Re: Re: Имя события проблемы: APPCRASH

8 января, 2011 в 6:17 пп #32000

Аноним

Гость

Темы:532
Сообщений:1553

☆☆☆☆☆

Logfile of random’s system information tool 1.08 (written by random/random)
Run by Соловей at 2011-01-09 04:10:02
Microsoft Windows 7 Домашняя расширенная
System drive C: has 130 GB (58%) free of 225 GB
Total RAM: 3068 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:10:27, on 09.01.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:PROGRA~2DUMETE~1DUMeter.exe
C:Program Files (x86)Chameleon ClockChamClock.exe
C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe
c:Program Files (x86)Hewlett-PackardMediaDVDDVDAgent.exe
c:Program Files (x86)Hewlett-PackardTouchSmartMediaKernelCLMLCLMLSvc.exe
C:Program Files (x86)Mail.RuAgentmagent.exe
C:Program FilesAlwil SoftwareAvast5AvastUI.exe
C:Program Files (x86)Mozilla Firefoxfirefox.exe
C:UsersСоловейDesktopRSIT.exe
C:Program Files (x86)trend microСоловей.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.ask.com?o=10148&l=dis
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=ru_RU&c=94&bd=Pavilion&pf=cnnb
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: (no name) — {09900DE8-1DCA-443F-9243-26FF581438AF} — (no file)
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: RealPlayer Download and Record Plugin for Internet Explorer — {3049C3E9-B461-4BC5-8870-4C09146192CA} — C:Program Files (x86)RealRealPlayerrpbrowserrecordplugin.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll
O2 — BHO: AOL Toolbar BHO — {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} — C:Program Files (x86)AOLпанель инструментов AOL 5.0aoltb.dll
O2 — BHO: Помощник по входу в Windows Live — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program Files (x86)Javajre6binjp2ssv.dll
O3 — Toolbar: AOL Toolbar — {DE9C389F-3316-41A7-809B-AA305ED9D922} — C:Program Files (x86)AOLпанель инструментов AOL 5.0aoltb.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program Files (x86)YandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [MAgent] C:Program Files (x86)Mail.RuAgentmagent.exe -LM
O4 — HKLM..Run: [Malwarebytes’ Anti-Malware] «C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe» /starttray
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program Files (x86)Common FilesJavaJava Updatejusched.exe»
O4 — HKCU..Run: [HomeAlarm] C:Program Files (x86)Chameleon ClockChamClock.exe
O4 — HKCU..Run: [ccleaner] «C:Program Files (x86)CCleanerCCleaner.exe» /AUTO
O4 — HKCU..Run: [DU Meter] C:Program Files (x86)DU MeterDUMeter.exe
O8 — Extra context menu item: &Поиск панели инструментов AOL — C:ProgramDataAOLieToolbarresourcesru-RUlocalsearch.html
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~2MICROS~3Office12EXCEL.EXE/3000
O9 — Extra button: Отправка в блог — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra ‘Tools’ menuitem: &Отправка в блог Windows Live Writer — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~2MICROS~3Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~2MICROS~3Office12ONBttnIE.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program Files (x86)Mail.RuAgentmagent.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~2MICROS~3Office12REFIEBAR.DLL
O17 — HKLMSystemCCSServicesTcpip..{1F8ED6F9-6CCE-4479-BE84-3DE8CD4E854F}: NameServer = 212.107.200.68 212.122.1.2
O17 — HKLMSystemCCSServicesTcpip..{51519766-5927-4584-A53E-35EF058BAC52}: NameServer = 10.27.42.82 10.27.42.83
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:Program Files (x86)Microsoft OfficeOffice12GrooveSystemServices.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL
O20 — Winlogon Notify: !SASWinLogon — C:Program Files (x86)SUPERAntiSpywareSASWINLO.dll
O23 — Service: 2GIS UpdateService (2GISUpdateService) — ООО ДубльГИС — C:Program Files (x86)2gis3.02GISUpdateService.exe
O23 — Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) — ABBYY (BIT Software) — C:Program Files (x86)ABBYY FineReader 9.0NetworkLicenseServer.exe
O23 — Service: Adobe LM Service — Adobe Systems — C:Program Files (x86)Common FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Andrea ST Filters Service (AESTFilters) — Andrea Electronics Corporation — C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_ccf0dd3cb081af84AESTSr64.exe
O23 — Service: @%SystemRoot%system32Alg.exe,-112 (ALG) — Unknown owner — C:WindowsSystem32alg.exe (file missing)
O23 — Service: AMD External Events Utility — Unknown owner — C:Windowssystem32atiesrxx.exe (file missing)
O23 — Service: Application Driver Auto Removal Service (01) (appdrvrem01) — Unknown owner — C:WindowsSystem32appdrvrem01.exe (file missing)
O23 — Service: avast! Antivirus — AVAST Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 — Service: Com4QLBEx — Hewlett-Packard Development Company, L.P. — C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe
O23 — Service: DU Meter Service (DUMeterSvc) — Hagel Technologies Ltd. — C:Program Files (x86)DU MeterDUMeterSvc.exe
O23 — Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) — Unknown owner — C:WindowsSystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32fxsresm.dll,-118 (Fax) — Unknown owner — C:Windowssystem32fxssvc.exe (file missing)
O23 — Service: GameConsoleService — WildTangent, Inc. — C:Program Files (x86)HP GamesHP Game ConsoleGameConsoleService.exe
O23 — Service: Guard.Mail.ru — Unknown owner — C:Program Files (x86)Mail.RuGuardGuardMailRu.exe
O23 — Service: Google Update Service (gupdate) (gupdate) — Google Inc. — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 — Service: hpqwmiex — Hewlett-Packard Development Company, L.P. — C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe
O23 — Service: HP Service (hpsrv) — Unknown owner — C:Windowssystem32Hpservice.exe (file missing)
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: @keyiso.dll,-100 (KeyIso) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — C:Program Files (x86)Common FilesLightScribeLSSrvc.exe
O23 — Service: MBAMService — Malwarebytes Corporation — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe
O23 — Service: @comres.dll,-2797 (MSDTC) — Unknown owner — C:WindowsSystem32msdtc.exe (file missing)
O23 — Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: Cyberlink RichVideo Service(CRVS) (RichVideo) — Unknown owner — C:Program Files (x86)CyberLinkShared filesRichVideo.exe
O23 — Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) — Unknown owner — C:Windowssystem32locator.exe (file missing)
O23 — Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: ServiceLayer — Nokia. — C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe
O23 — Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) — Unknown owner — C:WindowsSystem32snmptrap.exe (file missing)
O23 — Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) — Unknown owner — C:WindowsSystem32spoolsv.exe (file missing)
O23 — Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) — Unknown owner — C:Windowssystem32sppsvc.exe (file missing)
O23 — Service: Audio Service (STacSV) — IDT, Inc. — C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_ccf0dd3cb081af84STacSV64.exe
O23 — Service: StarWind AE Service (StarWindServiceAE) — Rocket Division Software — C:Program Files (x86)Alcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
O23 — Service: @C:Program Files (x86)TuneUp Utilities 2010TuneUpDefragService.exe,-1 (TuneUp.Defrag) — TuneUp Software — C:Program Files (x86)TuneUp Utilities 2010TuneUpDefragService.exe
O23 — Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) — TuneUp Software — C:Program Files (x86)TuneUp Utilities 2010TuneUpUtilitiesService64.exe
O23 — Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) — Unknown owner — C:Windowssystem32UI0Detect.exe (file missing)
O23 — Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%SystemRoot%system32vds.exe,-100 (vds) — Unknown owner — C:WindowsSystem32vds.exe (file missing)
O23 — Service: @%systemroot%system32vssvc.exe,-102 (VSS) — Unknown owner — C:Windowssystem32vssvc.exe (file missing)
O23 — Service: @%SystemRoot%system32WatWatUX.exe,-601 (WatAdminSvc) — Unknown owner — C:Windowssystem32WatWatAdminSvc.exe (file missing)
O23 — Service: @%systemroot%system32wbengine.exe,-104 (wbengine) — Unknown owner — C:Windowssystem32wbengine.exe (file missing)
O23 — Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) — Unknown owner — C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 — Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) — Unknown owner — C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

—
End of file — 11039 bytes

======Scheduled tasks folder======

C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer — C:Program Files (x86)RealRealPlayerrpbrowserrecordplugin.dll [2010-12-17 329312]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO — C:Program Files (x86)AOLпанель инструментов AOL 5.0aoltb.dll [2008-07-02 1185120]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Помощник по входу в Windows Live — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program Files (x86)Javajre6binjp2ssv.dll [2011-01-09 41760]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} — AOL Toolbar — C:Program Files (x86)AOLпанель инструментов AOL 5.0aoltb.dll [2008-07-02 1185120]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program Files (x86)YandexYandexBarIEyndbar.dll [2010-10-07 10971976]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«MAgent»=C:Program Files (x86)Mail.RuAgentmagent.exe [2010-12-20 12319424]
«Malwarebytes’ Anti-Malware»=C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe [2010-12-20 443728]
«SunJavaUpdateSched»=C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«HomeAlarm»=C:Program Files (x86)Chameleon ClockChamClock.exe [2005-10-15 865280]
«ccleaner»=C:Program Files (x86)CCleanerCCleaner.exe [2008-12-20 1434864]
«DU Meter»=C:Program Files (x86)DU MeterDUMeter.exe [2010-09-28 2941984]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify!SASWinLogon]
C:Program Files (x86)SUPERAntiSpywareSASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WebCheck — {E6FB5E20-DE35-11CF-9C87-00AA005127ED} — C:WindowsSysWow64webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll [2009-02-12 2217848]
«{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}»=C:Program Files (x86)SUPERAntiSpywareSASSEH.DLL [2008-05-13 77824]
«{AEB6717E-7E19-11d0-97EE-00C04FD91972}»= []

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=credssp.dll

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkAFD]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«ConsentPromptBehaviorAdmin»=5
«ConsentPromptBehaviorUser»=3
«EnableUIADesktopToggle»=0
«PromptOnSecureDesktop»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDrives»=0

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDrives»=0

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-01-09 04:10:03 —-D—- C:Program Files (x86)trend micro
2011-01-09 04:10:02 —-D—- C:rsit
2011-01-09 00:46:50 —-D—- C:ProgramDataSun
2011-01-09 00:46:50 —-D—- C:Program Files (x86)Common FilesJava
2011-01-09 00:46:35 —-A—- C:WindowsSysWOW64javaws.exe
2011-01-09 00:46:35 —-A—- C:WindowsSysWOW64javaw.exe
2011-01-09 00:46:35 —-A—- C:WindowsSysWOW64java.exe
2011-01-09 00:46:35 —-A—- C:WindowsSysWOW64deployJava1.dll
2011-01-09 00:46:20 —-D—- C:Program Files (x86)Java
2011-01-09 00:14:06 —-SHD—- C:$RECYCLE.BIN
2011-01-09 00:07:17 —-D—- C:Windowstemp
2011-01-09 00:07:13 —-A—- C:ComboFix.txt
2011-01-08 23:52:48 —-A—- C:WindowsPEV.exe
2011-01-08 23:52:48 —-A—- C:WindowsNIRCMD.exe
2011-01-08 23:52:48 —-A—- C:WindowsMBR.exe
2011-01-08 23:52:47 —-A—- C:Windowszip.exe
2011-01-08 23:52:47 —-A—- C:WindowsSWSC.exe
2011-01-08 23:52:47 —-A—- C:WindowsSWREG.exe
2011-01-08 23:52:47 —-A—- C:Windowssed.exe
2011-01-08 23:52:47 —-A—- C:Windowsgrep.exe
2011-01-08 23:51:57 —-A—- C:WindowsSWXCACLS.exe
2011-01-08 23:51:54 —-D—- C:32788R22FWJFW
2011-01-08 23:50:35 —-D—- C:WindowsERDNT
2011-01-08 23:47:48 —-D—- C:Qoobox
2011-01-08 23:08:37 —-D—- C:ProgramDataSUPERAntiSpyware.com
2011-01-08 23:08:08 —-D—- C:UsersСоловейAppDataRoamingSUPERAntiSpyware.com
2011-01-08 23:08:08 —-D—- C:Program Files (x86)SUPERAntiSpyware
2011-01-08 23:07:23 —-D—- C:Program Files (x86)Common FilesWise Installation Wizard
2011-01-07 16:37:08 —-D—- C:UsersСоловейAppDataRoamingUniblue
2011-01-07 16:37:00 —-D—- C:Program Files (x86)Uniblue
2011-01-07 15:57:26 —-D—- C:Program Files (x86)Microsoft SDKs
2011-01-07 15:57:25 —-D—- C:Program Files (x86)Microsoft Visual Studio 9.0
2011-01-07 15:55:57 —-D—- C:ProgramDataCorel
2011-01-07 15:51:14 —-D—- C:Program Files (x86)Corel
2011-01-06 22:29:35 —-D—- C:work
2011-01-06 22:29:22 —-D—- C:UsersСоловейAppDataRoaminge-publish
2011-01-06 22:28:34 —-A—- C:WindowsSysWOW64vbar332.dll
2011-01-06 22:28:03 —-D—- C:Program Files (x86)e-publish
2011-01-03 19:16:50 —-D—- C:UsersСоловейAppDataRoamingSmart Panel
2010-12-30 23:23:08 —-D—- C:Program Files (x86)FreeTime
2010-12-29 17:42:51 —-D—- C:UsersСоловейAppDataRoamingApple Computer
2010-12-24 03:03:45 —-D—- C:ProgramDataGuard.Mail.Ru
2010-12-24 00:07:34 —-D—- C:Program Files (x86)Common FilesSkype
2010-12-24 00:07:32 —-RD—- C:Program Files (x86)Skype
2010-12-23 21:54:17 —-D—- C:ProgramDataHagel Technologies
2010-12-23 21:54:14 —-D—- C:Program Files (x86)DU Meter
2010-12-21 09:49:54 —-D—- C:UsersСоловейAppDataRoamingThinstall
2010-12-20 21:22:31 —-D—- C:UsersСоловейAppDataRoamingRadiocent
2010-12-20 21:22:29 —-A—- C:WindowsSysWOW64cg32.dll
2010-12-20 21:22:28 —-A—- C:WindowsSysWOW64cc32100mt.dll
2010-12-20 21:22:28 —-A—- C:WindowsSysWOW64borlndmm.dll
2010-12-20 17:11:35 —-D—- C:UsersСоловейAppDataRoamingSoftplicity
2010-12-20 17:11:09 —-D—- C:Program Files (x86)TotalAudioConverter
2010-12-17 15:05:07 —-A—- C:WindowsSysWOW64rmoc3260.dll
2010-12-17 15:05:02 —-A—- C:WindowsSysWOW64pndx5032.dll
2010-12-17 15:05:02 —-A—- C:WindowsSysWOW64pndx5016.dll
2010-12-17 15:05:00 —-D—- C:Program Files (x86)Common Filesxing shared
2010-12-17 15:04:50 —-A—- C:WindowsSysWOW64pncrt.dll
2010-12-17 15:04:46 —-D—- C:Program Files (x86)Real
2010-12-17 14:40:40 —-D—- C:My Music
2010-12-16 12:50:50 —-A—- C:WindowsSysWOW64tzres.dll
2010-12-16 12:50:36 —-A—- C:WindowsSysWOW64taskschd.dll
2010-12-16 12:50:35 —-A—- C:WindowsSysWOW64taskeng.exe
2010-12-16 12:50:35 —-A—- C:WindowsSysWOW64taskcomp.dll
2010-12-16 12:50:35 —-A—- C:WindowsSysWOW64schtasks.exe
2010-12-16 12:50:28 —-A—- C:WindowsSysWOW64atmlib.dll
2010-12-16 12:50:28 —-A—- C:WindowsSysWOW64atmfd.dll
2010-12-16 12:50:26 —-A—- C:WindowsSysWOW64webio.dll
2010-12-16 12:50:19 —-A—- C:WindowsSysWOW64iertutil.dll
2010-12-16 12:50:18 —-A—- C:WindowsSysWOW64mstime.dll
2010-12-16 12:50:18 —-A—- C:WindowsSysWOW64mshtml.dll
2010-12-16 12:50:17 —-A—- C:WindowsSysWOW64wininet.dll
2010-12-16 12:50:17 —-A—- C:WindowsSysWOW64ieframe.dll
2010-12-16 12:50:16 —-A—- C:WindowsSysWOW64urlmon.dll
2010-12-16 12:50:16 —-A—- C:WindowsSysWOW64msfeeds.dll
2010-12-16 12:50:16 —-A—- C:WindowsSysWOW64iedkcs32.dll
2010-12-16 12:50:15 —-A—- C:WindowsSysWOW64mshtmled.dll
2010-12-16 12:50:15 —-A—- C:WindowsSysWOW64msfeedsbs.dll
2010-12-16 12:50:15 —-A—- C:WindowsSysWOW64ieui.dll
2010-12-16 12:50:15 —-A—- C:WindowsSysWOW64iepeers.dll
2010-12-16 12:50:14 —-A—- C:WindowsSysWOW64msfeedssync.exe
2010-12-16 12:50:14 —-A—- C:WindowsSysWOW64licmgr10.dll
2010-12-16 12:50:14 —-A—- C:WindowsSysWOW64jsproxy.dll
2010-12-14 21:29:23 —-D—- C:Program Files (x86)Solo
2010-12-13 14:53:17 —-D—- C:ProgramDataEgoset
2010-12-12 18:29:53 —-N—- C:WindowsSetup1.exe
2010-12-12 18:29:52 —-A—- C:WindowsST6UNST.EXE
2010-12-12 17:44:56 —-D—- C:UsersСоловейAppDataRoamingMail.Ru
2010-12-12 17:14:11 —-A—- C:WindowsSysWOW64UNWISE.INI
2010-12-12 16:05:39 —-D—- C:ProgramDataIsolatedStorage
2010-12-12 16:05:32 —-D—- C:UsersСоловейAppDataRoamingbppenu11
2010-12-12 15:05:36 —-A—- C:WindowsSysWOW64drivershardlock.sys
2010-12-12 12:49:40 —-A—- C:WindowsSysWOW64Iyvu9_32.dll
2010-12-12 12:49:39 —-A—- C:WindowsSysWOW64Iacenc.dll
2010-12-12 12:47:36 —-D—- C:ProgramDataSmartSound Software Inc
2010-12-12 12:47:36 —-D—- C:Program Files (x86)SmartSound Software
2010-12-12 12:46:32 —-A—- C:WindowsIsUninst.exe
2010-12-12 12:45:47 —-D—- C:ProgramDataInstallShield
2010-12-12 12:45:47 —-A—- C:WindowsUlead32.ini
2010-12-12 12:45:46 —-D—- C:Program Files (x86)QuickTime
2010-12-12 12:45:40 —-D—- C:Program Files (x86)Windows Media Components
2010-12-12 12:45:33 —-D—- C:ProgramDataApple Computer
2010-12-12 11:58:44 —-A—- C:WindowsIsUn0419.exe
2010-12-11 20:05:46 —-D—- C:UsersСоловейAppDataRoamingAzgard
2010-12-11 17:34:36 —-D—- C:ProgramDataYandex
2010-12-11 17:34:30 —-D—- C:UsersСоловейAppDataRoamingOpera
2010-12-11 17:34:30 —-D—- C:Program Files (x86)Yandex

======List of files/folders modified in the last 1 months======

2011-01-09 04:10:26 —-D—- C:WindowsPrefetch
2011-01-09 04:10:03 —-D—- C:Program Files (x86)
2011-01-09 03:09:38 —-SHD—- C:System Volume Information
2011-01-09 00:46:50 —-SHD—- C:WindowsInstaller
2011-01-09 00:46:50 —-D—- C:ProgramData
2011-01-09 00:46:50 —-D—- C:Program Files (x86)Common Files
2011-01-09 00:46:35 —-D—- C:WindowsSysWOW64
2011-01-09 00:38:09 —-D—- C:Windows
2011-01-09 00:27:13 —-D—- C:WindowsSystem32
2011-01-09 00:27:13 —-D—- C:Windowsinf
2011-01-09 00:02:49 —-A—- C:Windowssystem.ini
2011-01-08 23:59:02 —-D—- C:WindowsSysWOW64drivers
2011-01-08 23:59:02 —-D—- C:WindowsAppPatch
2011-01-08 23:41:04 —-D—- C:UsersСоловейAppDataRoaminguTorrent
2011-01-08 23:41:04 —-D—- C:UsersСоловейAppDataRoamingSkype
2011-01-08 16:03:33 —-D—- C:UsersСоловейAppDataRoamingskypePM
2011-01-07 23:05:43 —-D—- C:WindowsTasks
2011-01-07 18:17:30 —-D—- C:ProgramDataMicrosoft Help
2011-01-07 18:10:43 —-D—- C:WindowsMicrosoft.NET
2011-01-07 17:11:28 —-RD—- C:Program Files
2011-01-07 16:36:09 —-D—- C:Windowswinsxs
2011-01-07 16:26:44 —-RSD—- C:Windowsassembly
2011-01-07 15:59:15 —-SD—- C:UsersСоловейAppDataRoamingMicrosoft
2011-01-07 15:59:15 —-SD—- C:ProgramDataMicrosoft
2011-01-07 15:57:46 —-D—- C:Program Files (x86)Common Filesmicrosoft shared
2011-01-07 15:56:19 —-RSD—- C:WindowsFonts
2011-01-01 06:06:33 —-A—- C:WindowsSysWOW64aswBoot.exe
2010-12-30 03:32:17 —-A—- C:WindowsSysWOW64BASSMOD.dll
2010-12-30 02:15:33 —-D—- C:Program Files (x86)WinRAR
2010-12-26 01:50:47 —-D—- C:UsersСоловейAppDataRoamingAdobe
2010-12-23 21:47:33 —-D—- C:ProgramDataSkype
2010-12-23 20:37:33 —-D—- C:Program Files (x86)Malwarebytes’ Anti-Malware
2010-12-22 13:30:03 —-D—- C:UsersСоловейAppDataRoamingMra
2010-12-20 11:47:38 —-D—- C:ProgramDataABBYY
2010-12-17 23:47:26 —-D—- C:Windowsrescache
2010-12-17 15:08:09 —-D—- C:UsersСоловейAppDataRoamingReal
2010-12-17 15:05:09 —-D—- C:Program Files (x86)Common FilesReal
2010-12-17 14:32:07 —-D—- C:Program Files (x86)Mozilla Firefox
2010-12-17 12:22:29 —-D—- C:ProgramDataReal
2010-12-17 10:52:28 —-D—- C:Windowsdebug
2010-12-17 10:50:54 —-D—- C:WindowsSysWOW64ru-RU
2010-12-17 10:50:54 —-D—- C:WindowsSysWOW64en-US
2010-12-17 10:50:52 —-D—- C:WindowsSysWOW64migration
2010-12-17 10:50:52 —-D—- C:Program Files (x86)Windows Mail
2010-12-17 10:50:52 —-D—- C:Program Files (x86)Internet Explorer
2010-12-16 12:20:56 —-RD—- C:Документы
2010-12-15 23:16:29 —-D—- C:temp
2010-12-13 23:27:19 —-D—- C:Program Files (x86)ABBYY FineReader 9.0
2010-12-12 23:23:11 —-HD—- C:Program Files (x86)InstallShield Installation Information
2010-12-12 17:45:00 —-D—- C:Program Files (x86)Mail.Ru
2010-12-12 15:05:35 —-D—- C:WindowsSysWOW64Setup
2010-12-12 12:44:56 —-D—- C:Program Files (x86)Common FilesInstallShield
2010-12-11 17:34:37 —-D—- C:UsersСоловейAppDataRoamingYandex
2010-12-11 17:32:40 —-D—- C:Program Files (x86)uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:Windowssystem32DRIVERSAtiPcie.sys []
R0 hpdskflt;HP Filter; C:Windowssystem32DRIVERShpdskflt.sys []
R0 pciide;pciide; C:Windowssystem32DRIVERSpciide.sys []
R0 rdyboost;ReadyBoost; C:WindowsSystem32driversrdyboost.sys []
R0 sptd;sptd; C:WindowsSystem32Driverssptd.sys []
R1 appdrv01;Application Driver (01); C:WindowsSystem32Driversappdrv01.sys []
R1 aswRdr;aswRdr; C:WindowsSysWOW64driversaswRdr.sys []
R1 aswSP;aswSP; C:WindowsSysWOW64driversaswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:WindowsSysWOW64driversaswTdi.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:Windowssystem32DRIVERSvwififlt.sys []
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; ??C:Program Files (x86)CyberLinkPowerDVD800.fcl [2008-05-15 32240]
R2 aswFsBlk;aswFsBlk; C:WindowsSysWOW64driversaswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; ??C:Windowssystem32driversaswMonFlt.sys []
R3 Accelerometer;HP Accelerometer; C:Windowssystem32DRIVERSAccelerometer.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:Windowssystem32DRIVERSathrx.sys []
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:Windowssystem32driversAtiHdmi.sys []
R3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys []
R3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver; ??C:Program Files (x86)DU MeterDUMETR64.SYS [2010-08-31 20904]
R3 enecir;ENE CIR Receiver; C:Windowssystem32DRIVERSenecir.sys []
R3 HpqKbFiltr;HpqKbFilter Driver; C:Windowssystem32DRIVERSHpqKbFiltr.sys []
R3 JMCR;JMCR; C:Windowssystem32DRIVERSjmcr.sys []
R3 MBAMProtector;MBAMProtector; ??C:Windowssystem32driversmbam.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:Windowssystem32DRIVERSRt64win7.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:Windowssystem32DRIVERSstwrt64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:Windowssystem32DRIVERSSynTP.sys []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; ??C:Program Files (x86)TuneUp Utilities 2010TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
R3 usbfilter;AMD USB Filter Driver; C:Windowssystem32DRIVERSusbfilter.sys []
S1 SASDIFSV;SASDIFSV; ??C:Program Files (x86)SUPERAntiSpywareSASDIFSV.SYS [2009-10-12 9968]
S1 SASKUTIL;SASKUTIL; ??C:Program Files (x86)SUPERAntiSpywareSASKUTIL.sys [2009-10-12 74480]
S3 AgereSoftModem;Agere Systems Soft Modem; C:Windowssystem32DRIVERSagrsm64.sys []
S3 ao9jrred;ao9jrred; C:WindowsSysWOW64driversao9jrred.sys []
S3 catchme;catchme; ??C:ComboFixcatchme.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:Windowssystem32DRIVERSewusbnet.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:Windowssystem32DRIVERSewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:Windowssystem32DRIVERSewusbdev.sys []
S3 igfx;igfx; C:Windowssystem32DRIVERSigdkmd64.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:Windowssystem32DRIVERSnetw5v64.sys []
S3 nmwcdcx64;Nokia USB Generic; C:Windowssystem32driversccdcmbox64.sys []
S3 nmwcdx64;Nokia USB Phone Parent; C:Windowssystem32driversccdcmbx64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:Windowssystem32DRIVERSpccsmcfdx64.sys []
S3 SASENUM;SASENUM; ??C:Program Files (x86)SUPERAntiSpywareSASENUM.SYS [2009-10-12 7408]
S3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:Windowssystem32DRIVERSVSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:Windowssystem32DRIVERSVSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:Windowssystem32DRIVERSVSTCNXT6.SYS []
S3 upperdev;upperdev; C:Windowssystem32DRIVERSusbser_lowerfltx64.sys []
S3 usbscan;Драйвер USB-сканера; C:Windowssystem32DRIVERSusbscan.sys []
S3 usbser;USB Modem Driver; C:Windowssystem32driversusbser.sys []
S3 UsbserFilt;UsbserFilt; C:Windowssystem32DRIVERSusbser_lowerfltx64j.sys []
S3 WinUsb;WinUsb; C:Windowssystem32DRIVERSWinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service; C:Program Files (x86)ABBYY FineReader 9.0NetworkLicenseServer.exe [2007-11-02 566560]
R2 AESTFilters;Andrea ST Filters Service; C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_ccf0dd3cb081af84AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:Windowssystem32atiesrxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2011-01-01 40384]
R2 DUMeterSvc;DU Meter Service; C:Program Files (x86)DU MeterDUMeterSvc.exe [2010-08-31 1411616]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 Guard.Mail.ru;Guard.Mail.ru; C:Program Files (x86)Mail.RuGuardGuardMailRu.exe [2010-12-20 1038016]
R2 hpsrv;HP Service; C:Windowssystem32Hpservice.exe []
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program Files (x86)Common FilesLightScribeLSSrvc.exe [2009-06-17 73728]
R2 MBAMService;MBAMService; C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe [2010-12-20 363344]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:Program Files (x86)CyberLinkShared filesRichVideo.exe [2009-01-22 247152]
R2 STacSV;Audio Service; C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_ccf0dd3cb081af84STacSV64.exe [2009-07-22 240128]
R2 StarWindServiceAE;StarWind AE Service; C:Program Files (x86)Alcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-29 275968]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:Program Files (x86)TuneUp Utilities 2010TuneUpUtilitiesService64.exe [2009-10-30 1353544]
R2 UxTuneUp;@%SystemRoot%System32uxtuneup.dll,-4096; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:WindowsSystem32appdrvrem01.exe svc []
S2 gupdate;Google Update Service (gupdate); C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2010-10-08 136176]
S3 2GISUpdateService;2GIS UpdateService; C:Program Files (x86)2gis3.02GISUpdateService.exe [2010-09-29 837464]
S3 Adobe LM Service;Adobe LM Service; C:Program Files (x86)Common FilesAdobe Systems SharedServiceAdobelmsvc.exe [2010-08-22 72704]
S3 Com4QLBEx;Com4QLBEx; C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe [2009-05-05 228408]
S3 GameConsoleService;GameConsoleService; C:Program Files (x86)HP GamesHP Game ConsoleGameConsoleService.exe [2009-05-23 250616]
S3 hpqwmiex;hpqwmiex; C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe [2009-04-30 229944]
S3 IDriverT;InstallDriver Table Manager; C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program Files (x86)Microsoft OfficeOffice12GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:Program Files (x86)Common FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe [2009-06-02 637952]
S3 TuneUp.Defrag;@C:Program Files (x86)TuneUp Utilities 2010TuneUpDefragService.exe,-1; C:Program Files (x86)TuneUp Utilities 2010TuneUpDefragService.exe [2010-09-03 607048]
S3 WatAdminSvc;@%SystemRoot%system32WatWatUX.exe,-601; C:Windowssystem32WatWatAdminSvc.exe []