Лог
Logfile of random’s system information tool 1.08 (written by random/random)
Run by Админ at 2010-07-15 00:38:15
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 8 GB (5%) free of 153 GB
Total RAM: 3070 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:39:43, on 15.07.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal
Running processes:
C:Program FilesASUS Security CenterASUS Security Protect ManagerBinAsGHost.exe
C:Windowssystem32Dwm.exe
C:Windowssystem32taskeng.exe
C:WindowsExplorer.EXE
C:Windowssystem32taskeng.exe
C:Program FilesASUSSmartLogonsensorsrv.exe
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesATKOSD2ATKOSD2.exe
C:WindowsRtHDVCpl.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesASUSATK MediaDMedia.exe
C:WindowsASScrPro.exe
C:Program FilesWebMoney Agentwmagent.exe
C:Program FilesSynapticsSynTPSynAsus.exe
C:WindowsWindowsMobilewmdc.exe
C:Program FilesCommon FilesJavaJava Updatejusched.exe
C:Windowsehomeehtray.exe
C:Windowsehomeehmsas.exe
C:UsersАдминwuaucldt.exe
C:Program FilesCommon FilesTeleca SharedCapabilityManager.exe
C:Program FilesCommon FilesTeleca Sharedlogger.exe
C:Program FilesCommon FilesTeleca SharedGeneric.exe
C:Program FilesHTCHTC SyncClientInitiatedStarterClientInitiatedStarter.exe
C:Program FilesHTCHTC SyncMobile Phone Monitorepmworker.exe
C:Program FilesHTCHTC SyncMobile Phone MonitorHTCVBTServer.exe
C:Program FilesHTCHTC SyncMobile Phone MonitorFsynSrvStarter.exe
C:Program FilesSynapticsSynTPSynTPHelper.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesSkypePlugin ManagerskypePM.exe
C:Windowssystem32conime.exe
C:Windowssystem32Taskmgr.exe
C:WindowsSystem32svchost.exe
C:Windowssystem32svchost.exe
C:WindowsSystem32svchost.exe
C:Program FilesOperaopera.exe
C:Program FilesQIPqip.exe
C:UsersАдминDocumentsRSIT.exe
C:Program Filestrend microАдмин.exe
C:Windowssystem32SearchFilterHost.exe
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = Preserve
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=47639
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.asus.com
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 — Hosts: ::1 localhost
O2 — BHO: IDM Helper — {0055C089-8582-441B-A0BF-17B458C2A3A8} — C:Program FilesInternet Download ManagerIDMIECC.dll
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: IEVkbdBHO — {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} — C:Program FilesKaspersky LabKaspersky Internet Security 2009ievkbd.dll
O2 — BHO: NCO 2.0 IE BHO — {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} — (no file)
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: QIPBHO — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:UsersАдминAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll (file missing)
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: ASUS Security Protect Manager — {DF21F1DB-80C6-11D3-9483-B03D0EC10000} — C:Program FilesASUS Security CenterASUS Security Protect ManagerBinItIEAddIn.dll
O3 — Toolbar: (no name) — {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} — (no file)
O3 — Toolbar: DAEMON Tools Toolbar — {32099AAC-C132-4136-9E9A-4E364A424E17} — C:Program FilesDAEMON Tools ToolbarDTToolbar.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — C:Program FilesDownload Masterdmbar.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [ATKOSD2] «C:Program FilesATKOSD2ATKOSD2.exe»
O4 — HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 — HKLM..Run: [JMB36X IDE Setup] C:WindowsRaidToolxInsIDE.exe
O4 — HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 — HKLM..Run: [ATKMEDIA] C:Program FilesASUSATK MediaDMEDIA.EXE
O4 — HKLM..Run: [ASUS Camera ScreenSaver] C:WindowsASScrProlog.exe
O4 — HKLM..Run: [ASUS Screen Saver Protector] C:WindowsASScrPro.exe
O4 — HKLM..Run: [CognizanceTS] rundll32.exe C:PROGRA~1ASUSSE~1ASUSSE~1BinASTSVCC.dll,RegisterModule
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe»
O4 — HKLM..Run: [wmagent.exe] «C:Program FilesWebMoney Agentwmagent.exe»
O4 — HKLM..Run: [Windows Mobile Device Center] %windir%WindowsMobilewmdc.exe
O4 — HKLM..Run: [Skytel] Skytel.exe
O4 — HKLM..Run: [AdobeAAMUpdater-1.0] «C:Program FilesCommon FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe»
O4 — HKLM..Run: [SwitchBoard] C:Program FilesCommon FilesAdobeSwitchBoardSwitchBoard.exe
O4 — HKLM..Run: [AdobeCS5ServiceManager] «C:Program FilesCommon FilesAdobeCS5ServiceManagerCS5ServiceManager.exe» -launchedbylogin
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesCommon FilesJavaJava Updatejusched.exe»
O4 — HKLM..Run: [Mobile Connectivity Suite] «C:Program FilesHTCHTC SyncApplication LauncherApplication Launcher.exe» /startoptions
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [Steam] «c:program filessteamsteam.exe» -silent
O4 — HKCU..Run: [DAEMON Tools Lite] «C:Program FilesDAEMON Tools Litedaemon.exe» -autorun
O4 — HKCU..Run: [RGSC] D:Program FilesRockstar GamesRockstar Games Social ClubRGSCLauncher.exe /silent
O4 — HKCU..Run: [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
O4 — HKCU..Run: [uTorrent] «C:Program FilesuTorrentuTorrent.exe»
O4 — HKCU..Run: [MSConfig] C:UsersАдминraquqgu.exe u
O4 — HKCU..Run: [syncman] c:usersАдминwuaucldt.exe
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O8 — Extra context menu item: Загрузить FLV видео содержимое с помощью IDM — C:Program FilesInternet Download ManagerIEGetVL.htm
O8 — Extra context menu item: Загрузить все ссылки с помощью IDM — C:Program FilesInternet Download ManagerIEGetAll.htm
O8 — Extra context menu item: Загрузить с помощью IDM — C:Program FilesInternet Download ManagerIEExt.htm
O9 — Extra button: Cтатистика защиты веб-трафика — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Internet Security 2009SCIEPlgn.dll
O9 — Extra button: @C:WindowsWindowsMobileINetRepl.dll,-222 — {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — C:WindowsWindowsMobileINetRepl.dll
O9 — Extra button: (no name) — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:WindowsWindowsMobileINetRepl.dll
O9 — Extra ‘Tools’ menuitem: @C:WindowsWindowsMobileINetRepl.dll,-223 — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:WindowsWindowsMobileINetRepl.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: PokerStars.net — {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} — C:Program FilesPokerStars.NETPokerStarsUpdate.exe
O16 — DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) — http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 — DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) — http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 — DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) — http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
O16 — DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) — http://vkontakte.ru/uploader/ImageUploader4.cab
O17 — HKLMSystemCCSServicesTcpip..{89044238-E038-4724-ADE3-C544860C93D3}: NameServer = 77.244.45.1,77.244.45.4
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 — AppInit_DLLs: APSHook.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll
O22 — SharedTaskScheduler: Component Categories cache daemon — {8C7461EF-2B13-11d2-BE35-3078302C2030} — C:Windowssystem32browseui.dll
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: ASLDR Service (ASLDRService) — Unknown owner — C:Program FilesATK HotkeyASLDRSrv.exe
O23 — Service: ATKGFNEX Service (ATKGFNEXSrv) — Unknown owner — C:Program FilesATKGFNEXGFNEXSrv.exe
O23 — Service: Kaspersky Internet Security (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: Intel(R) PROSet/Wireless Event Log (EvtEng) — Intel Corporation — C:Program FilesIntelWirelessBinEvtEng.exe
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 — Service: Nero BackItUp Scheduler 4.0 — Nero AG — C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: PnkBstrA — Unknown owner — C:Windowssystem32PnkBstrA.exe
O23 — Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) — Intel Corporation — C:Program FilesIntelWirelessBinRegSrvc.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: spmgr — Unknown owner — C:Program FilesASUSNB ProbeSPMspmgr.exe
O23 — Service: Steam Client Service — Valve Corporation — C:Program FilesCommon FilesSteamSteamService.exe
O23 — Service: SwitchBoard — Adobe Systems Incorporated — C:Program FilesCommon FilesAdobeSwitchBoardSwitchBoard.exe
—
End of file — 11755 bytes
======Scheduled tasks folder======
C:WindowstasksUser_Feed_Synchronization-{FA06EA3E-F23F-4491-B3CF-C15E55239616}.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class — C:Program FilesInternet Download ManagerIDMIECC.dll [2008-10-28 153008]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class — C:Program FilesKaspersky LabKaspersky Internet Security 2009ievkbd.dll [2008-07-29 62728]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2007-07-20 152064]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class — C:UsersАдминAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll []
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2010-06-08 41760]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
ASUS Security Protect Manager — C:Program FilesASUS Security CenterASUS Security Protect ManagerBinItIEAddIn.dll [2006-11-21 70928]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{32099AAC-C132-4136-9E9A-4E364A424E17} — DAEMON Tools Toolbar — C:Program FilesDAEMON Tools ToolbarDTToolbar.dll [2008-07-17 691656]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — C:Program FilesDownload Masterdmbar.dll [2007-11-26 180224]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2010-06-01 10336584]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-21 1008184]
«ATKOSD2″=C:Program FilesATKOSD2ATKOSD2.exe [2007-10-17 7737344]
«RtHDVCpl»=C:WindowsRtHDVCpl.exe [2008-01-15 4874240]
«JMB36X IDE Setup»=C:WindowsRaidToolxInsIDE.exe [2007-03-21 36864]
«SynTPEnh»=C:Program FilesSynapticsSynTPSynTPEnh.exe [2007-11-16 1029416]
«ATKMEDIA»=C:Program FilesASUSATK MediaDMEDIA.EXE [2006-11-02 61440]
«ASUS Camera ScreenSaver»=C:WindowsASScrProlog.exe [2008-06-05 37232]
«ASUS Screen Saver Protector»=C:WindowsASScrPro.exe [2008-06-05 33136]
«CognizanceTS»=C:PROGRA~1ASUSSE~1ASUSSE~1BinASTSVCC.dll [2003-12-22 17920]
«AVP»=C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-10-15 208616]
«wmagent.exe»=C:Program FilesWebMoney Agentwmagent.exe [2009-10-19 210400]
«Windows Mobile Device Center»=C:WindowsWindowsMobilewmdc.exe [2007-05-31 648072]
«Skytel»=C:WindowsSkytel.exe [2007-11-20 1826816]
«AdobeAAMUpdater-1.0″=C:Program FilesCommon FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe [2010-05-11 500208]
«SwitchBoard»=C:Program FilesCommon FilesAdobeSwitchBoardSwitchBoard.exe [2010-02-19 517096]
«AdobeCS5ServiceManager»=C:Program FilesCommon FilesAdobeCS5ServiceManagerCS5ServiceManager.exe [2010-02-22 406992]
«SunJavaUpdateSched»=C:Program FilesCommon FilesJavaJava Updatejusched.exe [2010-02-18 248040]
«Mobile Connectivity Suite»=C:Program FilesHTCHTC SyncApplication LauncherApplication Launcher.exe [2009-11-19 598016]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2009-04-11 1233920]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-21 125952]
«AdobeBridge»= []
«Steam»=c:program filessteamsteam.exe [2010-05-11 1238352]
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools Litedaemon.exe [2008-07-24 490952]
«RGSC»=D:Program FilesRockstar GamesRockstar Games Social ClubRGSCLauncher.exe /silent []
«IDMan»=C:Program FilesInternet Download ManagerIDMan.exe [2008-10-28 2606512]
«uTorrent»=C:Program FilesuTorrentuTorrent.exe [2010-06-08 322352]
«MSConfig»=C:UsersАдминraquqgu.exe [2010-06-16 11776]
«syncman»=c:usersАдминwuaucldt.exe [2010-06-23 30976]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe Reader Speed Launcher]
C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobeCS4ServiceManager]
C:Program FilesCommon FilesAdobeCS4ServiceManagerCS4ServiceManager.exe -launchedbylogin []
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools Lite]
C:Program FilesDAEMON Tools Litedaemon.exe [2008-07-24 490952]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkypePhoneSkype.exe [2010-05-13 26192168]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLs»=»APSHook.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll»
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:Windowssystem32klogon.dll [2008-07-29 218376]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«notification packages»=scecli
ASWLNPkg
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfPf]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfRd]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfUsbccidDriver]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«BindDirectlyToPropertySetStorage»=0
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
======File associations======
.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*
======List of files/folders created in the last 1 months======
2010-07-15 00:38:16 —-D—- C:Program Filestrend micro
2010-07-15 00:38:15 —-D—- C:rsit
2010-07-14 17:27:57 —-A—- C:Windowssystem32MRT.INI
2010-07-10 20:55:08 —-RSH—- C:UsersАдминAppDataRoamingsbeb.exe
2010-07-02 11:31:29 —-ASH—- C:hiberfil.sys
2010-07-02 11:28:28 —-D—- C:ProgramDataNVIDIA Corporation
2010-07-02 11:27:37 —-A—- C:Windowssystem32OpenCL.dll
2010-07-02 11:27:37 —-A—- C:Windowssystem32driversnvlddmkm.sys
2010-07-02 11:27:36 —-A—- C:Windowssystem32nvwgf2um.dll
2010-07-02 11:27:36 —-A—- C:Windowssystem32nvoglv32.dll
2010-07-02 11:27:36 —-A—- C:Windowssystem32nvd3dum.dll
2010-07-02 11:27:34 —-A—- C:Windowssystem32nvcuvid.dll
2010-07-02 11:27:34 —-A—- C:Windowssystem32nvcuvenc.dll
2010-07-02 11:27:34 —-A—- C:Windowssystem32nvcuda.dll
2010-07-02 11:27:34 —-A—- C:Windowssystem32nvcompiler.dll
2010-07-02 11:27:34 —-A—- C:Windowssystem32nvcod1921.dll
2010-07-02 11:27:34 —-A—- C:Windowssystem32nvcod.dll
2010-07-02 11:27:34 —-A—- C:Windowssystem32nvapi.dll
2010-07-01 14:46:46 —-D—- C:Program FilesMovie Maker 2.6
2010-06-29 12:19:06 —-D—- C:ProgramDataHTC
2010-06-29 12:18:52 —-D—- C:ProgramDataTeleca
2010-06-29 12:17:46 —-D—- C:Program FilesSpirent Communications
2010-06-23 23:00:24 —-A—- C:WindowsDbgOut.INI
2010-06-23 17:51:45 —-A—- C:Windowssystem32PresentationHostProxy.dll
2010-06-23 17:51:45 —-A—- C:Windowssystem32PresentationHost.exe
2010-06-23 17:51:45 —-A—- C:Windowssystem32netfxperf.dll
2010-06-23 17:51:45 —-A—- C:Windowssystem32mscoree.dll
2010-06-23 17:51:44 —-A—- C:Windowssystem32dfshim.dll
2010-06-23 17:45:51 —-A—- C:Windowssystem32GameUXLegacyGDFs.dll
2010-06-23 17:45:51 —-A—- C:Windowssystem32Apphlpdm.dll
2010-06-21 11:22:12 —-D—- C:UsersАдминAppDataRoamingTeleca
2010-06-21 11:20:21 —-D—- C:Program FilesCommon FilesTeleca Shared
2010-06-21 11:18:06 —-D—- C:Program FilesHTC
2010-06-21 11:16:58 —-D—- C:WindowsDownloaded Installations
2010-06-19 17:11:55 —-D—- C:Program FilesCommon FilesSkype
======List of files/folders modified in the last 1 months======
2010-07-15 00:38:34 —-D—- C:WindowsPrefetch
2010-07-15 00:38:26 —-D—- C:WindowsTemp
2010-07-15 00:38:16 —-RD—- C:Program Files
2010-07-15 00:27:53 —-D—- C:UsersАдминAppDataRoamingSkype
2010-07-15 00:06:36 —-D—- C:UsersАдминAppDataRoamingskypePM
2010-07-14 22:28:30 —-D—- C:WindowsSystem32
2010-07-14 22:28:30 —-D—- C:Windowsinf
2010-07-14 22:28:30 —-A—- C:Windowssystem32PerfStringBackup.INI
2010-07-14 22:26:21 —-D—- C:UsersАдминAppDataRoaminguTorrent
2010-07-14 22:25:43 —-D—- C:Program FilesSteam
2010-07-14 22:24:56 —-D—- C:ProgramDataKaspersky Lab
2010-07-14 22:23:46 —-A—- C:Windowssystem32acovcnt.exe
2010-07-14 19:30:23 —-D—- C:Fraps
2010-07-14 17:42:44 —-D—- C:Windowswinsxs
2010-07-14 17:29:33 —-D—- C:Windowssystem32catroot
2010-07-14 17:29:17 —-D—- C:Program FilesWindows Mail
2010-07-14 17:23:02 —-SHD—- C:System Volume Information
2010-07-14 16:11:01 —-D—- C:UsersАдминAppDataRoamingWebMoney
2010-07-13 17:09:48 —-AD—- C:ProgramDataTEMP
2010-07-13 16:12:06 —-D—- C:Program FilesWebMoney
2010-07-09 23:10:04 —-SHD—- C:WindowsInstaller
2010-07-09 23:09:57 —-D—- C:Program FilesOpera
2010-07-07 22:04:33 —-D—- C:UsersАдминAppDataRoamingDMCache
2010-07-02 22:39:05 —-A—- C:Windowssystem32mrt.exe
2010-07-02 13:04:03 —-HD—- C:ProgramData
2010-07-02 11:32:39 —-D—- C:Windows
2010-07-02 11:31:52 —-D—- C:ProgramDataNVIDIA
2010-07-02 11:29:29 —-D—- C:Program FilesNVIDIA Corporation
2010-07-02 11:29:28 —-D—- C:WindowsHelp
2010-07-02 11:28:25 —-D—- C:Windowssystem32drivers
2010-07-02 11:28:23 —-D—- C:Windowssystem32catroot2
2010-06-23 22:17:40 —-D—- C:WindowsMicrosoft.NET
2010-06-23 22:14:19 —-D—- C:WindowsAppPatch
2010-06-23 22:14:18 —-D—- C:Windowsehome
2010-06-23 21:01:46 —-D—- C:Program FilesGarena
2010-06-23 18:21:49 —-RSD—- C:Windowsassembly
2010-06-21 23:58:28 —-D—- C:Program FilesCommon FilesSteam
2010-06-21 11:20:21 —-D—- C:Program FilesCommon Files
2010-06-20 17:47:23 —-A—- C:UsersАдминAppDataRoamingdesktop.ini
2010-06-19 17:11:56 —-D—- C:Windowssystem32Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:Windowssystem32DRIVERSiaStor.sys [2007-09-30 308248]
R0 JGOGO;JMicron Hot-Plug Driver; C:Windowssystem32DRIVERSJGOGO.sys [2006-02-08 6912]
R0 JRAID;JRAID; C:Windowssystem32DRIVERSjraid.sys [2007-04-12 48000]
R0 klbg;Kaspersky Lab Boot Guard Driver; C:Windowssystem32driversklbg.sys [2009-02-12 33808]
R0 lullaby;lullaby; C:Windowssystem32DRIVERSlullaby.sys [2007-09-26 15416]
R0 sptd;sptd; C:WindowsSystem32Driverssptd.sys [2008-09-16 717296]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; ??C:Program FilesUltraISOdriversISODrive.sys [2008-05-24 73728]
R1 kl1;kl1; C:Windowssystem32DRIVERSkl1.sys [2008-07-21 121872]
R1 KLIF;Kaspersky Lab Driver; C:Windowssystem32DRIVERSklif.sys [2009-02-12 224272]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:Windowssystem32DRIVERSklim6.sys [2008-07-09 20496]
R2 ASMMAP;ASMMAP; ??C:Program FilesATKGFNEXASMMAP.sys [2007-07-24 13880]
R2 atksgt;atksgt; C:Windowssystem32DRIVERSatksgt.sys [2009-09-22 279712]
R2 ghaio;ghaio; ??C:Program FilesASUSNB ProbeSPMghaio.sys [2007-08-03 20936]
R2 lirsgt;lirsgt; C:Windowssystem32DRIVERSlirsgt.sys [2009-09-22 25888]
R2 rimmptsk;rimmptsk; C:Windowssystem32DRIVERSrimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:Windowssystem32DRIVERSrimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:Windowssystem32DRIVERSrixdptsk.sys [2007-07-30 38400]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:Windowssystem32DRIVERSATSwpDrv.sys [2007-06-16 146824]
R3 DCamUSBET;USB2.0 1.3M UVC WebCam; C:Windowssystem32DRIVERSetDevice.sys [2007-09-06 474624]
R3 FiltUSBET;ET USB Device Lower Filter; C:Windowssystem32DRIVERSetFilter.sys [2007-10-15 206336]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys [2008-01-15 2047576]
R3 kbfiltr;Keyboard Filter; C:Windowssystem32DRIVERSkbfiltr.sys [2007-01-25 5632]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:Windowssystem32DRIVERSklfltdev.sys [2008-03-13 26640]
R3 MODEMCSA;Устройство фильтрации потока Unimodem; C:Windowssystem32driversMODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:Windowssystem32DRIVERSATKACPI.sys [2006-12-15 7680]
R3 NETw4v32;Драйвер адаптера Intel(R) Wireless WiFi Link для Windows Vista 32 Bit; C:Windowssystem32DRIVERSNETw4v32.sys [2007-06-21 2222080]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2010-06-08 10888168]
R3 ScanUSBET;ET USB Still Image Capture Device; C:Windowssystem32DRIVERSetScan.sys [2007-09-06 6656]
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2009-04-11 89088]
R3 smserial;smserial; C:Windowssystem32DRIVERSsmserial.sys [2006-11-25 982272]
R3 SynTP;Synaptics TouchPad Driver; C:Windowssystem32DRIVERSSynTP.sys [2007-11-16 195760]
R3 usb_rndisx;Адаптер USB RNDIS; C:Windowssystem32DRIVERSusb8023x.sys [2009-04-11 15872]
R3 usbaudio;Аудио драйвер USB (WDM); C:Windowssystem32driversusbaudio.sys [2009-04-11 73216]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:Windowssystem32DRIVERSyk60x86.sys [2007-12-06 298496]
S2 adfs;adfs; C:Windowssystem32driversadfs.sys []
S3 acylr6wi;acylr6wi; C:Windowssystem32driversacylr6wi.sys []
S3 aw32bus;ASUS Device W32 Driver driver (WDM); C:Windowssystem32DRIVERSaw32bus.sys [2007-06-20 83456]
S3 aw32mdfl;ASUS Device W32 USB WMC Modem Filter; C:Windowssystem32DRIVERSaw32mdfl.sys [2007-06-20 14848]
S3 aw32mdm;ASUS Device W32 USB WMC Modem Driver; C:Windowssystem32DRIVERSaw32mdm.sys [2007-06-20 109696]
S3 aw32mgmt;ASUS Device W32 USB WMC Device Management Drivers (WDM); C:Windowssystem32DRIVERSaw32mgmt.sys [2007-06-20 102912]
S3 BthEnum;Служба перечислителя Bluetooth; C:Windowssystem32DRIVERSBthEnum.sys [2009-04-11 22528]
S3 BthPan;Устройства Bluetooth (личной сети); C:Windowssystem32DRIVERSbthpan.sys [2008-01-21 92160]
S3 BTHPORT;Драйвер порта Bluetooth; C:WindowsSystem32DriversBTHport.sys [2009-04-11 507904]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WindowsSystem32DriversBTHUSB.sys [2009-04-11 29696]
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
S3 HTCAND32;HTC Device Driver; C:WindowsSystem32DriversANDROIDUSB.sys [2009-06-10 24576]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:Windowssystem32DRIVERSewusbmdm.sys [2009-09-10 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:Windowssystem32DRIVERSewusbdev.sys [2009-10-12 101120]
S3 itecir;ITECIR Infrared Receiver; C:Windowssystem32DRIVERSitecir.sys [2007-06-20 49664]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-21 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:Windowssystem32driversccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:Windowssystem32driversccdcmbo.sys [2008-05-07 20864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:Windowssystem32DRIVERSpccsmcfd.sys [2007-09-17 21632]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:Windowssystem32DRIVERSrfcomm.sys [2009-04-11 148992]
S3 SymIMMP;SymIMMP; C:Windowssystem32DRIVERSSymIM.sys []
S3 TPM;TPM; C:Windowssystem32driverstpm.sys [2008-01-21 45624]
S3 TVICHW32;TVICHW32; ??C:Windowssystem32DRIVERSTVICHW32.SYS [2008-10-07 23600]
S3 upperdev;upperdev; C:Windowssystem32DRIVERSusbser_lowerflt.sys [2008-06-06 8064]
S3 usbser;Nokia USB Serial Port; C:Windowssystem32driversusbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:Windowssystem32DRIVERSusbser_lowerfltj.sys [2008-05-07 8064]
S3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys [2008-01-21 134016]
S3 winusb;WinUsb драйвер; C:Windowssystem32DRIVERSwinusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2008-10-01 116040]
R2 ASBroker;Logon Session Broker; C:WindowsSystem32svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:WindowsSystem32svchost.exe [2008-01-21 21504]
R2 ASLDRService;ASLDR Service; C:Program FilesATK HotkeyASLDRSrv.exe [2007-10-02 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:Program FilesATKGFNEXGFNEXSrv.exe [2007-08-07 94208]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-08-29 238888]
R2 BthServ;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2008-01-21 21504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:Program FilesIntelWirelessBinEvtEng.exe [2007-06-01 647168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2008-03-17 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe [2008-09-24 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2010-06-07 129640]
R2 PnkBstrA;PnkBstrA; C:Windowssystem32PnkBstrA.exe [2008-09-16 66872]
R2 RapiMgr;@%windir%WindowsMobilerapimgr.dll,-104; C:Windowssystem32svchost.exe [2008-01-21 21504]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:Program FilesIntelWirelessBinRegSrvc.exe [2007-06-01 327680]
R2 spmgr;spmgr; C:Program FilesASUSNB ProbeSPMspmgr.exe [2007-08-03 125496]
R2 WcesComm;@%windir%WindowsMobilewcescomm.dll,-40079; C:Windowssystem32svchost.exe [2008-01-21 21504]
R3 FontCache;@%systemroot%system32FntCache.dll,-100; C:Windowssystem32svchost.exe [2008-01-21 21504]
S2 AVP;Kaspersky Internet Security; C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-10-15 208616]
S3 aspnet_state;Служба состояний ASP.NET; C:WindowsMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2009-03-30 31048]
S3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2008-08-07 575488]
S3 Steam Client Service;Steam Client Service; C:Program FilesCommon FilesSteamSteamService.exe [2010-06-21 395048]
S3 SwitchBoard;SwitchBoard; C:Program FilesCommon FilesAdobeSwitchBoardSwitchBoard.exe [2010-02-19 517096]
EOF
