Новости
Видео
Microsoft
Windows 10
Железо
Программы
Форум
Имя пользователя:
Пароль:  
Помощь | Регистрация | Забыли пароль?  

Название темы: [решено] Снова Autorun.inf
Показать сообщение отдельно

Пользователь


Сообщения: 65
Благодарности: 2

Профиль | Отправить PM | Цитировать

ComboFix 09-01-11.04 - Admin 2009-01-13 15:26:52.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.1.1049.18.2047.1287 [GMT 2:00]
Running from: c:\documents and settings\Admin\Рабочий стол\ComboFix.exe
Command switches used :: c:\documents and settings\Admin\Рабочий стол\CFScript.txt
AV: Антивирус Касперского *On-access scanning disabled* (Outdated)
AV: AntiVir ProfessionalEdition *On-access scanning disabled* (Outdated)
FW: Антивирус Касперского *disabled*
* Created a new restore point

FILE ::
c:\documents and settings\Admin\Application Data\fieryads.dat
c:\windows\System32\ezsidmv.dat
F:\tbubzt.exe
F:\utvv.cmd
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Admin\Application Data\fieryads.dat
c:\windows\System32\ezsidmv.dat

.
((((((((((((((((((((((((( Files Created from 2008-12-13 to 2009-01-13 )))))))))))))))))))))))))))))))
.

2009-01-13 09:10 . 2009-01-13 09:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-13 09:10 . 2009-01-13 09:10 <DIR> d-------- c:\documents and settings\Admin\Application Data\Malwarebytes
2009-01-10 08:40 . 2009-01-10 08:40 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-10 07:37 . 2009-01-10 07:37 <DIR> d-------- c:\program files\7-Zip
2009-01-09 14:50 . 2009-01-09 14:50 11,264 --a------ c:\windows\system32\drivers\uzixmjq0.sys
2009-01-09 12:09 . 2009-01-09 12:09 <DIR> d-------- c:\documents and settings\Admin\DoctorWeb
2008-12-24 08:22 . 2008-12-24 08:22 <DIR> d-------- c:\program files\Neat Image
2008-12-19 07:36 . 2008-12-19 07:36 <DIR> d--h----- c:\windows\PIF

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-13 13:30 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-01-13 13:28 574,088 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-01-13 13:28 42,395,168 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-01-13 13:28 219,884 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-01-13 13:28 1,910,816 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-01-13 13:19 --------- d-----w c:\documents and settings\Admin\Application Data\Skype
2009-01-13 13:15 --------- d-----w c:\program files\Windows Sidebar
2009-01-13 12:19 --------- d-----w c:\program files\ATS Manager
2009-01-13 12:18 --------- d-----w c:\documents and settings\Admin\Application Data\skypePM
2009-01-13 11:52 --------- d-----w c:\program files\The Bat!
2009-01-13 11:52 --------- d-----w c:\documents and settings\Admin\Application Data\The Bat!
2009-01-13 10:12 --------- d-----w c:\program files\UpsPilot
2009-01-13 08:30 --------- d-----w c:\documents and settings\Admin\Application Data\Desktopicon
2009-01-10 06:40 --------- d-----w c:\program files\Java
2008-12-23 05:05 --------- d-----w c:\documents and settings\Admin\Application Data\QIP.Online
2008-12-11 05:32 --------- d-----w c:\program files\DU Meter
2008-12-10 05:47 --------- d-----w c:\program files\Unlocker
2008-12-10 05:43 --------- d-----w c:\program files\QIP.Online
2008-12-10 05:32 --------- d-----w c:\program files\QIP
2008-12-09 14:17 --------- d-----w c:\documents and settings\Admin\Application Data\Download Master
2008-11-21 06:23 --------- d-----w c:\program files\QuickTime Alternative
2008-11-21 06:23 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-21 06:22 --------- d-----w c:\program files\Real Alternative
2006-03-20 14:37 5,689,344 ----a-w c:\program files\mplayerc.exe
.

------- Sigcheck -------

2008-07-16 20:31 584192 371c41f777924f3ea3bfad18c6a04502 c:\windows\system32\user32.dll

2008-07-16 20:31 948224 fd5dd7fc4240e3dffb0bbd40dbabf4b1 c:\windows\system32\wininet.dll

2008-04-15 12:00 361344 eaec6ea32bdabd7622371c10b8d68a17 c:\windows\system32\drivers\tcpip.sys

2008-07-16 20:26 2165248 9c8b91ff9f5cc6c6c17a1593255f46d3 c:\windows\system32\ntkrnlpa.exe

2008-07-16 20:16 2286592 047953a8b30891f5f8f0bf68abfea339 c:\windows\system32\ntoskrnl.exe

2008-07-16 20:29 1597952 5116fc3994df129f40b9ddbccc394195 c:\windows\explorer.exe

2008-07-16 20:29 17408 17a73d46ca1d681cee05658a2f4419da c:\windows\system32\ctfmon.exe

2008-07-16 20:31 76632 ec5b872ac2bf6dea91d1de3e8b8289bf c:\windows\system32\wuauclt.exe
.
((((((((((((((((((((((((((((( snapshot@2009-01-13_13.29.53.42 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-01-13 11:28:09 16,384 --sha-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-01-13 13:29:48 16,384 --sha-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-01-13 11:28:09 16,384 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-01-13 13:29:48 16,384 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-01-13 11:28:09 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-13 13:29:48 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-08-07 13:27:48 145,920 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\Cghtme.exe
+ 2008-08-07 13:26:56 10,240 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\cliptext.exe
+ 2008-08-07 13:27:00 61,440 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\download.exe
+ 2008-08-07 13:27:08 157,696 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\ERUNT.EXE
+ 2008-08-07 13:27:10 27,136 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\FixPath.exe
+ 2008-08-07 13:27:12 80,412 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\grep.exe
+ 2008-08-07 13:27:14 33,280 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\isadmin.exe
+ 2003-12-08 22:31:00 11,254 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\locate.com
+ 2008-08-07 13:27:16 49,152 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\LS.exe
+ 2008-08-07 13:27:16 6,656 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\MD5File.exe
+ 2008-08-07 13:27:16 38,400 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\moveex.exe
+ 2008-08-07 13:27:18 53,248 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\Process.exe
+ 2008-08-07 13:27:20 16,414 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\procs.exe
+ 2008-08-07 13:27:20 61,440 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\psservice.exe
+ 2008-08-07 13:27:22 146,432 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\Replace\regedit.exe
+ 2008-08-07 13:27:22 4,080 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\Replace\w2k\beep.sys
+ 2003-06-19 09:05:04 50,620 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\Replace\w2k\command.com
+ 2008-08-21 07:45:48 2,855 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\Replace\w2k\command.PIF
+ 2008-08-07 13:27:22 2,800 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\Replace\w2k\null.sys
+ 2008-08-07 13:27:24 4,224 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\Replace\xp\beep.sys
+ 2001-08-18 10:00:00 50,620 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\Replace\xp\command.com
+ 2008-08-21 07:45:42 2,855 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\Replace\xp\command.PIF
+ 2008-08-07 13:27:24 2,944 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\Replace\xp\null.sys
+ 2008-08-07 13:27:26 8,192 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\RestartIt!.exe
+ 2008-08-07 13:27:28 31,232 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\sc.exe
+ 2008-08-07 13:27:28 98,816 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\sed.exe
+ 2008-08-07 13:27:30 49,152 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\SF.exe
+ 2008-08-07 13:27:30 19,456 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\shutdown.exe
+ 2008-08-07 13:27:36 278,016 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\Swreg.exe
+ 2008-08-07 13:27:38 40,960 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\swsc.exe
+ 2008-09-16 17:17:22 204,800 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\UnRAR.exe
+ 2008-08-07 13:27:42 167,936 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\unzip.exe
+ 2008-08-07 13:27:44 49,152 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\vfind.exe
+ 2008-08-07 13:27:44 41,472 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\WINMSG.EXE
+ 2008-08-07 13:27:46 126,976 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\apps\zip.exe
+ 2008-08-07 13:27:48 145,920 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\catchme.exe
+ 2008-10-08 21:41:44 11,932 ---ha-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\DBFix.bat
+ 2008-11-05 22:58:41 964,661 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Рабочий стол\SDFix\SDFix\RunThis.bat
- 2009-01-13 11:26:24 169,787 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Application Data\Opera\Opera\profile\cookies4.dat
+ 2009-01-13 13:25:48 169,896 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Application Data\Opera\Opera\profile\cookies4.dat
- 2009-01-13 11:26:24 3,632 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Application Data\Opera\Opera\profile\download.dat
+ 2009-01-13 11:34:26 3,535 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Application Data\Opera\Opera\profile\download.dat
- 2009-01-13 11:26:24 1,145,936 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Application Data\Opera\Opera\profile\global.dat
+ 2009-01-13 13:23:26 1,144,119 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Application Data\Opera\Opera\profile\global.dat
- 2008-12-30 09:57:46 132,096 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Application Data\Skype\master6101\dyncontent\bundle.dat
+ 2009-01-13 12:28:43 132,096 ----a-w c:\windows\system32\Server2003\Adminstr\admin\Application Data\Skype\master6101\dyncontent\bundle.dat
- 2009-01-13 11:25:42 32,768 --sha-w c:\windows\system32\Server2003\Adminstr\admin\Cookies\index.dat
+ 2009-01-13 13:26:55 32,768 --sha-w c:\windows\system32\Server2003\Adminstr\admin\Cookies\index.dat
- 2009-01-13 11:26:45 4,718,592 ---ha-w c:\windows\system32\Server2003\Adminstr\admin\NTUSER.DAT
+ 2009-01-13 13:28:14 4,345,856 ---ha-w c:\windows\system32\Server2003\Adminstr\admin\NTUSER.DAT
- 2004-12-13 05:20:04 6,995 ----a-w c:\windows\system32\spool\drivers\w32x86\3\ssgr3en.DAT
+ 2009-01-13 12:29:41 7,014 ----a-w c:\windows\system32\spool\drivers\w32x86\3\ssgr3en.DAT
+ 2009-01-13 13:29:46 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_7d4.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-07-16 17408]
"VistaIcon"="c:\program files\VistaDriveIcon\VistaDrv.exe" [2008-03-23 132096]
"VyChat.exe"="c:\program files\Vypress Chat\VyChat.exe" [2005-07-17 864856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Winpower"="c:\program files\UpsPilot\Winpower.exe" [2008-08-29 114688]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2005-02-01 1469952]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-03-01 15872]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-07-29 206088]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-07-16 17408]
"VistaIcon"="c:\program files\VistaDriveIcon\VistaDrv.exe" [2008-03-23 132096]

c:\documents and settings\Admin\ѓ«*ў*®Ґ ¬Ґ*о\Џа®Ја*¬¬л\Ђўв®§*Јаг§Є*\
HandyCache.lnk - d:\handycacherc1.1.0.0.64\HandyCache.exe [2008-09-17 968192]
SmallProxyServer.lnk - c:\program files\SmallProxy\SmallProxyServer.exe [2008-09-11 426496]
SP_Config.lnk - c:\program files\SmallProxy\SP_Config.exe [2008-09-11 1482240]

c:\documents and settings\Admin\ѓ«*ў*®Ґ ¬Ґ*о\Џа®Ја*¬¬л\Ђўв®§*Јаг§Є*\
HandyCache.lnk - d:\handycacherc1.1.0.0.64\HandyCache.exe [2008-09-17 968192]
SmallProxyServer.lnk - c:\program files\SmallProxy\SmallProxyServer.exe [2008-09-11 426496]
SP_Config.lnk - c:\program files\SmallProxy\SP_Config.exe [2008-09-11 1482240]

c:\documents and settings\Admin\ѓ«*ў*®Ґ ¬Ґ*о\Џа®Ја*¬¬л\Ђўв®§*Јаг§Є*\
HandyCache.lnk - d:\handycacherc1.1.0.0.64\HandyCache.exe [2008-09-17 968192]
SmallProxyServer.lnk - c:\program files\SmallProxy\SmallProxyServer.exe [2008-09-11 426496]
SP_Config.lnk - c:\program files\SmallProxy\SP_Config.exe [2008-09-11 1482240]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UpdatesOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SmallProxy\\SmallProxyServer.exe"=
"c:\\Program Files\\Pointdev\\IDEAL Administration\\InstIA.exe"=
"c:\\Program Files\\Vypress Chat\\VyChat.exe"=
"c:\\Program Files\\SmallProxy\\SP_Config.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=

R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [2008-07-16 119808]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R1 uzixmjq0;AVZ-RK Kernel Driver;c:\windows\system32\drivers\uzixmjq0.sys [2009-01-09 11264]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2007-04-04 24592]
S3 FXDrv32;FXDrv32;\??\e:\fxdrv32.sys --> e:\FXDrv32.sys [?]
S3 IACtrl;IA Analysing v2.0;c:\program files\Pointdev\IDEAL Administration\IACtrl.exe [2008-10-16 118784]
S4 AntiVirMailService;AntiVir Mail Security Service;"c:\program files\AVWin\AVMAILC.EXE" --> c:\program files\AVWin\AVMAILC.EXE [?]
S4 AVEService;AVE Service;"c:\program files\AVWin\AVESVC.EXE" --> c:\program files\AVWin\AVESVC.EXE [?]
S4 AVWUpSrv;AntiVir Update;"c:\program files\AVWin\AVWUPSRV.EXE" --> c:\program files\AVWin\AVWUPSRV.EXE [?]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.speedtest.net/index.php
IE: &Экспорт в Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master - c:\program files\Download Master\dmieall.htm
IE: Закачать при помощи Download Master - c:\program files\Download Master\dmie.htm
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} - c:\program files\Download Master\dmaster.exe
TCP: {10430C38-E70A-4287-B824-6A845CF1D8FD} = 192.168.0.250
TCP: {E2446440-1B11-4911-99DB-63F5C16F960A} = 172.16.0.3,193.108.241.1,193.108.241.7
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-13 15:30:16
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1048)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\cscui.dll
c:\windows\system32\COMRes.dll

- - - - - - - > 'lsass.exe'(1104)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'explorer.exe'(6600)
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\UpsPilot\monitor.exe
c:\program files\UpsPilot\jre\bin\javaw.exe
c:\progra~1\UpsPilot\wpRMI.exe
c:\program files\UpsPilot\jre\bin\javaw.exe
c:\program files\UpsPilot\jre\bin\javaw.exe
c:\program files\SmallProxy\Sp_Http.exe
c:\program files\SmallProxy\Sp_PmTcp.exe
c:\program files\SmallProxy\Sp_Socks.exe
.
**************************************************************************
.
Completion time: 2009-01-13 15:31:53 - machine was rebooted
ComboFix-quarantined-files.txt 2009-01-13 13:31:49
ComboFix2.txt 2009-01-13 11:30:34

Pre-Run: 19,349,405,696 байт свободно
Post-Run: 19,327,873,024 байт свободно

254

Отправлено: 16:39, 13-01-2009 | #28

Название темы: [решено] Снова Autorun.inf