Новости
Видео
Microsoft
Windows 10
Железо
Программы
Форум
Имя пользователя:
Пароль:  
Помощь | Регистрация | Забыли пароль?  

Название темы: Закрывается Internet Explorer 7 при переходе по любому адресу
Показать сообщение отдельно

Пользователь


Сообщения: 88
Благодарности: 0

Профиль | Отправить PM | Цитировать

Проверку сделал и логи тоже
ComboFix 09-03-22.01 - TravelMate 2009-03-23 13:44:32.2 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1251.1.1049.18.2046.1563 [GMT 3:00]
Running from: c:\documents and settings\TravelMate\Рабочий стол\ComboFix.exe
Command switches used :: c:\documents and settings\TravelMate\Рабочий стол\CFScript.txt
AV: Outpost Security Suite Pro *On-access scanning disabled* (Updated)
AV: Panda Antivirus + Firewall 2008 *On-access scanning disabled* (Updated)
FW: Outpost Security Suite Pro *disabled*
FW: Panda Antivirus 2008 Personal Firewall *disabled*
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((( Files Created from 2009-02-23 to 2009-03-23 )))))))))))))))))))))))))))))))
.

2009-03-19 17:52 . 2009-03-19 17:52 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-19 17:52 . 2009-03-19 17:52 <DIR> d-------- c:\documents and settings\TravelMate\Application Data\Malwarebytes
2009-03-19 17:52 . 2009-03-19 17:52 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-19 17:52 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-19 17:52 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-19 17:16 . 2009-03-19 17:16 579,072 --a------ c:\windows\system32\dllcache\user32.dll
2009-03-19 16:53 . 2009-03-19 16:53 <DIR> d-------- c:\windows\ERUNT
2009-03-19 16:26 . 2008-11-06 02:03 <DIR> d-------- C:\SDFix
2009-03-17 13:17 . 2004-08-17 16:04 343,040 --a------ c:\windows\system32\msvcrt.dll
2009-03-15 18:14 . 2009-03-19 22:54 11,264 --a------ c:\windows\system32\drivers\uzi4nzez.sys
2009-03-14 18:05 . 2008-04-14 20:10 81,920 --a------ c:\windows\system32\ieencode.dll
2009-03-14 18:05 . 2007-08-13 18:45 78,336 --a------ c:\windows\system32\dllcache\ieencode.dll
2009-03-14 17:01 . 2009-03-14 17:03 652,089 --a------ C:\bookmark.htm
2009-03-11 17:43 . 2009-03-11 17:43 <DIR> d-------- c:\windows\system32\Midnight Club Los Angeles dir
2009-03-11 17:20 . 2009-03-11 17:20 <DIR> d-------- c:\documents and settings\TravelMate\Application Data\GrabPro
2009-03-11 10:16 . 2009-03-11 10:17 11,189 --a------ C:\Заявление о выдаче исполнительного листа.docx
2009-03-11 10:14 . 2009-03-11 10:24 11,253 --a------ C:\Заявление о выдаче копи кассац определения.docx
2009-03-11 09:01 . 2009-03-11 09:01 <DIR> d-------- c:\documents and settings\TravelMate\IECompatCache
2009-03-09 19:41 . 2009-03-09 19:41 <DIR> d-------- c:\program files\YouTube Downloader
2009-03-09 18:03 . 2009-03-09 18:03 <DIR> d-------- c:\program files\Windows Desktop Search
2009-03-09 17:48 . 2009-03-09 17:48 <DIR> d--hs---- c:\documents and settings\TravelMate\PrivacIE
2009-03-09 17:48 . 2009-03-09 17:48 <DIR> d--hs---- c:\documents and settings\TravelMate\IETldCache
2009-03-09 17:39 . 2009-03-09 17:39 <DIR> d-------- c:\windows\ie8updates
2009-03-06 19:23 . 2007-09-20 13:04 114,688 --a------ c:\windows\system32\BTCamVideoSource.dll
2009-03-06 19:22 . 2009-03-06 19:23 <DIR> d-------- c:\program files\Mobiola Web Camera for S60
2009-03-02 19:34 . 2009-03-02 19:34 <DIR> d-------- C:\hidownload
2009-03-02 19:30 . 2009-03-02 19:30 <DIR> d-------- c:\program files\StreamingStar
2009-02-26 12:10 . 2004-08-18 05:00 14,848 --a------ c:\windows\system32\drivers\kbdhid.sys
2009-02-26 12:10 . 2004-08-18 05:00 14,848 --a------ c:\windows\system32\dllcache\kbdhid.sys
2009-02-25 16:30 . 2009-02-25 16:30 <DIR> d-------- c:\program files\Nuclear Coffee
2009-02-25 00:28 . 2009-01-09 22:19 1,089,883 --------- c:\windows\system32\dllcache\ntprint.cat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-20 14:45 308,588 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-03-20 14:45 26,298,400 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-02-20 07:56 --------- d-----w c:\program files\Common Files\AVerMedia
2009-02-18 18:04 201,728 ----a-w c:\windows\system32\GT_ScreenSaver_01_01.scr
2009-02-09 14:07 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 14:07 1,846,912 ------w c:\windows\system32\dllcache\win32k.sys
2009-01-29 18:31 --------- d-----w c:\documents and settings\All Users\Application Data\Bluetooth
2009-01-29 17:50 --------- d-----w c:\program files\Agnitum
2009-01-29 17:50 --------- d-----w c:\documents and settings\TravelMate\Application Data\Agnitum
2009-01-29 17:50 --------- d-----w c:\documents and settings\All Users\Application Data\Agnitum
2009-01-24 17:15 --------- d-----w c:\program files\ABBYY Lingvo x3
2009-01-23 21:38 --------- d-----w c:\program files\IVT Corporation
2009-01-20 17:33 695,578 ----a-w c:\windows\system32\unins000.exe
2009-01-16 18:30 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2007-12-15 15:40 2,654,664 ----a-w c:\program files\DAEMON411-LITE-X64.EXE
2007-12-14 20:42 2,492,360 ----a-w c:\program files\DAEMON411-LITE-X86.EXE
2009-03-17 16:25 67,696 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2009-03-17 16:25 54,376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2009-03-17 16:25 34,952 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2009-03-17 16:25 46,720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2009-03-17 16:25 172,144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
2006-05-03 10:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2007-12-17 13:43 27,648 --sh--w c:\windows\system32\Smab0.dll
2008-06-07 17:03 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008060720080608\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Punto Switcher"="c:\program files\Punto Switcher\ps.exe" [2007-11-14 201728]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Google Update"="c:\documents and settings\TravelMate\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-02-06 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"LManager"="c:\program files\Launch Manager\QtZgAcer.EXE" [2004-12-09 311296]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2008-02-15 176128]
"EPM-DM"="c:\acer\epm\epm-dm.exe" [2005-01-25 180224]
"ePowerManagement"="c:\acer\ePM\ePM.exe" [2005-01-21 2889216]
"QuickTime Task"="c:\qt\qttask.exe" [2008-11-04 413696]
"Lingvo Launcher"="c:\program files\ABBYY Lingvo x3\LvAgent.exe" [2008-11-19 1770784]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2008-12-25 1292120]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Security Suite Pro\feedback.exe" [2008-12-25 432984]
"Ярлык для страницы свойств High Definition Audio"="HDAudPropShortcut.exe" [2004-08-12 c:\windows\system32\Hdaudpropshortcut.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2004-10-07 c:\windows\AGRSMMSG.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]
"SoundMan"="SOUNDMAN.EXE" [2004-11-02 c:\windows\SoundMan.exe]
"AlcWzrd"="ALCWZRD.EXE" [2004-12-10 c:\windows\ALCWZRD.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-03-26 1232896]

c:\documents and settings\All Users\ѓ«*ў*®Ґ ¬Ґ*о\Џа®Ја*¬¬л\Ђўв®§*Јаг§Є*\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-04-21 693520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"msacm.imc"= imc32.acm
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
"vidc.CSCD"= camcodec.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^AVerQuick.lnk]
path=c:\documents and settings\All Users\Главное меню\Программы\Автозагрузка\AVerQuick.lnk
backup=c:\windows\pss\AVerQuick.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^honestech One Touch DVD Receiver.lnk]
path=c:\documents and settings\All Users\Главное меню\Программы\Автозагрузка\honestech One Touch DVD Receiver.lnk
backup=c:\windows\pss\honestech One Touch DVD Receiver.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^TravelMate^Главное меню^Программы^Автозагрузка^BWMeter.lnk]
path=c:\documents and settings\TravelMate\Главное меню\Программы\Автозагрузка\BWMeter.lnk
backup=c:\windows\pss\BWMeter.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2004-12-07 21:10 344064 c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
--a------ 2003-12-22 08:38 241664 c:\program files\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2003-12-05 15:41 49152 c:\program files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05]
--a------ 2008-02-15 21:34 491520 c:\windows\system32\hphmon05.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
--a------ 2004-04-01 13:33 49152 c:\program files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
--a------ 2008-09-01 18:08 173304 d:\program files\ICQ6\ICQ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
--a------ 2004-08-18 05:00 208952 c:\windows\ime\imjp8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lingvo Launcher]
--a------ 2006-12-14 00:09 258048 c:\program files\ABBYY Lingvo 12\LvAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MAgent]
--a------ 2008-08-18 20:25 3110392 c:\documents and settings\TravelMate\Application Data\Mail.Ru\Agent\magent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-14 20:11 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
--a------ 2004-08-18 05:00 59392 c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-18 05:00 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-18 05:00 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 c:\qt\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2004-07-15 01:07 32768 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient]
--a------ 2002-12-16 16:51 36864 c:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-03-25 04:28 144784 c:\program files\Java\jre1.6.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
--a------ 2007-03-03 14:12 341488 c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\MSMSGS.EXE"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\FlylinkDC++\\FlylinkDC.exe"=
"c:\\Program Files\\StrongDC++\\StrongDC.exe"=
"d:\\FOS\\SAMA PROGA\\ApexDC_s16.1_rus\\ApexDC-s16_1.exe"=
"d:\\FOS\\Downloads\\-=Demon=- GreyLink DC++ 4.42.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"d:\\Program Files\\Opera 9\\Opera.exe"=
"d:\\FOS\\SAMA PROGA\\ApexDC_s16.1_rus\\ApexDC.exe"=
"d:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\VoipCheapCom\\VoipCheapCom.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Documents and Settings\\TravelMate\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\TravelMate\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2008-07-31 20616]
R1 is-3RL2Vdrv;is-3RL2Vdrv;c:\windows\system32\drivers\29703511.sys [2008-12-13 148496]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [2009-01-29 703904]
R1 uzi4nzez;AVZ-RK Kernel Driver;c:\windows\system32\drivers\uzi4nzez.sys [2009-03-15 11264]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 ABBYY.Licensing.Lingvo.Desktop.14.0;Сервис лицензирования ABBYY Lingvo x3;c:\program files\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe [2008-11-19 808224]
R2 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [2008-01-18 4096]
R2 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [2008-01-18 78208]
R2 NVKEYNT;NVKEYNT;c:\windows\system32\drivers\NVKEYNT.SYS [2008-04-15 68704]
R2 venemu;venemu;c:\windows\system32\drivers\venemu.sys [2008-04-15 18944]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [2009-01-29 30864]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2009-01-29 257176]
R3 ASWFilt;ASWFilt;c:\windows\system32\Filt\ASWFilt.dll [2009-01-29 34080]
R3 CONAN;CONAN;c:\windows\system32\drivers\o2mmb.sys [1980-01-01 193878]
R3 MbxStby;MbxStby;c:\windows\system32\drivers\MbxStby.sys [1980-01-01 7100]
R3 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-04-21 52080]
R3 VBEngNT;VBEngNT;c:\windows\system32\drivers\VBEngNT.sys [2009-01-29 1075154]
R3 VBFilt;VBFilt;c:\windows\system32\Filt\VBFilt.dll [2009-01-29 229024]
S2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [2009-01-29 1604952]
S2 osaio;osaio;c:\windows\system32\drivers\osaio.sys --> c:\windows\system32\drivers\osaio.sys [?]
S2 osanbm;osanbm;c:\windows\system32\drivers\osanbm.sys --> c:\windows\system32\drivers\osanbm.sys [?]
S3 ASNDIS5;ASNDIS5 Protocol Driver;c:\windows\system32\ASNDIS5.sys [2009-01-06 16269]
S3 AVerBDA3x;AVerMedia SAA713x BDA Service;c:\windows\system32\drivers\AVerBDA3x.sys [2008-07-17 1176192]
S3 AVerE506;AVerE506 service;c:\windows\system32\drivers\AVerE506.sys [2008-05-06 509312]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-07-02 26248]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - f:\wd_windows_tools\Setup.exe
.
Contents of the 'Scheduled Tasks' folder

2009-03-23 c:\windows\Tasks\HP Usg Daily.job
- c:\program files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\pexpress\hphped05.exe [2004-04-01 13:33]

2009-03-22 c:\windows\Tasks\User_Feed_Synchronization-{E028F5C6-98A8-4430-B7D7-8AAE8E66FB34}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 18:36]

2009-03-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1510415948-2603230877-842530975-1004.job
- c:\documents and settings\TravelMate\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-06 20:39]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe"
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: {{4034D172-4C52-49de-A6A1-E75F8F591FEC} - c:\program files\PRMT8\PRMTIE\options.htm
IE: {{A2DA13D5-AC77-43b7-963B-40445EBCB8E0} - c:\program files\PRMT8\PRMTIE\prmtie5.htm
IE: {{88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - c:\progra~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
FF - ProfilePath - c:\documents and settings\TravelMate\Application Data\Mozilla\Firefox\Profiles\fyd2tkpd.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - prefs.js: network.proxy.type - 2
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{231D7D17-4F1B-4933-AB61-E502DB82FD11}\components\FFTransSend.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-23 13:48:25
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1510415948-2603230877-842530975-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
@SACL=
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1384)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-03-23 13:50:13
ComboFix-quarantined-files.txt 2009-03-23 10:50:10
ComboFix2.txt 2009-03-20 14:40:20

Pre-Run: 3*468*165*120 байт свободно
Post-Run: 3,461,185,536 байт свободно

263 --- E O F --- 2009-03-14 19:21:57

Отправлено: 14:15, 23-03-2009 | #54

Название темы: Закрывается Internet Explorer 7 при переходе по любому адресу