Logfile of random’s system information tool 1.05 (written by random/random)
Run by Berzz at 2009-02-16 22:57:53
Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (11%) free of 10 GB
Total RAM: 511 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:56:28, on 16.02.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSOUNDMAN.EXE
D:softpower DVDPDVDServ.exe
D:softProcess Killerprkiller.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesEsetnod32kui.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesJavajre6binjusched.exe
C:WINDOWSsystem32ctfmon.exe
C:Documents and SettingsBerzzLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
D:softWinampWinamp.exe
C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
C:WINDOWSsystem32DRIVERSCDANTSRV.EXE
C:Program FilesJavajre6binjqs.exe
D:Autodesk3ds Max 9mentalraysatelliteraysat_3dsmax9_32server.exe
C:Program FilesEsetnod32krn.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesCyberLinkShared filesRichVideo.exe
C:Program FilesQIP Infiuminfium.exe
C:Program FilesOperaopera.exe
D:softArsenal CompanyСократ Персональный 4.1spv.exe
D:softARSENA~1СОКРАТ~1.1Spe.exe
C:Documents and SettingsBerzzРабочий столRSIT.exe
C:Program Filestrend microBerzz.exe
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = start.qip.ru
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: QIPBHO Class — {95289393-33EA-4F8D-B952-483415B9C955} — C:Documents and SettingsBerzzApplication DataMicrosoftInternet Explorerqipsearchbar.dll
R3 — URLSearchHook: (no name) — — (no file)
O2 — BHO: flashget urlcatch — {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} — D:softFlashGetjccatch.dll
O2 — BHO: Java(tm) Plug-In SSV Helper — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre6binssv.dll
O2 — BHO: URLHooker2 Class — {93935F7F-9C88-42F8-8445-95251D27FABC} — C:PROGRA~1FLASHV~1URLHOO~1.DLL (file missing)
O2 — BHO: QIPBHO — {95289393-33EA-4F8D-B952-483415B9C955} — C:Documents and SettingsBerzzApplication DataMicrosoftInternet Explorerqipsearchbar.dll
O2 — BHO: BP Data Feeder — {9D64F819-9380-8473-DAB2-702FCB3D7A3E} — %USERPROFILE%Application Databpfeed.dll (file missing)
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O2 — BHO: FlashGet GetFlash Class — {F156768E-81EF-470C-9057-481BA8380DBA} — D:softFlashGetgetflash.dll
O3 — Toolbar: FlashGet — {E0E899AB-F487-11D5-8D29-0050BA6940E3} — D:softFlashGetfgiebar.dll
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [RemoteControl] «D:softpower DVDPDVDServ.exe»
O4 — HKLM..Run: [Process Killer] D:softProcess Killerprkiller.exe
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nod32kui] «C:Program FilesEsetnod32kui.exe» /WAITSERVICE
O4 — HKLM..Run: [LiveNote] livenote.exe
O4 — HKLM..Run: [LanguageShortcut] «D:softpower DVDLanguageLanguage.exe»
O4 — HKLM..Run: [FlashGet] D:softFlashGetFlashGet.exe /min
O4 — HKLM..Run: [anvshell] anvshell.exe
O4 — HKLM..Run: [Active Web Reader] C:Program FilesDeskshareActive Web ReaderActive Web Reader.exe -background
O4 — HKLM..Run: [parentalcontrol] «C:Program Filesparentalcontrolparentalcontrol.exe» «C:Program Filesparentalcontrolparentalcontrol.dll» «parentalcontrol»
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherps.exe
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [Google Update] «C:Documents and SettingsBerzzLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» /c
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: BlueSoleil.lnk = C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
O8 — Extra context menu item: &D&ownload &with BitComet — res://D:softBitCometBitComet.exe/AddLink.htm
O8 — Extra context menu item: &D&ownload all video with BitComet — res://D:softBitCometBitComet.exe/AddVideo.htm
O8 — Extra context menu item: &D&ownload all with BitComet — res://D:softBitCometBitComet.exe/AddAllLink.htm
O8 — Extra context menu item: &Закачать все при помощи FlashGet — D:softFlashGetjc_all.htm
O8 — Extra context menu item: &Закачать при помощи FlashGet — D:softFlashGetjc_link.htm
O9 — Extra button: FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — D:softFlashGetFlashGet.exe
O9 — Extra ‘Tools’ menuitem: FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — D:softFlashGetFlashGet.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Extract Flash Video with Bytescout… — {F10082A8-5BC5-489A-9892-28B9EE35F5E3} — C:Program FilesBytescout Movies Extractor Scoutflashextract_ie.html (file missing)
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O12 — Plugin for .pdf: C:Program FilesInternet ExplorerPLUGINSnppdf32.dll
O16 — DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) — http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 — DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) — http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 — DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} — http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 — DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) — http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
O16 — DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) — http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232743139125
O17 — HKLMSystemCCSServicesTcpip..{DA69388E-2CAA-409F-B5BF-28AD81F85B1A}: NameServer = 91.144.164.1 91.144.166.1
O21 — SSODL: CDBurn — {B1A7C4C9-BCB1-06AF-B7B7-80C9C0EF4E52} — MSVCR32.DLL (file missing)
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Autodesk Licensing Service — Autodesk — C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
O23 — Service: BlueSoleil Hid Service — Unknown owner — C:Program FilesIVT CorporationBlueSoleilBTNtService.exe
O23 — Service: C-DillaSrv — C-Dilla Ltd — C:WINDOWSsystem32DRIVERSCDANTSRV.EXE
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) — Unknown owner — D:Autodesk3ds Max 9mentalraysatelliteraysat_3dsmax9_32server.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: MySQL5 — Unknown owner — C:Program.exe (file missing)
O23 — Service: NOD32 Kernel Service (NOD32krn) — Eset — C:Program FilesEsetnod32krn.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Cyberlink RichVideo Service(CRVS) (RichVideo) — Unknown owner — C:Program FilesCyberLinkShared filesRichVideo.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: FrontLine Drivers Auto Removal (v2) (sfrem02) — Protection Technology (StarForce) — C:WINDOWSsystem32sfrem02.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe
—
End of file — 10312 bytes
======Scheduled tasks folder======
C:WINDOWStasksUser_Feed_Synchronization-{A7A15D39-BC39-4077-8CB5-CCA51290A715}.job
C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-117609710-1220945662-839522115-1003.job
C:WINDOWStaskslf.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl — D:softFlashGetjccatch.dll [2007-01-29 75528]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper — C:Program FilesJavajre6binssv.dll [2009-01-28 320920]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{93935F7F-9C88-42F8-8445-95251D27FABC}]
URLHooker2 Class — C:PROGRA~1FLASHV~1URLHOO~1.DLL []
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class — C:Documents and SettingsBerzzApplication DataMicrosoftInternet Explorerqipsearchbar.dll [2008-12-30 131072]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9D64F819-9380-8473-DAB2-702FCB3D7A3E}]
BP Data Feeder — C:Documents and SettingsBerzzApplication Databpfeed.dll [2009-01-23 69632]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-01-28 34816]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-01-28 73728]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class — D:softFlashGetgetflash.dll [2007-01-15 136968]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} — FlashGet — D:softFlashGetfgiebar.dll [2007-01-15 104200]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2003-07-23 56832]
«RemoteControl»=D:softpower DVDPDVDServ.exe [2005-12-07 30208]
«Process Killer»=D:softProcess Killerprkiller.exe [2005-07-30 38400]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2008-05-03 86016]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2008-05-03 13529088]
«nod32kui»=C:Program FilesEsetnod32kui.exe [2009-02-10 917504]
«LiveNote»=C:WINDOWSlivenote.exe [2002-07-11 40960]
«LanguageShortcut»=D:softpower DVDLanguageLanguage.exe [2006-04-13 49152]
«FlashGet»=D:softFlashGetFlashGet.exe [2007-01-30 1554184]
«anvshell»=C:WINDOWSanvshell.exe [2003-05-29 348160]
«Active Web Reader»=C:Program FilesDeskshareActive Web ReaderActive Web Reader.exe -background []
«parentalcontrol»=C:Program Filesparentalcontrolparentalcontrol.exe [2006-08-31 36544]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-01-28 136600]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Punto Switcher»=C:Program FilesPunto Switcherps.exe []
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe []
«Google Update»=C:Documents and SettingsBerzzLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2009-02-12 133104]
C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
BlueSoleil.lnk — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
CDBurn — {B1A7C4C9-BCB1-06AF-B7B7-80C9C0EF4E52} — C:WINDOWSsystem32MSVCR32.DLL [2004-08-17 20480]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=323
«NoDriveAutoRun»=67108863
«NoDrives»=0
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoResolveSearch»=
«NoDriveAutoRun»=
«NoDriveTypeAutoRun»=
«NoDrives»=
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«D:GAMESValvehl.exe»=»D:GAMESValvehl.exe:*:Disabled:Half-Life Launcher»
«D:Autodesk3ds Max 93dsmax.exe»=»D:Autodesk3ds Max 93dsmax.exe:*:Disabled:3ds Max application»
«C:Program FilesQIP Infiuminfium.exe»=»C:Program FilesQIP Infiuminfium.exe:*:Enabled:QIP Infium»
«D:softFlashGetFlashGet.exe»=»D:softFlashGetFlashGet.exe:*:Disabled:FlashGet»
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
======List of files/folders created in the last 1 months======
2009-02-16 17:14:42 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
2009-02-16 17:14:42 —-A—- C:WINDOWSsystem32ff_vfw.dll
2009-02-16 17:14:39 —-D—- C:Program FilesK-Lite Codec Pack
2009-02-16 09:21:11 —-D—- C:Documents and SettingsAll UsersApplication DataBluetooth
2009-02-16 09:16:54 —-D—- C:Program FilesIVT Corporation
2009-02-15 18:31:56 —-SHD—- C:FOUND.003
2009-02-13 12:43:40 —-D—- C:ComboFix
2009-02-12 19:54:46 —-A—- C:WINDOWSIE4 Error Log.txt
2009-02-12 16:18:58 —-SHD—- C:FOUND.002
2009-02-12 02:17:10 —-HD—- C:WINDOWS$NtUninstallKB960715$
2009-02-11 00:50:59 —-A—- C:ComboFix.txt
2009-02-10 02:27:32 —-SHD—- C:FOUND.001
2009-02-06 21:09:34 —-SHD—- C:FOUND.000
2009-02-05 13:09:10 —-D—- C:Program FilesQIP.Online
2009-02-01 16:53:46 —-D—- C:Program FilesICQ6Toolbar
2009-02-01 16:53:45 —-D—- C:Documents and SettingsAll UsersApplication DataICQ
2009-02-01 16:53:25 —-D—- C:Documents and SettingsBerzzApplication DataICQ
2009-01-31 17:53:23 —-A—- C:WINDOWSsystem32WkExt32.dll
2009-01-31 17:53:23 —-A—- C:WINDOWSsystem32WibuXpm4J32.dll
2009-01-31 17:53:23 —-A—- C:WINDOWSsystem32wibuKJni.dll
2009-01-31 17:53:22 —-A—- C:WINDOWSsystem32WkDos.exe
2009-01-31 17:53:16 —-A—- C:WINDOWSsystem32WkWin32.dll
2009-01-31 17:53:02 —-D—- C:Program FilesWIBU-SYSTEMS
2009-01-31 17:53:02 —-D—- C:Program FilesWIBUKEY
2009-01-31 17:51:46 —-D—- C:Program FilesChaos Group
2009-01-30 20:35:41 —-D—- C:Documents and SettingsBerzzApplication DataYandex
2009-01-30 13:12:34 —-HD—- C:WINDOWSie8
2009-01-30 13:12:34 —-D—- C:WINDOWSsystem32en-US
2009-01-28 09:38:46 —-D—- C:Documents and SettingsAll UsersApplication DataNFS Underground
2009-01-28 09:37:21 —-D—- C:Program FilesCommon FilesDirectX
2009-01-28 01:32:22 —-A—- C:WINDOWSsystem32javaws.exe
2009-01-28 01:32:22 —-A—- C:WINDOWSsystem32javaw.exe
2009-01-28 01:32:22 —-A—- C:WINDOWSsystem32java.exe
2009-01-27 22:50:11 —-D—- C:Program FilesWindows Live Safety Center
2009-01-27 19:45:37 —-D—- C:Documents and SettingsBerzzApplication DataSun
2009-01-27 19:44:44 —-D—- C:Program FilesJava
2009-01-27 19:42:13 —-D—- C:Program FilesCommon FilesJava
2009-01-27 18:15:54 —-D—- C:WINDOWStemp
2009-01-25 18:03:06 —-D—- C:Documents and SettingsAll UsersApplication DataEgoset
2009-01-25 18:02:13 —-D—- C:Program FilesGamerOnline.ru
2009-01-25 03:37:53 —-RASHD—- C:cmdcons
2009-01-25 03:25:10 —-D—- C:WINDOWSERDNT
2009-01-25 01:04:10 —-D—- C:Documents and SettingsBerzzApplication DataMalwarebytes
2009-01-25 01:04:04 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2009-01-24 22:33:02 —-A—- C:WINDOWSsystem32mucltui.dll.mui
2009-01-24 22:33:02 —-A—- C:WINDOWSsystem32mucltui.dll
2009-01-24 20:17:28 —-D—- C:Program FilesQIP Infium
2009-01-24 15:24:29 —-D—- C:WINDOWSie8updates
2009-01-24 15:24:21 —-HD—- C:WINDOWS$NtUninstallKB941569$
2009-01-24 15:24:02 —-HD—- C:WINDOWS$NtUninstallKB929399$
2009-01-24 15:23:44 —-HD—- C:WINDOWS$NtUninstallKB939683$
2009-01-24 15:23:25 —-HD—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-01-24 15:23:20 —-HD—- C:WINDOWS$NtUninstallKB954154_WM11$
2009-01-24 15:23:12 —-HD—- C:WINDOWS$NtUninstallKB936782_WMP11$
2009-01-24 15:21:07 —-D—- C:rsit
2009-01-24 13:41:31 —-A—- C:WINDOWSwininit.ini
2009-01-24 13:03:16 —-D—- C:Documents and SettingsAll UsersApplication DataSpybot — Search & Destroy
2009-01-24 04:09:47 —-D—- C:Program Filesparentalcontrol
2009-01-24 03:36:17 —-RASHD—- C:autorun.inf
2009-01-24 03:10:34 —-D—- C:Program Filestrend micro
2009-01-23 23:12:43 —-N—- C:WINDOWSsystem32spmsg.dll
2009-01-23 23:12:41 —-HD—- C:WINDOWS$NtUninstallMSCompPackV1$
2009-01-23 23:12:24 —-D—- C:Program FilesWindows Media Connect 2
2009-01-23 19:14:45 —-HD—- C:WINDOWS$NtUninstallKB953839$
2009-01-23 18:58:14 —-D—- C:Documents and SettingsBerzzApplication DataOpera
2009-01-23 18:58:06 —-D—- C:Program FilesOpera
2009-01-23 16:25:51 —-A—- C:Documents and SettingsBerzzApplication Databpfeed.dll
2009-01-18 00:53:30 —-A—- C:VRLServer.txt
2009-01-17 00:08:34 —-D—- C:Program FilesthriXXX
======List of files/folders modified in the last 1 months======
2009-02-16 22:46:24 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-11 00:49:28 —-A—- C:WINDOWSsystem.ini
2009-02-10 02:51:10 —-A—- C:WINDOWSsystem32imon.dll
2009-02-08 08:51:24 —-A—- C:vraylog.txt
2009-02-04 02:21:12 —-A—- C:WINDOWSsystem32mrt.exe
2009-01-28 01:32:10 —-A—- C:WINDOWSsystem32deploytk.dll
2009-01-25 03:37:58 —-RASH—- C:boot.ini
2009-01-24 02:38:18 —-A—- C:WINDOWSwin.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ANVIOCTL;ANVIOCTL; C:WINDOWSsystem32DRIVERSanvioctl.sys [2003-05-19 233280]
R1 asuskbnt;asuskbnt; C:WINDOWSsystem32DRIVERSasuskbnt.sys [2003-04-24 17150]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-14 40704]
R1 nod32drv;nod32drv; C:WINDOWSsystem32driversnod32drv.sys [2008-08-08 15424]
R1 prodrv01;prodrv01; C:WINDOWSsystem32driversprodrv01.sys [2000-11-23 125184]
R1 Tcpip6;Драйвер протокола IPv6 (Microsoft); C:WINDOWSsystem32DRIVERStcpip6.sys [2008-06-20 225856]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]
R2 AMON;AMON; ??C:WINDOWSsystem32driversamon.sys []
R2 Aspi32;Aspi32; C:WINDOWSSystem32driversaspi32.sys [2004-07-16 16512]
R2 Sentinel;Sentinel; C:WINDOWSSystem32DriversSENTINEL.SYS [1997-06-27 64512]
R2 tmcomm;tmcomm; ??C:WINDOWSsystem32driverstmcomm.sys []
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:WINDOWSSYSTEM32DRIVERSWibuKey.sys [2006-11-22 72704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2003-07-23 765420]
R3 BlueletAudio;Bluetooth Audio Service; C:WINDOWSsystem32DRIVERSblueletaudio.sys [2005-08-31 20480]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:WINDOWSsystem32DRIVERSBlueletSCOAudio.sys [2005-08-31 20480]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WINDOWSSystem32Driversbtcusb.sys [2005-07-29 23000]
R3 BTHidEnum;Bluetooth HID Enumerator; C:WINDOWSsystem32DRIVERSvbtenum.sys [2005-07-29 11988]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-13 10368]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-20 12160]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2008-05-03 6554496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2001-10-20 5888]
R3 rtl8139;Realtek RTL8139/810X Family PCI Fast Ethernet NIC NT Driver; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2001-08-23 25434]
R3 tunmp;Драйвер адаптера минипорта Microsoft Tun; C:WINDOWSsystem32DRIVERStunmp.sys [2008-04-13 12288]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 VComm;Virtual Serial port driver; C:WINDOWSsystem32DRIVERSVComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:WINDOWSSystem32DriversVcommMgr.sys [2005-03-25 82148]
S3 BT;Bluetooth PAN Network Adapter; C:WINDOWSsystem32DRIVERSbtnetdrv.sys [2005-04-30 10804]
S3 catchme;catchme; ??C:DOCUME~1BerzzLOCALS~1Tempcatchme.sys []
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-07-09 16384]
S3 C-Dilla;C-Dilla; ??C:WINDOWSsystem32driversCDANT.SYS []
S3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2008-10-29 223128]
S3 EIO;EIO; ??C:WINDOWSsystem32driversEIO.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-07-09 10112]
S3 npkcrypt;npkcrypt; ??D:GAMESLineageLineage II Gracia Part 1systemnpkcrypt.sys []
S3 Pcouffin;Low level access layer for CD devices; C:WINDOWSSystem32DriversPcouffin.sys []
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-07-09 14976]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
S3 vaxscsi;vaxscsi; C:WINDOWSSystem32Driversvaxscsi.sys [2008-10-28 223128]
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-07-09 18688]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Служба поддержки IPv6; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe [2009-01-08 72704]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:Program FilesIVT CorporationBlueSoleilBTNtService.exe [2005-04-06 110592]
R2 C-DillaSrv;C-DillaSrv; C:WINDOWSsystem32DRIVERSCDANTSRV.EXE [2002-07-18 46080]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-01-28 152984]
R2 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); D:Autodesk3ds Max 9mentalraysatelliteraysat_3dsmax9_32server.exe [2006-09-29 65536]
R2 NOD32krn;NOD32 Kernel Service; C:Program FilesEsetnod32krn.exe [2009-02-10 495616]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2008-05-03 159812]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:Program FilesCyberLinkShared filesRichVideo.exe [2005-08-08 167936]
S2 MySQL5;MySQL5; C:Program FilesMySQLMySQL Server 5.0binmysqld-nt —defaults-file=C:Program FilesMySQLMySQL Server 5.0my.ini MySQL5 []
S2 sfrem02;FrontLine Drivers Auto Removal (v2); C:WINDOWSsystem32sfrem02.exe [2006-05-11 358008]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-10-08 72704]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
EOF
info.txt logfile of random’s system information tool 1.05 2009-02-16 22:58:02
======Uninstall list======
—>MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
3dsmax ancillary install—>MsiExec.exe /I{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}
7-Zip 4.42—>»D:soft7-ZipUninstall.exe»
Adobe AIR—>C:Program FilesCommon FilesAdobe AIRVersions1.0ResourcesAdobe AIR Updater.exe -arp:uninstall
Adobe AIR—>MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Photoshop CS2—>msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 6.0—>MsiExec.exe /I{AC76BA86-7AD7-1033-7646-000000000001}
Adobe SVG Viewer 3.0—>C:Program FilesCommon FilesAdobeSVG Viewer 3.0UninstallWinstall.exe -u -fC:Program FilesCommon FilesAdobeSVG Viewer 3.0UninstallInstall.log
Aspyr MTX Mototrax—>D:GAMESMTXMTXunins000.exe
ASUS Display Drivers—>C:WINDOWSanvunis.exe
Autodesk 3ds Max 9 32-bit—>MsiExec.exe /I{E96D4088-AAC5-437F-9E39-EC0E387897B4}
Autodesk 3ds Max 9 SDK—>MsiExec.exe /I{E5490F28-894F-4721-BFFB-D682D74CF93E}
Autodesk DWF Viewer 7—>MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
Backburner—>MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
BlueSoleil—>MsiExec.exe /X{4A0BAA62-FE2F-4C93-A10B-5E6DE3B424A5}
BSPlayer—>»D:softBSplayerProuninstall.exe»
C-Dilla Licence Management System—>C:C_DILLAsetupcdunin16.exe
Circulate—>»D:GAMESCirculateunins000.exe»
Counter-Strike 1.6—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime�9�0Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{13B792AA-C078-43A4-8A3A-8B12D629940D}Setup.exe» -l0x19
DivX 5.0.5 Pro Video Codec—>C:WINDOWSsystem32rundll32.exe setupapi.dll,InstallHinfSection Remove_Mpeg_NT 132 C:WINDOWSINFdivx50.inf
DjVu Solo 3.1—>C:WINDOWSIsUninst.exe -f»d:softLizardTechDjVu Solo 3.1Uninst.isu»
Enable S3 for USB Device—>C:WINDOWSIsUninst.exe -f»C:Program FilesGigabyteEnable S3 for USB DeviceUninst.isu»
FastStone Image Viewer 2.29—>D:softFastStone Image Vieweruninst.exe
FBX Plugin 2006.08 for Max 9.0—>C:Program FilesAutodeskFBXFbxPlugins2006.08Max90Uninstall.exe
Final Fantasy VII—>C:WINDOWSIsUninst.exe -f»d:Final Fantasy VIIUninst.isu»
FL Studio 5—>D:softFLStudio5uninstall.exe
FlashGet 1.81—>D:softFlashGetuninst.exe
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)—>»C:WINDOWS$NtUninstallKB929399$spuninstspuninst.exe»
Hotfix для Microsoft .NET Framework 2.0 (КБ918842)—>C:WINDOWSsystem32msiexec.exe /promptrestart /uninstall {5FD48194-AD97-46A1-ABDB-12FC85916742} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Intel Application Accelerator—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9984DF60-1C5B-11D3-ACA1-908A4FC10801}Setup.exe» -INTELUNINST
J2SE Runtime Environment 5.0 Update 3—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
Java(TM) 6 Update 11—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
K-Lite Codec Pack 2.82 Standard—>»C:Program FilesK-Lite Codec Packunins000.exe»
Knights Of The Temple—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll
Kyodai Mahjongg 2006 v1.0—>»D:GAMESKyodai Mahjongg 2006unins000.exe»
MakeUp Pilot 1.30.1—>»D:softMakeUp Pilotunins000.exe»
Matrix Ижевск 6.0.8—>D:softMatrixuninst.exe
Microsoft .NET Framework 2.0—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0install.exe
Microsoft Compression Client Pack 1.0 for Windows XP—>»C:WINDOWS$NtUninstallMSCompPackV1$spuninstspuninst.exe»
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Primary Interoperability Assemblies 2005—>MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft User-Mode Driver Framework Feature Pack 1.0—>»C:WINDOWS$NtUninstallWudf01000$spuninstspuninst.exe»
Mojo Master Winamp Visualizer for Winamp (remove only)—>»D:softWinampuninst-vis_MojoMaster.dll.exe»
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK—>MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
NOD32 FiX v2.1—>»C:Program FilesEsetunins000.exe»
NVIDIA Drivers—>C:WINDOWSsystem32nvuninst.exe UninstallGUI
OpenOffice.org 2.0.2—>MsiExec.exe /I{2C0C0C7F-173F-475E-B558-1499BD306010}
Opera 9.63—>MsiExec.exe /X{1BC4026B-1957-4514-9058-2B542557F143}
Peggle Deluxe 1.0—>C:Program FilesPopCap GamesPeggle DeluxePopUninstall.exe «C:Program FilesPopCap GamesPeggle DeluxeInstall.log»
Perfect World 1.3.4.2265—>»D:GAMESPerfect Worldunins000.exe»
PowerDVD—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}setup.exe» -uninstall
QIP 2005 8090—>»C:Program FilesQIPunins000.exe»
QIP.Online—>C:Program FilesQIP.OnlineUninstall.exe
QuickTime 3.0—>C:WINDOWSuninst.exe -f»C:Program FilesQuickTimeDeIsL1.isu» -c»C:WINDOWSsystem32QTUninst.dll
Realtek AC’97 Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}setup.exe» REMOVE
RTLSetup—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}Setup.exe» -l0x9 REMOVE
Solid Balance—>D:GAMESSolid Balanceuninst.exe
SuperCleaner—>»C:Program FilesSuperCleanerUninst.exe» C:Program FilesSuperCleanerUninst.ini
V-Ray for 3dsmax R9 for x86—>»C:Program FilesChaos GroupV-Ray3dsmax R9 for x86uninstallwininstaller.exe»-uninstall=»C:Program FilesChaos GroupV-Ray3dsmax R9 for x86uninstallinstall.log» -uninstallApp=»V-Ray for 3dsmax R9 for x86″
WIBU-KEY Setup (WIBU-KEY Remove)—>C:Program FilesWIBUKEYSetupSetup32.exe /R:{00060000-0000-1004-8002-0000C06B5161}
Winamp—>»D:softWinampUninstWA.exe»
Windows Internet Explorer 8 Release Candidate 1—>»C:WINDOWSie8spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»C:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
Windows XP Service Pack 3—>»C:WINDOWS$NtServicePackUninstall$spuninstspuninst.exe»
Антивирусная система NOD32—>C:Program FilesEsetSetupsetup.exe /UNINSTALL
Исправление для Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Исправление для проигрывателя Windows Media 11 — (KB939683)—>»C:WINDOWS$NtUninstallKB939683$spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB938127)—>»C:WINDOWSie7updatesKB938127-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB938127-v2)—>»C:WINDOWSie7updatesKB938127-v2-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB956390)—>»C:WINDOWSie7updatesKB956390-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB958215)—>»C:WINDOWSie7updatesKB958215-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB960714)—>»C:WINDOWSie7updatesKB960714-IE7spuninstspuninst.exe»
Обновление безопасности для Windows XP — (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954211)—>»C:WINDOWS$NtUninstallKB954211$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954459)—>»C:WINDOWS$NtUninstallKB954459$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956391)—>»C:WINDOWS$NtUninstallKB956391$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956841)—>»C:WINDOWS$NtUninstallKB956841$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957095)—>»C:WINDOWS$NtUninstallKB957095$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960715)—>»C:WINDOWS$NtUninstallKB960715$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 11 — (KB936782)—>»C:WINDOWS$NtUninstallKB936782_WMP11$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 11 — (KB954154)—>»C:WINDOWS$NtUninstallKB954154_WM11$spuninstspuninst.exe»
Обновление для Windows XP (KB951978)—>»C:WINDOWS$NtUninstallKB951978$spuninstspuninst.exe»
Обновление для Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
Проигрыватель Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
Сократ Персональный 4.1—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9CD789E2-B7CE-11D5-B7E9-00A0C9449F99}setup.exe»
=====HijackThis Backups=====
O4 — HKLM..Run: [SweetIM] C:Program FilesSweetIMMessengerSweetIM.exe
O4 — HKLM..Run: [SweetIM] C:Program FilesSweetIMMessengerSweetIM.exe
======Security center information======
AV: Антивирусная система Eset NOD32 2.50
System event log
Computer Name: MUSTANG
Event Code: 1007
Message: Компьютер автоматически настроил IP-адрес для сетевого адаптера
с адресом 0080484110FD. Используется IP-адрес 169.254.184.176.
Record Number: 17155
Source Name: Dhcp
Time Written: 20090124171343.000000+180
Event Type: предупреждение
User:
Computer Name: MUSTANG
Event Code: 3100
Message: Запущен драйвер Microsoft IPv6 Developer Edition.
Record Number: 17154
Source Name: Tcpip6
Time Written: 20090124171304.000000+180
Event Type: информация
User:
Computer Name: MUSTANG
Event Code: 6005
Message: Запущена служба журнала событий.
Record Number: 17153
Source Name: EventLog
Time Written: 20090124171237.000000+180
Event Type: информация
User:
Computer Name: MUSTANG
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.
Record Number: 17152
Source Name: EventLog
Time Written: 20090124171237.000000+180
Event Type: информация
User:
Computer Name: MUSTANG
Event Code: 6006
Message: Служба журнала событий остановлена.
Record Number: 17151
Source Name: EventLog
Time Written: 20090124152445.000000+180
Event Type: информация
User:
Application event log
Computer Name: MUSTANG
Event Code: 1
Message:
Record Number: 2862
Source Name: nview_info
Time Written: 20090127233632.000000+180
Event Type: ошибка
User:
Computer Name: MUSTANG
Event Code: 1
Message:
Record Number: 2861
Source Name: nview_info
Time Written: 20090127233632.000000+180
Event Type: ошибка
User:
Computer Name: MUSTANG
Event Code: 1
Message:
Record Number: 2860
Source Name: nview_info
Time Written: 20090127233632.000000+180
Event Type: ошибка
User:
Computer Name: MUSTANG
Event Code: 1
Message:
Record Number: 2859
Source Name: nview_info
Time Written: 20090127233632.000000+180
Event Type: ошибка
User:
Computer Name: MUSTANG
Event Code: 1
Message:
Record Number: 2858
Source Name: nview_info
Time Written: 20090127233632.000000+180
Event Type: ошибка
User:
======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%systemroot%system32;%systemroot%;%systemroot%system32wbem;C:PROGRA~1BorlandCBUILD~1Bin;C:PROGRA~1BorlandCBUILD~1ProjectsBpl;C:Program FilesSamsungSamsung PC Studio 3;D:AutodeskBackburner;C:Program FilesCommon FilesAutodesk Shared
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 2 Stepping 9, GenuineIntel
«PROCESSOR_REVISION»=0209
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
