- This topic has 4 ответа, 2 участника, and was last updated 16 years, 5 months назад by
.
-
Сообщения
-
Доброго времени суток!
Помогите справиться с этой напастью. Рецепт, предложенный _http://www.spyware-ru.com/antivirus-pro-2009/ по этой ссылке не помогает.
log.txtLogfile of random’s system information tool 1.06 (written by random/random)
Run by Alex at 2009-06-04 22:41:00
Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (11%) free of 78 GB
Total RAM: 2047 MB (62% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:41:26 PM, on 6/4/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
C:Program FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32NOTEPAD.EXE
C:WINDOWSsystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
C:WINDOWSSystem32GEARSec.exe
C:Program FilesSymantecNorton GhostAgentPQV2iSvc.exe
C:Program FilesD-Toolsdaemon.exe
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:Program FilesGoogleGmail Notifiergnotify.exe
C:Program FilesEPSONCreativity SuiteEvent ManagerEEventManager.exe
C:Program FilesElaborate BytesVirtualCloneDriveVCDDaemon.exe
C:WINDOWSsystem32WDBtnMgr.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesAdobeAdobe Photoshop Lightroom 1.4apdproxy.exe
C:Documents and SettingsAlexLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesTomTom HOME 2TomTomHOMERunner.exe
C:WINDOWSsysguard.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
C:Program FilesLogitechSetPointSetPoint.exe
C:WINDOWSsystem32devldr32.exe
C:Program FilesCommon FilesLogitechKhalSharedKHALMNPR.EXE
C:WINDOWSsystem32svchost.exe
C:Program FilesTomTom HOME 2TomTomHOMEService.exe
C:WINDOWSsystem32wdfmgr.exe
C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
C:Program FilesHPDigital ImagingbinhpqSTE08.exe
C:WINDOWSSystem32alg.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsAlexLocal SettingsTemporary Internet FilesContent.IE5OCR8MT36RSIT[1].exe
C:WINDOWSsystem32wbemwmiprvse.exe
C:Program Filestrend microAlex.exeR1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 — Hosts: ::1 localhost
O1 — Hosts: 209.44.111.57 security.microsoft.com
O1 — Hosts: 209.44.111.57 inetavirus.com
O1 — Hosts: 209.44.111.57 http://www.inetavirus.com
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O2 — BHO: NTIECatcher Class — {C56CB6B0-0D96-11D6-8C65-B2868B609932} — C:Program FilesXiNetTransport 2NTIEHelper.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O4 — HKLM..Run: [DAEMON Tools-1033] «C:Program FilesD-Toolsdaemon.exe» -lang 1033
O4 — HKLM..Run: [Norton Ghost 9.0] C:Program FilesSymantecNorton GhostAgentGhostTray.exe
O4 — HKLM..Run: [RemoteControl] «C:Program FilesCyberLinkPowerDVDPDVDServ.exe»
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:Program FilesGoogleGmail Notifiergnotify.exe
O4 — HKLM..Run: [Google Desktop Search] «C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe» /startup
O4 — HKLM..Run: [\ALEXEPSON Stylus Photo R220 Series] C:WINDOWSSystem32spoolDRIVERSW32X863E_FATIAIA.EXE /P37 «\ALEXEPSON Stylus Photo R220 Series» /O6 «USB001» /M «Stylus Photo R220»
O4 — HKLM..Run: [Auto EPSON Stylus Photo R220 Series on ALEX] C:WINDOWSSystem32spoolDRIVERSW32X863E_FATIAIA.EXE /P43 «Auto EPSON Stylus Photo R220 Series on ALEX» /O15 «\ALEXEPSONSty» /M «Stylus Photo R220»
O4 — HKLM..Run: [EEventManager] C:Program FilesEPSONCreativity SuiteEvent ManagerEEventManager.exe
O4 — HKLM..Run: [VirtualCloneDrive] «C:Program FilesElaborate BytesVirtualCloneDriveVCDDaemon.exe» /s
O4 — HKLM..Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 — HKLM..Run: [EPSON Stylus Photo R220 Series] C:WINDOWSSystem32spoolDRIVERSW32X863E_FATIAIA.EXE /P30 «EPSON Stylus Photo R220 Series» /O6 «USB002» /M «Stylus Photo R220»
O4 — HKLM..Run: [WD Button Manager] WDBtnMgr.exe
O4 — HKLM..Run: [ccApp] «C:Program FilesCommon FilesSymantec SharedccApp.exe»
O4 — HKLM..Run: [osCheck] «C:Program FilesNorton AntiVirusosCheck.exe»
O4 — HKLM..Run: [googletalk] C:Program FilesGoogleGoogle Talkgoogletalk.exe /autostart
O4 — HKLM..Run: [Symantec PIF AlertEng] «C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe» /a /m «C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}AlertEng.dll»
O4 — HKLM..Run: [Adobe Photo Downloader] «C:Program FilesAdobeAdobe Photoshop Lightroom 1.4apdproxy.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MsnMsgr] «C:Program FilesMSN MessengerMsnMsgr.Exe» /background
O4 — HKCU..Run: [updateMgr] «C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe» AcRdB7_0_9 -reboot 1
O4 — HKCU..Run: [EPSON Stylus Photo RX595 Series] C:WINDOWSSystem32spoolDRIVERSW32X863E_FATICLA.EXE /FU «C:WINDOWSTEMPE_S264.tmp» /EF «HKCU»
O4 — HKCU..Run: [Google Update] «C:Documents and SettingsAlexLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» /c
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [TomTomHOME.exe] «C:Program FilesTomTom HOME 2TomTomHOMERunner.exe»
O4 — HKCU..Run: [system tool] C:WINDOWSsysguard.exe
O4 — HKCU..Run: [RegistryMechanic] C:Program FilesRegistry MechanicRegMech.exe /H
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 — Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imagingbinhpqtra08.exe
O4 — Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 — Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointSetPoint.exe
O4 — Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 — Extra context menu item: Download all by Net Transport — C:Program FilesXiNetTransport 2NTAddList.html
O8 — Extra context menu item: Download by Net Transport — C:Program FilesXiNetTransport 2NTAddLink.html
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O16 — DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) — http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128340033171
O18 — Protocol: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — C:Program FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 — Filter: x-sdch — {B1759355-3EEC-4C1E-B0F1-B719FE26E377} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O20 — AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~1GOEC62~1.DLL
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: Symantec Event Manager (ccEvtMgr) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: Symantec Settings Manager (ccSetMgr) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: Symantec Lic NetConnect service (CLTNetCnService) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: GEARSecurity — GEAR Software — C:WINDOWSSystem32GEARSec.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 — Service: Symantec IS Password Validation (ISPwdSvc) — Symantec Corporation — C:Program FilesNorton AntiVirusisPwdSvc.exe
O23 — Service: LiveUpdate — Symantec Corporation — C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 — Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 — Service: LiveUpdate Notice Service — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe
O23 — Service: Norton Ghost — Symantec Corporation — C:Program FilesSymantecNorton GhostAgentPQV2iSvc.exe
O23 — Service: Pml Driver HPZ12 — HP — C:WINDOWSsystem32HPZipm12.exe
O23 — Service: Symantec Core LC — Unknown owner — C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
O23 — Service: Symantec AppCore Service (SymAppCore) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe
O23 — Service: TomTomHOMEService — TomTom — C:Program FilesTomTom HOME 2TomTomHOMEService.exe
O23 — Service: Ieaie?iauee aaoiiaoe?aneiai caionea LiveUpdate (Планировщик автоматического запуска LiveUpdate) — Symantec Corporation — C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe—
End of file — 11745 bytes======Scheduled tasks folder======
C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-220523388-1715567821-1417001333-1003.job
C:WINDOWStasksNorton AntiVirus — Выполнить полный осмотр системы — Alex.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2006-12-18 59032][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-04-23 259696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll [2009-04-15 668656][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class — C:Program FilesXiNetTransport 2NTIEHelper.dll [2003-12-15 49152][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll [2009-04-23 470512][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-04-23 259696][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«DAEMON Tools-1033″=C:Program FilesD-Toolsdaemon.exe [2004-08-22 81920]
«»= []
«Norton Ghost 9.0″=C:Program FilesSymantecNorton GhostAgentGhostTray.exe [2004-07-29 1122304]
«RemoteControl»=C:Program FilesCyberLinkPowerDVDPDVDServ.exe [2004-11-02 32768]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
«{0228e555-4f9c-4e35-a3ec-b109a192b4c2}»=C:Program FilesGoogleGmail Notifiergnotify.exe [2005-07-15 479232]
«Google Desktop Search»=C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe [2006-10-22 190464]
«\ALEXEPSON Stylus Photo R220 Series»=C:WINDOWSSystem32spoolDRIVERSW32X863E_FATIAIA.EXE [2005-03-09 98304]
«Auto EPSON Stylus Photo R220 Series on ALEX»=C:WINDOWSSystem32spoolDRIVERSW32X863E_FATIAIA.EXE [2005-03-09 98304]
«EEventManager»=C:Program FilesEPSONCreativity SuiteEvent ManagerEEventManager.exe [2005-04-08 102400]
«VirtualCloneDrive»=C:Program FilesElaborate BytesVirtualCloneDriveVCDDaemon.exe [2005-04-12 45056]
«Logitech Hardware Abstraction Layer»=C:WINDOWSKHALMNPR.EXE [2006-05-10 94208]
«EPSON Stylus Photo R220 Series»=C:WINDOWSSystem32spoolDRIVERSW32X863E_FATIAIA.EXE [2005-03-09 98304]
«WD Button Manager»=C:WINDOWSsystem32WDBtnMgr.exe [2007-08-15 364544]
«ccApp»=C:Program FilesCommon FilesSymantec SharedccApp.exe [2007-01-09 115816]
«osCheck»=C:Program FilesNorton AntiVirusosCheck.exe [2007-01-13 771704]
«googletalk»=C:Program FilesGoogleGoogle Talkgoogletalk.exe [2007-01-01 3739648]
«Symantec PIF AlertEng»=C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe [2008-01-29 583048]
«Adobe Photo Downloader»=C:Program FilesAdobeAdobe Photoshop Lightroom 1.4apdproxy.exe [2008-04-01 61440][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-04 15360]
«MsnMsgr»=C:Program FilesMSN MessengerMsnMsgr.Exe /background []
«updateMgr»=C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe [2006-03-30 313472]
«EPSON Stylus Photo RX595 Series»=C:WINDOWSSystem32spoolDRIVERSW32X863E_FATICLA.EXE [2007-03-30 182272]
«Google Update»=C:Documents and SettingsAlexLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2008-09-06 133104]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-02-26 39408]
«TomTomHOME.exe»=C:Program FilesTomTom HOME 2TomTomHOMERunner.exe [2009-04-08 251240]
«system tool»=C:WINDOWSsysguard.exe [2009-06-04 268816]
«RegistryMechanic»=C:Program FilesRegistry MechanicRegMech.exe [2008-07-08 2828184]C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Gamma Loader.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
HP Digital Imaging Monitor.lnk — C:Program FilesHPDigital Imagingbinhpqtra08.exe
Logitech Desktop Messenger.lnk — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
Logitech SetPoint.lnk — C:Program FilesLogitechSetPointSetPoint.exe
Microsoft Office.lnk — C:Program FilesMicrosoft OfficeOffice10OSA.EXE[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1GoogleGOOGLE~1GOEC62~1.DLL»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2005-02-22 61440][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
UPnPMonitor — {e57ce738-33e8-4c51-8354-bb4de9d215d1} — C:WINDOWSsystem32upnpui.dll [2004-08-04 239616][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«C:WINDOWSsystem32sessmgr.exe»=»C:WINDOWSsystem32sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.0»
«C:Program FilesMSN Messengermsncall.exe»=»C:Program FilesMSN Messengermsncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesGoogleGoogle Talkgoogletalk.exe»=»C:Program FilesGoogleGoogle Talkgoogletalk.exe:*:Enabled:Google Talk»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMSN Messengermsnmsgr.exe»=»C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.0»
«C:Program FilesMSN Messengermsncall.exe»=»C:Program FilesMSN Messengermsncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2J]
shellAutoRuncommand — J:LaunchU3.exe -a[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{39fc88a9-e353-11dd-9060-000ea64820e8}]
shellAutoRuncommand — J:InstallTomTomHOME.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{7f301f20-b30c-11dc-8edf-000ea64820e8}]
shellAutoRuncommand — M:InstallTomTomHOME.exe======List of files/folders created in the last 1 months======
2009-06-04 22:41:01 —-D—- C:Program Filestrend micro
2009-06-04 22:41:00 —-D—- C:rsit
2009-06-04 22:14:40 —-D—- C:Avenger
2009-06-04 22:14:40 —-A—- C:avenger.txt
2009-06-04 21:55:37 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-06-04 21:55:30 —-D—- C:Program FilesCommon FilesPC Tools
2009-06-04 21:55:21 —-D—- C:Program FilesSpyware Doctor
2009-06-04 21:55:19 —-A—- C:WINDOWSsystem32STKIT432.DLL
2009-06-04 21:55:17 —-D—- C:Program FilesRegistry Mechanic
2009-06-04 18:33:33 —-A—- C:WINDOWSsysguard.exe======List of files/folders modified in the last 1 months======
2009-06-04 22:41:01 —-RD—- C:Program Files
2009-06-04 22:33:34 —-D—- C:WINDOWSTemp
2009-06-04 22:25:30 —-D—- C:WINDOWSPrefetch
2009-06-04 22:25:17 —-D—- C:WINDOWSsystem32CatRoot2
2009-06-04 22:25:09 —-D—- C:WINDOWSsystem32
2009-06-04 22:22:18 —-D—- C:WINDOWSsystem32drivers
2009-06-04 22:14:40 —-D—- C:WINDOWS
2009-06-04 22:12:34 —-A—- C:WINDOWSSchedLgU.Txt
2009-06-04 21:55:30 —-D—- C:Program FilesCommon Files
2009-06-01 21:28:20 —-D—- C:Program FilesEPSON Print CD
2009-05-28 22:27:56 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-05-28 22:27:56 —-D—- C:Documents and SettingsAlexApplication DataAdobe
2009-05-08 20:40:20 —-A—- C:WINDOWSNeroDigital.ini
2009-05-08 19:16:21 —-SD—- C:WINDOWSTasks
2009-05-07 03:16:29 —-A—- C:WINDOWSsystem32MRT.exe======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 cdrblock;cdrblock; C:WINDOWSsystem32DRIVERScdrblock.sys [2007-05-31 20864]
R1 cdrport;cdrport; C:WINDOWSsystem32DRIVERScdrport.sys [2005-07-20 4608]
R1 eeCtrl;Symantec Eraser Control driver; ??C:Program FilesCommon FilesSymantec SharedEENGINEeeCtrl.sys []
R1 GearAspiWDM;GearAspiWDM; C:WINDOWSsystem32driversGearAspiWDM.sys [2004-07-29 14384]
R1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-04 36096]
R1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-03 14848]
R1 PQIMount;PQIMount; C:WINDOWSsystem32driversPQIMount.sys [2004-07-29 46779]
R1 SPBBCDrv;SPBBCDrv; ??C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCDrv.sys []
R1 SRTSPX;SRTSPX; C:WINDOWSSystem32DriversSRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:WINDOWSSystem32DriversSYMTDI.SYS [2008-10-03 187952]
R2 ElbyCDIO;ElbyCDIO Driver; C:WINDOWSSystem32DriversElbyCDIO.sys [2005-04-21 10624]
R2 Hardlock;Hardlock; ??C:WINDOWSsystem32drivershardlock.sys []
R2 LBeepKE;LBeepKE; C:WINDOWSSystem32DriversLBeepKE.sys [2006-06-30 3712]
R2 Sentinel;Sentinel; C:WINDOWSSystem32DriversSENTINEL.SYS [1999-07-20 73216]
R3 AnyDVD;AnyDVD; C:WINDOWSSystem32DriversAnyDVD.sys [2006-02-20 19200]
R3 Arp1394;1394 ARP Client Protocol; C:WINDOWSsystem32DRIVERSarp1394.sys [2004-08-04 60800]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2005-02-22 986624]
R3 ctljystk;Creative SBLive! Gameport; C:WINDOWSsystem32DRIVERSctljystk.sys [2001-08-17 3712]
R3 EL2000;3Com 3C2000x EtherLink XL Adapter; C:WINDOWSsystem32DRIVERSEL2K_XP.sys [2003-07-31 147456]
R3 ElbyDelay;ElbyDelay; C:WINDOWSSystem32DriversElbyDelay.sys [2005-04-12 4608]
R3 emu10k;Creative SB Live! (WDM); C:WINDOWSsystem32driversemu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:WINDOWSsystem32driversctlfacem.sys [2001-08-17 6912]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; ??C:Program FilesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys []
R3 hidusb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2004-08-04 9600]
R3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:WINDOWSsystem32DRIVERSLHidKE.Sys [2006-05-10 27264]
R3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:WINDOWSSystem32DriversLHidUsbK.Sys [2006-05-10 36736]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:WINDOWSSystem32DriversLMouKE.sys [2006-05-10 71680]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; ??C:PROGRA~1COMMON~1SYMANT~1VIRUSD~120090604.002NAVENG.SYS []
R3 NAVEX15;NAVEX15; ??C:PROGRA~1COMMON~1SYMANT~1VIRUSD~120090604.002NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:WINDOWSsystem32DRIVERSnic1394.sys [2004-08-04 61824]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2004-04-01 10368]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:WINDOWSsystem32DRIVERSRimSerial.sys [2007-01-18 26496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2004-08-04 5888]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:WINDOWSsystem32driverssfmanm.sys [2001-08-17 36480]
R3 SRTSP;SRTSP; C:WINDOWSSystem32DriversSRTSP.SYS [2007-12-01 279088]
R3 stmkrnl;stmkrnl; C:WINDOWSsystem32DRIVERSstmkrnl.sys [2006-05-12 196476]
R3 SYMDNS;SYMDNS; C:WINDOWSSystem32DriversSYMDNS.SYS [2008-10-03 12848]
R3 SymEvent;SymEvent; ??C:WINDOWSsystem32DriversSYMEVENT.SYS []
R3 SYMFW;SYMFW; C:WINDOWSSystem32DriversSYMFW.SYS [2008-10-03 146096]
R3 SYMIDS;SYMIDS; C:WINDOWSSystem32DriversSYMIDS.SYS [2008-10-03 39984]
R3 SYMIDSCO;SYMIDSCO; ??C:PROGRA~1COMMON~1SYMANT~1SymcDataIDS-DI~120090519.001SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:WINDOWSSystem32DriversSYMNDIS.SYS [2008-10-03 35120]
R3 SYMREDRV;SYMREDRV; C:WINDOWSSystem32DriversSYMREDRV.SYS [2008-10-03 27696]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
R3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
R3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 WD_FireWire_HID;WD FireWire Pseudo-HID driver; C:WINDOWSsystem32DRIVERSwdfwhid.sys [2006-03-22 17408]
R4 PCTCore;PCTools KDS; C:WINDOWSsystem32driversPCTCore.sys []
S3 D347keapp;D347keapp; C:WINDOWSsystem32driversD347keapp.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2006-03-29 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2006-03-29 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2005-10-21 21568]
S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:WINDOWSSystem32DriversL8042mou.sys [2006-05-10 56064]
S3 RimSerPort;RIM Virtual Serial Port; C:WINDOWSsystem32DRIVERSRimSerial.sys [2007-01-18 26496]
S3 RimUsb;BlackBerry Device; C:WINDOWSSystem32DriversRimUsb.sys [2006-11-07 22272]
S3 SRTSPL;SRTSPL; C:WINDOWSSystem32DriversSRTSPL.SYS [2007-12-01 317616]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2005-02-22 352256]
R2 ccEvtMgr;Symantec Event Manager; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2007-01-09 108648]
R2 ccSetMgr;Symantec Settings Manager; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2007-01-09 108648]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2007-01-09 108648]
R2 GEARSecurity;GEARSecurity; C:WINDOWSSystem32GEARSec.exe [2004-07-29 53248]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe [2007-01-09 108648]
R2 Norton Ghost;Norton Ghost; C:Program FilesSymantecNorton GhostAgentPQV2iSvc.exe [2004-07-29 1269760]
R2 SymAppCore;Symantec AppCore Service; C:Program FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe [2007-01-04 47712]
R2 TomTomHOMEService;TomTomHOMEService; C:Program FilesTomTom HOME 2TomTomHOMEService.exe [2009-04-08 92008]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
R2 Планировщик автоматического запуска LiveUpdate;Планировщик автоматического запуска LiveUpdate; C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe [2007-01-31 554616]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:Program FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe [2008-01-29 583048]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSsystem32HPZipm12.exe [2005-11-22 69632]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2006-02-25 72704]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2003-02-20 32768]
S3 Dac2fsl;Dac2fsl; C:WINDOWSsystem32driversrasacd.sys [2004-08-04 8832]
S3 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-04-23 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe [2005-11-14 69632]
S3 ISPwdSvc;Symantec IS Password Validation; C:Program FilesNorton AntiVirusisPwdSvc.exe [2007-01-13 80504]
S3 LiveUpdate;LiveUpdate; C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE [2007-01-31 2918008]
S3 Symantec Core LC;Symantec Core LC; C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe [2008-02-01 1251720]
S4 Mouccgre;Mouccgre; C:WINDOWSsystem32driversftdisk.sys [2004-08-04 125056]
EOF
info.txt
info.txt logfile of random’s system information tool 1.06 2009-06-04 22:41:31
======Uninstall list======
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{4996216F-2FE9-4AD2-8DBD-168BCFFA1988}Setup.exe» -l0x9
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
3D-Album-CS—>C:program files3D-Album-CSuninstall.exe
7-Zip 4.12 beta—>rundll32 advpack.dll,LaunchINFSection C:WINDOWSINF7-zip.inf,SevenZip.Uninstall
ABBYY FineReader 6.0 Sprint—>MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe After Effects 6.5—>MsiExec.exe /I{61CEB2D7-8D3B-4247-B75E-A95F6699B90A}
Adobe Encore DVD 1.5—>RunDll32 «C:Program FilesCommon FilesInstallShieldProfessionalRunTime701Intel32ctor.dll»,LaunchSetup «C:Program FilesInstallShield Installation Information{6BD31B80-7E9E-4FAF-B911-0AC31FB94BF6}setup.exe» -l0x0009
Adobe Encore DVD 2.0—>msiexec /I {2ECE7ECE-D15B-4999-8B8D-01C998F489D5}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Photoshop CS—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EFB21DE7-8C19-4A88-BB28-A766E16493BC}setup.exe» -l0x9
Adobe Premiere Pro 1.5—>RunDll32 «C:Program FilesCommon FilesInstallShieldProfessionalRunTime701Intel32ctor.dll»,LaunchSetup «C:Program FilesInstallShield Installation Information{A14F7508-B784-40B8-B11A-E0E2EEB7229F}setup.exe» -l0x0009
Adobe Reader 7.0.9—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
AnyDVD—>»C:Program FilesSlySoftAnyDVDAnyDVD-uninst.exe» /D=»C:Program FilesSlySoftAnyDVD»
AppCore—>MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AV—>MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
BlackBerry Desktop Software 4.2.2—>MsiExec.exe /I{CEAC229C-5264-4E63-BB52-95B7D1CC2C5A}
BlackBerry Desktop Software 4.2.2—>MsiExec.exe /i{CEAC229C-5264-4E63-BB52-95B7D1CC2C5A}
BlackBerry v4.2.1 for the 8100 Series Wireless Handheld—>MsiExec.exe /X{DD7C1079-A2CC-48FB-8208-1EE38C8C2FBA}
Boris Continuum Complete—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{568D983C-C7C3-4831-B5CF-7529A687774D}Setup.exe» -l0x9
Boris Continuum Complete—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime100Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9DEDABB1-3047-4758-BBD6-57A094D15D72}setup.exe» -l0x9 -removeonly
Boris RED 4.0—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{D939AE53-F96C-4F53-847A-BD926EBC1FDB}Setup.exe» -l0x9
Boris RED—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2DB53782-1B4B-4E76-A30B-232BEDB8FE7B}Setup.exe» -l0x9
Canon Digital Camera USB WIA Driver—>C:WINDOWSIsUninst.exe -f»C:Program FilesCanonDC USB WIAUninst.isu» -c»C:Program FilesCanonDC USB WIASetupWia.dll»
Canon PhotoRecord—>C:WINDOWSIsUninst.exe -f»C:Program FilesCanonPhotoRecordUninst.isu» -c»C:Program FilesCanonPhotoRecordProgramuninstdll.dll»
Canon Utilities PhotoStitch 3.1—>C:WINDOWSIsUninst.exe -f»C:Program FilesCanonPhotoStitchUninst.isu»
Canon Utilities RAW Image Converter—>C:WINDOWSIsUninst.exe -f»C:Program FilesCanonRAW Image ConverterUninst.isu»
Canon Utilities RemoteCapture 2.1—>C:WINDOWSIsUninst.exe -f»C:Program FilesCanonRemoteCaptureUninst.isu»
Canon Utilities ZoomBrowser EX—>C:WINDOWSIsUninst.exe -f»C:Program FilesCanonZoomBrowser EXUninst.isu» -c»C:Program FilesCanonZoomBrowser EXProgramuninstallutilities.dll»
Canopus BP Option—>RunDLL32.exe advpack.dll,LaunchINFSection csBPopt.inf, UnInstall
Canopus Codec Option—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{772E9146-D676-4869-A298-047FF2A2B92D}setup.exe» -l0x9
Canopus DV Capture—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B215987D-5BF7-4921-A992-EF6C77D06B83}setup.exe»
Canopus DV Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{72196DB6-2C04-4303-808B-0B57A4383179}setup.exe» -l0x9
Canopus GXF SpeedEncoder 1.3—>MsiExec.exe /I{1E16A5B2-6E2E-4B05-96C3-9635D483E41C}
Canopus Plug-ins for Adobe Software—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{A5C950C5-097E-4912-BD4F-C59340F825C8}setup.exe» -l0x9
Canopus Premiere Pro 3D RT—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7916A743-4DCB-4B9E-8745-EA7911DC64B5}Setup.exe» -l0x9
Canopus ProCoder Express For EDIUS—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{D438FA08-515F-41DD-BBDC-AC3428AE9754}Setup.exe» -l0x9
Canopus VideoOut Plugin—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{186C8E9A-E315-4724-B20D-93184505CC2B}Setup.exe» -l0x9
Canopus Xplode Professional—>RunDLL32.exe advpack.DLL,,,4,LaunchINFSection tuscan.inf, UnInstall
ccCommon—>MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Chameleon—>»C:Program FilesAKVISChameleonUninstall.exe» «C:Program FilesAKVISChameleoninstall.log» -u
CloneDVD2—>»C:Program FilesElaborate BytesCloneDVD2CloneDVD2-uninst.exe» /D=»C:Program FilesElaborate BytesCloneDVD2″
Color Finesse—>C:WINDOWSunvise32.exe C:Program FilesSynthetic ApertureColor Finesseuninstal.log
Coloriage—>»C:Program FilesAKVISColoriageUninstall.exe» «C:Program FilesAKVISColoriageinstall.log» -u
DAEMON Tools—>MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
Data Access Objects (DAO) 3.5—>C:Program FilesCommon FilesMicrosoft SharedDAORemove.EXE C:WINDOWSUNINST.EXE -fC:PROGRA~1COMMON~1MICROS~1DAODeIsL1.isu
DISCcapture—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{956EA0BB-58F1-4667-8B87-D2BCB428C847}Setup.exe» -l0x9 -uninstall
Disk Explorer Professional 3—>»C:Program FilesDisk Explorer Professional 3install.exe» uninstall
DVStorm-RT—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E2420667-5D4E-4125-A797-15C5886FE495}setup.exe»
EDIUS4(SetupManager)—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F28111F1-8DCC-4E3C-A6D4-5E1D05F28300}setup.exe» -l0x9
Enhancer—>»C:Program FilesAKVISEnhancerUninstall.exe» «C:Program FilesAKVISEnhancerinstall.log» -u
EPSON Attach To Email—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{67EDD823-135A-4D59-87BD-950616D6E857}setup.exe» -l0x19 -UnInstall
EPSON Event Manager—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{48F22622-1CC2-4A83-9C1E-644DD96F832D}Setup.exe» -l0x19 -u
EPSON File Manager—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E86BC406-944E-41F6-ADE6-2C136734C96B}Setup.exe» -l0x9 UNINST
EPSON Perf 3490 3590 Guide—>C:Program Filesepsonguideperf_3490_3590_euninstall.exe
EPSON Print CD—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}Setup.exe» -l0x9 -SYSTEM
EPSON Printer Software—>C:WINDOWSSystem32spoolDRIVERSW32X863EPUPDATE.EXE /R
EPSON Scan Assistant—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}Setup.exe» -l0x19 -u
EPSON Scan—>C:Program Filesepsonescndvsetupsetup.exe /r
EPSON Stylus Photo RX595 Series Scanner Driver Update—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1CA2E5E4-F4FE-44B4-95E9-77523FB95838}Setup.exe» -l0x9
FlashFXP—>C:PROGRA~1FlashFXPUNWISE.EXE C:PROGRA~1FlashFXPINSTALL.LOG
GenArts Sapphire Plug-ins Version 1.04 for After Effects—>C:PROGRA~1GenArtsSAPPHI~1UNWISE.EXE C:PROGRA~1GenArtsSAPPHI~1INSTALL.LOG
GetDataBack for NTFS—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}setup.exe» -l0x9 -removeonly
Google Desktop—>C:Program FilesGoogleGoogle Desktop SearchGoogleDesktopSetup.exe -uninstall
Google Gmail Notifier—>»C:Program FilesGoogleGmail NotifierUninstallGmail.exe»
Google Talk (remove only)—>»C:Program FilesGoogleGoogle Talkuninstall.exe»
Google Toolbar for Internet Explorer—>»C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarManager_BDA1448D3D255554.exe» /uninstall
Google Toolbar for Internet Explorer—>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)—>»C:WINDOWSie7updatesKB947864-IE7spuninstspuninst.exe»
Hotfix for Windows XP (KB914440)—>»C:WINDOWS$NtUninstallKB914440$spuninstspuninst.exe»
Hotfix for Windows XP (KB915865)—>»C:WINDOWS$NtUninstallKB915865$spuninstspuninst.exe»
Hotfix for Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
HP Imaging Device Functions 7.0—>C:Program FilesHPDigital ImagingDeviceManagementhpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0 Software (rus)—>C:Program FilesHPDigital Imaging{76BEC1D7-8A9F-472D-84C7-014BB155E4B2}setuphpzscr01.exe -datfile hphscr11.dat -showdisconnect -forcereboot
Imaginate—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{BF1B93F7-2908-4F41-A48A-EF1F6F745982}Setup.exe» -l0x9
Intelligent Assistant—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{84CCD292-06FC-4722-9401-9444AB15E22A}Setup.exe» -l0x9
Internet Worm Protection—>MsiExec.exe /I{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}
iZotope Ozone 3.06—>C:PROGRA~1iZotopeUNWISE.EXE C:PROGRA~1iZotopeINSTALL.LOG
iZotope Spectron v1.0.6—>C:PROGRA~1iZotopeSpectronUNWISE.EXE C:PROGRA~1iZotopeSpectronINSTALL.LOG
iZotope Trash 1.06—>C:PROGRA~1iZotopeTrashTRASH1~1UNWISE.EXE C:PROGRA~1iZotopeTrashTRASH1~1INSTALL.LOG
Juicer 3.1—>»C:Program FilesDigital JuiceJuicer 3unins000.exe»
KhalSetup—>MsiExec.exe /I{EE7B9A8D-19F0-450D-8E94-3E391E6044CD}
Kodak DIGITAL SHO Professional Plug-In 1.0.2—>MsiExec.exe /I{B21D407F-709E-499D-A7C4-17A76B7D9D68}
Lightroom—>MsiExec.exe /I{D4134B0B-EA9B-4835-A77A-60BEE6277101}
LiveUpdate 3.2 (Symantec Corporation)—>»C:Program FilesSymantecLiveUpdateLSETUP.EXE» /U
LiveUpdate Notice (Symantec Corporation)—>MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Logitech Desktop Messenger—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime100Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}SETUP.exe» -l0x9 UNINSTALL -removeonly
Logitech SetPoint—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}setup.exe» -l0x9 -removeonly
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office XP Professional with FrontPage—>MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mosaic Creator 2.65—>»C:Program FilesMosaicCreatorunins000.exe»
MPEG Video Wizard—>C:PROGRA~1WOMBLE~1MPEGVI~1UNWISE.EXE C:PROGRA~1WOMBLE~1MPEGVI~1INSTALL.LOG
MPEGcapture for Storm—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B8B81705-D960-4133-8F09-27E481264762}Setup.exe» -l0x9 UNINSTALL
MPEGcapture—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E938CAB9-C075-4977-88AA-43563912BC56}setup.exe» -l0x9 UNINSTALL
MPEGcraftLE—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{3FBE4D3E-E7CD-43BB-8D1F-6A7CB491C529}setup.exe» -l0x9
MSN Music Assistant—>rundll32 advpack.dll,LaunchINFSection C:WINDOWSINFmsninst.inf,Uninstall
MSXML 4.0 SP2 (KB927978)—>MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK—>MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Multicam—>C:WINDOWSIsUninst.exe -f»C:Program FilesmulticamUninst.isu»
Nero 6 Ultra Edition—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
NetTransport—>C:PROGRA~1XiNETTRA~1UNWISE.EXE C:PROGRA~1XiNETTRA~1INSTALL.LOG
Norton AntiVirus (Symantec Corporation)—>»C:Program FilesCommon FilesSymantec SharedSymSetup{830D8CBD-C668-49e2-A969-C2C2106332E0}_14_2_0_29{830D8CBD-C668-49e2-A969-C2C2106332E0}.exe» /X
Norton AntiVirus Help—>MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
Norton AntiVirus Parent MSI—>MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton AntiVirus SYMLT MSI—>MsiExec.exe /I{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}
Norton AntiVirus—>MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0}
Norton Ghost 9.0—>MsiExec.exe /X{3C759736-8347-4031-BB9C-D75ADFE6B101}
Norton Protection Center—>MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
oggcodecs 0.69.8924—>C:Program Filesilliminableoggcodecsuninst.exe
PhotoAlbum—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E9D306D5-F5AF-4D09-A798-3A901D2E9751}Setup.exe» -l0x9
Pinnacle Hollywood FX 4.6—>C:WINDOWSunvise32.exe C:Program FilesPinnacleHollywood FX 4.6uninstal.log
PowerDVD—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}Setup.exe» -uninstall
proDAD Heroglyph 2.5—>»C:Program FilesproDADHeroglyph-2.5uninstall.exe» uninstall spcp PATHVERSION 2.5 MAINNAME Heroglyph
proDAD Mercalli 1.0—>»C:Program FilesproDADMercalli-1.0uninstall.exe» uninstall spcp PATHVERSION 1.0 MAINNAME Mercalli
proDAD Vitascene 1.0—>»C:Program FilesproDADVitascene-1.0uninstall.exe» uninstall spcp PATHVERSION 1.0 MAINNAME Vitascene
Quick Titler—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{DCDB2F10-61B7-4723-BE80-A9A62556BD5D}setup.exe» -l0x9
QuickTime Alternative 1.65—>»C:Program FilesQuickTime Alternativeunins000.exe»
Registry Mechanic 8.0—>»C:Program FilesRegistry Mechanicunins000.exe» /Log
Retoucher—>»C:Program FilesAKVISRetoucherUninstall.exe» «C:Program FilesAKVISRetoucherinstall.log» -u
Security Update for Windows Internet Explorer 7 (KB938127)—>»C:WINDOWSie7updatesKB938127-IE7spuninstspuninst.exe»
Security Update for Windows Internet Explorer 7 (KB942615)—>»C:WINDOWSie7updatesKB942615-IE7spuninstspuninst.exe»
Security Update for Windows Internet Explorer 7 (KB944533)—>»C:WINDOWSie7updatesKB944533-IE7spuninstspuninst.exe»
Security Update for Windows Internet Explorer 7 (KB950759)—>»C:WINDOWSie7updatesKB950759-IE7spuninstspuninst.exe»
Security Update for Windows Internet Explorer 7 (KB953838)—>»C:WINDOWSie7updatesKB953838-IE7spuninstspuninst.exe»
Security Update for Windows Internet Explorer 7 (KB956390)—>»C:WINDOWSie7updatesKB956390-IE7spuninstspuninst.exe»
Security Update for Windows Internet Explorer 7 (KB958215)—>»C:WINDOWSie7updatesKB958215-IE7spuninstspuninst.exe»
Security Update for Windows Internet Explorer 7 (KB960714)—>»C:WINDOWSie7updatesKB960714-IE7spuninstspuninst.exe»
Security Update for Windows Internet Explorer 7 (KB961260)—>»C:WINDOWSie7updatesKB961260-IE7spuninstspuninst.exe»
Security Update for Windows Internet Explorer 7 (KB963027)—>»C:WINDOWSie7updatesKB963027-IE7spuninstspuninst.exe»
Security Update for Windows Media Player (KB911564)—>»C:WINDOWS$NtUninstallKB911564$spuninstspuninst.exe»
Security Update for Windows Media Player (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Security Update for Windows Media Player 10 (KB936782)—>»C:WINDOWS$NtUninstallKB936782_WMP10$spuninstspuninst.exe»
Security Update for Windows Media Player 6.4 (KB925398)—>»C:WINDOWS$NtUninstallKB925398_WMP64$spuninstspuninst.exe»
Security Update for Windows XP (KB890046)—>»C:WINDOWS$NtUninstallKB890046$spuninstspuninst.exe»
Security Update for Windows XP (KB893066)—>»C:WINDOWS$NtUninstallKB893066$spuninstspuninst.exe»
Security Update for Windows XP (KB893756)—>»C:WINDOWS$NtUninstallKB893756$spuninstspuninst.exe»
Security Update for Windows XP (KB896358)—>»C:WINDOWS$NtUninstallKB896358$spuninstspuninst.exe»
Security Update for Windows XP (KB896422)—>»C:WINDOWS$NtUninstallKB896422$spuninstspuninst.exe»
Security Update for Windows XP (KB896423)—>»C:WINDOWS$NtUninstallKB896423$spuninstspuninst.exe»
Security Update for Windows XP (KB896424)—>»C:WINDOWS$NtUninstallKB896424$spuninstspuninst.exe»
Security Update for Windows XP (KB896428)—>»C:WINDOWS$NtUninstallKB896428$spuninstspuninst.exe»
Security Update for Windows XP (KB896688)—>»C:WINDOWS$NtUninstallKB896688$spuninstspuninst.exe»
Security Update for Windows XP (KB899587)—>»C:WINDOWS$NtUninstallKB899587$spuninstspuninst.exe»
Security Update for Windows XP (KB899588)—>»C:WINDOWS$NtUninstallKB899588$spuninstspuninst.exe»
Security Update for Windows XP (KB899589)—>»C:WINDOWS$NtUninstallKB899589$spuninstspuninst.exe»
Security Update for Windows XP (KB899591)—>»C:WINDOWS$NtUninstallKB899591$spuninstspuninst.exe»
Security Update for Windows XP (KB900725)—>»C:WINDOWS$NtUninstallKB900725$spuninstspuninst.exe»
Security Update for Windows XP (KB901017)—>»C:WINDOWS$NtUninstallKB901017$spuninstspuninst.exe»
Security Update for Windows XP (KB901214)—>»C:WINDOWS$NtUninstallKB901214$spuninstspuninst.exe»
Security Update for Windows XP (KB902400)—>»C:WINDOWS$NtUninstallKB902400$spuninstspuninst.exe»
Security Update for Windows XP (KB904706)—>»C:WINDOWS$NtUninstallKB904706$spuninstspuninst.exe»
Security Update for Windows XP (KB905414)—>»C:WINDOWS$NtUninstallKB905414$spuninstspuninst.exe»
Security Update for Windows XP (KB905749)—>»C:WINDOWS$NtUninstallKB905749$spuninstspuninst.exe»
Security Update for Windows XP (KB908519)—>»C:WINDOWS$NtUninstallKB908519$spuninstspuninst.exe»
Security Update for Windows XP (KB911562)—>»C:WINDOWS$NtUninstallKB911562$spuninstspuninst.exe»
Security Update for Windows XP (KB911927)—>»C:WINDOWS$NtUninstallKB911927$spuninstspuninst.exe»
Security Update for Windows XP (KB913580)—>»C:WINDOWS$NtUninstallKB913580$spuninstspuninst.exe»
Security Update for Windows XP (KB914388)—>»C:WINDOWS$NtUninstallKB914388$spuninstspuninst.exe»
Security Update for Windows XP (KB914389)—>»C:WINDOWS$NtUninstallKB914389$spuninstspuninst.exe»
Security Update for Windows XP (KB917344)—>»C:WINDOWS$NtUninstallKB917344$spuninstspuninst.exe»
Security Update for Windows XP (KB917953)—>»C:WINDOWS$NtUninstallKB917953$spuninstspuninst.exe»
Security Update for Windows XP (KB918118)—>»C:WINDOWS$NtUninstallKB918118$spuninstspuninst.exe»
Security Update for Windows XP (KB918439)—>»C:WINDOWS$NtUninstallKB918439$spuninstspuninst.exe»
Security Update for Windows XP (KB919007)—>»C:WINDOWS$NtUninstallKB919007$spuninstspuninst.exe»
Security Update for Windows XP (KB920213)—>»C:WINDOWS$NtUninstallKB920213$spuninstspuninst.exe»
Security Update for Windows XP (KB920670)—>»C:WINDOWS$NtUninstallKB920670$spuninstspuninst.exe»
Security Update for Windows XP (KB920683)—>»C:WINDOWS$NtUninstallKB920683$spuninstspuninst.exe»
Security Update for Windows XP (KB920685)—>»C:WINDOWS$NtUninstallKB920685$spuninstspuninst.exe»
Security Update for Windows XP (KB921503)—>»C:WINDOWS$NtUninstallKB921503$spuninstspuninst.exe»
Security Update for Windows XP (KB922819)—>»C:WINDOWS$NtUninstallKB922819$spuninstspuninst.exe»
Security Update for Windows XP (KB923191)—>»C:WINDOWS$NtUninstallKB923191$spuninstspuninst.exe»
Security Update for Windows XP (KB923414)—>»C:WINDOWS$NtUninstallKB923414$spuninstspuninst.exe»
Security Update for Windows XP (KB923561)—>»C:WINDOWS$NtUninstallKB923561$spuninstspuninst.exe»
Security Update for Windows XP (KB923689)—>»C:WINDOWS$NtUninstallKB923689$spuninstspuninst.exe»
Security Update for Windows XP (KB923694)—>»C:WINDOWS$NtUninstallKB923694$spuninstspuninst.exe»
Security Update for Windows XP (KB923980)—>»C:WINDOWS$NtUninstallKB923980$spuninstspuninst.exe»
Security Update for Windows XP (KB924270)—>»C:WINDOWS$NtUninstallKB924270$spuninstspuninst.exe»
Security Update for Windows XP (KB924496)—>»C:WINDOWS$NtUninstallKB924496$spuninstspuninst.exe»
Security Update for Windows XP (KB924667)—>»C:WINDOWS$NtUninstallKB924667$spuninstspuninst.exe»
Security Update for Windows XP (KB925902)—>»C:WINDOWS$NtUninstallKB925902$spuninstspuninst.exe»
Security Update for Windows XP (KB926255)—>»C:WINDOWS$NtUninstallKB926255$spuninstspuninst.exe»
Security Update for Windows XP (KB926436)—>»C:WINDOWS$NtUninstallKB926436$spuninstspuninst.exe»
Security Update for Windows XP (KB927779)—>»C:WINDOWS$NtUninstallKB927779$spuninstspuninst.exe»
Security Update for Windows XP (KB927802)—>»C:WINDOWS$NtUninstallKB927802$spuninstspuninst.exe»
Security Update for Windows XP (KB928255)—>»C:WINDOWS$NtUninstallKB928255$spuninstspuninst.exe»
Security Update for Windows XP (KB928843)—>»C:WINDOWS$NtUninstallKB928843$spuninstspuninst.exe»
Security Update for Windows XP (KB930178)—>»C:WINDOWS$NtUninstallKB930178$spuninstspuninst.exe»
Security Update for Windows XP (KB931261)—>»C:WINDOWS$NtUninstallKB931261$spuninstspuninst.exe»
Security Update for Windows XP (KB931784)—>»C:WINDOWS$NtUninstallKB931784$spuninstspuninst.exe»
Security Update for Windows XP (KB932168)—>»C:WINDOWS$NtUninstallKB932168$spuninstspuninst.exe»
Security Update for Windows XP (KB933729)—>»C:WINDOWS$NtUninstallKB933729$spuninstspuninst.exe»
Security Update for Windows XP (KB935839)—>»C:WINDOWS$NtUninstallKB935839$spuninstspuninst.exe»
Security Update for Windows XP (KB935840)—>»C:WINDOWS$NtUninstallKB935840$spuninstspuninst.exe»
Security Update for Windows XP (KB936021)—>»C:WINDOWS$NtUninstallKB936021$spuninstspuninst.exe»
Security Update for Windows XP (KB937143)—>»C:WINDOWS$NtUninstallKB937143$spuninstspuninst.exe»
Security Update for Windows XP (KB937894)—>»C:WINDOWS$NtUninstallKB937894$spuninstspuninst.exe»
Security Update for Windows XP (KB938127)—>»C:WINDOWS$NtUninstallKB938127$spuninstspuninst.exe»
Security Update for Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Security Update for Windows XP (KB938829)—>»C:WINDOWS$NtUninstallKB938829$spuninstspuninst.exe»
Security Update for Windows XP (KB939653)—>»C:WINDOWS$NtUninstallKB939653$spuninstspuninst.exe»
Security Update for Windows XP (KB941568)—>»C:WINDOWS$NtUninstallKB941568$spuninstspuninst.exe»
Security Update for Windows XP (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Security Update for Windows XP (KB941644)—>»C:WINDOWS$NtUninstallKB941644$spuninstspuninst.exe»
Security Update for Windows XP (KB941693)—>»C:WINDOWS$NtUninstallKB941693$spuninstspuninst.exe»
Security Update for Windows XP (KB942615)—>»C:WINDOWS$NtUninstallKB942615$spuninstspuninst.exe»
Security Update for Windows XP (KB943055)—>»C:WINDOWS$NtUninstallKB943055$spuninstspuninst.exe»
Security Update for Windows XP (KB943460)—>»C:WINDOWS$NtUninstallKB943460$spuninstspuninst.exe»
Security Update for Windows XP (KB943485)—>»C:WINDOWS$NtUninstallKB943485$spuninstspuninst.exe»
Security Update for Windows XP (KB944653)—>»C:WINDOWS$NtUninstallKB944653$spuninstspuninst.exe»
Security Update for Windows XP (KB945553)—>»C:WINDOWS$NtUninstallKB945553$spuninstspuninst.exe»
Security Update for Windows XP (KB946026)—>»C:WINDOWS$NtUninstallKB946026$spuninstspuninst.exe»
Security Update for Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Security Update for Windows XP (KB948590)—>»C:WINDOWS$NtUninstallKB948590$spuninstspuninst.exe»
Security Update for Windows XP (KB948881)—>»C:WINDOWS$NtUninstallKB948881$spuninstspuninst.exe»
Security Update for Windows XP (KB950749)—>»C:WINDOWS$NtUninstallKB950749$spuninstspuninst.exe»
Security Update for Windows XP (KB950760)—>»C:WINDOWS$NtUninstallKB950760$spuninstspuninst.exe»
Security Update for Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Security Update for Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Security Update for Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Security Update for Windows XP (KB951376)—>»C:WINDOWS$NtUninstallKB951376$spuninstspuninst.exe»
Security Update for Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Security Update for Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Security Update for Windows XP (KB952004)—>»C:WINDOWS$NtUninstallKB952004$spuninstspuninst.exe»
Security Update for Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Security Update for Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
Security Update for Windows XP (KB954211)—>»C:WINDOWS$NtUninstallKB954211$spuninstspuninst.exe»
Security Update for Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Security Update for Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Security Update for Windows XP (KB956391)—>»C:WINDOWS$NtUninstallKB956391$spuninstspuninst.exe»
Security Update for Windows XP (KB956572)—>»C:WINDOWS$NtUninstallKB956572$spuninstspuninst.exe»
Security Update for Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Security Update for Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Security Update for Windows XP (KB956841)—>»C:WINDOWS$NtUninstallKB956841$spuninstspuninst.exe»
Security Update for Windows XP (KB957095)—>»C:WINDOWS$NtUninstallKB957095$spuninstspuninst.exe»
Security Update for Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Security Update for Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Security Update for Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Security Update for Windows XP (KB958690)—>»C:WINDOWS$NtUninstallKB958690$spuninstspuninst.exe»
Security Update for Windows XP (KB959426)—>»C:WINDOWS$NtUninstallKB959426$spuninstspuninst.exe»
Security Update for Windows XP (KB960225)—>»C:WINDOWS$NtUninstallKB960225$spuninstspuninst.exe»
Security Update for Windows XP (KB960715)—>»C:WINDOWS$NtUninstallKB960715$spuninstspuninst.exe»
Security Update for Windows XP (KB960803)—>»C:WINDOWS$NtUninstallKB960803$spuninstspuninst.exe»
Security Update for Windows XP (KB961373)—>»C:WINDOWS$NtUninstallKB961373$spuninstspuninst.exe»
Sentinel System Driver—>C:WINDOWSSYSTEM32RNBOSENTSETUPX86.EXE /U /q
SmartSound Quicktracks for Premiere Pro—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{EF13188F-2E8C-4C0C-BC26-69535880B472}
SmartSound Sonicfire Pro 3—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{77228B58-3A7F-40C1-97E9-0488707DC3C2}
SopCast 2.0.2—>C:Program FilesSopCastuninst.exe
SPBBC 32bit—>MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
SuperMegaSpoof 2.0—>»C:Program FilesMegaSpoofunins000.exe»
Symantec—>MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
TomTom HOME 2.6.2.1586—>C:Program FilesTomTom HOME 2Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules—>MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
UltraISO V7.21 SR-2—>»C:Program FilesUltraISOunins000.exe»
Update for Windows XP (KB894391)—>»C:WINDOWS$NtUninstallKB894391$spuninstspuninst.exe»
Update for Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Update for Windows XP (KB900485)—>»C:WINDOWS$NtUninstallKB900485$spuninstspuninst.exe»
Update for Windows XP (KB900930)—>»C:WINDOWS$NtUninstallKB900930$spuninstspuninst.exe»
Update for Windows XP (KB904942)—>»C:WINDOWS$NtUninstallKB904942$spuninstspuninst.exe»
Update for Windows XP (KB908531)—>»C:WINDOWS$NtUninstallKB908531$spuninstspuninst.exe»
Update for Windows XP (KB910437)—>»C:WINDOWS$NtUninstallKB910437$spuninstspuninst.exe»
Update for Windows XP (KB911280)—>»C:WINDOWS$NtUninstallKB911280$spuninstspuninst.exe»
Update for Windows XP (KB916595)—>»C:WINDOWS$NtUninstallKB916595$spuninstspuninst.exe»
Update for Windows XP (KB920872)—>»C:WINDOWS$NtUninstallKB920872$spuninstspuninst.exe»
Update for Windows XP (KB922582)—>»C:WINDOWS$NtUninstallKB922582$spuninstspuninst.exe»
Update for Windows XP (KB927891)—>»C:WINDOWS$NtUninstallKB927891$spuninstspuninst.exe»
Update for Windows XP (KB930916)—>»C:WINDOWS$NtUninstallKB930916$spuninstspuninst.exe»
Update for Windows XP (KB932823-v3)—>»C:WINDOWS$NtUninstallKB932823-v3$spuninstspuninst.exe»
Update for Windows XP (KB933360)—>»C:WINDOWS$NtUninstallKB933360$spuninstspuninst.exe»
Update for Windows XP (KB936357)—>»C:WINDOWS$NtUninstallKB936357$spuninstspuninst.exe»
Update for Windows XP (KB938828)—>»C:WINDOWS$NtUninstallKB938828$spuninstspuninst.exe»
Update for Windows XP (KB942763)—>»C:WINDOWS$NtUninstallKB942763$spuninstspuninst.exe»
Update for Windows XP (KB942840)—>»C:WINDOWS$NtUninstallKB942840$spuninstspuninst.exe»
Update for Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
Update for Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
Update for Windows XP (KB967715)—>»C:WINDOWS$NtUninstallKB967715$spuninstspuninst.exe»
VirtualCloneDrive—>»C:Program FilesElaborate BytesVirtualCloneDrivevcd-uninst.exe» /D=»C:Program FilesElaborate BytesVirtualCloneDrive»
Visviva Animation Player—>C:program filesvisvivavaebinuninstall.exe
Wave Arts Power Suite—>C:PROGRA~1WAVEAR~1POWERS~1UNWISE.EXE C:PROGRA~1WAVEAR~1POWERS~1INSTAL~1.LOG
WD Diagnostics—>MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
WD Firewire HID Driver—>MsiExec.exe /X{FD6C6B7F-5696-48C5-A601-2EE9E50C3D46}
WhereIsIt? 3.72—>»C:Program FilesWhereIsItunins000.exe»
Windows Genuine Advantage v1.3.0254.0—>MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803v2$spuninstspuninst.exe»
Windows Internet Explorer 7—>»C:WINDOWSie7spuninstspuninst.exe»
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Player 10—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
Windows XP Hotfix — KB873339—>C:WINDOWS$NtUninstallKB873339$spuninstspuninst.exe
Windows XP Hotfix — KB885250—>C:WINDOWS$NtUninstallKB885250$spuninstspuninst.exe
Windows XP Hotfix — KB885835—>C:WINDOWS$NtUninstallKB885835$spuninstspuninst.exe
Windows XP Hotfix — KB885836—>C:WINDOWS$NtUninstallKB885836$spuninstspuninst.exe
Windows XP Hotfix — KB885884—>C:WINDOWS$NtUninstallKB885884$spuninstspuninst.exe
Windows XP Hotfix — KB886185—>C:WINDOWS$NtUninstallKB886185$spuninstspuninst.exe
Windows XP Hotfix — KB887742—>C:WINDOWS$NtUninstallKB887742$spuninstspuninst.exe
Windows XP Hotfix — KB887797—>C:WINDOWS$NtUninstallKB887797$spuninstspuninst.exe
Windows XP Hotfix — KB888113—>C:WINDOWS$NtUninstallKB888113$spuninstspuninst.exe
Windows XP Hotfix — KB888302—>C:WINDOWS$NtUninstallKB888302$spuninstspuninst.exe
Windows XP Hotfix — KB890859—>»C:WINDOWS$NtUninstallKB890859$spuninstspuninst.exe»
Windows XP Hotfix — KB891781—>C:WINDOWS$NtUninstallKB891781$spuninstspuninst.exe
WinImage—>»C:Program FilesWinImagewinimage.exe» /uninstall
WinRAR archiver—>C:Program FilesWinRARuninstall.exe
Xplode Professional Upgrade—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{DD4FF8D2-BBD0-4EF7-9369-32FE3B650F55}Setup.exe» -l0x9
Преферанс—>C:Program FilesAlawar.ruПреферансUninstall.exe======Hosts File======
127.0.0.1 localhost
::1 localhost
209.44.111.57 security.microsoft.com
209.44.111.57 inetavirus.com
209.44.111.57 http://www.inetavirus.com======Security center information======
AV: Norton AntiVirus
FW: Norton AntiVirus======System event log======
Computer Name: HOME-171B15DE5D
Event Code: 257
Message: Timed out sending notification of target device change to window of «C:Program FilesWindows Media Playerwmplayer.exe»Record Number: 104073
Source Name: PlugPlayManager
Time Written: 20090518131049.000000-240
Event Type: warning
User:Computer Name: HOME-171B15DE5D
Event Code: 257
Message: Timed out sending notification of target device change to window of «C:Program FilesWindows Media Playerwmplayer.exe»Record Number: 104072
Source Name: PlugPlayManager
Time Written: 20090518131049.000000-240
Event Type: warning
User:Computer Name: HOME-171B15DE5D
Event Code: 257
Message: Timed out sending notification of target device change to window of «C:Program FilesWindows Media Playerwmplayer.exe»Record Number: 104071
Source Name: PlugPlayManager
Time Written: 20090518131049.000000-240
Event Type: warning
User:Computer Name: HOME-171B15DE5D
Event Code: 257
Message: Timed out sending notification of target device change to window of «C:Program FilesWindows Media Playerwmplayer.exe»Record Number: 104070
Source Name: PlugPlayManager
Time Written: 20090518131049.000000-240
Event Type: warning
User:Computer Name: HOME-171B15DE5D
Event Code: 257
Message: Timed out sending notification of target device change to window of «C:Program FilesWindows Media Playerwmplayer.exe»Record Number: 104069
Source Name: PlugPlayManager
Time Written: 20090518131049.000000-240
Event Type: warning
User:=====Application event log=====
Computer Name: HOME-171B15DE5D
Event Code: 1517
Message: Windows saved user HOME-171B15DE5DAlex registry while an application or service was still using the registry during log off. The memory used by the user’s registry has not been freed. The registry will be unloaded when it is no longer in use.This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 24011
Source Name: Userenv
Time Written: 20090228120126.000000-300
Event Type: warning
User: NT AUTHORITYSYSTEMComputer Name: HOME-171B15DE5D
Event Code: 1517
Message: Windows saved user HOME-171B15DE5DAlex registry while an application or service was still using the registry during log off. The memory used by the user’s registry has not been freed. The registry will be unloaded when it is no longer in use.This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 23989
Source Name: Userenv
Time Written: 20090228002145.000000-300
Event Type: warning
User: NT AUTHORITYSYSTEMComputer Name: HOME-171B15DE5D
Event Code: 1002
Message: Hanging application PceEdius.exe, version 1.1.1.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.Record Number: 23988
Source Name: Application Hang
Time Written: 20090227213748.000000-300
Event Type: error
User:Computer Name: HOME-171B15DE5D
Event Code: 1517
Message: Windows saved user HOME-171B15DE5DAlex registry while an application or service was still using the registry during log off. The memory used by the user’s registry has not been freed. The registry will be unloaded when it is no longer in use.This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 23969
Source Name: Userenv
Time Written: 20090227212032.000000-300
Event Type: warning
User: NT AUTHORITYSYSTEMComputer Name: HOME-171B15DE5D
Event Code: 1000
Message: Faulting application iexplore.exe, version 7.0.6000.16791, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.Record Number: 23962
Source Name: Application Error
Time Written: 20090227144929.000000-300
Event Type: error
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesBoris FX, IncBoris Continuum Complete 4.0;
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 2 Stepping 9, GenuineIntel
«PROCESSOR_REVISION»=0209
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Здравствуйте, добро пожаловать на Spyware-ru форум.
Запустите HijackThis, для этого кликните Пуск, Выполнить, введите
C:Program Filestrend microAlex.exeи нажмите Enter.
Кликните по кнопке Do a system scan only.
Далее отметьте галочкой (слева) следующие строки, если они присутствуют:O1 - Hosts: 209.44.111.57 security.microsoft.com
O1 - Hosts: 209.44.111.57 inetavirus.com
O1 - Hosts: 209.44.111.57 www.inetavirus.com
O4 - HKCU..Run: [system tool] C:WINDOWSsysguard.exeЗакройте все запущенные программы (включая InternetExplorer) и окна Windows.
Кликните по кнопке Fix checked и подтвердите свои действия выбрав YES.
Перезагрузите компьютер.Скачайте программу Avenger кликнув по этой ссылке и распакуйте её на Рабочий стол.
Запустите Avenger, при это убедитесь что стоит галочка в пункте «Scan for rootkits» и нет галочки в пункте «Automatically disable any rootkits found». Уберите или поставьте галочки в случае необходимости. Кликните Execute. Появится запрос о подтверждении ваших действий, нажмите Yes.
Avenger запуститься. В процессе работы возможны несколько перезагрузок компьютера.
По-окончании работы будет показан лог, пожалуйста вставьте его в ваш ответ. И ещё приложите свежий RSIT лог (только log.txt).Cпасибо огромное Сделал все, как вы написали. Похоже, что проблема решена. Оказалось, что все не так страшно 😀
вот мой логLogfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.comPlatform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.Backups directory opened successfully at C:Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!Completed script processing.
*******************
Finished! Terminate.
Лог чистый.
Для последней проверки:
Прочитайте описание программы Malwarebytes Anti-malware (MBAM).
Скачайте и выполните сканирование вашего компьютера. Удалите всё что будет найдено. В конце работы будет показан лог.Жду от вам MBAM лог и свежий RSIT лог (только log.txt).
- Для ответа в этой теме необходимо авторизоваться.
