Новости
Видео
Microsoft
Windows 10
Железо
Программы
Форум
Имя пользователя:
Пароль:  
Помощь | Регистрация | Забыли пароль?  

Название темы: Не работают скрипты в браузере. Есть подозрение на вирус!:(
Показать сообщение отдельно

Аватара для zhefran

Пользователь


Сообщения: 134
Благодарности: 2

Профиль | Сайт | Отправить PM | Цитировать

Код: Выделить весь код
SDFix: Version 1.221 
Run by Ђ¤¬Ё*Ёбва*в®а on 19.09.2008 at 11:04

Microsoft Windows XP [‚ҐабЁп 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files : 

Trojan Files Found:

C:\WINDOWS\system32\admdll.dll  - Deleted





Removing Temp Files

ADS Check :
 


                                 Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-19 11:09:57
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions]
"\34\48\4=\48\4?\4>\4@\4B\4 ?W?A?N? ?(?L?2?T?P?)?"=str(7):"1\0"
"\34\48\4=\48\4?\4>\4@\4B\4 ?W?A?N? ?(?P?P?T?P?)?"=str(7):"1\0"
"\34\48\4=\48\4?\4>\4@\4B\4 ?W?A?N? ?(?P?P?P?o?E?)?"=str(7):"1\0"
"\37\4@\4O\4<\4>\49\4 ??\0040\4@\0040\4;\4;\0045\4;\4L\4=\4K\49\4 ??\4>\4@\4B\4"=str(7):"1\0"
"\34\48\4=\48\4?\4>\4@\4B\4 ?W?A?N? ?(?I?P?)?"=str(7):"1\0"
"\34\48\4=\48\4?\4>\4@\4B\4 ??\4;\0040\4=\48\4@\4>\0042\4I\48\4:\0040\4 ??\0040\4:\0045\4B\4>\0042\4"=str(7):"1\0002\0003\0"
"\34\48\4=\48\4?\4>\4@\4B\4 ?W?A?N? ?(?I?P?X?)?"=str(7):"1\0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\Shares]
"\24\4>\4:\4C\4<\0045\4=\4B\4K\4"=str(7):"CSCFlags=0\0MaxUses=4294967295\0Path=C:\Documents and Settings\All Users\>:C<5=BK\0Permissions=0\0Remark=\0Type=0\0"
"\37\4@\4>\0043\4@\0040\4<\48\4"=str(7):"CSCFlags=0\0MaxUses=4294967295\0Path=D:\020=B065==O\@>3@0<8\0Permissions=0\0Remark=\0Type=0\0"
"\20\4@\4E\48\0042\4K\4 ?O?l?d? ?P?C?"=str(7):"CSCFlags=0\0MaxUses=4294967295\0Path=G:\@E82K Old PC\0Permissions=0\0Remark=\0Type=0\0"
"\24\4>\0043\4>\0042\4V\4@\4"=str(7):"CSCFlags=0\0MaxUses=4294967295\0Path=G:\>3>2V@\0Permissions=0\0Remark=\0Type=0\0"
"\27\0040\0042\0040\4=\4B\0040\0046\0045\4=\4=\4O\4"=str(7):"CSCFlags=0\0MaxUses=4294967295\0Path=D:\020=B065==O\0Permissions=0\0Remark=\0Type=0\0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:4c,73,3e,ea,66,74,01,7a,59,ba,f9,80,d6,97,7a,61,28,c5,a4,1f,4f,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:e1,9b,54,60,8b,cb,6e,d1,f6,88,d7,34,c8,64,23,7b,cb,50,7a,47,df,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,52,ec,b4,3c,6b,00,46,4a,e6,aa,4f,52,92,05,9d,76,e4,..
"khjeh"=hex:9a,f6,bf,e5,91,e8,5a,64,b6,bb,59,d1,61,e7,02,8a,f6,b4,60,14,38,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:03,08,13,6a,a3,73,ec,00,9d,3f,00,45,bb,b9,b1,da,d4,e8,a7,a0,0a,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{8328787a-4717-4d59-8113-71ee7db0bb25}]
"\32\4>\4A\0042\0045\4=\4=\4K\49\4 ?:\4>\4<\4<\0045\4=\4B\0040\4@\48\49\4"="@C:\WINDOWS\system32\smlogcfg.dll,-735"
"\20\4B\4@\48\0041\4C\4B\4K\4 ?E\4@\0040\4=\0045\4=\48\4O\4 ?4\0040\4=\4=\4K\4E\4"=dword:00000021
"\32\4>\4A\0042\0045\4=\4=\4>\0045\4 ?8\4<\4O\4 ?D\0040\49\4;\0040\4 ?6\4C\4@\4=\0040\4;\0040\4 ?1\0040\0047\4K\4 ?4\0040\4=\4=\4K\4E\4"="@C:\WINDOWS\system32\smlogcfg.dll,-744"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:8e,7e,60,3c,4e,e9,45,62,be,52,c6,6f,ed,02,2f,35,3f,ff,21,92,d2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,52,ec,b4,3c,6b,00,46,4a,e6,aa,4f,52,92,05,9d,76,e4,..
"khjeh"=hex:9a,f6,bf,e5,91,e8,5a,64,b6,bb,59,d1,61,e7,02,8a,f6,b4,60,14,38,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:e2,f0,2f,9d,6d,10,50,0e,90,07,74,0f,6f,3b,88,c8,62,4f,a2,14,e5,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:4c,73,3e,ea,66,74,01,7a,59,ba,f9,80,d6,97,7a,61,28,c5,a4,1f,4f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:a4,1a,08,69,65,8c,f3,46,08,cb,bf,34,92,bc,a3,50,91,6c,08,ae,c4,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,52,ec,b4,3c,6b,00,46,4a,e6,aa,4f,52,92,05,9d,76,e4,..
"khjeh"=hex:9a,f6,bf,e5,91,e8,5a,64,b6,bb,59,d1,61,e7,02,8a,f6,b4,60,14,38,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:74,e4,5c,41,62,ae,9c,0e,0e,f8,81,d3,7c,ac,dd,02,10,4d,d2,27,9d,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{8328787a-4717-4d59-8113-71ee7db0bb25}]
"\32\4>\4A\0042\0045\4=\4=\4K\49\4 ?:\4>\4<\4<\0045\4=\4B\0040\4@\48\49\4"="@C:\WINDOWS\system32\smlogcfg.dll,-735"
"\20\4B\4@\48\0041\4C\4B\4K\4 ?E\4@\0040\4=\0045\4=\48\4O\4 ?4\0040\4=\4=\4K\4E\4"=dword:00000021
"\32\4>\4A\0042\0045\4=\4=\4>\0045\4 ?8\4<\4O\4 ?D\0040\49\4;\0040\4 ?6\4C\4@\4=\0040\4;\0040\4 ?1\0040\0047\4K\4 ?4\0040\4=\4=\4K\4E\4"="@C:\WINDOWS\system32\smlogcfg.dll,-744"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions]
"\34\48\4=\48\4?\4>\4@\4B\4 ?W?A?N? ?(?L?2?T?P?)?"=str(7):"1\0"
"\34\48\4=\48\4?\4>\4@\4B\4 ?W?A?N? ?(?P?P?T?P?)?"=str(7):"1\0"
"\34\48\4=\48\4?\4>\4@\4B\4 ?W?A?N? ?(?P?P?P?o?E?)?"=str(7):"1\0"
"\37\4@\4O\4<\4>\49\4 ??\0040\4@\0040\4;\4;\0045\4;\4L\4=\4K\49\4 ??\4>\4@\4B\4"=str(7):"1\0"
"\34\48\4=\48\4?\4>\4@\4B\4 ?W?A?N? ?(?I?P?)?"=str(7):"1\0"
"\34\48\4=\48\4?\4>\4@\4B\4 ??\4;\0040\4=\48\4@\4>\0042\4I\48\4:\0040\4 ??\0040\4:\0045\4B\4>\0042\4"=str(7):"1\0002\0003\0"
"\34\48\4=\48\4?\4>\4@\4B\4 ?W?A?N? ?(?I?P?X?)?"=str(7):"1\0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\lanmanserver\Shares]
"\24\4>\4:\4C\4<\0045\4=\4B\4K\4"=str(7):"CSCFlags=0\0MaxUses=4294967295\0Path=C:\Documents and Settings\All Users\>:C<5=BK\0Permissions=0\0Remark=\0Type=0\0"
"\37\4@\4>\0043\4@\0040\4<\48\4"=str(7):"CSCFlags=0\0MaxUses=4294967295\0Path=D:\020=B065==O\@>3@0<8\0Permissions=0\0Remark=\0Type=0\0"
"\20\4@\4E\48\0042\4K\4 ?O?l?d? ?P?C?"=str(7):"CSCFlags=0\0MaxUses=4294967295\0Path=G:\@E82K Old PC\0Permissions=0\0Remark=\0Type=0\0"
"\24\4>\0043\4>\0042\4V\4@\4"=str(7):"CSCFlags=0\0MaxUses=4294967295\0Path=G:\>3>2V@\0Permissions=0\0Remark=\0Type=0\0"
"\27\0040\0042\0040\4=\4B\0040\0046\0045\4=\4=\4O\4"=str(7):"CSCFlags=0\0MaxUses=4294967295\0Path=D:\020=B065==O\0Permissions=0\0Remark=\0Type=0\0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:4c,73,3e,ea,66,74,01,7a,59,ba,f9,80,d6,97,7a,61,28,c5,a4,1f,4f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:e1,9b,54,60,8b,cb,6e,d1,f6,88,d7,34,c8,64,23,7b,cb,50,7a,47,df,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,52,ec,b4,3c,6b,00,46,4a,e6,aa,4f,52,92,05,9d,76,e4,..
"khjeh"=hex:9a,f6,bf,e5,91,e8,5a,64,b6,bb,59,d1,61,e7,02,8a,f6,b4,60,14,38,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:03,08,13,6a,a3,73,ec,00,9d,3f,00,45,bb,b9,b1,da,d4,e8,a7,a0,0a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{8328787a-4717-4d59-8113-71ee7db0bb25}]
"\32\4>\4A\0042\0045\4=\4=\4K\49\4 ?:\4>\4<\4<\0045\4=\4B\0040\4@\48\49\4"="@C:\WINDOWS\system32\smlogcfg.dll,-735"
"\20\4B\4@\48\0041\4C\4B\4K\4 ?E\4@\0040\4=\0045\4=\48\4O\4 ?4\0040\4=\4=\4K\4E\4"=dword:00000021
"\32\4>\4A\0042\0045\4=\4=\4>\0045\4 ?8\4<\4O\4 ?D\0040\49\4;\0040\4 ?6\4C\4@\4=\0040\4;\0040\4 ?1\0040\0047\4K\4 ?4\0040\4=\4=\4K\4E\4"="@C:\WINDOWS\system32\smlogcfg.dll,-744"

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cursors\Schemes]
"!\4B\0040\4=\0044\0040\4@\4B\4=\0040\4O\4 ?W?i?n?d?o?w?s?"="",,,,,,,,,,,,,""
"\37\4>\0044\0042\48\0046\4=\0040\4O\4 ?W?i?n?d?o?w?s?"=""C:\WINDOWS\Cursors\rainbow.ani,,C:\WINDOWS\Cursors\appstart.ani,C:\WINDOWS\Cursors\hourglas.ani,C:\WINDOWS\Cursors\cross.cur,,,,C:\WINDOWS\Cursors\sizens.ani,C:\WINDOWS\Cursors\sizewe.ani,C:\WINDOWS\Cursors\sizenwse.ani,C:\WINDOWS\Cursors\sizenesw.ani,,""
"\36\0041\4J\0045\4<\4=\0040\4O\4 ?1\0045\4;\0040\4O\4"=""C:\WINDOWS\Cursors\3dwarro.cur,,C:\WINDOWS\Cursors\appstar3.ani,C:\WINDOWS\Cursors\hourgla3.ani,C:\WINDOWS\Cursors\cross.cur,,,C:\WINDOWS\Cursors\3dwno.cur,C:\WINDOWS\Cursors\3dwns.cur,C:\WINDOWS\Cursors\3dwwe.cur,C:\WINDOWS\Cursors\3dwnwse.cur,C:\WINDOWS\Cursors\3dwnesw.cur,C:\WINDOWS\Cursors\3dwmove.cur,""
" \4C\4:\48\4 ?1?"=""C:\WINDOWS\Cursors\harrow.cur,,C:\WINDOWS\Cursors\handapst.ani,C:\WINDOWS\Cursors\hand.ani,C:\WINDOWS\Cursors\hcross.cur,C:\WINDOWS\Cursors\hibeam.cur,,C:\WINDOWS\Cursors\hnodrop.cur,C:\WINDOWS\Cursors\hns.cur,C:\WINDOWS\Cursors\hwe.cur,C:\WINDOWS\Cursors\hnwse.cur,C:\WINDOWS\Cursors\hnesw.cur,C:\WINDOWS\Cursors\hmove.cur,""
" \4C\4:\48\4 ?2?"=""C:\WINDOWS\Cursors\harrow.cur,,C:\WINDOWS\Cursors\handapst.ani,C:\WINDOWS\Cursors\handwait.ani,C:\WINDOWS\Cursors\hcross.cur,C:\WINDOWS\Cursors\hibeam.cur,,C:\WINDOWS\Cursors\handno.ani,C:\WINDOWS\Cursors\handns.ani,C:\WINDOWS\Cursors\handwe.ani,C:\WINDOWS\Cursors\handnwse.ani,C:\WINDOWS\Cursors\handnesw.ani,C:\WINDOWS\Cursors\hmove.cur,""
"\24\48\4=\4>\0047\0040\0042\4@\4"=""C:\WINDOWS\Cursors\3dgarro.cur,,C:\WINDOWS\Cursors\dinosaur.ani,C:\WINDOWS\Cursors\dinosau2.ani,C:\WINDOWS\Cursors\cross.cur,,,C:\WINDOWS\Cursors\banana.ani,C:\WINDOWS\Cursors\3dsns.cur,C:\WINDOWS\Cursors\3dgwe.cur,C:\WINDOWS\Cursors\3dsnwse.cur,C:\WINDOWS\Cursors\3dgnesw.cur,C:\WINDOWS\Cursors\3dsmove.cur,""
"\22\4 ?A\4B\0040\4@\4>\4<\4 ?A\4B\48\4;\0045\4"=""C:\WINDOWS\Cursors\harrow.cur,,C:\WINDOWS\Cursors\horse.ani,C:\WINDOWS\Cursors\barber.ani,C:\WINDOWS\Cursors\hcross.cur,C:\WINDOWS\Cursors\hibeam.cur,,C:\WINDOWS\Cursors\coin.ani,C:\WINDOWS\Cursors\3dgns.cur,C:\WINDOWS\Cursors\3dgwe.cur,C:\WINDOWS\Cursors\3dgnwse.cur,C:\WINDOWS\Cursors\3dgnesw.cur,C:\WINDOWS\Cursors\3dgmove.cur,""
"\24\48\4@\48\0046\0045\4@\4"=""C:\WINDOWS\Cursors\harrow.cur,,C:\WINDOWS\Cursors\drum.ani,C:\WINDOWS\Cursors\metronom.ani,C:\WINDOWS\Cursors\hcross.cur,C:\WINDOWS\Cursors\hibeam.cur,,C:\WINDOWS\Cursors\piano.ani,C:\WINDOWS\Cursors\hns.cur,C:\WINDOWS\Cursors\hwe.cur,C:\WINDOWS\Cursors\hnwse.cur,C:\WINDOWS\Cursors\hnesw.cur,C:\WINDOWS\Cursors\hmove.cur,""
"#\0042\0045\4;\48\4G\0045\4=\4=\0040\4O\4"=""C:\WINDOWS\Cursors\larrow.cur,,C:\WINDOWS\Cursors\lappstrt.cur,C:\WINDOWS\Cursors\lwait.cur,C:\WINDOWS\Cursors\lcross.cur,C:\WINDOWS\Cursors\libeam.cur,,C:\WINDOWS\Cursors\lnodrop.cur,C:\WINDOWS\Cursors\lns.cur,C:\WINDOWS\Cursors\lwe.cur,C:\WINDOWS\Cursors\lnwse.cur,C:\WINDOWS\Cursors\lnesw.cur,C:\WINDOWS\Cursors\lmove.cur,""
"\22\0040\4@\48\0040\4F\48\48\4"=""C:\WINDOWS\Cursors\fillitup.ani,,C:\WINDOWS\Cursors\raindrop.ani,C:\WINDOWS\Cursors\counter.ani,C:\WINDOWS\Cursors\cross.cur,,,C:\WINDOWS\Cursors\wagtail.ani,C:\WINDOWS\Cursors\sizens.ani,C:\WINDOWS\Cursors\sizewe.ani,C:\WINDOWS\Cursors\sizenwse.ani,C:\WINDOWS\Cursors\sizenesw.ani,""
"\36\0041\4J\0045\4<\4=\0040\4O\4 ?1\4@\4>\4=\0047\4>\0042\0040\4O\4"=""C:\WINDOWS\Cursors\3dgarro.cur,,C:\WINDOWS\Cursors\appstar2.ani,C:\WINDOWS\Cursors\hourgla2.ani,C:\WINDOWS\Cursors\cross.cur,,,C:\WINDOWS\Cursors\3dgno.cur,C:\WINDOWS\Cursors\3dgns.cur,C:\WINDOWS\Cursors\3dgwe.cur,C:\WINDOWS\Cursors\3dgnwse.cur,C:\WINDOWS\Cursors\3dgnesw.cur,C:\WINDOWS\Cursors\3dgmove.cur,""
"'\0045\4@\4=\0040\4O\4 ?"="C:\WINDOWS\cursors\arrow_r.cur,C:\WINDOWS\cursors\help_r.cur,C:\WINDOWS\cursors\wait_r.cur,C:\WINDOWS\cursors\busy_r.cur,C:\WINDOWS\cursors\cross_r.cur,C:\WINDOWS\cursors\beam_r.cur,C:\WINDOWS\cursors\pen_r.cur,C:\WINDOWS\cursors\no_r.cur,C:\WINDOWS\cursors\size4_r.cur,C:\WINDOWS\cursors\size3_r.cur,C:\WINDOWS\cursors\size2_r.cur,C:\WINDOWS\cursors\size1_r.cur,C:\WINDOWS\cursors\move_r.cur,C:\WINDOWS\cursors\up_r.cur"
"'\0045\4@\4=\0040\4O\4 ?(?:\4@\4C\4?\4=\0040\4O\4)?"="C:\WINDOWS\cursors\arrow_rm.cur,C:\WINDOWS\cursors\help_rm.cur,C:\WINDOWS\cursors\wait_rm.cur,C:\WINDOWS\cursors\busy_rm.cur,C:\WINDOWS\cursors\cross_rm.cur,C:\WINDOWS\cursors\beam_rm.cur,C:\WINDOWS\cursors\pen_rm.cur,C:\WINDOWS\cursors\no_rm.cur,C:\WINDOWS\cursors\size4_rm.cur,C:\WINDOWS\cursors\size3_rm.cur,C:\WINDOWS\cursors\size2_rm.cur,C:\WINDOWS\cursors\size1_rm.cur,C:\WINDOWS\cursors\move_rm.cur,C:\WINDOWS\cursors\up_rm.cur"
"'\0045\4@\4=\0040\4O\4 ?(?>\0043\4@\4>\4<\4=\0040\4O\4)?"="C:\WINDOWS\cursors\arrow_rl.cur,C:\WINDOWS\cursors\help_rl.cur,C:\WINDOWS\cursors\wait_rl.cur,C:\WINDOWS\cursors\busy_rl.cur,C:\WINDOWS\cursors\cross_rl.cur,C:\WINDOWS\cursors\beam_rl.cur,C:\WINDOWS\cursors\pen_rl.cur,C:\WINDOWS\cursors\no_rl.cur,C:\WINDOWS\cursors\size4_rl.cur,C:\WINDOWS\cursors\size3_rl.cur,C:\WINDOWS\cursors\size2_rl.cur,C:\WINDOWS\cursors\size1_rl.cur,C:\WINDOWS\cursors\move_rl.cur,C:\WINDOWS\cursors\up_rl.cur"
"\30\4=\0042\0045\4@\4A\4=\0040\4O\4"="C:\WINDOWS\cursors\arrow_i.cur,C:\WINDOWS\cursors\help_i.cur,C:\WINDOWS\cursors\wait_i.cur,C:\WINDOWS\cursors\busy_i.cur,C:\WINDOWS\cursors\cross_i.cur,C:\WINDOWS\cursors\beam_i.cur,C:\WINDOWS\cursors\pen_i.cur,C:\WINDOWS\cursors\no_i.cur,C:\WINDOWS\cursors\size4_i.cur,C:\WINDOWS\cursors\size3_i.cur,C:\WINDOWS\cursors\size2_i.cur,C:\WINDOWS\cursors\size1_i.cur,C:\WINDOWS\cursors\move_i.cur,C:\WINDOWS\cursors\up_i.cur"
"\30\4=\0042\0045\4@\4A\4=\0040\4O\4 ?(?:\4@\4C\4?\4=\0040\4O\4)?"="C:\WINDOWS\cursors\arrow_im.cur,C:\WINDOWS\cursors\help_im.cur,C:\WINDOWS\cursors\wait_im.cur,C:\WINDOWS\cursors\busy_im.cur,C:\WINDOWS\cursors\cross_im.cur,C:\WINDOWS\cursors\beam_im.cur,C:\WINDOWS\cursors\pen_im.cur,C:\WINDOWS\cursors\no_im.cur,C:\WINDOWS\cursors\size4_im.cur,C:\WINDOWS\cursors\size3_im.cur,C:\WINDOWS\cursors\size2_im.cur,C:\WINDOWS\cursors\size1_im.cur,C:\WINDOWS\cursors\move_im.cur,C:\WINDOWS\cursors\up_im.cur"
"\30\4=\0042\0045\4@\4A\4=\0040\4O\4 ?(?>\0043\4@\4>\4<\4=\0040\4O\4)?"="C:\WINDOWS\cursors\arrow_il.cur,C:\WINDOWS\cursors\help_il.cur,C:\WINDOWS\cursors\wait_il.cur,C:\WINDOWS\cursors\busy_il.cur,C:\WINDOWS\cursors\cross_il.cur,C:\WINDOWS\cursors\beam_il.cur,C:\WINDOWS\cursors\pen_il.cur,C:\WINDOWS\cursors\no_il.cur,C:\WINDOWS\cursors\size4_il.cur,C:\WINDOWS\cursors\size3_il.cur,C:\WINDOWS\cursors\size2_il.cur,C:\WINDOWS\cursors\size1_il.cur,C:\WINDOWS\cursors\move_il.cur,C:\WINDOWS\cursors\up_il.cur"
"!\4B\0040\4=\0044\0040\4@\4B\4=\0040\4O\4 ?(?:\4@\4C\4?\4=\0040\4O\4)?"="C:\WINDOWS\cursors\arrow_m.cur,C:\WINDOWS\cursors\help_m.cur,C:\WINDOWS\cursors\wait_m.cur,C:\WINDOWS\cursors\busy_m.cur,C:\WINDOWS\cursors\cross_m.cur,C:\WINDOWS\cursors\beam_m.cur,C:\WINDOWS\cursors\pen_m.cur,C:\WINDOWS\cursors\no_m.cur,C:\WINDOWS\cursors\size4_m.cur,C:\WINDOWS\cursors\size3_m.cur,C:\WINDOWS\cursors\size2_m.cur,C:\WINDOWS\cursors\size1_m.cur,C:\WINDOWS\cursors\move_m.cur,C:\WINDOWS\cursors\up_m.cur"
"!\4B\0040\4=\0044\0040\4@\4B\4=\0040\4O\4 ?(?>\0043\4@\4>\4<\4=\0040\4O\4)?"="C:\WINDOWS\cursors\arrow_l.cur,C:\WINDOWS\cursors\help_l.cur,C:\WINDOWS\cursors\wait_l.cur,C:\WINDOWS\cursors\busy_l.cur,C:\WINDOWS\cursors\cross_l.cur,C:\WINDOWS\cursors\beam_l.cur,C:\WINDOWS\cursors\pen_l.cur,C:\WINDOWS\cursors\no_l.cur,C:\WINDOWS\cursors\size4_l.cur,C:\WINDOWS\cursors\size3_l.cur,C:\WINDOWS\cursors\size2_l.cur,C:\WINDOWS\cursors\size1_l.cur,C:\WINDOWS\cursors\move_l.cur,C:\WINDOWS\cursors\up_l.cur"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComputerDescriptions]
"\37\4\32\4"=""
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\GrpConv\MapGroups]
"\30\0043\4@\4K\4"="!B0=40@B=K5\3@K"
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Devices]
"\20\0042\4B\4>\4 ?T?e?k?t?r?o?n?i?x? ?P?h?a?s?e?r? ?7?8?0? ?G?r?a?p?h?i?c?s? ?=\0040\4 ?S?A?S?H?A?1?"="winspool,Ne00:"
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\PrinterPorts]
"\20\0042\4B\4>\4 ?T?e?k?t?r?o?n?i?x? ?P?h?a?s?e?r? ?7?8?0? ?G?r?a?p?h?i?c?s? ?=\0040\4 ?S?A?S?H?A?1?"="winspool,Ne00:,15,45"

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Fri 25 Jan 2008       126,976 ...H. --- "C:\Documents and Settings\All Users\„®Єг¬Ґ*вл\~WRL0002.tmp"
Fri 25 Jan 2008       126,976 ...H. --- "C:\Documents and Settings\All Users\„®Єг¬Ґ*вл\~WRL0004.tmp"

Finished!

Последний раз редактировалось Pili, 19-09-2008 в 13:57.

Отправлено: 12:13, 19-09-2008 | #10

Название темы: Не работают скрипты в браузере. Есть подозрение на вирус!:(