Еще результат сканирования HijackThis:
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Толя at 2009-02-08 16:53:08
Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (42%) free of 38 GB
Total RAM: 1023 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:53:15, on 08.02.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:Program Files2gisUpdateClientWin32UpdateClientService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesEsetnod32krn.exe
C:Program FilesAgnitumOutpost Firewalloutpost.exe
c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSOUNDMAN.EXE
C:Program FilesDAEMON Toolsdaemon.exe
C:Program FilesEsetnod32kui.exe
C:Program Files2gisUpdateClientWin32UpdateClientUI.exe
C:Program FilesVistaDriveIconVistaDrv.exe
C:Program FilesPunto Switcherps.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesHEXelon MAX 6hexelon.exe
C:Program FilesCPU-ControlCPU_Control.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesOrbitdownloaderorbitdm.exe
C:PROGRA~1MICROS~3rapimgr.exe
C:Program FilesOrbitdownloaderorbitnet.exe
C:WINDOWSsystem32wscntfy.exe
C:Program FilesOperaopera.exe
C:Documents and SettingsТоляРабочий столRSIT.exe
C:Program FilesTrend MicroHijackThisТоля.exe
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://search.orbitdownloader.com
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: btorbit.com — {000123B4-9B42-4900-B3F7-F4B073EFC214} — C:Program FilesOrbitdownloaderorbitcth.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_07binssv.dll
O3 — Toolbar: Grab Pro — {C55BBCD6-41AD-48AD-9953-3609C48EACC7} — C:Program FilesOrbitdownloaderGrabPro.dll
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [Outpost Firewall] C:Program FilesAgnitumOutpost Firewalloutpost.exe /waitservice
O4 — HKLM..Run: [OutpostFeedBack] C:Program FilesAgnitumOutpost Firewallfeedback.exe /dump:os_startup
O4 — HKLM..Run: [DAEMON Tools] «C:Program FilesDAEMON Toolsdaemon.exe» -lang 1049
O4 — HKLM..Run: [nod32kui] «C:Program FilesEsetnod32kui.exe» /WAITSERVICE
O4 — HKLM..Run: [2gis update client UI] «C:Program Files2gisUpdateClientWin32UpdateClientUI.exe» -minimized
O4 — HKCU..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherps.exe
O4 — HKCU..Run: [H/PC Connection Agent] «C:Program FilesMicrosoft ActiveSyncwcescomm.exe»
O4 — HKCU..Run: [HEXelon MAX] «C:Program FilesHEXelon MAX 6hexelon.exe» /auto
O4 — HKCU..Run: [CPU_Control] C:Program FilesCPU-ControlCPU_Control.exe
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [IE7_011] regsvr32 /s /n /i:u shell32 (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [IE7_011] regsvr32 /s /n /i:u shell32 (User ‘Default user’)
O4 — Global Startup: Orbit.lnk = C:Program FilesOrbitdownloaderorbitdm.exe
O4 — Global Startup: Быстрый запуск AutoCAD.lnk = C:Program FilesCommon FilesAutodesk Sharedacstart16.exe
O8 — Extra context menu item: &Download by Orbit — res://C:Program FilesOrbitdownloaderorbitmxt.dll/201
O8 — Extra context menu item: &Grab video by Orbit — res://C:Program FilesOrbitdownloaderorbitmxt.dll/204
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Do&wnload selected by Orbit — res://C:Program FilesOrbitdownloaderorbitmxt.dll/203
O8 — Extra context menu item: Down&load all by Orbit — res://C:Program FilesOrbitdownloaderorbitmxt.dll/202
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_07binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_07binssv.dll
O9 — Extra button: Create Mobile Favorite — {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra button: (no name) — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra ‘Tools’ menuitem: Создание избранного на мобильном устройстве… — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra button: (no name) — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — (no file)
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 — HKLMSystemCCSServicesTcpip..{610C49BF-872B-4686-B793-F0664080844C}: NameServer = 217.70.106.5,217.70.96.34
O17 — HKLMSystemCCSServicesTcpip..{AE0E689B-8296-49C2-99EE-D2AF12D0DF12}: NameServer = 91.144.180.1 91.144.182.1
O23 — Service: 2GIS UpdateClientService — ДубльГИС — C:Program Files2gisUpdateClientWin32UpdateClientService.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: Autodesk Licensing Service — Autodesk — C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
O23 — Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) — Apple Computer, Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NOD32 Kernel Service (NOD32krn) — Eset — C:Program FilesEsetnod32krn.exe
O23 — Service: Outpost Firewall Service (OutpostFirewall) — Agnitum Ltd. — C:Program FilesAgnitumOutpost Firewalloutpost.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Protexis Licensing V2 (PSI_SVC_2) — Protexis Inc. — c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe
—
End of file — 8564 bytes
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class — C:Program FilesOrbitdownloaderorbitcth.dll [2008-12-19 134344]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll [2003-11-04 54248]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_07binssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} — Grab Pro — C:Program FilesOrbitdownloaderGrabPro.dll [2008-12-19 482424]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-17 577536]
«Outpost Firewall»=C:Program FilesAgnitumOutpost Firewalloutpost.exe [2007-04-05 94720]
«OutpostFeedBack»=C:Program FilesAgnitumOutpost Firewallfeedback.exe [2007-06-28 335872]
«DAEMON Tools»=C:Program FilesDAEMON Toolsdaemon.exe [2006-11-12 157592]
«nod32kui»=C:Program FilesEsetnod32kui.exe [2008-11-10 949376]
«2gis update client UI»=C:Program Files2gisUpdateClientWin32UpdateClientUI.exe [2008-09-17 4055040]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=C:Program FilesVistaDriveIconVistaDrv.exe [2008-03-23 132096]
«Punto Switcher»=C:Program FilesPunto Switcherps.exe [2004-11-14 205824]
«H/PC Connection Agent»=C:Program FilesMicrosoft ActiveSyncwcescomm.exe [2006-06-21 1211176]
«HEXelon MAX»=C:Program FilesHEXelon MAX 6hexelon.exe [2007-06-28 2816512]
«CPU_Control»=C:Program FilesCPU-ControlCPU_Control.exe [2008-11-03 1034240]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-09-15 37376]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupreg2gis update client UI]
C:Program Files2gisUpdateClientWin32UpdateClientUI.exe [2008-09-17 4055040]
C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Orbit.lnk — C:Program FilesOrbitdownloaderorbitdm.exe
Быстрый запуск AutoCAD.lnk — C:Program FilesCommon FilesAutodesk Sharedacstart16.exe
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2008-01-09 122880]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32wpdshserviceobj.dll [2007-06-18 133632]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=323
«NoThumbnailCache»=1
«NoSMConfigurePrograms»=1
«NoSMHelp»=1
«NoDriveAutoRun»=67108863
«NoDrives»=0
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=
«NoDriveTypeAutoRun»=
«NoDrives»=
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»
«C:Program FilesOrbitdownloaderorbitdm.exe»=»C:Program FilesOrbitdownloaderorbitdm.exe:*:Enabled:Orbit»
«C:Program FilesOrbitdownloaderorbitnet.exe»=»C:Program FilesOrbitdownloaderorbitnet.exe:*:Enabled:Orbit»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»
======File associations======
.scr — open — «C:WINDOWSsystem32notepad.exe» «%1»
.scr — install —
.scr — config —
======List of files/folders created in the last 1 months======
2009-02-08 16:53:08 —-D—- C:rsit
2009-02-08 16:25:47 —-D—- C:WINDOWStemp
2009-02-08 16:25:45 —-A—- C:ComboFix.txt
2009-02-08 16:20:07 —-A—- C:WINDOWSNIRCMD.exe
2009-02-08 16:18:38 —-A—- C:WINDOWSzip.exe
2009-02-08 16:18:38 —-A—- C:WINDOWSVFIND.exe
2009-02-08 16:18:38 —-A—- C:WINDOWSSWREG.exe
2009-02-08 16:18:38 —-A—- C:WINDOWSsed.exe
2009-02-08 16:18:38 —-A—- C:WINDOWSgrep.exe
2009-02-08 16:18:38 —-A—- C:WINDOWSfdsv.exe
2009-02-08 16:18:37 —-A—- C:WINDOWSSWXCACLS.exe
2009-02-08 16:18:37 —-A—- C:WINDOWSSWSC.exe
2009-02-08 16:17:31 —-D—- C:WINDOWSERDNT
2009-02-08 16:17:30 —-D—- C:Qoobox
2009-02-08 15:40:32 —-D—- C:Documents and SettingsТоляApplication DataWinRAR
2009-02-08 15:31:41 —-D—- C:WINDOWSERUNT
2009-02-08 15:03:08 —-A—- C:WINDOWSntbtlog.txt
2009-02-01 16:15:50 —-D—- C:FlylinkDC++
2009-01-29 22:56:38 —-D—- C:Documents and SettingsТоляApplication DataASCON
2009-01-29 22:13:15 —-D—- C:Program FilesASCON
2009-01-27 21:29:27 —-D—- C:Documents and SettingsТоляApplication DataThunderbird
2009-01-27 21:29:13 —-D—- C:Program FilesMozilla Thunderbird
2009-01-18 00:44:29 —-D—- C:Documents and SettingsТоляApplication DataCorel
2009-01-18 00:42:03 —-D—- C:Program FilesCommon FilesProtexis
2009-01-18 00:42:02 —-D—- C:Documents and SettingsAll UsersApplication DataCorel
2009-01-18 00:39:53 —-D—- C:Program FilesCommon FilesCorel
2009-01-18 00:38:47 —-D—- C:Program FilesCorel
2009-01-12 22:01:23 —-D—- C:WINDOWSMinidump
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32VBAR332.DLL
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32msxbse35.dll
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32mstext35.dll
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32msrpfs35.dll
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32msrepl35.dll
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32msrd2x35.dll
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32mspdox35.dll
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32msltus35.dll
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32msjt4jlt.dll
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32msjet35.dll
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32msexcl35.dll
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32msexch35.dll
2009-01-11 20:20:52 —-A—- C:WINDOWSsystem32JETCOMP.exe
2009-01-11 20:20:51 —-A—- C:WINDOWSsystem32msjter35.dll
2009-01-11 20:20:51 —-A—- C:WINDOWSsystem32msjint35.dll
2009-01-11 20:20:48 —-HD—- C:Program FilesInstallShield Installation Information
2009-01-11 20:20:48 —-D—- C:Program FilesSamsung
2009-01-10 12:36:29 —-D—- C:Program FilesMatrix
======List of files/folders modified in the last 1 months======
2009-02-08 16:52:14 —-D—- C:Documents and SettingsТоляApplication DataOrbit
2009-02-08 16:33:42 —-D—- C:WINDOWS
2009-02-08 16:33:33 —-A—- C:WINDOWSODBC.INI
2009-02-08 16:32:09 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-08 16:25:51 —-D—- C:WINDOWSsystem32
2009-02-08 16:25:44 —-D—- C:WINDOWSPrefetch
2009-02-08 16:24:04 —-A—- C:WINDOWSsystem.ini
2009-02-08 16:22:59 —-D—- C:WINDOWSsystem32drivers
2009-02-08 16:22:58 —-D—- C:WINDOWSAppPatch
2009-02-08 16:22:58 —-AD—- C:Program FilesCommon Files
2009-02-08 16:17:39 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-08 15:48:04 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-02-08 15:44:23 —-D—- C:SDFix
2009-02-08 15:42:08 —-D—- C:Documents and Settings
2009-02-08 15:38:32 —-SHD—- C:System Volume Information
2009-02-08 15:38:32 —-D—- C:WINDOWSsystem32Restore
2009-02-08 15:33:42 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-02-08 14:18:17 —-D—- C:Program FilesOrbitdownloader
2009-02-08 12:48:08 —-A—- C:WINDOWSsetuplog.txt
2009-02-07 13:02:06 —-D—- C:temp
2009-02-06 18:33:50 —-D—- C:Program FilesQIP Infium
2009-02-05 23:47:05 —-A—- C:WINDOWSNeroDigital.ini
2009-02-02 23:36:48 —-A—- C:WINDOWSUpdateClientUI.INI
2009-02-02 23:36:05 —-SHD—- C:WINDOWSInstaller
2009-02-01 22:06:26 —-AD—- C:Program Files
2009-02-01 22:06:24 —-D—- C:Documents and SettingsТоляApplication DataMozilla
2009-02-01 17:54:46 —-D—- C:Program FilesOpera
2009-01-29 23:21:05 —-D—- C:WINDOWSsystem32config
2009-01-29 22:13:22 —-D—- C:WINDOWSWinSxS
2009-01-29 22:13:15 —-RSD—- C:WINDOWSFonts
2009-01-18 11:15:22 —-D—- C:Documents and SettingsAll UsersApplication DataMicrosoft Help
2009-01-12 21:45:40 —-HD—- C:WINDOWSinf
2009-01-11 20:21:01 —-AD—- C:Program FilesCommon FilesMicrosoft Shared
2009-01-11 20:20:58 —-HD—- C:Program FilesUninstall Information
2009-01-11 20:20:37 —-D—- C:Program FilesCommon FilesInstallShield
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-14 14720]
R1 nod32drv;nod32drv; C:WINDOWSsystem32driversnod32drv.sys [2008-11-10 15424]
R1 SandBox;Outpost Firewall Sandbox Driver; ??C:Program FilesAgnitumOutpost FirewallkernelSandbox.SYS []
R1 VFILT;Outpost Firewall Kernel Driver; ??C:Program FilesAgnitumOutpost FirewallkernelFILTNT.SYS []
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2008-04-15 12032]
R2 AMON;AMON; C:WINDOWSsystem32driversamon.sys [2008-11-10 512096]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2008-07-08 62848]
R3 ADBLOCK.DLL;Outpost Firewall PlugIn (ADBLOCK.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelADBLOCK.DLL []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2008-01-25 4127488]
R3 ARP.DLL;Outpost Firewall PlugIn (ARP.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelARP.DLL []
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-09-15 60800]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2008-01-09 2846720]
R3 CONTENT.DLL;Outpost Firewall PlugIn (CONTENT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelCONTENT.DLL []
R3 DNSCACHE.DLL;Outpost Firewall PlugIn (DNSCACHE.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelDNSCACHE.DLL []
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:WINDOWSsystem32DRIVERSfetnd5bv.sys [2007-09-22 43520]
R3 FTPFILT.DLL;Outpost Firewall PlugIn (FTPFILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelFTPFILT.DLL []
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:WINDOWSsystem32driversAtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 HTMLFILT.DLL;Outpost Firewall PlugIn (HTMLFILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelHTMLFILT.DLL []
R3 HTTPFILT.DLL;Outpost Firewall PlugIn (HTTPFILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelHTTPFILT.DLL []
R3 IMAPFILT.DLL;Outpost Firewall PlugIn (IMAPFILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelIMAPFILT.DLL []
R3 MAILFILT.DLL;Outpost Firewall PlugIn (MAILFILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelMAILFILT.DLL []
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-09-15 61824]
R3 NNTPFILT.DLL;Outpost Firewall PlugIn (NNTPFILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelNNTPFILT.DLL []
R3 nvmpu401;Service for NVIDIA(R) nForce(TM) MIDI UART; C:WINDOWSsystem32driversnvmpu401.sys [2006-02-26 10240]
R3 POP3FILT.DLL;Outpost Firewall PlugIn (POP3FILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelPOP3FILT.DLL []
R3 PROTECT.DLL;Outpost Firewall PlugIn (PROTECT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelPROTECT.DLL []
R3 SECRET.DLL;Outpost Firewall PlugIn (SECRET.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelSECRET.DLL []
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-14 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-14 59520]
R3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
S3 arwn11ap;arwn11ap; C:WINDOWSsystem32driversarwn11ap.sys []
S3 usb_rndisx;Адаптер USB RNDIS; C:WINDOWSsystem32DRIVERSusb8023x.sys [2008-04-13 12800]
S3 usb2vcom;USB Data Cable; C:WINDOWSsystem32DRIVERSusb2vcom.sys [2005-05-25 22760]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2007-06-18 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2007-06-18 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 2GIS UpdateClientService;2GIS UpdateClientService; C:Program Files2gisUpdateClientWin32UpdateClientService.exe [2008-09-17 1134592]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2008-01-09 512000]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:Program FilesBonjourmDNSResponder.exe [2006-02-28 229376]
R2 NOD32krn;NOD32 Kernel Service; C:Program FilesEsetnod32krn.exe [2008-11-10 552064]
R2 OutpostFirewall;Outpost Firewall Service; C:Program FilesAgnitumOutpost Firewalloutpost.exe [2007-04-05 94720]
R2 PSI_SVC_2;Protexis Licensing V2; c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe [2007-07-24 185632]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe [2009-01-06 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2008-10-13 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2007-10-11 864256]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media Playerwmpnetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2007-10-11 122880]
EOF
