аудио кодекы пропадали

[Tanika]

info.txt logfile of random’s system information tool 1.05 2009-01-18 13:52:33

======Uninstall list======

—>»C:Program FilesF-Securefsuninst.exe» /UninstRegKey:»F-Secure Anti-Virus Client Security Installer»
—>»C:Program FilesF-Securefsuninst.exe» /UninstRegKey:»F-Secure DAAS»
—>»C:Program FilesF-Securefsuninst.exe» /UninstRegKey:»F-Secure Diagnostics»
—>»C:Program FilesF-Securefsuninst.exe» /UninstRegKey:»F-Secure FWES»
—>»C:Program FilesF-Securefsuninst.exe» /UninstRegKey:»F-Secure GUI»
—>»C:Program FilesF-Securefsuninst.exe» /UninstRegKey:»F-Secure Management Agent»
—>»C:Program FilesF-Securefsuninst.exe» /UninstRegKey:»F-Secure Policy Manager Support»
—>»C:Program FilesF-Securefsuninst.exe» /UninstRegKey:»F-Secure TNB»
—>C:Program FilesCommon FilesRealUpdate_OBr1puninst.exe RealNetworks|RealPlayer|6.0
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}setup.exe» -l0x19 -uninst
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
Adobe Flash Player 9 ActiveX—>C:WINDOWSsystem32MacromedFlashUninstFl.exe -q
Adobe Flash Player Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 6.0—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-000000000001}
CrazyTalk Cam Suite—>C:Program FilesInstallShield Installation Information{D1504C77-1B19-4AF0-8DEC-946666123B55}setup.exe -runfromtemp -l0x0019 -removeonly /remove
DivX Player—>C:Program FilesDivXDivXPlayerUninstall.exe /PLAYER
DivX Pro Trial—>C:Program FilesDivXDivXCodecUninstall.exe /CODEC
e-Messenger 112—>»C:Program FilesInstallShield Installation Information{730C01C5-CAE4-46FE-BA13-8B3E637F8192}setup.exe» -runfromtemp -l0x0019 -removeonly
ESET NOD32 Antivirus—>MsiExec.exe /I{3407FD83-0A2F-475E-BE94-34F1FA342C84}
ffdshow (remove only)—>»C:Program FilesRingz StudioStorm CodecCodecsuninstall.exe»
FlashGet 1.9.6.1073—>C:Program FilesFlashGetuninst.exe
Google Toolbar for Internet Explorer—>MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer—>regsvr32 /u /s «c:program filesgooglegoogletoolbar1.dll»
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
ICQ Toolbar—>C:Program FilesICQ6ToolbarICQUnToolbar.exe
ICQ6—>»C:Program FilesInstallShield Installation Information{60DE4033-9503-48D1-A483-7846BD217CA9}setup.exe» -runfromtemp -l0x0009 -removeonly
ImTranslator for IE—>C:PROGRA~1SMARTL~1IMTRAN~1UNWISE.EXE C:PROGRA~1SMARTL~1IMTRAN~1INSTALL.LOG
K-Lite Codec Pack 2.70 Full—>»C:Program FilesK-Lite Codec Packunins000.exe»
Mathcad 11 Enterprise Edition—>MsiExec.exe /I{DE4386F2-ECDE-493E-B8BE-9861A9A7D069}
Microsoft Office Access MUI (English) 2007—>MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007—>MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007—>MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007—>MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007—>MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007—>MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007—>MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007—>MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007—>MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007—>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007—>MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007—>MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007—>MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007—>MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007—>MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007—>MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
mIRC 6.31—>C:Program FilesmIRCUninstall.exe
mIRC—>»D:ТаняprogrammsmIRCmirc.exe» -uninstall
Mozilla Firefox (2.0)—>C:Program FilesMozilla Firefoxuninstalluninst.exe
MSN—>C:Program FilesMSNMsnInstallermsninst.exe /Action:ARP
MSXML 4.0 SP2 Parser and SDK—>MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
pMetro 1.21—>»C:Program FilespMetrounins000.exe»
RealPlayer—>C:Program FilesCommon FilesRealUpdate_OBr1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC’97 Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}setup.exe» -l0x19 -removeonly
SafeCast Shared Components—>C:WINDOWSCDAC13BA.EXE /uninstall
SiS VGA Utilities—>Rundll32 SiSInst.dll,Uninstall VGA,R,oem1.inf
SiSAGP driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{DC226AC9-0314-496C-BE6A-B6A132628466}setup.exe» -l0x19
Storm Codec—>C:Program FilesRingz StudioStorm Codecuninst6.10.00.exe
Vypress Chat 2.1—>MsiExec.exe /X{32230531-F971-468F-9BD4-7C3369F3468B}
WebMate—>»C:Program FilesInstallShield Installation Information{40B6D0B4-301A-4020-869F-2E3936E02299}setup.exe» -runfromtemp -l0x0019 -removeonly
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe

======Security center information======

AV: F-Secure Anti-Virus Client Security 5.55 (outdated)
AV: ESET NOD32 Antivirus 3.0
FW: F-Secure Anti-Virus Client Security 5.55

System event log

Computer Name: TANIA
Event Code: 29
Message: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 29 minutes.
NtpClient has no source of accurate time.

Record Number: 1144
Source Name: W32Time
Time Written: 20081116225059.000000+180
Event Type: error
User:

Computer Name: TANIA
Event Code: 17
Message: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer ‘time.windows.com,0x1’. NtpClient will try the DNS lookup again in 30
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Record Number: 1143
Source Name: W32Time
Time Written: 20081116225059.000000+180
Event Type: error
User:

Computer Name: TANIA
Event Code: 29
Message: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Record Number: 1142
Source Name: W32Time
Time Written: 20081116223557.000000+180
Event Type: error
User:

Computer Name: TANIA
Event Code: 17
Message: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer ‘time.windows.com,0x1’. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Record Number: 1141
Source Name: W32Time
Time Written: 20081116223557.000000+180
Event Type: error
User:

Computer Name: TANIA
Event Code: 29
Message: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Record Number: 1140
Source Name: W32Time
Time Written: 20081116223542.000000+180
Event Type: error
User:

Application event log

Computer Name: TANIA
Event Code: 102
Message: wuaueng.dll (196) SUS20ClientDataStore: The database engine started a new instance (0).

Record Number: 261
Source Name: ESENT
Time Written: 20081102214839.000000+180
Event Type: information
User:

Computer Name: TANIA
Event Code: 100
Message: wuauclt (196) The database engine 5.01.2600.2180 started.

Record Number: 260
Source Name: ESENT
Time Written: 20081102214839.000000+180
Event Type: information
User:

Computer Name: TANIA
Event Code: 1800
Message: The Windows Security Center Service has started.

Record Number: 259
Source Name: SecurityCenter
Time Written: 20081102214751.000000+180
Event Type: information
User:

Computer Name: TANIA
Event Code: 0
Message:
Record Number: 258
Source Name: ICQ Service
Time Written: 20081102214749.000000+180
Event Type: information
User:

Computer Name: TANIA
Event Code: 1517
Message: Windows saved user TANIAtania_lainer registry while an application or service was still using the registry during log off. The memory used by the user’s registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 257
Source Name: Userenv
Time Written: 20081101190002.000000+180
Event Type: warning
User: NT AUTHORITYSYSTEM

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 2 Stepping 9, GenuineIntel
«PROCESSOR_REVISION»=0209
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

[Tanika]

Logfile of random’s system information tool 1.05 (written by random/random)
Run by tania_lainer at 2009-01-18 13:51:47
Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (22%) free of 11 GB
Total RAM: 223 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:52:22, on 18.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32driversCDAC11BA.EXE
C:Program FilesESETESET NOD32 Antivirusekrn.exe
C:Program FilesICQ6ToolbarICQ Service.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSOUNDMAN.EXE
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesFlashGetFlashGet.exe
C:WINDOWSPixArtPAC207Monitor.exe
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
C:WINDOWSsystem32sistray.exe
C:Program FilesVypress ChatVyChat.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Documents and Settingstania_lainerDesktopRSIT.exe
C:Program Filestrend microtania_lainer.exe

R3 — URLSearchHook: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
R3 — URLSearchHook: (no name) — — (no file)
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 — BHO: flashget urlcatch — {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} — C:Program FilesFlashGetjccatch.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: FlashGet GetFlash Class — {F156768E-81EF-470C-9057-481BA8380DBA} — C:Program FilesFlashGetgetflash.dll
O3 — Toolbar: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O4 — HKLM..Run: [IMJPMIG8.1] «C:WINDOWSIMEimjp8_1IMJPMIG.EXE» /Spoil /RemAdvDef /Migration32
O4 — HKLM..Run: [PHIME2002ASync] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNC
O4 — HKLM..Run: [PHIME2002A] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /IMEName
O4 — HKLM..Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [GrooveMonitor] «C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [StormCodec_Helper] «C:Program FilesRingz StudioStorm CodecStormSet.exe» /S /opti
O4 — HKLM..Run: [Flashget] «C:Program FilesFlashGetFlashGet.exe» /min
O4 — HKLM..Run: [F-Secure Manager] «C:Program FilesF-SecureCommonFSM32.EXE» /splash
O4 — HKLM..Run: [F-Secure TNB] «C:Program FilesF-SecureTNBTNBUtil.exe» /CHECKALL /WAITFORSW
O4 — HKLM..Run: [BMISR] C:Program FilesKYEWebMateBM.exe
O4 — HKLM..Run: [PAC207_Monitor] C:WINDOWSPixArtPAC207Monitor.exe
O4 — HKLM..Run: [Monitor] C:WINDOWSPixArtPAC207Monitor.exe
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKLM..Run: [TkBellExe] «C:Program FilesCommon FilesRealUpdate_OBrealsched.exe» -osboot
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Utility Tray.lnk = C:WINDOWSsystem32sistray.exe
O4 — Global Startup: Vypress Chat StartUp.lnk = ?
O8 — Extra context menu item: &ICQ Toolbar Search — res://C:Program FilesICQToolbartoolbaru.dll/SEARCH.HTML
O8 — Extra context menu item: &Закачать все при помощи FlashGet — C:Program FilesFlashGetjc_all.htm
O8 — Extra context menu item: &Закачать при помощи FlashGet — C:Program FilesFlashGetjc_link.htm
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: ImTranslator — C:PROGRA~1SMARTL~1IMTRAN~1startup.html
O9 — Extra button: Send to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: S&end to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: ICQ Lite — {B863453A-26C3-4e1f-A54D-A2CD196348E9} — C:Program FilesICQLiteICQLite.exe (file missing)
O9 — Extra ‘Tools’ menuitem: ICQ Lite — {B863453A-26C3-4e1f-A54D-A2CD196348E9} — C:Program FilesICQLiteICQLite.exe (file missing)
O9 — Extra button: FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:Program FilesFlashGetFlashGet.exe
O9 — Extra ‘Tools’ menuitem: FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:Program FilesFlashGetFlashGet.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6ICQ.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra button: ImTranslator — {AE436396-55E7-4ec4-AD6D-45E88A530A4C} — C:PROGRA~1SMARTL~1IMTRAN~1startup.html (HKCU)
O9 — Extra ‘Tools’ menuitem: ImTranslator — {AE436396-55E7-4ec4-AD6D-45E88A530A4C} — C:PROGRA~1SMARTL~1IMTRAN~1startup.html (HKCU)
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~1MICROS~2Office12GR99D3~1.DLL
O23 — Service: C-DillaCdaC11BA — Macrovision — C:WINDOWSsystem32driversCDAC11BA.EXE
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: F-Secure Gatekeeper Handler Starter — Unknown owner — C:Program FilesF-SecureAnti-Virusfsgk32st.exe (file missing)
O23 — Service: F-Secure Network Request Broker — Unknown owner — C:Program FilesF-SecureCommonFNRB32.EXE (file missing)
O23 — Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) — Unknown owner — C:Program FilesF-SecureFWESProgramfsdfwd.exe (file missing)
O23 — Service: F-Secure Management Agent (FSMA) — Unknown owner — C:Program FilesF-SecureCommonFSMA32.EXE (file missing)
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: ICQ Service — Unknown owner — C:Program FilesICQ6ToolbarICQ Service.exe

—
End of file — 7472 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl — C:Program FilesFlashGetjccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2008-11-17 2403392]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class — C:Program FilesFlashGetgetflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} — ICQToolBar — C:Program FilesICQ6ToolbarICQToolBar.dll [2008-06-12 958712]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-11-17 2403392]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«IMJPMIG8.1″=C:WINDOWSIMEimjp8_1IMJPMIG.EXE [2004-08-04 208952]
«PHIME2002ASync»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-04 455168]
«PHIME2002A»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-04 455168]
«SiSPower»=C:WINDOWSsystem32SiSPower.dll [2005-10-04 49152]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2006-08-03 577536]
«GrooveMonitor»=C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2006-10-26 31016]
«StormCodec_Helper»=C:Program FilesRingz StudioStorm CodecStormSet.exe [2006-09-30 96984]
«Flashget»=C:Program FilesFlashGetFlashGet.exe [2007-09-25 2007088]
«F-Secure Manager»=C:Program FilesF-SecureCommonFSM32.EXE /splash []
«F-Secure TNB»=C:Program FilesF-SecureTNBTNBUtil.exe [2004-05-27 684032]
«BMISR»=C:Program FilesKYEWebMateBM.exe []
«PAC207_Monitor»=C:WINDOWSPixArtPAC207Monitor.exe [2006-11-03 319488]
«Monitor»=C:WINDOWSPixArtPAC207Monitor.exe [2006-11-03 319488]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2008-07-01 1447168]
«TkBellExe»=C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [2009-01-17 180269]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-04 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe [2008-11-17 171448]

C:Documents and SettingsAll UsersStart MenuProgramsStartup
Utility Tray.lnk — C:WINDOWSsystem32sistray.exe
Vypress Chat StartUp.lnk — C:WINDOWSInstaller{32230531-F971-468F-9BD4-7C3369F3468B}iconVCAdvertised.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
«C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»
«C:Program FilesYahoo!MessengerYahooMessenger.exe»=»C:Program FilesYahoo!MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«C:Program FilesYahoo!MessengerYServer.exe»=»C:Program FilesYahoo!MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«C:PROGRA~1RINGZS~1STORMC~1Stormser.exe»=»C:PROGRA~1RINGZS~1STORMC~1Stormser.exe:*:Enabled:@xpsp2res.dll,-22008»
«C:Program FilesICQLiteICQLite.exe»=»C:Program FilesICQLiteICQLite.exe:*:Enabled:ICQ Lite»
«C:Program FilesICQ6ICQ.exe»=»C:Program FilesICQ6ICQ.exe:*:Enabled:ICQ6»
«C:Program FilesFlashGetflashget.exe»=»C:Program FilesFlashGetflashget.exe:*:Enabled:Flashget»
«C:Program FilesVypress ChatVyChat.exe»=»C:Program FilesVypress ChatVyChat.exe:*:Enabled:Vypress Chat — network chat software»
«C:Program FilesFlylink DC++FlylinkDC.exe»=»C:Program FilesFlylink DC++FlylinkDC.exe:*:Enabled:FlylinkDC++»
«C:Program FilesuTorrent [tfile.ru]utorrent.exe»=»C:Program FilesuTorrent [tfile.ru]utorrent.exe:*:Enabled:µTorrent»
«C:Program FilesF-SecureBackWeb7681197programF-Secure Automatic Update.exe»=»C:Program FilesF-SecureBackWeb7681197programF-Secure Automatic Update.exe:*:Enabled:F-Secure Automatic Update»
«C:Program FilesmIRCmirc.exe»=»C:Program FilesmIRCmirc.exe:*:Enabled:mIRC»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

======List of files/folders created in the last 1 months======

2009-01-18 13:51:49 —-D—- C:Program Filestrend micro
2009-01-18 13:51:47 —-D—- C:rsit
2009-01-17 21:59:41 —-D—- C:Program FilesCommon Filesxing shared
2009-01-17 21:59:02 —-D—- C:Documents and Settingstania_lainerApplication DataReal
2009-01-17 21:52:43 —-D—- C:Program FilesDivX
2009-01-07 18:06:16 —-D—- C:Documents and SettingsAll UsersApplication DataTrymedia
2009-01-06 20:56:01 —-D—- C:Program FilesDeep Quest
2009-01-06 20:51:43 —-D—- C:Program FilesFarm Frenzy

======List of files/folders modified in the last 1 months======

2009-01-18 13:51:49 —-RD—- C:Program Files
2009-01-18 13:49:30 —-D—- C:WINDOWSsystem32
2009-01-18 13:49:30 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-18 13:46:13 —-D—- C:Program FilesMozilla Firefox
2009-01-18 13:44:45 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-18 13:44:28 —-D—- C:Program FilesFlashGet
2009-01-18 13:40:46 —-D—- C:WINDOWSTemp
2009-01-17 22:04:41 —-D—- C:WINDOWSPrefetch
2009-01-17 21:59:41 —-D—- C:Program FilesCommon Files
2009-01-17 21:59:38 —-D—- C:Program FilesCommon FilesReal
2009-01-17 21:59:16 —-A—- C:WINDOWSsystem32pndx5032.dll
2009-01-17 21:59:16 —-A—- C:WINDOWSsystem32pndx5016.dll
2009-01-17 21:59:14 —-A—- C:WINDOWSsystem32pncrt.dll
2009-01-17 20:23:15 —-D—- C:WINDOWS
2009-01-13 14:14:47 —-D—- C:Program FilesYahoo!
2009-01-13 14:14:39 —-A—- C:YServer.txt
2009-01-10 17:39:06 —-D—- C:Program FilesmIRC
2009-01-07 18:15:30 —-A—- C:ioSpecial.ini
2008-12-26 03:26:12 —-D—- C:WINDOWSsystem32CatRoot2
2008-12-26 03:26:09 —-HD—- C:WINDOWSinf
2008-12-19 20:29:51 —-D—- C:Downloads

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:WINDOWSsystem32DRIVERSeasdrv.sys [2008-07-01 53256]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2008-07-01 34312]
R1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-04 36096]
R1 SiSkp;SiSkp; C:WINDOWSsystem32DRIVERSsrvkp.sys [2005-10-04 12032]
R2 CdaC15BA;CdaC15BA; ??C:WINDOWSsystem32driversCdaC15BA.SYS []
R2 eamon;EAMON; C:WINDOWSsystem32DRIVERSeamon.sys [2008-07-01 39944]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2006-08-18 4017536]
R3 DM9102;DAVICOM 9102(A) PCI Fast Ethernet Based NT Driver; C:WINDOWSsystem32DRIVERSDM9PCI5.SYS [2001-08-17 29696]
R3 hidusb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2004-08-04 9600]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2004-08-04 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-17 2944]
R3 ReallusionVirtualAudio;Reallusion Virtual Audio; C:WINDOWSsystem32DRIVERSRLVrtAuCbl.sys [2007-03-19 31616]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-04 20992]
R3 SiS315;SiS315; C:WINDOWSsystem32DRIVERSsisgrp.sys [2005-10-04 243712]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-04 17024]
S2 F-Secure Filter;F-Secure File System Filter; ??C:Program FilesF-SecureAnti-VirusWin2KFSfilter.sys []
S2 F-Secure Gatekeeper;F-Secure Gatekeeper; ??C:Program FilesF-SecureAnti-VirusWin2KFSgk.sys []
S2 F-Secure Recognizer;F-Secure File System Recognizer; ??C:Program FilesF-SecureAnti-VirusWin2KFSrec.sys []
S3 CCDECODE;Closed Caption Decoder; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 PAC207;e-Messenger 112; C:WINDOWSsystem32DRIVERSPFC027.SYS [2007-10-25 616064]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
S4 sr;System Restore Filter Driver; C:WINDOWSsystem32DRIVERSsr.sys [2004-08-04 73472]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:WINDOWSSystem32driversws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:WINDOWSsystem32driversCDAC11BA.EXE [2005-10-28 52736]
R2 ekrn;Eset Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2007-12-21 468224]
R2 ICQ Service;ICQ Service; C:Program FilesICQ6ToolbarICQ Service.exe [2008-06-10 222456]
S2 F-Secure Gatekeeper Handler Starter;F-Secure Gatekeeper Handler Starter; C:Program FilesF-SecureAnti-Virusfsgk32st.exe []
S2 FSMA;F-Secure Management Agent; C:Program FilesF-SecureCommonFSMA32.EXE []
S3 EhttpSrv;Eset HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2008-07-01 19200]
S3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:Program FilesF-SecureFWESProgramfsdfwd.exe []
S3 F-Secure Network Request Broker;F-Secure Network Request Broker; C:Program FilesF-SecureCommonFNRB32.EXE []
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-17 138168]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]

---

EOF

---

[Tanika]

у меня аудио кодекы пропадали

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Судя по логам у вас установлено два антивируса

F-Secure Anti-Virus Client Security 5.55 (outdated)
ESET NOD32 Antivirus 3.0

Это очень опасно и может привести к нестабильной работе компьютера.
Удалите один из них.

Далее по вашему вопросу

аудио кодекы пропадали

что это значит ?
Аудио файлы не проигрываются ?

[Автор]

Сообщения