RectorDecryptor.2.3.1.0 19.11.2010 14.56.21 Log

2010/11/19 14:56:21.0562 Trojan-Ransom.Win32.Rector decryptor tool 2.3.1.
0 Nov 15
2010 19:19:56
2010/11/19 14:56:21.0562 ================================================
================================
2010/11/19 14:56:21.0562 SystemInfo:
2010/11/19 14:56:21.0562
2010/11/19 14:56:21.0562 OS Version: 6.1.7600 ServicePack: 0.0
2010/11/19 14:56:21.0562 Product type: Workstation
2010/11/19 14:56:21.0563 ComputerName: KONTO-PC
2010/11/19 14:56:21.0564 UserName: KONTO
2010/11/19 14:56:21.0564 Windows directory: C:\Windows
2010/11/19 14:56:21.0564 System windows directory: C:\Windows
2010/11/19 14:56:21.0564 Running under WOW64
2010/11/19 14:56:21.0564 Processor architecture: Intel x64
2010/11/19 14:56:21.0564 Number of processors: 2
2010/11/19 14:56:21.0564 Page size: 0x1000
2010/11/19 14:56:21.0564 Boot type: Normal boot
2010/11/19 14:56:21.0564 ================================================
================================
2010/11/19 14:56:21.0580 Initialize success
2010/11/19 14:56:58.0979 ProcessDriveEnumEx: Drive C:\ type 3:0
2010/11/19 14:56:59.0054 Unknown suspicious file: C:\oem\preload\autorun\
APP\Silver20\Silverlight.2.0.exe
APP\Silver20\Verify.Silverlight.OEM.Install.exe
2010/11/19 14:56:59.0444 Unknown suspicious file: C:\Program Files (x86)\
Adobe\Acrobat.com\Acrobat.com.exe
ATI Technologies\ATI.ACE\MOM-InstallProxy\MOM.InstallProxy.exe
Microsoft Silverlight\4.0.50917.0\Silverlight.Configuration.exe
OpenVPN\bin\openvpn-gui-1.0.3.exe
2010/11/19 14:57:02.0507 Unknown suspicious file: C:\Users\internet\Deskt
op\4GYPT-HXHZZ-Z6RK2-WR1HR\Firefox_Setup_3.6.4.exe
op\4GYPT-HXHZZ-Z6RK2-WR1HR\FreeHideIP2.0.9.6.Setup.exe
op\4GYPT-HXHZZ-Z6RK2-WR1HR\PortableApps\OpenOfficePortable\App\openoffice\Basis\
program\python-core-2.6.1\lib\distutils\command\wininst-6.0.exe
program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe
op\4GYPT-HXHZZ-Z6RK2-WR1HR\PortableApps\PidginPortable\App\Pidgin\Gtk\bin\gtk-qu
ery-immodules-2.0.exe
op\blitz\PortableApps.com_Platform_Setup_1.6.1.exe
op\blitz\PortableApps.com_Suite_Setup_1.6.1_English.exe
op\fgh\pure9.0.0.192de.exe
op\hypnose\Firefox Setup 3.6.8.exe
op\Neuer Ordner (10)\vlc-1.0.5-win32.exe
op\Neuer Ordner (13)\Firefox Setup 3.6.6.exe
op\Neuer Ordner (3)\Eraser_6.0.6.1376.exe
op\Neuer Ordner (4)\DivXWebPlayerInstaller_2.0.1.940.exe
op\Sounds\IvacyMonitor-2.1.2.210-win.exe
2010/11/19 14:57:02.0882 Known suspicious file: C:\Users\internet\Desktop
\Sounds\Скрытое психологическое воздействие при ведении переговоров. Вадим Шлахтер_192382-.
op\spezial\eMule0.49c-Installer.exe
op\spezial\Firefox Setup 3.6.3.exe
op\stern 2767 stern 3855raute\JonDoSetup.paf.exe
op\“Manipulation Der Schlüssel zum Erfolg” lautetmehr-als-hypnose\Firefox_Setup_3.6.3.
exe
op\“Manipulation Der Schlüssel zum Erfolg” lautetmehr-als-hypnose\IvacyMonitor-2.1.1.2
01-win.exe
op\“Manipulation Der Schlüssel zum Erfolg” lautetmehr-als-hypnose\openvpn-2.1.1-instal
l.exe
op\“Manipulation Der Schlüssel zum Erfolg” lautetmehr-als-hypnose\SetupMyVideoDownload
er_v3.0.1.0.exe
op\“Manipulation Der Schlüssel zum Erfolg” lautetmehr-als-hypnose\youtube_downloader_h
d_setup1.9.exe
2010/11/19 14:57:02.0946 Unknown suspicious file: C:\Users\internet\Downl
oads\Firefox Setup 3.6.exe
oads\HSS-1.37-install-anchorfree-76-conduit.exe
2010/11/19 14:57:03.0197 Unknown suspicious file: C:\Users\KONTO\Desktop\
Firefox_Setup_3.5.7.exe
Neuer Ordner\vlc-1.0.3-win32.exe
2010/11/19 14:57:03.0261 Unknown suspicious file: C:\Users\KONTO\Download
s\DivXWebPlayerInstaller_2.0.1.940.exe
2010/11/19 14:57:03.0513 Unknown suspicious file: C:\Windows\assembly\Nat
iveImages_v2.0.50727_32\ComSvcConfig\0026d2a5ef652dd0f2ffafc5c6be0e5a\ComSvcConf
ig.ni.exe
iveImages_v2.0.50727_32\dfsvc\a0fb35ff977ffedbdb27f7262c979d3e\dfsvc.ni.exe
iveImages_v2.0.50727_32\ehExtHost32\f12c85ccc606dde2e4cf5f281dcdafbc\ehExtHost32
.ni.exe
iveImages_v2.0.50727_32\MSBuild\b6e1a1590a2fcf08ed4145fb92357391\MSBuild.ni.exe
iveImages_v2.0.50727_32\Narrator\0241f268cfd049156b84d8aad8c794bc\Narrator.ni.ex
e
iveImages_v2.0.50727_32\PresentationFontCac#\cda6307ec359333afe51ed90f61db564\Pr
esentationFontCache.ni.exe
iveImages_v2.0.50727_32\SMSvcHost\cb96e1d6de2c7a0c2d518761d6d139b2\SMSvcHost.ni.
exe
iveImages_v2.0.50727_32\WindowsLiveWriter\0d9adaa1c63686d47cf8a7291458820a\Windo
wsLiveWriter.ni.exe
iveImages_v2.0.50727_32\WsatConfig\1eab6ceaf2bc688df423255ff9490d60\WsatConfig.n
i.exe
iveImages_v2.0.50727_64\ComSvcConfig\9dd877c1cce22143de2bbc0d087305c0\ComSvcConf
ig.ni.exe
iveImages_v2.0.50727_64\dfsvc\915f3ffe18049638fc89207afb30418f\dfsvc.ni.exe
iveImages_v2.0.50727_64\ehExtHost\f1eeedecb1298ea548ac0b9dd0319138\ehExtHost.ni.
exe
iveImages_v2.0.50727_64\LoadMxf\8955faa80c061d1f8977fa6ce33e737b\LoadMxf.ni.exe
iveImages_v2.0.50727_64\LoadMxf\895d760b0f30ebde7949dd96c8c38a58\LoadMxf.ni.exe
iveImages_v2.0.50727_64\mcupdate\3223a72129f5252d5a0d74a5c52e1401\mcupdate.ni.ex
e
iveImages_v2.0.50727_64\mcupdate\f7569aa939e3fcc34433df4172472ece\mcupdate.ni.ex
e
iveImages_v2.0.50727_64\MSBuild\9ecbbd3818dbda33f2d1fd240aafa8a7\MSBuild.ni.exe
iveImages_v2.0.50727_64\Narrator\1a5fd0996e762030f511928d6a4ced9c\Narrator.ni.ex
e
iveImages_v2.0.50727_64\PresentationFontCac#\f39d125fbdc6bc9a7568e11938dd95ba\Pr
iveImages_v2.0.50727_64\SMSvcHost\7110a5c937257cffcde87dffc17feede\SMSvcHost.ni.
exe
iveImages_v2.0.50727_64\WsatConfig\c4343e5f4e9e9fd4ded688747c93d541\WsatConfig.n
i.exe
iveImages_v4.0.30319_32\dfsvc\b9b6069e6da06eb57e89cc544397f735\dfsvc.ni.exe
iveImages_v4.0.30319_32\SMSvcHost\38f0d77629891e7808424103aaef0728\SMSvcHost.ni.
exe
iveImages_v4.0.30319_64\dfsvc\0686f5bdd6de1d31f5998b8b0cd181ed\dfsvc.ni.exe
iveImages_v4.0.30319_64\SMSvcHost\d20799ac98338d32319cf18637d0aae6\SMSvcHost.ni.
exe
2010/11/19 14:57:03.0859 Unknown suspicious file: C:\Windows\Installer\{E
FFA53BC-8C04-2E21-3D90-A13B1697B0CA}\NewShortcut1.D5A09942_925E_44C9_979D_D78D19
ABF629.exe
2010/11/19 14:57:03.0994 Unknown suspicious file: C:\Windows\Microsoft.NE
T\Framework\v2.0.50727\WebDev.WebServer.EXE
2010/11/19 14:57:08.0050 ProcessDriveEnumEx: Drive D:\ type 5:0
2010/11/19 14:57:08.0050 DecryptDeffered: 0
2010/11/19 14:57:08.0050
2010/11/19 14:57:08.0050 Statistic:
2010/11/19 14:57:08.0050 Processed: 188981
2010/11/19 14:57:08.0050 Suspicion: 64
2010/11/19 14:57:08.0050 Found: 0
2010/11/19 14:57:08.0050 Decrypted: 0
2010/11/19 14:57:08.0050 ================================================
================================
2010/11/19 14:57:08.0050 Scan finished
2010/11/19 14:57:08.0050 ================================================
================================
2010/11/19 14:57:20.0509 ProcessDriveEnumEx: Drive C:\ type 3:0
APP\Silver20\Silverlight.2.0.exe
APP\Silver20\Verify.Silverlight.OEM.Install.exe
Adobe\Acrobat.com\Acrobat.com.exe
ATI Technologies\ATI.ACE\MOM-InstallProxy\MOM.InstallProxy.exe
Microsoft Silverlight\4.0.50917.0\Silverlight.Configuration.exe
OpenVPN\bin\openvpn-gui-1.0.3.exe
op\4GYPT-HXHZZ-Z6RK2-WR1HR\Firefox_Setup_3.6.4.exe
op\4GYPT-HXHZZ-Z6RK2-WR1HR\FreeHideIP2.0.9.6.Setup.exe
program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe
op\4GYPT-HXHZZ-Z6RK2-WR1HR\PortableApps\PidginPortable\App\Pidgin\Gtk\bin\gtk-qu
ery-immodules-2.0.exe
op\blitz\PortableApps.com_Platform_Setup_1.6.1.exe
op\blitz\PortableApps.com_Suite_Setup_1.6.1_English.exe
op\fgh\pure9.0.0.192de.exe
op\hypnose\Firefox Setup 3.6.8.exe
op\Neuer Ordner (10)\vlc-1.0.5-win32.exe
op\Neuer Ordner (13)\Firefox Setup 3.6.6.exe
op\Neuer Ordner (3)\Eraser_6.0.6.1376.exe
op\Neuer Ordner (4)\DivXWebPlayerInstaller_2.0.1.940.exe
op\Sounds\IvacyMonitor-2.1.2.210-win.exe
2010/11/19 14:57:24.0353 Known suspicious file: C:\Users\internet\Desktop
\Sounds\Скрытое психологическое воздействие при ведении переговоров. Вадим Шлахтер_192382-.
op\spezial\eMule0.49c-Installer.exe
op\spezial\Firefox Setup 3.6.3.exe
op\stern 2767 stern 3855raute\JonDoSetup.paf.exe
op\“Manipulation Der Schlüssel zum Erfolg” lautetmehr-als-hypnose\Firefox_Setup_3.6.3.
exe
op\“Manipulation Der Schlüssel zum Erfolg” lautetmehr-als-hypnose\IvacyMonitor-2.1.1.2
01-win.exe
op\“Manipulation Der Schlüssel zum Erfolg” lautetmehr-als-hypnose\openvpn-2.1.1-instal
l.exe
op\“Manipulation Der Schlüssel zum Erfolg” lautetmehr-als-hypnose\SetupMyVideoDownload
er_v3.0.1.0.exe
op\“Manipulation Der Schlüssel zum Erfolg” lautetmehr-als-hypnose\youtube_downloader_h
d_setup1.9.exe
oads\Firefox Setup 3.6.exe
oads\HSS-1.37-install-anchorfree-76-conduit.exe
Firefox_Setup_3.5.7.exe
Neuer Ordner\vlc-1.0.3-win32.exe
2010/11/19 14:57:24.0738 Unknown suspicious file: C:\Users\KONTO\Download
s\DivXWebPlayerInstaller_2.0.1.940.exe
iveImages_v2.0.50727_32\ComSvcConfig\0026d2a5ef652dd0f2ffafc5c6be0e5a\ComSvcConf
ig.ni.exe
iveImages_v2.0.50727_32\dfsvc\a0fb35ff977ffedbdb27f7262c979d3e\dfsvc.ni.exe
iveImages_v2.0.50727_32\ehExtHost32\f12c85ccc606dde2e4cf5f281dcdafbc\ehExtHost32
.ni.exe
iveImages_v2.0.50727_32\MSBuild\b6e1a1590a2fcf08ed4145fb92357391\MSBuild.ni.exe
iveImages_v2.0.50727_32\Narrator\0241f268cfd049156b84d8aad8c794bc\Narrator.ni.ex
e
iveImages_v2.0.50727_32\PresentationFontCac#\cda6307ec359333afe51ed90f61db564\Pr
iveImages_v2.0.50727_32\SMSvcHost\cb96e1d6de2c7a0c2d518761d6d139b2\SMSvcHost.ni.
exe
iveImages_v2.0.50727_32\WindowsLiveWriter\0d9adaa1c63686d47cf8a7291458820a\Windo
wsLiveWriter.ni.exe
iveImages_v2.0.50727_32\WsatConfig\1eab6ceaf2bc688df423255ff9490d60\WsatConfig.n
i.exe
iveImages_v2.0.50727_64\ComSvcConfig\9dd877c1cce22143de2bbc0d087305c0\ComSvcConf
ig.ni.exe
iveImages_v2.0.50727_64\dfsvc\915f3ffe18049638fc89207afb30418f\dfsvc.ni.exe
iveImages_v2.0.50727_64\ehExtHost\f1eeedecb1298ea548ac0b9dd0319138\ehExtHost.ni.
exe
iveImages_v2.0.50727_64\LoadMxf\8955faa80c061d1f8977fa6ce33e737b\LoadMxf.ni.exe
iveImages_v2.0.50727_64\LoadMxf\895d760b0f30ebde7949dd96c8c38a58\LoadMxf.ni.exe
iveImages_v2.0.50727_64\mcupdate\3223a72129f5252d5a0d74a5c52e1401\mcupdate.ni.ex
e
iveImages_v2.0.50727_64\mcupdate\f7569aa939e3fcc34433df4172472ece\mcupdate.ni.ex
e
iveImages_v2.0.50727_64\MSBuild\9ecbbd3818dbda33f2d1fd240aafa8a7\MSBuild.ni.exe
iveImages_v2.0.50727_64\Narrator\1a5fd0996e762030f511928d6a4ced9c\Narrator.ni.ex
e
iveImages_v2.0.50727_64\PresentationFontCac#\f39d125fbdc6bc9a7568e11938dd95ba\Pr
iveImages_v2.0.50727_64\SMSvcHost\7110a5c937257cffcde87dffc17feede\SMSvcHost.ni.
exe
iveImages_v2.0.50727_64\WsatConfig\c4343e5f4e9e9fd4ded688747c93d541\WsatConfig.n
i.exe
iveImages_v4.0.30319_32\dfsvc\b9b6069e6da06eb57e89cc544397f735\dfsvc.ni.exe
iveImages_v4.0.30319_32\SMSvcHost\38f0d77629891e7808424103aaef0728\SMSvcHost.ni.
exe
iveImages_v4.0.30319_64\dfsvc\0686f5bdd6de1d31f5998b8b0cd181ed\dfsvc.ni.exe
iveImages_v4.0.30319_64\SMSvcHost\d20799ac98338d32319cf18637d0aae6\SMSvcHost.ni.
exe
2010/11/19 14:57:25.0499 Unknown suspicious file: C:\Windows\Installer\{E
FFA53BC-8C04-2E21-3D90-A13B1697B0CA}\NewShortcut1.D5A09942_925E_44C9_979D_D78D19
ABF629.exe
2010/11/19 14:57:25.0688 Unknown suspicious file: C:\Windows\Microsoft.NE
T\Framework\v2.0.50727\WebDev.WebServer.EXE
2010/11/19 14:57:30.0355 ProcessDriveEnumEx: Drive D:\ type 5:0
2010/11/19 14:57:30.0355 DecryptDeffered: 0
2010/11/19 14:57:30.0355
2010/11/19 14:57:30.0355 Statistic:
2010/11/19 14:57:30.0355 Processed: 188981
2010/11/19 14:57:30.0355 Suspicion: 64
2010/11/19 14:57:30.0355 Found: 0
2010/11/19 14:57:30.0355 Decrypted: 0
2010/11/19 14:57:30.0355 ================================================
================================
2010/11/19 14:57:30.0355 Scan finished
2010/11/19 14:57:30.0355 ================================================
================================
2010/11/19 14:57:33.0170 Deinitialize success

RectorDecryptor.2.3.1.0 19.11.2010 14.56.21 Log

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

RectorDecryptor.2.3.1.0 19.11.2010 14.56.21 Log

Загружено:

Авторское право:

Доступные форматы

2010/11/19 14:56:21.0562 Trojan-Ransom.Win32.Rector decryptor tool 2.3.1.

Вам также может понравиться