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/02/12 05:19:39 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011/12/19 12:22:41 | 000,000,998 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1       adobeereg.com
O1 - Hosts: 127.0.0.1       www.adobeereg.com
O1 - Hosts: 127.0.0.1       activate.adobe.com
O1 - Hosts: 127.0.0.1       activate-sea.adobe.com
O1 - Hosts: 127.0.0.1       activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1       wwis-dubc1-vip60.adobe.com
O2 - BHO: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (MailRuBHO Class) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll (@Mail.Ru)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (GreenTree Applications, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Спутник@Mail.Ru) - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\Program Files\Mail.Ru\Sputnik\MailRuSputnik.dll (@Mail.Ru)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe ()
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [MAgent] C:\Program Files\Mail.Ru\Agent\MAgent.exe (Mail.Ru)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe (GreenTree Applications, Inc.)
O4 - HKU\.DEFAULT..\Run: [VistaIcon] C:\Program Files\VistaDriveIcon\VistaDrv.exe ()
O4 - HKU\LocalService_ON_C..\Run: [VistaIcon] C:\Program Files\VistaDriveIcon\VistaDrv.exe ()
O4 - HKU\NetworkService_ON_C..\Run: [VistaIcon] C:\Program Files\VistaDriveIcon\VistaDrv.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [IE7_011]  File not found
O4 - HKU\LocalService_ON_C..\RunOnce: [IE7_011]  File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [IE7_011]  File not found
O4 - Startup: C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\Microsoft Office.lnk =  File not found
O4 - Startup: C:\Documents and Settings\Администратор\Главное меню\Программы\Автозагрузка\MagicDisc.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideRunAsVerb = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe (Mail.Ru)
O9 - Extra 'Tools' menuitem : Mail.Ru Агент - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe (Mail.Ru)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Корпорация Майкрософт)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Корпорация Майкрософт)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Корпорация Майкрософт)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Корпорация Майкрософт)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Корпорация Майкрософт)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Корпорация Майкрософт)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Корпорация Майкрософт)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Корпорация Майкрософт)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Корпорация Майкрософт)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Корпорация Майкрософт)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Корпорация Майкрософт)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Корпорация Майкрософт)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Корпорация Майкрософт)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Корпорация Майкрософт)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Предзагрузчик Browseui - C:\WINDOWS\system32\browseui.dll (Корпорация Майкрософт)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Демон кэша категорий компонентов - C:\WINDOWS\system32\browseui.dll (Корпорация Майкрософт)
O27 - HKLM IFEO\msconfig.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\regedit.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Корпорация Майкрософт)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Корпорация Майкрософт)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/11/15 11:17:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/06/10 22:18:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\LocalService\Recent
[2012/06/10 22:17:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2004/11/24 15:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/06/10 13:58:15 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/10 13:37:58 | 000,193,866 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/06/10 13:37:56 | 000,000,952 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/10 13:37:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/10 13:37:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2012/06/10 13:37:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2012/06/10 13:32:16 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/08 09:02:07 | 000,000,956 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/21 14:02:01 | 000,139,448 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012/05/21 14:01:51 | 000,282,472 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2012/05/21 13:57:27 | 000,271,200 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/06/01 14:53:04 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{701ACAF9-F102-47c2-8907-36246F4DFB51}
[2009/10/05 12:55:46 | 000,081,110 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/04/17 09:46:01 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/04/17 09:46:01 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/04/17 09:45:48 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08b.dat
[2009/04/17 09:42:23 | 000,031,664 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/04/08 12:32:23 | 000,074,547 | ---- | C] () -- C:\WINDOWS\Uninstal.exe
[2009/03/08 10:25:15 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/03/08 10:25:15 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/03/08 10:25:15 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/03/08 10:23:06 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/03/01 16:21:01 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008/12/19 11:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/17 13:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/17 13:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/17 13:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/17 13:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/17 12:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/12/16 15:58:54 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/12/16 15:50:56 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLgFT.dll
[2008/12/11 14:25:59 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT
[2008/12/11 14:18:58 | 000,000,415 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/15 16:19:05 | 000,139,448 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/11/15 16:18:37 | 000,282,472 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008/11/15 16:18:36 | 000,076,888 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008/11/15 14:38:08 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/11/15 14:34:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/11/15 14:19:12 | 000,005,709 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Config.nt.bak
[2008/11/15 14:19:12 | 000,003,289 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Autoexec.nt.bak
[2008/11/15 14:19:11 | 000,000,998 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\hosts.bak
[2008/11/15 14:12:03 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/11/15 14:12:03 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/11/15 14:12:03 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/11/15 14:12:03 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/11/15 14:12:03 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/11/15 14:12:03 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/11/15 14:12:03 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/11/15 14:12:03 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/11/15 14:12:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvwrsru.dll
[2008/11/15 14:12:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvrsru.dll
[2008/11/15 14:11:48 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2008/11/15 14:10:37 | 000,004,512 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/11/15 14:07:38 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/11/15 14:07:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvwssr.dll
[2008/11/15 14:07:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvvitvsr.dll
[2008/11/15 14:07:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvmoblsr.dll
[2008/11/15 14:07:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvmccssr.dll
[2008/11/15 14:07:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvgamesr.dll
[2008/11/15 14:04:56 | 000,116,560 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/11/15 13:38:33 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/11/15 13:29:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/11/15 13:29:42 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/11/15 11:19:49 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/11/15 11:18:04 | 000,000,749 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/11/15 11:17:20 | 000,271,264 | ---- | C] () -- C:\WINDOWS\System32\vbrun100.dll
[2008/11/15 11:17:20 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll
[2008/11/15 11:17:20 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2008/11/15 11:15:40 | 000,022,564 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/06/11 04:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/06/11 04:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/06/11 04:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/06/11 04:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/06/11 04:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/06/11 04:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/06/11 04:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/06/11 04:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/06/11 04:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/06/05 03:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/04/15 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/15 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/15 08:00:00 | 000,430,608 | ---- | C] () -- C:\WINDOWS\System32\perfh019.dat
[2008/04/15 08:00:00 | 000,388,268 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/15 08:00:00 | 000,305,414 | ---- | C] () -- C:\WINDOWS\System32\perfi019.dat
[2008/04/15 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/15 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/15 08:00:00 | 000,069,802 | ---- | C] () -- C:\WINDOWS\System32\perfc019.dat
[2008/04/15 08:00:00 | 000,057,660 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/15 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/15 08:00:00 | 000,036,176 | ---- | C] () -- C:\WINDOWS\System32\perfd019.dat
[2008/04/15 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/15 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/15 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/15 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/12/21 02:21:56 | 000,035,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2007/09/04 06:56:10 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007/02/05 15:05:26 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2006/11/02 12:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2005/10/15 08:25:20 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\myodbc3i.exe
[2005/10/15 08:25:20 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\myodbc3m.exe
[2004/10/03 13:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[1999/01/22 12:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
 
========== LOP Check ==========
 
[2012/02/28 09:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}
[2010/07/01 11:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2010/02/08 09:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2010/07/24 07:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011/06/01 14:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Degener
[2011/11/10 10:23:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2009/09/11 16:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/09/11 16:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\G DATA
[2012/04/18 12:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Guard.Mail.Ru
[2010/11/25 12:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009/04/17 09:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/01/30 16:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2009/03/04 22:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VistaCodecs
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2012/06/10 22:18:02 | 000,000,077 | -HS- | M] ()(C:\Documents and Settings\LocalService\??? ?????????\desktop.ini) -- C:\Documents and Settings\LocalService\Мои документы\desktop.ini
[2012/06/10 22:18:02 | 000,000,077 | -HS- | C] ()(C:\Documents and Settings\LocalService\??? ?????????\desktop.ini) -- C:\Documents and Settings\LocalService\Мои документы\desktop.ini
[2012/06/10 22:18:02 | 000,000,000 | R--D | M](C:\Documents and Settings\LocalService\??? ?????????) -- C:\Documents and Settings\LocalService\Мои документы
[2012/06/10 22:18:02 | 000,000,000 | R--D | M](C:\Documents and Settings\LocalService\??? ?????????) -- C:\Documents and Settings\LocalService\Мои документы
[2012/06/10 22:18:02 | 000,000,000 | R--D | C](C:\Documents and Settings\LocalService\??? ?????????) -- C:\Documents and Settings\LocalService\Мои документы
[2012/06/08 09:04:31 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\??????? ????\?????????\Sniper Ghost Warrior) -- C:\Documents and Settings\All Users\Главное меню\Программы\Sniper Ghost Warrior
[2012/06/08 09:04:27 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\??????? ????\?????????\EPSON Drucker) -- C:\Documents and Settings\All Users\Главное меню\Программы\EPSON Drucker
[2012/06/07 09:41:49 | 000,002,265 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\Skype.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Skype.lnk
[2012/05/29 10:39:18 | 000,002,499 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\?????????\Microsoft Word.lnk) -- C:\Documents and Settings\All Users\Главное меню\Программы\Microsoft Word.lnk
[2012/04/16 16:10:52 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\??????? ????) -- C:\Documents and Settings\All Users\Рабочий стол
[2012/04/15 13:41:42 | 000,001,729 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\Adobe Reader 9.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Adobe Reader 9.lnk
[2012/01/12 10:50:57 | 000,001,729 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\Adobe Reader 9.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Adobe Reader 9.lnk
[2011/11/27 06:33:14 | 000,000,810 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\Mozilla Firefox.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Mozilla Firefox.lnk
[2011/11/22 09:53:37 | 000,001,915 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\Google ??????? ?????.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Google Планета Земля.lnk
[2011/11/22 09:53:37 | 000,001,915 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\Google ??????? ?????.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Google Планета Земля.lnk
[2011/11/10 10:28:39 | 000,002,265 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\Skype.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Skype.lnk
[2011/02/10 06:49:08 | 000,001,492 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\Opera.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Opera.lnk
[2011/02/10 06:49:08 | 000,001,492 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\Opera.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Opera.lnk
[2011/01/05 15:17:47 | 000,000,776 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\Sniper Ghost Warrior.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Sniper Ghost Warrior.lnk
[2011/01/05 15:17:47 | 000,000,776 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\Sniper Ghost Warrior.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Sniper Ghost Warrior.lnk
[2010/12/31 12:46:29 | 000,000,719 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\VLC media player.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\VLC media player.lnk
[2010/11/25 11:57:33 | 000,000,000 | R--D | M](C:\Documents and Settings\All Users\??????? ????) -- C:\Documents and Settings\All Users\Главное меню
[2010/02/08 09:58:06 | 000,001,505 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\Vuze.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Vuze.lnk
[2010/02/08 09:58:06 | 000,001,505 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\Vuze.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Vuze.lnk
[2009/10/19 13:55:06 | 000,001,781 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\Brother Creative Center.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Brother Creative Center.lnk
[2009/10/19 13:55:06 | 000,001,781 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\Brother Creative Center.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Brother Creative Center.lnk
[2009/10/05 12:57:08 | 000,001,825 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\Logitech QuickCam.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Logitech QuickCam.lnk
[2009/10/05 12:57:08 | 000,001,825 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\Logitech QuickCam.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Logitech QuickCam.lnk
[2009/02/11 14:29:09 | 000,000,000 | R--D | M](C:\Documents and Settings\All Users\?????????) -- C:\Documents and Settings\All Users\Документы
[2009/02/11 14:29:09 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\?????????\microsoft) -- C:\Documents and Settings\All Users\Документы\microsoft
[2009/02/11 14:29:09 | 000,000,000 | ---D | C](C:\Documents and Settings\All Users\?????????\microsoft) -- C:\Documents and Settings\All Users\Документы\microsoft
[2009/01/28 09:10:50 | 000,000,137 | -HS- | M] ()(C:\Documents and Settings\All Users\?????????\desktop.ini) -- C:\Documents and Settings\All Users\Документы\desktop.ini
[2009/01/12 17:55:34 | 000,001,583 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\Mail.Ru ?????.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Mail.Ru Агент.lnk
[2009/01/12 17:55:34 | 000,001,583 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\Mail.Ru ?????.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Mail.Ru Агент.lnk
[2008/12/11 14:18:17 | 000,001,729 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\?????????\????????????\Microsoft Office.lnk) -- C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\Microsoft Office.lnk
[2008/12/11 14:18:17 | 000,001,729 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\?????????\????????????\Microsoft Office.lnk) -- C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\Microsoft Office.lnk
[2008/12/11 14:13:17 | 000,000,000 | ---D | M](C:\WINDOWS\system32\config\systemprofile\??????? ????) -- C:\WINDOWS\system32\config\systemprofile\Рабочий стол
[2008/12/11 14:13:17 | 000,000,000 | ---D | M](C:\WINDOWS\system32\config\systemprofile\??????? ????) -- C:\WINDOWS\system32\config\systemprofile\Рабочий стол
[2008/11/17 19:01:19 | 000,000,719 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\VLC media player.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\VLC media player.lnk
[2008/11/15 20:04:42 | 000,000,000 | R--D | M](C:\Documents and Settings\All Users\?????????\??? ???????????) -- C:\Documents and Settings\All Users\Документы\Мои видеозаписи
[2008/11/15 20:04:42 | 000,000,000 | R--D | C](C:\Documents and Settings\All Users\?????????\??? ???????????) -- C:\Documents and Settings\All Users\Документы\Мои видеозаписи
[2008/11/15 16:19:27 | 000,001,691 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\Call of Duty(R) Singleplayer.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Call of Duty(R) Singleplayer.lnk
[2008/11/15 16:19:27 | 000,001,691 | ---- | M] ()(C:\Documents and Settings\All Users\??????? ????\Call of Duty(R) Multiplayer.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Call of Duty(R) Multiplayer.lnk
[2008/11/15 16:19:27 | 000,001,691 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\Call of Duty(R) Singleplayer.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Call of Duty(R) Singleplayer.lnk
[2008/11/15 16:19:27 | 000,001,691 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\Call of Duty(R) Multiplayer.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Call of Duty(R) Multiplayer.lnk
[2008/11/15 14:34:05 | 000,000,810 | ---- | C] ()(C:\Documents and Settings\All Users\??????? ????\Mozilla Firefox.lnk) -- C:\Documents and Settings\All Users\Рабочий стол\Mozilla Firefox.lnk
[2008/11/15 14:10:40 | 000,000,000 | R--D | C](C:\Documents and Settings\All Users\?????????\??? ???????) -- C:\Documents and Settings\All Users\Документы\Мои рисунки
[2008/11/15 14:10:40 | 000,000,000 | R--D | C](C:\Documents and Settings\All Users\?????????\??? ??????) -- C:\Documents and Settings\All Users\Документы\Моя музыка
[2008/11/15 14:10:20 | 000,000,137 | -HS- | C] ()(C:\Documents and Settings\All Users\?????????\desktop.ini) -- C:\Documents and Settings\All Users\Документы\desktop.ini
[2008/11/15 14:10:20 | 000,000,084 | -HS- | C] ()(C:\Documents and Settings\All Users\??????? ????\?????????\????????????\desktop.ini) -- C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\desktop.ini
[2008/11/15 14:10:20 | 000,000,000 | R--D | M](C:\WINDOWS\system32\config\systemprofile\??????? ????) -- C:\WINDOWS\system32\config\systemprofile\Главное меню
[2008/11/15 14:10:20 | 000,000,000 | R--D | M](C:\WINDOWS\system32\config\systemprofile\??????? ????) -- C:\WINDOWS\system32\config\systemprofile\Главное меню
[2008/11/15 14:10:20 | 000,000,000 | -H-D | M](C:\WINDOWS\system32\config\systemprofile\???????) -- C:\WINDOWS\system32\config\systemprofile\Шаблоны
[2008/11/15 14:10:20 | 000,000,000 | -H-D | M](C:\Documents and Settings\All Users\???????) -- C:\Documents and Settings\All Users\Шаблоны
[2008/11/15 14:10:20 | 000,000,000 | -H-D | M](C:\WINDOWS\system32\config\systemprofile\???????) -- C:\WINDOWS\system32\config\systemprofile\Шаблоны
[2008/11/15 14:10:20 | 000,000,000 | ---D | M](C:\WINDOWS\system32\config\systemprofile\?????????) -- C:\WINDOWS\system32\config\systemprofile\Избранное
[2008/11/15 14:10:20 | 000,000,000 | ---D | M](C:\WINDOWS\system32\config\systemprofile\??? ?????????) -- C:\WINDOWS\system32\config\systemprofile\Мои документы
[2008/11/15 14:10:20 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\?????????) -- C:\Documents and Settings\All Users\Избранное
[2008/11/15 14:10:20 | 000,000,000 | ---D | M](C:\WINDOWS\system32\config\systemprofile\?????????) -- C:\WINDOWS\system32\config\systemprofile\Избранное
[2008/11/15 14:10:20 | 000,000,000 | ---D | M](C:\WINDOWS\system32\config\systemprofile\??? ?????????) -- C:\WINDOWS\system32\config\systemprofile\Мои документы
[2008/11/15 11:19:43 | 000,000,084 | -HS- | C] ()(C:\WINDOWS\system32\config\systemprofile\??????? ????\?????????\????????????\desktop.ini) -- C:\WINDOWS\system32\config\systemprofile\Главное меню\Программы\Автозагрузка\desktop.ini
[2008/11/15 11:17:06 | 000,000,084 | -HS- | M] ()(C:\WINDOWS\system32\config\systemprofile\??????? ????\?????????\????????????\desktop.ini) -- C:\WINDOWS\system32\config\systemprofile\Главное меню\Программы\Автозагрузка\desktop.ini
[2008/11/15 11:17:06 | 000,000,084 | -HS- | M] ()(C:\Documents and Settings\All Users\??????? ????\?????????\????????????\desktop.ini) -- C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\desktop.ini
[2008/11/15 11:16:17 | 000,000,000 | R--D | M](C:\Documents and Settings\All Users\?????????\??? ???????) -- C:\Documents and Settings\All Users\Документы\Мои рисунки
[2008/11/15 11:15:03 | 000,000,000 | R--D | M](C:\Documents and Settings\All Users\?????????\??? ??????) -- C:\Documents and Settings\All Users\Документы\Моя музыка
[2008/04/15 08:00:00 | 000,000,075 | ---- | M] ()(C:\WINDOWS\System32\???????? ???????.scf) -- C:\WINDOWS\System32\Просмотр каналов.scf
[2008/04/15 08:00:00 | 000,000,075 | ---- | C] ()(C:\WINDOWS\System32\???????? ???????.scf) -- C:\WINDOWS\System32\Просмотр каналов.scf
(C:\WINDOWS\system32\config\systemprofile\?????????) -- C:\WINDOWS\system32\config\systemprofile\Избранное
(C:\WINDOWS\system32\config\systemprofile\???????) -- C:\WINDOWS\system32\config\systemprofile\Шаблоны
(C:\WINDOWS\system32\config\systemprofile\??????? ????\?????????\????????????) -- C:\WINDOWS\system32\config\systemprofile\Главное меню\Программы\Автозагрузка
(C:\WINDOWS\system32\config\systemprofile\??????? ????\?????????\???????????) -- C:\WINDOWS\system32\config\systemprofile\Главное меню\Программы\Стандартные
(C:\WINDOWS\system32\config\systemprofile\??????? ????) -- C:\WINDOWS\system32\config\systemprofile\Рабочий стол
(C:\WINDOWS\system32\config\systemprofile\??????? ????) -- C:\WINDOWS\system32\config\systemprofile\Главное меню
(C:\WINDOWS\system32\config\systemprofile\??? ?????????) -- C:\WINDOWS\system32\config\systemprofile\Мои документы
(C:\Documents and Settings\All Users\?????????) -- C:\Documents and Settings\All Users\Избранное
(C:\Documents and Settings\All Users\?????????) -- C:\Documents and Settings\All Users\Документы
(C:\Documents and Settings\All Users\???????) -- C:\Documents and Settings\All Users\Шаблоны
(C:\Documents and Settings\All Users\??????? ????\?????????\WinRAR) -- C:\Documents and Settings\All Users\Главное меню\Программы\WinRAR
(C:\Documents and Settings\All Users\??????? ????\?????????\WebCallDirect) -- C:\Documents and Settings\All Users\Главное меню\Программы\WebCallDirect
(C:\Documents and Settings\All Users\??????? ????\?????????\VistaCodecs) -- C:\Documents and Settings\All Users\Главное меню\Программы\VistaCodecs
(C:\Documents and Settings\All Users\??????? ????\?????????\VideoLAN) -- C:\Documents and Settings\All Users\Главное меню\Программы\VideoLAN
(C:\Documents and Settings\All Users\??????? ????\?????????\Sniper Ghost Warrior) -- C:\Documents and Settings\All Users\Главное меню\Программы\Sniper Ghost Warrior
(C:\Documents and Settings\All Users\??????? ????\?????????\Skype) -- C:\Documents and Settings\All Users\Главное меню\Программы\Skype
(C:\Documents and Settings\All Users\??????? ????\?????????\ScanSoft PaperPort 11) -- C:\Documents and Settings\All Users\Главное меню\Программы\ScanSoft PaperPort 11
(C:\Documents and Settings\All Users\??????? ????\?????????\NVIDIA Corporation) -- C:\Documents and Settings\All Users\Главное меню\Программы\NVIDIA Corporation
(C:\Documents and Settings\All Users\??????? ????\?????????\Microsoft Silverlight) -- C:\Documents and Settings\All Users\Главное меню\Программы\Microsoft Silverlight
(C:\Documents and Settings\All Users\??????? ????\?????????\Microsoft Office Tools) -- C:\Documents and Settings\All Users\Главное меню\Программы\Microsoft Office Tools
(C:\Documents and Settings\All Users\??????? ????\?????????\Mail.Ru) -- C:\Documents and Settings\All Users\Главное меню\Программы\Mail.Ru
(C:\Documents and Settings\All Users\??????? ????\?????????\Logitech) -- C:\Documents and Settings\All Users\Главное меню\Программы\Logitech
(C:\Documents and Settings\All Users\??????? ????\?????????\Google Earth) -- C:\Documents and Settings\All Users\Главное меню\Программы\Google Earth
(C:\Documents and Settings\All Users\??????? ????\?????????\ESET) -- C:\Documents and Settings\All Users\Главное меню\Программы\ESET
(C:\Documents and Settings\All Users\??????? ????\?????????\EPSON Drucker) -- C:\Documents and Settings\All Users\Главное меню\Программы\EPSON Drucker
(C:\Documents and Settings\All Users\??????? ????\?????????\DivX Plus) -- C:\Documents and Settings\All Users\Главное меню\Программы\DivX Plus
(C:\Documents and Settings\All Users\??????? ????\?????????\Clip2Net) -- C:\Documents and Settings\All Users\Главное меню\Программы\Clip2Net
(C:\Documents and Settings\All Users\??????? ????\?????????\Brother) -- C:\Documents and Settings\All Users\Главное меню\Программы\Brother
(C:\Documents and Settings\All Users\??????? ????\?????????\Administrative Tools) -- C:\Documents and Settings\All Users\Главное меню\Программы\Administrative Tools
(C:\Documents and Settings\All Users\??????? ????\?????????\Activision) -- C:\Documents and Settings\All Users\Главное меню\Программы\Activision
(C:\Documents and Settings\All Users\??????? ????\?????????\?????????????????) -- C:\Documents and Settings\All Users\Главное меню\Программы\Администрирование
(C:\Documents and Settings\All Users\??????? ????\?????????\????????????) -- C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка
(C:\Documents and Settings\All Users\??????? ????\?????????\???????????) -- C:\Documents and Settings\All Users\Главное меню\Программы\Стандартные
(C:\Documents and Settings\All Users\??????? ????\?????????\???????) -- C:\Documents and Settings\All Users\Главное меню\Программы\Утилиты
(C:\Documents and Settings\All Users\??????? ????\?????????\????) -- C:\Documents and Settings\All Users\Главное меню\Программы\Игры
(C:\Documents and Settings\All Users\??????? ????) -- C:\Documents and Settings\All Users\Рабочий стол
(C:\Documents and Settings\All Users\??????? ????) -- C:\Documents and Settings\All Users\Главное меню
< End of report >
         

Alt 12.06.2012, 20:39   #2
Station-MIR
 
OTL-LOG vom Verschlüsselungs-Trojaner-Patienten - Standard

OTL-LOG vom Verschlüsselungs-Trojaner-Patienten



Hallo Leute

fehlt noch irgend was für die Analyse?

Grüße
Max

Hallo Leute! Hilfee, hilfee! Bitte bitte!
__________________


Antwort

Themen zu OTL-LOG vom Verschlüsselungs-Trojaner-Patienten
.dll, adobe, antivirus, bho, browser, call of duty, conduit, desktop.ini, disabletaskmgr, eset nod32, explorer, firefox, flash player, format, google earth, helper, home, logfile, mozilla, msvcrt, object, pdfforge toolbar, plug-in, realtek, registry, rundll, scan, searchsettings.dll, services.exe, software, staropen, virus, windows, windows xp, wmi




Ähnliche Themen: OTL-LOG vom Verschlüsselungs-Trojaner-Patienten


  1. Patchday: Adobe pflegt den Flash-Patienten
    Nachrichten - 11.11.2015 (0)
  2. Verschlüsselungs-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 18.04.2015 (5)
  3. Hacker erbeuten Daten von 4,5 Millionen Patienten in den USA
    Nachrichten - 19.08.2014 (0)
  4. SUISA-Trojaner (Verschlüsselungs-Trojaner) befall auf HP-Pro-Laptop Win7 64Bit
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (19)
  5. windows verschlüsselungs trojaner-sofortiger TRojaner hinweis
    Plagegeister aller Art und deren Bekämpfung - 31.07.2012 (9)
  6. Live Security Platinum-Trojaner, Verschlüsselungs-Trojaner entfernen
    Plagegeister aller Art und deren Bekämpfung - 16.07.2012 (1)
  7. Verschlüsselungs-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 11.06.2012 (1)
  8. Verschlüsselungs-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  9. Verschlüsselungs-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  10. Verschlüsselungs Trojaner
    Log-Analyse und Auswertung - 10.06.2012 (1)
  11. Verschlüsselungs-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 09.06.2012 (3)
  12. Verschlüsselungs-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 08.06.2012 (1)
  13. Verschlüsselungs Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.06.2012 (2)
  14. Verschlüsselungs-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.06.2012 (3)
  15. Verschlüsselungs-Trojaner
    Mülltonne - 07.06.2012 (1)
  16. Verschlüsselungs-Trojaner
    Log-Analyse und Auswertung - 23.05.2012 (17)
  17. Verschlüsselungs-Trojaner
    Log-Analyse und Auswertung - 04.05.2012 (7)

Zum Thema OTL-LOG vom Verschlüsselungs-Trojaner-Patienten - Hallo Trojaner-Boarder Ein Freund von mir hat sich den Verschlüsselungs-Trojaner dummerweise eingefangen. Auf der Suche nach Abhilfe bin ich auf Euer tolles Forum gestoßen und bereits viele Themen durchstöbert. Bin - OTL-LOG vom Verschlüsselungs-Trojaner-Patienten...
Archiv
Du betrachtest: OTL-LOG vom Verschlüsselungs-Trojaner-Patienten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.