Новости
Видео
Microsoft
Windows 10
Железо
Программы
Форум
Имя пользователя:
Пароль:
 

Название темы: [решено] Нет доступа к сайту майкрософт, и многим сайтам антивирусов
Показать сообщение отдельно

Новый участник


Сообщения: 4
Благодарности: 0

Профиль | Отправить PM | Цитировать

Огромное спасибо, наконец есть доступ к MSDN
Проблема решена.
Видимо, вирус мигрировал через флешку? Я это заподозрил, как заразил ноут )) С ноутом попытаюсь разобратся сам. Отдельная благодарность за ссылку на virustotal.com

new Log ComboFix
Код: Выделить весь код
ComboFix 09-01-21.04 - Sasha 2009-01-26 12:29:54.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1251.1.1049.18.767.342 [GMT 0:00]
Running from: c:\documents and settings\Sasha\Рабочий стол\ComboFix.exe
Command switches used :: c:\documents and settings\Sasha\Рабочий стол\CFScript.txt
AV: avast! antivirus 4.8.1296 [VPS 090125-0] *On-access scanning disabled* (Updated)
FW: AGAVA Firewall *disabled*
FW: Outpost Firewall Pro *disabled*
 * Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
c:\windows\system32\xouxh.dll
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_HPZSGZNXQ


(((((((((((((((((((((((((   Files Created from 2008-12-26 to 2009-01-26  )))))))))))))))))))))))))))))))
.

2009-01-26 11:48 . 2009-01-26 11:48	<DIR>	d--------	c:\documents and settings\Sasha\DoctorWeb
2009-01-25 21:14 . 2009-01-25 21:14	<DIR>	d--------	c:\program files\Microsoft Synchronization Services
2009-01-25 21:14 . 2009-01-25 21:14	<DIR>	d--------	c:\program files\Microsoft SQL Server Compact Edition
2009-01-25 19:20 . 2009-01-25 21:21	<DIR>	d--------	c:\program files\Microsoft SQL Server
2009-01-25 19:01 . 2009-01-25 19:01	<DIR>	d--------	C:\SQL Server 2000 Sample Databases
2009-01-25 17:54 . 2009-01-25 17:54	<DIR>	d--------	c:\program files\Google
2009-01-25 15:21 . 2009-01-25 15:21	578,560	--a--c---	c:\windows\system32\dllcache\user32.dll
2009-01-25 15:18 . 2009-01-25 15:18	<DIR>	d--------	c:\windows\ERUNT
2009-01-25 15:12 . 2008-11-06 02:03	<DIR>	d--------	C:\SDFix
2009-01-25 12:30 . 2009-01-25 16:16	250	--a------	c:\windows\gmer.ini
2009-01-25 11:53 . 2009-01-25 11:53	<DIR>	d--h-----	c:\windows\$hf_mig$
2009-01-25 11:17 . 2009-01-25 11:17	0	--a------	c:\windows\nsreg.dat
2009-01-24 17:15 . 2009-01-24 17:15	<DIR>	d--------	c:\documents and settings\All Users\Application Data\PreEmptive Solutions
2009-01-24 17:08 . 2009-01-24 17:08	<DIR>	d--------	c:\windows\symbols
2009-01-24 17:05 . 2009-01-24 17:09	<DIR>	d--------	c:\program files\HTML Help Workshop
2009-01-24 17:05 . 2009-01-24 17:15	<DIR>	d--------	c:\program files\Common Files\Merge Modules
2009-01-24 17:05 . 2009-01-24 17:05	<DIR>	d--------	c:\program files\CE Remote Tools
2009-01-21 12:59 . 2009-01-21 12:59	<DIR>	d--------	c:\program files\ICQToolbar
2009-01-21 12:55 . 2009-01-21 13:03	<DIR>	d--------	c:\program files\ICQ6
2009-01-21 12:55 . 2009-01-21 12:55	<DIR>	d--------	c:\documents and settings\Sasha\Application Data\InstallShield
2009-01-16 16:11 . 2009-01-18 18:09	<DIR>	d--------	c:\documents and settings\Sasha\Application Data\SWF.max
2009-01-15 21:41 . 2009-01-15 21:41	<DIR>	d--------	c:\documents and settings\Sasha\Application Data\vlc
2009-01-15 21:21 . 2009-01-15 21:21	<DIR>	d--------	c:\program files\VideoLAN
2009-01-12 17:52 . 2009-01-12 17:59	<DIR>	d--------	c:\program files\EWB512
2009-01-12 17:52 . 2009-01-12 17:52	216,064	--a------	c:\windows\iun3405.exe
2009-01-06 08:47 . 2009-01-06 08:47	<DIR>	d--------	c:\program files\Microl
2009-01-04 17:43 . 2009-01-04 17:43	<DIR>	d--------	c:\documents and settings\Sasha\Application Data\VyPRESS
2009-01-03 19:24 . 2009-01-03 19:24	<DIR>	d--------	c:\documents and settings\Sasha\Application Data\Media Player Classic
2009-01-03 15:22 . 2008-12-29 16:13	61,440	--a------	c:\windows\system32\DWRCSh32.DLL
2009-01-03 15:17 . 2009-01-03 15:21	<DIR>	d--------	c:\documents and settings\Sasha\Application Data\DameWare Development
2009-01-03 15:16 . 2009-01-03 15:16	<DIR>	d--------	c:\documents and settings\Sasha\Application Data\DWMRCMSI
2009-01-03 15:15 . 2009-01-03 15:26	<DIR>	d--------	c:\program files\DameWare Development
2009-01-03 14:23 . 2009-01-03 14:23	<DIR>	d--------	c:\program files\ICQ6Toolbar
2009-01-03 14:23 . 2009-01-03 14:23	<DIR>	d--------	c:\documents and settings\All Users\Application Data\ICQ
2009-01-03 14:22 . 2009-01-03 14:24	<DIR>	d--------	c:\documents and settings\Sasha\Application Data\ICQ
2009-01-02 23:19 . 2009-01-03 22:45	<DIR>	d--------	c:\documents and settings\Sasha\Application Data\Download Master
2009-01-02 22:36 . 2008-10-30 07:31	<DIR>	d--h-----	c:\documents and settings\Mama\Шаблоны
2009-01-02 22:36 . 2009-01-16 08:05	<DIR>	d--------	c:\documents and settings\Mama\Рабочий стол
2009-01-02 22:36 . 2009-01-24 09:48	<DIR>	dr-------	c:\documents and settings\Mama\Мои документы
2009-01-02 22:36 . 2008-10-30 10:23	<DIR>	dr-------	c:\documents and settings\Mama\Главное меню
2009-01-02 22:36 . 2009-01-02 22:37	<DIR>	dr-------	c:\documents and settings\Mama\Избранное
2009-01-02 22:36 . 2009-01-02 22:36	<DIR>	d--------	c:\documents and settings\Mama
2009-01-02 18:45 . 2009-01-02 18:45	<DIR>	d--------	c:\documents and settings\Sasha\Application Data\DivX
2009-01-02 14:24 . 2009-01-02 14:24	<DIR>	d--------	c:\documents and settings\All Users\Application Data\nView_Profiles
2009-01-02 13:40 . 2009-01-02 23:29	<DIR>	d--------	c:\documents and settings\Sasha\Application Data\Winamp
2009-01-02 13:32 . 2008-10-30 07:31	<DIR>	d--h-----	c:\documents and settings\Sasha\Шаблоны
2009-01-02 13:32 . 2009-01-26 12:29	<DIR>	d--------	c:\documents and settings\Sasha\Рабочий стол
2009-01-02 13:32 . 2009-01-24 16:33	<DIR>	dr-------	c:\documents and settings\Sasha\Мои документы
2009-01-02 13:32 . 2008-10-30 10:23	<DIR>	dr-------	c:\documents and settings\Sasha\Главное меню
2009-01-02 13:32 . 2009-01-02 13:32	<DIR>	dr-------	c:\documents and settings\Sasha\Избранное
2009-01-02 13:32 . 2009-01-26 11:48	<DIR>	d--------	c:\documents and settings\Sasha
2008-12-30 12:00 . 2008-12-30 14:00	21,840	--a----t-	c:\windows\system32\SIntfNT.dll
2008-12-30 12:00 . 2008-12-30 14:00	17,212	--a----t-	c:\windows\system32\SIntf32.dll
2008-12-30 12:00 . 2008-12-30 14:00	12,067	--a----t-	c:\windows\system32\SIntf16.dll
2008-12-29 09:56 . 2008-12-29 09:56	<DIR>	d--------	c:\program files\Winamp Toolbar
2008-12-29 09:56 . 2008-12-29 09:56	<DIR>	d--------	c:\documents and settings\All Users\Application Data\Winamp Toolbar
2008-12-27 23:27 . 2008-12-24 17:24	703,904	--a------	c:\windows\system32\drivers\SandBox.sys
2008-12-27 23:27 . 2008-12-17 11:07	257,176	--a------	c:\windows\system32\drivers\afwcore.sys
2008-12-27 23:26 . 2008-12-27 23:27	<DIR>	d--------	c:\windows\system32\Filt
2008-12-27 23:26 . 2008-12-27 23:26	<DIR>	d--------	c:\program files\Agnitum
2008-12-27 23:26 . 2008-12-27 23:26	<DIR>	d--------	c:\documents and settings\All Users\Application Data\Agnitum
2008-12-27 23:26 . 2008-06-20 09:45	30,864	--a------	c:\windows\system32\drivers\afw.sys
2008-12-27 23:26 . 2008-12-04 12:13	49	--a------	c:\windows\transp.gif
2008-12-27 23:16 . 2004-08-18 16:00	2,134,528	--a--c---	c:\windows\system32\dllcache\smtpsnap.dll
2008-12-27 09:03 . 2008-12-27 09:03	<DIR>	d--------	c:\program files\Aura
2008-12-26 23:00 . 2008-12-26 23:00	<DIR>	d--------	c:\program files\DMoNsoft
2008-12-26 21:19 . 2008-12-26 21:24	<DIR>	d--------	c:\program files\Seoadministrator
2008-12-26 21:19 . 2000-01-24 04:01	2,023,424	--a------	c:\windows\system32\VCL50.BPL
2008-12-26 21:19 . 2000-01-31 04:00	1,496,064	--a------	c:\windows\system32\cc3250mt.dll
2008-12-26 21:19 . 2003-10-16 16:25	1,315,840	--a------	c:\windows\system32\indy50.bpl
2008-12-26 21:19 . 2000-01-24 04:01	558,080	--a------	c:\windows\system32\VCLDB50.BPL
2008-12-26 21:19 . 2000-01-24 04:01	534,016	--a------	c:\windows\system32\tee50.BPL
2008-12-26 21:19 . 2000-01-24 04:01	248,832	--a------	c:\windows\system32\VCLX50.BPL
2008-12-26 21:19 . 2000-01-31 04:00	219,648	--a------	c:\windows\system32\cg32.dll
2008-12-26 21:19 . 2000-01-24 04:01	197,120	--a------	c:\windows\system32\NMFAST50.BPL
2008-12-26 21:19 . 2000-01-31 04:00	147,456	--a------	c:\windows\system32\BCBSMP50.BPL
2008-12-26 21:19 . 2000-01-31 04:00	84,480	--a------	c:\windows\system32\BCBIE50.BPL
2008-12-26 21:19 . 2000-01-24 04:01	65,024	--a------	c:\windows\system32\inet50.bpl

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-26 11:23	---------	d-----w	c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-24 17:09	---------	d-----w	c:\program files\MSBuild
2009-01-24 00:33	---------	d-----w	c:\program files\Java
2009-01-21 12:11	---------	d-----w	c:\program files\QIP Infium
2009-01-16 16:16	---------	d-----w	c:\program files\SWF.max
2009-01-03 14:24	---------	d--h--w	c:\program files\InstallShield Installation Information
2009-01-02 22:45	---------	d-----w	c:\program files\DU Meter
2008-12-29 10:37	---------	d-----w	c:\program files\Winamp
2008-12-26 08:59	---------	d-----w	c:\program files\Multi Password Recovery
2008-12-23 11:36	---------	d-----w	c:\program files\Neat Corporation
2008-12-18 20:52	---------	d-----w	c:\program files\Download Master
2008-12-18 19:10	---------	d-----w	c:\program files\Microsoft
2008-12-18 17:10	---------	d-----w	c:\program files\QIP
2008-12-18 12:29	---------	d-----w	c:\program files\Radmin
2008-12-16 18:32	---------	d-----w	c:\program files\Ahead
2008-12-16 18:31	---------	d-----w	c:\program files\SlySoft
2008-12-11 17:25	---------	d-----w	c:\program files\Vypress Chat
2008-12-10 10:49	---------	d-----w	c:\documents and settings\All Users\Application Data\Hagel Technologies
2008-12-05 08:49	---------	d-----w	c:\documents and settings\All Users\Application Data\ABBYY
2008-12-05 08:08	---------	d-----w	c:\program files\Mustek 1200 UB PLUS
2008-12-01 11:51	---------	d-----w	c:\program files\Business Objects
2008-12-01 11:48	---------	d-----w	c:\program files\Windows Mobile 5.0 SDK R2
2008-12-01 11:48	---------	d-----w	c:\program files\Microsoft Device Emulator
2008-12-01 11:40	---------	d-----w	c:\program files\Microsoft.NET
2008-12-01 11:07	---------	d-----w	c:\program files\Microsoft Web Designer Tools
2008-11-29 18:04	---------	d-----w	c:\program files\Sun
2008-11-29 16:28	---------	d-----w	c:\program files\Alcohol Soft
2008-11-27 20:00	---------	d-----w	c:\program files\EBMKiev-DEMO
2008-10-30 08:14	60,416	----a-w	c:\windows\ALCFDRTM.EXE
.

------- Sigcheck -------

2007-10-15 21:39  578560  5231f1983829611637e9493105e84751	c:\windows\system32\user32.dll
2009-01-25 15:21  578560  5231f1983829611637e9493105e84751	c:\windows\system32\dllcache\user32.dll

2007-10-16 05:50  360576  bb4d3a8e6f7eb1d370bc4ad27ab23368	c:\windows\system32\drivers\tcpip.sys

2007-10-16 06:57  2066176  794c6ea35a1598ae49bff6faff9ebcab	c:\windows\system32\ntkrnlpa.exe

2007-10-16 06:56  2188928  0dceef0666c2a8f078fead29699f8b6d	c:\windows\system32\ntoskrnl.exe

2007-10-15 21:38  1608704  7a4ec6b6d1bc9a866438371b1662385c	c:\windows\explorer.exe

2007-10-15 21:38  30208  dfac8122228107f7bca18a71056b5abe	c:\windows\system32\ctfmon.exe

2007-10-15 21:39  80216  94dac979b510d047ab4ed7ff22a68f4d	c:\windows\system32\wuauclt.exe
.
(((((((((((((((((((((((((((((   snapshot@2009-01-25_16.03.48.32   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-01-25 18:59:18	387,800	----a-w	c:\windows\assembly\GAC_32\Microsoft.SqlServer.BatchParser\9.0.242.0__89845dcd8080cc91\microsoft.sqlserver.batchparser.dll
+ 2009-01-25 18:59:21	75,480	----a-w	c:\windows\assembly\GAC_32\Microsoft.SqlServer.MgdSqlDumper\9.0.242.0__89845dcd8080cc91\microsoft.sqlserver.mgdsqldumper.dll
+ 2009-01-25 18:59:24	56,096	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.analysisservices.adomdclient.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.AnalysisServices.AdomdClient.resources.dll
+ 2009-01-25 18:59:24	539,352	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.AdomdClient\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.AdomdClient.dll
+ 2009-01-25 18:59:21	31,520	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.analysisservices.deploymentengine.resources\9.0.242.0_ru_89845dcd8080cc91\microsoft.analysisservices.deploymentengine.resources.dll
+ 2009-01-25 18:59:19	137,944	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.DeploymentEngine\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.DeploymentEngine.dll
+ 2009-01-25 18:59:21	195,360	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.analysisservices.resources\9.0.242.0_ru_89845dcd8080cc91\microsoft.analysisservices.resources.dll
+ 2009-01-25 18:59:19	1,211,096	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.AnalysisServices\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.DLL
+ 2009-01-25 18:59:21	10,528	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.datawarehouse.interfaces.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.DataWarehouse.Interfaces.resources.dll
+ 2009-01-25 18:59:19	35,544	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.DataWarehouse.Interfaces\9.0.242.0__89845dcd8080cc91\Microsoft.DataWarehouse.Interfaces.DLL
+ 2009-01-25 18:59:32	80,672	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.exceptionmessagebox.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.ExceptionMessageBox.resources.dll
+ 2009-01-25 18:59:30	133,848	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.ExceptionMessageBox\9.0.242.0__89845dcd8080cc91\Microsoft.ExceptionMessageBox.dll
+ 2009-01-25 18:51:01	80,672	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.netenterpriseservers.exceptionmessagebox.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.NetEnterpriseServers.ExceptionMessageBox.Resources.dll
+ 2009-01-25 21:16:46	136,560	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.NetEnterpriseServers.ExceptionMessageBox\9.0.242.0__89845dcd8080cc91\Microsoft.NetEnterpriseServers.ExceptionMessageBox.dll
+ 2009-01-25 18:59:20	17,184	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.connectioninfo.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.SqlServer.ConnectionInfo.Resources.dll
+ 2009-01-25 18:59:18	150,232	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.ConnectionInfo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.ConnectionInfo.dll
+ 2009-01-25 21:16:47	46,448	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.CustomControls\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.CustomControls.dll
+ 2009-01-25 18:51:01	19,744	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.gridcontrol.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.SqlServer.GridControl.Resources.dll
+ 2009-01-25 21:16:46	202,096	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.GridControl\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.GridControl.dll
+ 2009-01-25 18:59:22	16,600	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.Instapi\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.InstApi.dll
+ 2009-01-25 18:59:20	13,600	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.regsvrenum.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.SqlServer.RegSvrEnum.resources.dll
+ 2009-01-25 18:59:18	68,312	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.RegSvrEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.RegSvrEnum.dll
+ 2009-01-25 18:59:28	47,832	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.Replication.BusinessLogicSupport\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Replication.BusinessLogicSupport.dll
+ 2009-01-25 18:59:20	52,000	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.rmo.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.SqlServer.Rmo.Resources.dll
+ 2009-01-25 18:59:19	555,736	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.Rmo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Rmo.dll
+ 2009-01-25 18:59:20	35,616	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.servicebrokerenum.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.SqlServer.ServiceBrokerEnum.Resources.dll
+ 2009-01-25 18:59:18	39,640	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.ServiceBrokerEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.ServiceBrokerEnum.dll
+ 2009-01-25 18:51:01	64,288	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.setup.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.SqlServer.Setup.Resources.dll
+ 2009-01-25 18:50:54	289,496	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.Setup\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Setup.dll
+ 2009-01-25 18:59:20	92,960	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.smo.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.SqlServer.Smo.Resources.dll
+ 2009-01-25 18:59:17	1,559,256	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.Smo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Smo.dll
+ 2009-01-25 18:59:20	97,056	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.smoenum.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.SqlServer.SmoEnum.Resources.dll
+ 2009-01-25 18:59:18	223,960	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.SmoEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SmoEnum.dll
+ 2009-01-25 18:59:20	604,960	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.sqlenum.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.SqlServer.SqlEnum.Resources.dll
+ 2009-01-25 18:59:18	895,704	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.SqlEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SqlEnum.dll
+ 2009-01-25 18:59:21	43,736	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.SqlTDiagM\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SqlTDiagM.dll
+ 2009-01-25 18:59:17	20,184	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.SString\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SString.dll
+ 2009-01-25 18:51:01	351,008	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.wizardframeworklite.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.SqlServer.WizardFrameworkLite.resources.dll
+ 2009-01-25 21:16:46	595,312	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.WizardFrameworkLite\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.WizardFrameworkLite.dll
+ 2009-01-25 18:59:20	11,040	----a-w	c:\windows\assembly\GAC_MSIL\microsoft.sqlserver.wmienum.resources\9.0.242.0_ru_89845dcd8080cc91\Microsoft.SqlServer.WmiEnum.Resources.dll
+ 2009-01-25 18:59:18	43,736	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.WmiEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.WmiEnum.dll
- 2008-10-30 08:52:56	115,744	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.Server\1.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.Server.dll
+ 2009-01-25 21:14:05	99,696	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.Server\1.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.Server.dll
- 2008-10-30 08:52:56	95,312	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.SqlServerCe.dll
+ 2009-01-25 21:14:05	91,216	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.SqlServerCe.dll
- 2008-10-30 08:52:56	115,744	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data\1.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.dll
+ 2009-01-25 21:14:05	111,984	----a-w	c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data\1.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.dll
- 2008-10-30 08:52:56	271,440	----a-w	c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
+ 2009-01-25 21:14:05	263,248	----a-w	c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
+ 2009-01-25 18:51:47	71,168	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.NetEnterp#\a74930bb8430316ec6cec7afceff02e6\microsoft.netenterpriseservers.exceptionmessagebox.resources.ni.dll
+ 2009-01-25 21:25:46	231,936	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.NetEnterp#\f900abeac1a34b1ea03de11b1ef647b1\Microsoft.NetEnterpriseServers.ExceptionMessageBox.ni.dll
+ 2009-01-25 21:25:50	530,432	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\16a42f39de574b65672a6f7b60d47b94\Microsoft.SqlServer.GridControl.ni.dll
+ 2009-01-25 21:25:58	989,184	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\334222245e81d48c73682a1c3dfa5c26\Microsoft.SqlServer.WizardFrameworkLite.ni.dll
+ 2009-01-25 18:51:57	53,248	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\36c9dd5089e6b737d00aa49fb7d69e3e\microsoft.sqlserver.setup.resources.ni.dll
+ 2009-01-25 18:51:53	20,480	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4e3fe0c7aa554485f67b95b3b9cbd072\microsoft.sqlserver.gridcontrol.resources.ni.dll
+ 2009-01-25 18:52:02	339,456	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\586b49a50424d622369629a2370be11b\microsoft.sqlserver.wizardframeworklite.resources.ni.dll
+ 2009-01-25 21:25:47	74,752	----a-w	c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\ea2ae783dc512b6a9e62bba0d4f71ecf\Microsoft.SqlServer.CustomControls.ni.dll
+ 2009-01-25 17:54:46	26,694	----a-r	c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ARPPRODUCTICON.exe
+ 2009-01-25 17:54:46	26,694	----a-r	c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2009-01-25 17:54:46	26,694	----a-r	c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2009-01-25 17:54:46	26,694	----a-r	c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-01-25 17:54:46	26,694	----a-r	c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-01-25 17:54:46	26,694	----a-r	c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe
- 2009-01-25 08:05:25	198,552	----a-w	c:\windows\system32\FNTCACHE.DAT
+ 2009-01-26 12:13:48	198,552	----a-w	c:\windows\system32\FNTCACHE.DAT
- 2009-01-25 16:02:01	237,905	----a-w	c:\windows\system32\inetsrv\MetaBase.bin
+ 2009-01-26 12:37:29	237,904	----a-w	c:\windows\system32\inetsrv\MetaBase.bin
+ 2007-02-10 05:29:52	2,234,224	----a-w	c:\windows\system32\sqlncli.dll
- 2009-01-25 16:01:04	16,384	----atw	c:\windows\Temp\Perflib_Perfdata_6a4.dat
+ 2009-01-26 12:35:21	16,384	----atw	c:\windows\Temp\Perflib_Perfdata_6a4.dat
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Punto Switcher"="c:\program files\Punto Switcher\ps.exe" [2007-01-25 201728]
"VistaIcon"="c:\program files\VistaDriveIcon\VistaDrv.exe" [2007-07-02 132608]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2008-06-08 2645528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-13 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-13 81920]
"VolumeControl"="c:\program files\VolumeControl\volume.exe" [2003-09-15 36864]
"Diamondback"="c:\program files\Razer\Diamondback 3G\razerhid.exe" [2007-08-01 147456]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 132496]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2008-12-25 1227080]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall Pro\feedback.exe" [2008-12-25 432968]
"nwiz"="nwiz.exe" [2007-07-13 c:\windows\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 c:\windows\soundman.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Punto Switcher"="c:\program files\Punto Switcher\ps.exe" [2007-01-25 201728]
"VistaIcon"="c:\program files\VistaDriveIcon\VistaDrv.exe" [2007-07-02 132608]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IE7_011"="shell32" [X]
"ZZZZ2_FirstLogonSetting"="advpack.dll" [2007-10-16 c:\windows\system32\advpack.dll]
"IE7_012"="advpack.dll" [2007-10-16 c:\windows\system32\advpack.dll]
"IE7_013"="rebuild.exe" [2007-09-15 c:\windows\system32\rebuild.exe]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Vypress Chat\\VyChat.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-04 111184]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [2008-12-27 703904]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [2008-12-27 30864]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2008-12-27 257176]
R3 Razerlow;Diamondback 3G USB Filter Driver;c:\windows\system32\drivers\DB3G.sys [2008-10-30 13225]
R4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;d:\program files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [2007-09-24 566560]
R4 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [2008-12-27 1267016]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-04 20560]
R4 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [2008-12-10 1386008]
R4 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2009-01-03 222456]
S3 ASWFilt;ASWFilt;c:\windows\system32\Filt\ASWFilt.dll [2008-12-27 34080]
S3 mirrorv3;mirrorv3;c:\windows\system32\drivers\rminiv3.sys [2006-11-01 3328]
S3 mpr_freader;MPR FileReader Driver;c:\program files\Multi Password Recovery\mpr_freader.sys [2007-08-13 2816]
S3 VSPerfDrv90;Performance Tools Driver 9.0;d:\programming\Microsoft Visual Studio 9.0\Team Tools\Performance Tools\VSPerfDrv90.sys [2007-09-04 55664]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;"c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" --> c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [?]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-07-09 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);"c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE" -i SQLEXPRESS --> c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [?]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = hxxp://www.kornet.ru/
IE: &Экспорт в Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} - c:\program files\Download Master\dmaster.exe
TCP: {964AC8F3-F112-4C00-A133-CE57C6337ACD} = 193.201.217.3 193.201.217.2
FF - ProfilePath - c:\documents and settings\Sasha\Application Data\Mozilla\Firefox\Profiles\egnxc2bs.default\
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-26 12:37:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(828)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(892)
c:\windows\system32\SETUPAPI.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\rundll32.exe
c:\progra~1\DUMETE~1\DUMeter.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Razer\Diamondback 3G\razertra.exe
c:\program files\Razer\Diamondback 3G\razerofa.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-01-26 12:40:48 - machine was rebooted [Sasha]
ComboFix-quarantined-files.txt  2009-01-26 12:40:43
ComboFix2.txt  2009-01-25 16:04:54

Pre-Run: 374*726*656 байт свободно
Post-Run: 629,272,576 байт свободно

331

Отправлено: 13:44, 26-01-2009 | #6

Название темы: [решено] Нет доступа к сайту майкрософт, и многим сайтам антивирусов