- This topic has 9 ответов, 2 участника, and was last updated 16 years, 2 months назад by
.
-
Сообщения
-
результат сканирования-
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Administrator at 2008-02-03 18:51:43
Microsoft Windows XP Professional Service Pack 2
System drive C: has 10 GB (53%) free of 19 GB
Total RAM: 1015 MB (56% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:51:50 ?, on 03/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSZSSnp211.exe
C:WINDOWSDomino.exe
D:Program Filescalcheck.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:WINDOWSsystem32WService.EXE
C:Program FilesDownload Masterdmaster.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
D:Program Files11111111111111WZQKPICK.EXE
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32DRIVERSWtSrv.exe
D:Program Files11111111111111Messengerymsgr_tray.exe
C:PROGRA~1AVGAVG8avgwdsvc.exe
C:PROGRA~1AVGAVG8avgrsx.exe
C:Program FilesAVGAVG8avgtray.exe
C:Program FilesAVGAVG8avgui.exe
C:Program FilesAVGAVG8avgscanx.exe
C:Program FilesInternet Exploreriexplore.exe
C:PROGRA~1AVGAVG8aAvgApi.exe
C:Documents and SettingsAdministratorDesktopскачятьRSIT.exe
C:Program Filestrend microAdministrator.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=36253
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — D:Program FilesReaderActiveXAcroIEHelper.dll
O2 — BHO: WormRadar.com IESiteBlocker.NavFilter — {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} — C:Program FilesAVGAVG8avgssie.dll
O2 — BHO: zyhlibP — {59E7ACF5-7887-4256-89DC-133B9D9D0424} — C:Documents and SettingsAll UsersApplication Datazyhlib.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: AVG Security Toolbar — {A057A204-BACC-4D26-9990-79A187E2698E} — C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O3 — Toolbar: Easy-WebPrint — {327C2873-E90D-4c37-AA9D-10AC9BABA46C} — C:Program FilesCanonEasy-WebPrintToolband.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — C:Program FilesDownload Masterdmbar.dll
O3 — Toolbar: ????e?.?a? — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: &Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 — Toolbar: AVG Security Toolbar — {A057A204-BACC-4D26-9990-79A187E2698E} — C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O4 — HKLM..Run: [Easy-PrintToolBox] C:Program FilesCanonEasy-PrintToolBoxBJPSMAIN.EXE /logon
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [ZSSnp211] C:WINDOWSZSSnp211.exe
O4 — HKLM..Run: [Domino] C:WINDOWSDomino.exe
O4 — HKLM..Run: [Ulead Photo Express Calendar Checker] D:Program Filescalcheck.exe
O4 — HKLM..Run: [WService] WService.EXE
O4 — HKLM..Run: [AVG8_TRAY] C:PROGRA~1AVGAVG8avgtray.exe
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [Pragma5] D:Program FilesProgram FilesPragmaprestart.exe
O4 — HKCU..Run: [Download Master] C:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [Yahoo! Pager] «D:Program Files11111111111111MessengerYahooMessenger.exe» -quiet
O4 — HKUSS-1-5-18..Run: [ctfmon.exe] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [ctfmon.exe] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Global Startup: WinZip Quick Pick.lnk = D:Program Files11111111111111WZQKPICK.EXE
O4 — Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Easy-WebPrint Add To Print List — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 — Extra context menu item: Easy-WebPrint High Speed Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 — Extra context menu item: Easy-WebPrint Preview — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O8 — Extra context menu item: Easy-WebPrint Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O9 — Extra button: Send to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: S&end to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{CD5EA9D4-AC08-4AD7-BD1F-10D36B7FB4FD}: NameServer = 196.27.0.35 196.27.0.230
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~1MICROS~2Office12GR99D3~1.DLL
O18 — Protocol: linkscanner — {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} — C:Program FilesAVGAVG8avgpp.dll
O20 — AppInit_DLLs: avgrsstx.dll
O20 — Winlogon Notify: crypt — crypts.dll (file missing)
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: AVG8 WatchDog (avg8wd) — AVG Technologies CZ, s.r.o. — C:PROGRA~1AVGAVG8avgwdsvc.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: WinTab Service (WinTabService) — Tablet Driver — C:WINDOWSsystem32DRIVERSWtSrv.exe—
End of file — 7714 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — D:Program FilesReaderActiveXAcroIEHelper.dll [2003-05-15 50376][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Program FilesAVGAVG8avgssie.dll [2008-02-03 419096][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59E7ACF5-7887-4256-89DC-133B9D9D0424}]
Crypted Data Provider — C:Documents and SettingsAll UsersApplication Datazyhlib.dll [2008-01-07 322048][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2008-10-24 157696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2008-02-03 2050816][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2008-01-04 251504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2008-01-04 657904][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll [2008-01-04 522224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} — Easy-WebPrint — C:Program FilesCanonEasy-WebPrintToolband.dll [2004-08-26 405504]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — C:Program FilesDownload Masterdmbar.dll [2007-11-26 180224]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — ????e?.?a? — C:Program FilesYandexYandexBarIEyndbar.dll [2009-01-13 3112736]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2008-01-04 251504]
{A057A204-BACC-4D26-9990-79A187E2698E} — AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2008-02-03 2050816][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Easy-PrintToolBox»=C:Program FilesCanonEasy-PrintToolBoxBJPSMAIN.EXE [2004-01-14 409600]
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]
«ZSSnp211″=C:WINDOWSZSSnp211.exe [2007-04-06 57344]
«Domino»=C:WINDOWSDomino.exe [2006-08-18 49152]
«Ulead Photo Express Calendar Checker»=D:Program Filescalcheck.exe [2004-01-12 69632]
«WService»=C:WINDOWSsystem32WService.EXE [2002-09-07 28672]
«AVG8_TRAY»=C:PROGRA~1AVGAVG8avgtray.exe [2008-02-03 1177368][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2004-08-04 15360]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-11-16 139264]
«Pragma5″=D:Program FilesProgram FilesPragmaprestart.exe []
«Download Master»=C:Program FilesDownload Masterdmaster.exe [2009-01-28 3299840]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-01-04 39408]
«Yahoo! Pager»=D:Program Files11111111111111MessengerYahooMessenger.exe [2007-08-30 4670704][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcmtr]
C:WINDOWSALCMTR.EXE [2005-05-03 69632][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAVG8_TRAY]
C:PROGRA~1AVGAVG8avgtray.exe [2008-02-03 1177368][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregctfmon.exe]
C:WINDOWSsystem32ctfmon.exe [2004-08-04 15360][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGrooveMonitor]
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2006-10-27 31016][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregHotKeysCmds]
C:WINDOWSsystem32hkcmd.exe [2007-12-18 159744][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregIgfxTray]
C:WINDOWSsystem32igfxtray.exe [2007-12-18 135168][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPersistence]
C:WINDOWSsystem32igfxpers.exe [2007-12-18 131072][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
C:WINDOWSRTHDCPL.EXE [2008-01-28 16859648][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregTkBellExe]
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [2008-01-01 180269][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Webshots.lnk]
C:PROGRA~1WebshotsLauncher.exe [2003-10-30 45056]C:Documents and SettingsAll UsersStart MenuProgramsStartup
WinZip Quick Pick.lnk — D:Program Files11111111111111WZQKPICK.EXE
Adobe Gamma Loader.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exeC:Documents and SettingsAdministratorStart MenuProgramsStartup
Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»avgrsstx.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycrypt]
crypts.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:WINDOWSsystem32igfxdev.dll [2007-12-18 208896][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=221[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
«C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»
«D:Program Files3333333MessengerYahooMessenger.exe»=»D:Program Files3333333MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«D:Program Files3333333MessengerYServer.exe»=»D:Program Files3333333MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Program FilesYahoo!MessengerYahooMessenger.exe»=»C:Program FilesYahoo!MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«C:Program FilesYahoo!MessengerYServer.exe»=»C:Program FilesYahoo!MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«D:Program Files11111111111111MessengerYahooMessenger.exe»=»D:Program Files11111111111111MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«D:Program Files11111111111111MessengerYServer.exe»=»D:Program Files11111111111111MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«C:Program FilesAVGAVG8avgupd.exe»=»C:Program FilesAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a3b59d80-bf36-11dc-88f0-0019dbba5d0c}]
shellAutoRuncommand — H:ln9.exe
shellexplorecommand — H:ln9.exe
shellopencommand — H:ln9.exe======List of files/folders created in the last 1 months======
2009-01-28 20:21:36 —-R—- C:WINDOWSsystem32ChCfg.exe
2009-01-28 20:21:21 —-D—- C:WINDOWSsystem32RTCOM
2009-01-28 20:21:19 —-A—- C:WINDOWSsystem32ksuser.dll
2009-01-28 20:20:52 —-A—- C:WINDOWSsystem32spupdsvc.exe
2009-01-28 20:20:51 —-HD—- C:WINDOWS$NtUninstallKB888111WXPSP2$
2009-01-28 20:20:47 —-R—- C:WINDOWSSoundMan.exe
2009-01-28 20:20:45 —-R—- C:WINDOWSSkyTel.exe
2009-01-28 20:20:43 —-R—- C:WINDOWSRtlUpd.exe
2009-01-28 20:20:35 —-R—- C:WINDOWSRTLCPL.exe
2009-01-28 20:20:17 —-R—- C:WINDOWSRTHDCPL.exe
2009-01-28 20:20:15 —-R—- C:WINDOWSMicCal.exe
2009-01-28 20:20:10 —-R—- C:WINDOWSAlcmtr.exe
2009-01-28 20:20:08 —-R—- C:WINDOWSalcwzrd.exe
2009-01-28 20:20:07 —-D—- C:Program FilesRealtek
2009-01-28 20:20:05 —-HD—- C:Program FilesInstallShield Installation Information
2009-01-28 20:19:53 —-RA—- C:WINDOWSsystem32igfxres.dll
2009-01-28 20:19:39 —-R—- C:WINDOWSRtlExUpd.dll
2009-01-28 20:19:39 —-A—- C:WINDOWSHideWin.exe
2009-01-28 20:19:34 —-D—- C:Program FilesCommon FilesInstallShield
2009-01-28 20:19:19 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxprd32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxpgd32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxpdx32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxpdv32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32iglicd32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igldev32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxzoom.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxtray.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxsrvc.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxsrvc.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxress.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxpph.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxpers.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxext.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxexps.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxdo.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxdev.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxCoIn_v4906.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxcfg.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32hkcmd.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32hccutils.dll
2009-01-28 20:18:47 —-D—- C:WINDOWSsystem32Lang
2009-01-28 20:18:47 —-D—- C:WINDOWSsystem32DRVSTORE
2009-01-28 20:18:46 —-RA—- C:WINDOWSsystem32igxpun.exe
2009-01-28 20:18:46 —-RA—- C:WINDOWSsystem32difxapi.dll
2009-01-28 20:18:32 —-D—- C:Intel
2009-01-28 20:15:12 —-D—- C:Documents and SettingsAdministratorApplication DataIdentities
2009-01-28 20:15:10 —-HD—- C:Program FilesUninstall Information
2009-01-28 20:15:02 —-ASH—- C:Documents and SettingsAdministratorApplication Datadesktop.ini
2009-01-28 20:15:01 —-SD—- C:Documents and SettingsAdministratorApplication DataMicrosoft
2009-01-28 20:14:54 —-SHD—- C:System Volume Information
2009-01-28 20:14:54 —-D—- C:WINDOWSSoftwareDistribution
2009-01-28 20:14:53 —-D—- C:WINDOWSPrefetch
2009-01-28 20:14:52 —-SD—- C:WINDOWSsystem32Microsoft
2009-01-28 20:14:52 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-28 20:09:11 —-D—- C:WINDOWSsystem32xircom
2009-01-28 20:09:11 —-D—- C:Program Filesxerox
2009-01-28 20:09:11 —-D—- C:Program Filesmicrosoft frontpage
2009-01-28 20:08:57 —-A—- C:WINDOWScontrol.ini
2009-01-28 20:08:57 —-A—- C:AUTOEXEC.BAT
2009-01-28 20:08:42 —-A—- C:WINDOWSOEWABLog.txt
2009-01-28 20:08:40 —-A—- C:WINDOWSsystem32mapi32.dll
2009-01-28 20:07:52 —-SD—- C:WINDOWSDownloaded Program Files
2009-01-28 20:07:52 —-RD—- C:WINDOWSOffline Web Pages
2009-01-28 20:07:52 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-01-28 20:07:47 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-01-28 20:07:43 —-HD—- C:Program FilesWindowsUpdate
2009-01-28 20:07:24 —-D—- C:WINDOWSsystem32DirectX
2009-01-28 20:07:06 —-A—- C:WINDOWSsystem32atrace.dll
2009-01-28 20:07:03 —-A—- C:WINDOWSsystem32desktop.ini
2009-01-28 20:07:03 —-A—- C:WINDOWSdesktop.ini
2009-01-28 20:06:58 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-01-28 20:06:57 —-D—- C:Program FilesCommon FilesServices
2009-01-28 20:06:57 —-A—- C:WINDOWSsystem32acctres.dll
2009-01-28 20:06:54 —-SD—- C:WINDOWSTasks
2009-01-28 20:06:54 —-D—- C:Program FilesCommon FilesMSSoap
2009-01-28 20:06:54 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-01-28 20:06:49 —-D—- C:WINDOWSsystem32Macromed
2009-01-28 20:06:49 —-D—- C:WINDOWSsrchasst
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wuweb.dll
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wucltui.dll
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wups.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuapi.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-01-28 20:06:44 —-A—- C:WINDOWSsystem32qmgr.dll
2009-01-28 20:06:40 —-D—- C:Program FilesMovie Maker
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32safrslv.dll
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32safrdm.dll
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-01-28 20:06:33 —-A—- C:WINDOWSsystem32fltMc.exe
2009-01-28 20:06:33 —-A—- C:WINDOWSsystem32fltlib.dll
2009-01-28 20:06:32 —-D—- C:WINDOWSsystem32Restore
2009-01-28 20:06:32 —-A—- C:WINDOWSsystem32srsvc.dll
2009-01-28 20:06:32 —-A—- C:WINDOWSsystem32srrstr.dll
2009-01-28 20:06:32 —-A—- C:WINDOWSsystem32srclient.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32msconf.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32ils.dll
2009-01-28 20:06:29 —-D—- C:Program FilesNetMeeting
2009-01-28 20:06:29 —-A—- C:WINDOWSsystem32msoert2.dll
2009-01-28 20:06:28 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-01-28 20:06:28 —-A—- C:WINDOWSsystem32inetres.dll
2009-01-28 20:06:27 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-01-28 20:06:25 —-D—- C:Program FilesOutlook Express
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32mstinit.exe
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32mstask.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32isign32.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32icwdial.dll
2009-01-28 20:06:19 —-D—- C:Program FilesCommon FilesSystem
2009-01-28 20:06:18 —-D—- C:Program FilesInternet Explorer
2009-01-28 20:05:43 —-D—- C:Program FilesComPlus Applications
2009-01-28 20:05:41 —-A—- C:WINDOWSvbaddin.ini
2009-01-28 20:05:41 —-A—- C:WINDOWSvb.ini
2009-01-28 20:05:38 —-D—- C:WINDOWSRegistration
2009-01-28 20:05:33 —-D—- C:Program FilesWindows Media Player
2009-01-28 20:05:33 —-D—- C:Program FilesOnline Services
2009-01-28 20:05:27 —-D—- C:Program FilesMessenger
2009-01-28 20:05:23 —-D—- C:Program FilesMSN Gaming Zone
2009-01-28 20:05:23 —-A—- C:WINDOWSsystem32write.exe
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32winchat.exe
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32hticons.dll
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32avwav.dll
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32avtapi.dll
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32avmeter.dll
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32winmine.exe
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32sol.exe
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32getuname.dll
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32charmap.exe
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32calc.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tslabels.ini
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tskill.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tscon.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32shadow.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32reset.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32mshearts.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32freecell.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32regini.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32msg.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32logoff.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32stclient.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32mtxex.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32comsnap.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32comrepl.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32comaddin.dll
2009-01-28 20:05:01 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-01-28 20:04:45 —-D—- C:Program FilesMSN
2009-01-28 20:04:44 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-01-28 20:04:44 —-A—- C:WINDOWSsystem32mplay32.exe
2009-01-28 20:04:44 —-A—- C:WINDOWSsystem32accwiz.exe
2009-01-28 20:04:43 —-D—- C:Program FilesWindows NT
2009-01-28 20:04:43 —-A—- C:WINDOWSsystem32mspaint.exe
2009-01-28 20:04:43 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-01-28 20:04:43 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32spider.exe
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32mstscax.dll
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32mstsc.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32termsrv.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32remotepg.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdshost.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdchost.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32qprocess.exe
2009-01-28 20:04:40 —-D—- C:WINDOWSsystem32MsDtc
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32icaapi.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-01-28 20:04:39 —-D—- C:WINDOWSsystem32Com
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32msdtc.exe
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32colbact.dll
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32catsrv.dll
2009-01-28 20:04:37 —-A—- C:WINDOWSsystem32comuid.dll
2009-01-28 20:04:37 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-01-28 20:04:32 —-A—- C:WINDOWSsystem32servdeps.dll
2009-01-28 20:04:32 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-01-28 20:04:31 —-A—- C:WINDOWSsystem32licwmi.dll
2009-01-28 20:04:31 —-A—- C:WINDOWSsystem32cmprops.dll
2009-01-28 20:03:30 —-A—- C:WINDOWSsystem32h323log.txt
2009-01-28 20:01:25 —-A—- C:WINDOWSsystem32usbui.dll
2009-01-28 20:00:31 —-A—- C:WINDOWSimsins.BAK
2009-01-28 20:00:28 —-SHD—- C:WINDOWSInstaller
2009-01-28 20:00:28 —-D—- C:Program FilesCommon FilesODBC
2009-01-28 20:00:28 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-28 20:00:28 —-A—- C:WINDOWSODBCINST.INI
2009-01-28 20:00:24 —-RD—- C:Program Files
2009-01-28 20:00:24 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-01-28 20:00:24 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-01-28 20:00:24 —-D—- C:Program FilesCommon Files
2009-01-28 20:00:22 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-01-28 20:00:21 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-01-28 20:00:21 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdycc.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbduzb.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdur.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdtat.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdru1.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdru.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdmon.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdkyr.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdkaz.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdbu.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdblr.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdaze.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-01-28 20:00:14 —-A—- C:WINDOWSsystem32irclass.dll
2009-01-28 20:00:14 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-01-28 20:00:13 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-01-28 20:00:13 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-01-28 20:00:13 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-01-28 20:00:12 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-01-28 20:00:12 —-A—- C:WINDOWSTASKMAN.EXE
2009-01-28 20:00:11 —-A—- C:WINDOWSsystem32batt.dll
2009-01-28 20:00:11 —-A—- C:WINDOWSNOTEPAD.EXE
2009-01-28 20:00:10 —-A—- C:WINDOWSsystem32storprop.dll
2009-01-28 20:00:05 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-01-28 20:00:00 —-RA—- C:WINDOWSSET8.tmp
2009-01-28 19:59:58 —-RA—- C:WINDOWSSET4.tmp
2009-01-28 19:59:56 —-RA—- C:WINDOWSSET3.tmp
2009-01-28 19:59:51 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-28 19:59:51 —-D—- C:WINDOWSsystem32CatRoot
2009-01-28 19:59:45 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-01-28 19:59:24 —-A—- C:WINDOWSsetuplog.txt
2009-01-28 19:59:21 —-D—- C:Documents and Settings
2009-01-28 19:58:45 —-SH—- C:boot.ini
2009-01-28 19:52:09 —-RSHD—- C:WINDOWSsystem32dllcache
2009-01-28 19:52:09 —-RSD—- C:WINDOWSFonts
2009-01-28 19:52:09 —-RD—- C:WINDOWSWeb
2009-01-28 19:52:09 —-HD—- C:WINDOWSinf
2009-01-28 19:52:09 —-D—- C:WINDOWSWinSxS
2009-01-28 19:52:09 —-D—- C:WINDOWStwain_32
2009-01-28 19:52:09 —-D—- C:WINDOWSTemp
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32wbem
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32usmt
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32ShellExt
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32Setup
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32oobe
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32npp
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32mui
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32inetsrv
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32IME
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32icsxml
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32ias
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32export
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem323com_dmi
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem323076
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem322052
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321054
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321042
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321041
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321037
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321033
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321031
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321028
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321025
2009-01-28 19:52:09 —-D—- C:WINDOWSsecurity
2009-01-28 19:52:09 —-D—- C:WINDOWSResources
2009-01-28 19:52:09 —-D—- C:WINDOWSProvisioning
2009-01-28 19:52:09 —-D—- C:WINDOWSPeerNet
2009-01-28 19:52:09 —-D—- C:WINDOWSpchealth
2009-01-28 19:52:09 —-D—- C:WINDOWSmui
2009-01-28 19:52:09 —-D—- C:WINDOWSmsapps
2009-01-28 19:52:09 —-D—- C:WINDOWSmsagent
2009-01-28 19:52:09 —-D—- C:WINDOWSMedia
2009-01-28 19:52:09 —-D—- C:WINDOWSjava
2009-01-28 19:52:09 —-D—- C:WINDOWSime
2009-01-28 19:52:09 —-D—- C:WINDOWSHelp
2009-01-28 19:52:09 —-D—- C:WINDOWSehome
2009-01-28 19:52:09 —-D—- C:WINDOWSDriver Cache
2009-01-28 19:52:09 —-D—- C:WINDOWSDebug
2009-01-28 19:52:09 —-D—- C:WINDOWSCursors
2009-01-28 19:52:09 —-D—- C:WINDOWSConnection Wizard
2009-01-28 19:52:09 —-D—- C:WINDOWSConfig
2009-01-28 19:52:09 —-D—- C:WINDOWSAppPatch
2009-01-28 19:52:09 —-D—- C:WINDOWSaddins
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32wins
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32spool
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32ras
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32drivers
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32dhcp
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32config
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem
2009-01-28 19:52:08 —-D—- C:WINDOWSrepair
2009-01-28 19:52:08 —-D—- C:WINDOWS
2008-02-03 18:46:57 —-D—- C:rsit
2008-02-03 18:46:57 —-D—- C:Program Filestrend micro
2008-02-03 17:54:48 —-A—- C:WINDOWSsystem32avgrsstx.dll
2008-02-03 17:54:43 —-D—- C:Documents and SettingsAdministratorApplication DataAVGTOOLBAR
2008-02-03 17:54:36 —-D—- C:Program FilesAVG
2008-02-03 17:54:35 —-D—- C:Documents and SettingsAll UsersApplication Dataavg8
2008-02-02 22:34:56 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2008-01-28 20:39:13 —-D—- C:Program FilesWebshots
2008-01-28 20:36:41 —-D—- C:Documents and SettingsAll UsersApplication DataCyberLink
2008-01-28 20:36:34 —-D—- C:Program FilesCyberLink
2008-01-28 20:36:07 —-A—- C:WINDOWSsystem32unrar.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem32vp7vfw.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem32vp6vfw.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem32vp31vfw.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem323ivxVfWCodec.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem323ivx.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32xvidvfw.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32xvidcore.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32WMV9VCM.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32ssldivx.dll
2008-01-28 20:36:00 —-A—- C:WINDOWSsystem32qt-dx331.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32libdivx.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dtu100.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpv11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpus11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpuGUI11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpu11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpl100.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32divx.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32unicows.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32msvcr71.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32msvcr70.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32ff_vfw.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32cpuinf32.dll
2008-01-28 20:35:51 —-D—- C:Program FilesK-Lite Codec Pack
2008-01-28 20:35:07 —-D—- C:Program FilesCommon FilesCOWON
2008-01-28 20:35:05 —-D—- C:Program FilesJetAudio
2008-01-28 20:33:24 —-D—- C:Program FilesACD
2008-01-20 21:49:48 —-A—- C:WINDOWSsystem32shell31.dll
2008-01-20 21:49:28 —-A—- C:WINDOWSsystem32digeste.dll
2008-01-20 21:49:27 —-A—- C:WINDOWSIE4 Error Log.txt
2008-01-11 19:43:45 —-D—- C:Documents and SettingsAdministratorApplication DataAdobeUM
2008-01-08 23:39:18 —-A—- C:WINDOWSAlfaStart.CMD
2008-01-08 23:39:18 —-A—- C:WINDOWSAlfaReport.txt
2008-01-08 23:38:52 —-D—- C:Program FilesAlfa Autorun Killer 2
2008-01-08 21:06:48 —-D—- C:Program FilesGENIUS TABLET
2008-01-07 20:29:17 —-A—- C:Documents and SettingsAll UsersApplication Datazyhlib.dll
2008-01-06 18:20:13 —-A—- C:WINDOWSPhotoSnapViewer.INI
2008-01-06 17:53:17 —-D—- C:WINDOWSsystem32Adobe
2008-01-06 17:53:17 —-A—- C:WINDOWSsystem32FileOps.exe
2008-01-06 17:49:26 —-D—- C:WINDOWSAdobe Illustrator CS
2008-01-06 15:29:16 —-D—- C:Program FilesAdobe
2008-01-06 15:28:50 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe Systems
2008-01-06 15:28:43 —-D—- C:Program FilesCommon FilesAdobe Systems Shared
2008-01-06 13:10:58 —-A—- C:WINDOWSsystem32xinput1_2.dll
2008-01-06 13:10:58 —-A—- C:WINDOWSsystem32xactengine2_3.dll
2008-01-06 13:10:57 —-A—- C:WINDOWSsystem32xactengine2_2.dll
2008-01-06 13:10:56 —-A—- C:WINDOWSsystem32xinput1_1.dll
2008-01-06 13:10:56 —-A—- C:WINDOWSsystem32xactengine2_1.dll
2008-01-06 13:10:54 —-A—- C:WINDOWSsystem32xactengine2_0.dll
2008-01-06 13:10:54 —-A—- C:WINDOWSsystem32x3daudio1_0.dll
2008-01-06 13:10:53 —-A—- C:WINDOWSsystem32d3dx9_29.dll
2008-01-06 13:10:49 —-A—- C:WINDOWSsystem32xinput9_1_0.dll
2008-01-06 13:10:48 —-A—- C:WINDOWSsystem32d3dx9_27.dll
2008-01-06 13:10:46 —-A—- C:WINDOWSsystem32d3dx9_26.dll
2008-01-06 13:10:46 —-A—- C:WINDOWSsystem32d3dx9_25.dll
2008-01-06 13:10:42 —-A—- C:WINDOWSsystem32d3dx9_24.dll
2008-01-06 13:07:40 —-D—- C:Documents and SettingsAll UsersApplication DataActivision Value
2008-01-04 20:47:07 —-D—- C:Documents and SettingsAdministratorApplication DataGoogle
2008-01-04 20:45:41 —-D—- C:Documents and SettingsAll UsersApplication DataWinZip
2008-01-04 20:41:51 —-D—- C:Program FilesGoogle
2008-01-04 20:41:51 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle======List of files/folders modified in the last 1 months======
2008-02-02 23:13:18 —-A—- C:WINDOWSNeroDigital.ini
2008-02-02 21:06:14 —-A—- C:WINDOWSwin.ini
2008-01-30 22:49:50 —-A—- C:YServer.txt======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2008-02-03 96520]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2008-02-03 26184]
R1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-04 36096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:WINDOWSsystem32DRIVERSigxpmp32.sys [2007-12-18 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2008-01-29 4725760]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtenicxp.sys [2008-01-03 105856]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-04 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-04 20480]
R3 ZSMC211;ZSMC USB PC Camera (ZS211); C:WINDOWSSystem32DriversZS211.sys [2007-06-13 1469312]
S1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-03 14848]
S2 ujddfqqcujzw;ujddfqqcujzw; ??C:WINDOWSsystem32driversemwnhfdulonpe.sys []
S3 CCDECODE;Closed Caption Decoder; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; ??G:INSTALLGMSIPCI.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 Tablet2k;Serial Tablet Port Driver; C:WINDOWSSystem32DriversTablet2k.sys [2000-06-12 15370]
S3 TClass2k;Tablet Class Driver; C:WINDOWSsystem32DRIVERSTClass2k.sys [2003-03-05 23202]
S3 UCTblHid;HID Tablet Port Driver; C:WINDOWSsystem32DRIVERSUCTblHid.sys [2003-03-04 11090]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8wd;AVG8 WatchDog; C:PROGRA~1AVGAVG8avgwdsvc.exe [2008-02-03 282904]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
R2 WinTabService;WinTab Service; C:WINDOWSsystem32DRIVERSWtSrv.exe [2003-09-29 40960]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-01-06 72704]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-01-04 137200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
EOF
Здравствуйте, добро пожаловать на Spyware-ru форум.
Судя по логу ваш компьютер кроме информера заражён несколькими троянами, включая autorun.inf троян.
Прочитайте эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов.* Отключите ваш антивирус.
* Скачайте и запустите Flash_Disinfector.
* По требованию программы вставьте ваш флэш диск или подключите другие внешние устройства хранения информации.Примечание: запускайте программу столько раз, сколько нужно чтобы очистить все ваши подключаемые диски.
Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите OTMoveIt3 и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:services
ujddfqqcujzw
:reg
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59E7ACF5-7887-4256-89DC-133B9D9D0424}]
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifycrypt]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a3b59d80-bf36-11dc-88f0-0019dbba5d0c}]
:files
H:ln9.exe
c:windowssystem32digeste.dll
C:Documents and SettingsAll UsersApplication Datazyhlib.dll
:Commands
[emptytemp]
[start explorer]
[Reboot]Проверьте вставленный скрипт, если слева перед директивами появились пробелы, то удалите их, скрипт должен выглядеть так же как в сообщении. Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMoveItMovedFiles.Вставьте в ваше ответное сообщение содержимое этого лога. И приложите свежий RSIT лог.
OTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 02042008_223511
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Administrator at 2008-02-04 22:37:45
Microsoft Windows XP Professional Service Pack 2
System drive C: has 10 GB (50%) free of 19 GB
Total RAM: 1015 MB (45% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:37:59 ?, on 04/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSZSSnp211.exe
C:WINDOWSDomino.exe
D:Program Filescalcheck.exe
C:WINDOWSsystem32WService.EXE
C:PROGRA~1AVGAVG8avgtray.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:PROGRA~1AVGAVG8avgwdsvc.exe
C:Program FilesDownload Masterdmaster.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:WINDOWSsystem32svchost.exe
D:Program Files11111111111111Spybot — Search & DestroyTeaTimer.exe
C:WINDOWSsystem32DRIVERSWtSrv.exe
D:Program Files11111111111111WZQKPICK.EXE
C:PROGRA~1AVGAVG8avgrsx.exe
D:Program Files11111111111111Messengerymsgr_tray.exe
C:WINDOWSexplorer.exe
D:Program Files11111111111111Spybot — Search & DestroySpybotSD.exe
C:Program FilesAVGAVG8avgscanx.exe
C:Program FilesAVGAVG8avgui.exe
C:Documents and SettingsAdministratorMy DocumentsNew Folder (2)OTMoveIt3.exe
C:Documents and SettingsAdministratorMy DocumentsскачятьRSIT.exe
C:Program Filestrend microAdministrator.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=36253
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — D:Program FilesReaderActiveXAcroIEHelper.dll
O2 — BHO: WormRadar.com IESiteBlocker.NavFilter — {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} — C:Program FilesAVGAVG8avgssie.dll
O2 — BHO: Spybot-S&D IE Protection — {53707962-6F74-2D53-2644-206D7942484F} — D:PROGRA~1111111~1SPYBOT~1SDHelper.dll
O2 — BHO: zyhlibP — {59E7ACF5-7887-4256-89DC-133B9D9D0424} — C:Documents and SettingsAll UsersApplication Datazyhlib.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: AVG Security Toolbar — {A057A204-BACC-4D26-9990-79A187E2698E} — C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O3 — Toolbar: Easy-WebPrint — {327C2873-E90D-4c37-AA9D-10AC9BABA46C} — C:Program FilesCanonEasy-WebPrintToolband.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — C:Program FilesDownload Masterdmbar.dll
O3 — Toolbar: ????e?.?a? — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: &Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 — Toolbar: AVG Security Toolbar — {A057A204-BACC-4D26-9990-79A187E2698E} — C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O4 — HKLM..Run: [Easy-PrintToolBox] C:Program FilesCanonEasy-PrintToolBoxBJPSMAIN.EXE /logon
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [ZSSnp211] C:WINDOWSZSSnp211.exe
O4 — HKLM..Run: [Domino] C:WINDOWSDomino.exe
O4 — HKLM..Run: [Ulead Photo Express Calendar Checker] D:Program Filescalcheck.exe
O4 — HKLM..Run: [WService] WService.EXE
O4 — HKLM..Run: [AVG8_TRAY] C:PROGRA~1AVGAVG8avgtray.exe
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [Pragma5] D:Program FilesProgram FilesPragmaprestart.exe
O4 — HKCU..Run: [Download Master] C:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [Yahoo! Pager] «D:Program Files11111111111111MessengerYahooMessenger.exe» -quiet
O4 — HKCU..Run: [SpybotSD TeaTimer] D:Program Files11111111111111Spybot — Search & DestroyTeaTimer.exe
O4 — HKUSS-1-5-18..Run: [ctfmon.exe] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [ctfmon.exe] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Global Startup: WinZip Quick Pick.lnk = D:Program Files11111111111111WZQKPICK.EXE
O4 — Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Easy-WebPrint Add To Print List — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 — Extra context menu item: Easy-WebPrint High Speed Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 — Extra context menu item: Easy-WebPrint Preview — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O8 — Extra context menu item: Easy-WebPrint Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O9 — Extra button: Send to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: S&end to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: (no name) — {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} — D:PROGRA~1111111~1SPYBOT~1SDHelper.dll
O9 — Extra ‘Tools’ menuitem: Spybot — Search & Destroy Configuration — {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} — D:PROGRA~1111111~1SPYBOT~1SDHelper.dll
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{CD5EA9D4-AC08-4AD7-BD1F-10D36B7FB4FD}: NameServer = 196.27.0.35 196.27.0.230
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~1MICROS~2Office12GR99D3~1.DLL
O18 — Protocol: linkscanner — {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} — C:Program FilesAVGAVG8avgpp.dll
O20 — AppInit_DLLs: avgrsstx.dll
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: AVG8 WatchDog (avg8wd) — AVG Technologies CZ, s.r.o. — C:PROGRA~1AVGAVG8avgwdsvc.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: WinTab Service (WinTabService) — Tablet Driver — C:WINDOWSsystem32DRIVERSWtSrv.exe—
End of file — 8304 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — D:Program FilesReaderActiveXAcroIEHelper.dll [2003-05-15 50376][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Program FilesAVGAVG8avgssie.dll [2008-02-03 419096][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection — D:PROGRA~1111111~1SPYBOT~1SDHelper.dll [2009-01-26 1879896][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59E7ACF5-7887-4256-89DC-133B9D9D0424}]
Crypted Data Provider — C:Documents and SettingsAll UsersApplication Datazyhlib.dll [2008-01-07 322048][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2008-10-24 157696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2008-02-03 2050816][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2008-01-04 251504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2008-01-04 657904][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll [2008-01-04 522224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} — Easy-WebPrint — C:Program FilesCanonEasy-WebPrintToolband.dll [2004-08-26 405504]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — C:Program FilesDownload Masterdmbar.dll [2007-11-26 180224]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — ????e?.?a? — C:Program FilesYandexYandexBarIEyndbar.dll [2009-01-13 3112736]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2008-01-04 251504]
{A057A204-BACC-4D26-9990-79A187E2698E} — AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2008-02-03 2050816][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Easy-PrintToolBox»=C:Program FilesCanonEasy-PrintToolBoxBJPSMAIN.EXE [2004-01-14 409600]
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]
«ZSSnp211″=C:WINDOWSZSSnp211.exe [2007-04-06 57344]
«Domino»=C:WINDOWSDomino.exe [2006-08-18 49152]
«Ulead Photo Express Calendar Checker»=D:Program Filescalcheck.exe [2004-01-12 69632]
«WService»=C:WINDOWSsystem32WService.EXE [2002-09-07 28672]
«AVG8_TRAY»=C:PROGRA~1AVGAVG8avgtray.exe [2008-02-03 1177368][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2004-08-04 15360]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-11-16 139264]
«Pragma5″=D:Program FilesProgram FilesPragmaprestart.exe []
«Download Master»=C:Program FilesDownload Masterdmaster.exe [2009-01-28 3299840]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-01-04 39408]
«Yahoo! Pager»=D:Program Files11111111111111MessengerYahooMessenger.exe [2007-08-30 4670704]
«SpybotSD TeaTimer»=D:Program Files11111111111111Spybot — Search & DestroyTeaTimer.exe [2009-01-26 2144088][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcmtr]
C:WINDOWSALCMTR.EXE [2005-05-03 69632][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAVG8_TRAY]
C:PROGRA~1AVGAVG8avgtray.exe [2008-02-03 1177368][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregctfmon.exe]
C:WINDOWSsystem32ctfmon.exe [2004-08-04 15360][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGrooveMonitor]
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2006-10-27 31016][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregHotKeysCmds]
C:WINDOWSsystem32hkcmd.exe [2007-12-18 159744][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregIgfxTray]
C:WINDOWSsystem32igfxtray.exe [2007-12-18 135168][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPersistence]
C:WINDOWSsystem32igfxpers.exe [2007-12-18 131072][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
C:WINDOWSRTHDCPL.EXE [2008-01-28 16859648][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregTkBellExe]
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [2008-01-01 180269][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Webshots.lnk]
C:PROGRA~1WebshotsLauncher.exe [2003-10-30 45056]C:Documents and SettingsAll UsersStart MenuProgramsStartup
WinZip Quick Pick.lnk — D:Program Files11111111111111WZQKPICK.EXE
Adobe Gamma Loader.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exeC:Documents and SettingsAdministratorStart MenuProgramsStartup
Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»avgrsstx.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:WINDOWSsystem32igfxdev.dll [2007-12-18 208896][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
«C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»
«D:Program Files3333333MessengerYahooMessenger.exe»=»D:Program Files3333333MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«D:Program Files3333333MessengerYServer.exe»=»D:Program Files3333333MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Program FilesYahoo!MessengerYahooMessenger.exe»=»C:Program FilesYahoo!MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«C:Program FilesYahoo!MessengerYServer.exe»=»C:Program FilesYahoo!MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«D:Program Files11111111111111MessengerYahooMessenger.exe»=»D:Program Files11111111111111MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«D:Program Files11111111111111MessengerYServer.exe»=»D:Program Files11111111111111MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«C:Program FilesAVGAVG8avgupd.exe»=»C:Program FilesAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a3b59d80-bf36-11dc-88f0-0019dbba5d0c}]
shellAutoRuncommand — H:ln9.exe
shellexplorecommand — H:ln9.exe
shellopencommand — H:ln9.exe======List of files/folders created in the last 1 months======
2009-01-28 20:21:36 —-R—- C:WINDOWSsystem32ChCfg.exe
2009-01-28 20:21:21 —-D—- C:WINDOWSsystem32RTCOM
2009-01-28 20:21:19 —-A—- C:WINDOWSsystem32ksuser.dll
2009-01-28 20:20:52 —-A—- C:WINDOWSsystem32spupdsvc.exe
2009-01-28 20:20:51 —-HD—- C:WINDOWS$NtUninstallKB888111WXPSP2$
2009-01-28 20:20:47 —-R—- C:WINDOWSSoundMan.exe
2009-01-28 20:20:45 —-R—- C:WINDOWSSkyTel.exe
2009-01-28 20:20:43 —-R—- C:WINDOWSRtlUpd.exe
2009-01-28 20:20:35 —-R—- C:WINDOWSRTLCPL.exe
2009-01-28 20:20:17 —-R—- C:WINDOWSRTHDCPL.exe
2009-01-28 20:20:15 —-R—- C:WINDOWSMicCal.exe
2009-01-28 20:20:10 —-R—- C:WINDOWSAlcmtr.exe
2009-01-28 20:20:08 —-R—- C:WINDOWSalcwzrd.exe
2009-01-28 20:20:07 —-D—- C:Program FilesRealtek
2009-01-28 20:20:05 —-HD—- C:Program FilesInstallShield Installation Information
2009-01-28 20:19:53 —-RA—- C:WINDOWSsystem32igfxres.dll
2009-01-28 20:19:39 —-R—- C:WINDOWSRtlExUpd.dll
2009-01-28 20:19:39 —-A—- C:WINDOWSHideWin.exe
2009-01-28 20:19:34 —-D—- C:Program FilesCommon FilesInstallShield
2009-01-28 20:19:19 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxprd32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxpgd32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxpdx32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxpdv32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32iglicd32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igldev32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxzoom.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxtray.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxsrvc.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxsrvc.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxress.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxpph.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxpers.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxext.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxexps.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxdo.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxdev.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxCoIn_v4906.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxcfg.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32hkcmd.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32hccutils.dll
2009-01-28 20:18:47 —-D—- C:WINDOWSsystem32Lang
2009-01-28 20:18:47 —-D—- C:WINDOWSsystem32DRVSTORE
2009-01-28 20:18:46 —-RA—- C:WINDOWSsystem32igxpun.exe
2009-01-28 20:18:46 —-RA—- C:WINDOWSsystem32difxapi.dll
2009-01-28 20:18:32 —-D—- C:Intel
2009-01-28 20:15:12 —-D—- C:Documents and SettingsAdministratorApplication DataIdentities
2009-01-28 20:15:10 —-HD—- C:Program FilesUninstall Information
2009-01-28 20:15:02 —-ASH—- C:Documents and SettingsAdministratorApplication Datadesktop.ini
2009-01-28 20:15:01 —-SD—- C:Documents and SettingsAdministratorApplication DataMicrosoft
2009-01-28 20:14:54 —-SHD—- C:System Volume Information
2009-01-28 20:14:54 —-D—- C:WINDOWSSoftwareDistribution
2009-01-28 20:14:53 —-D—- C:WINDOWSPrefetch
2009-01-28 20:14:52 —-SD—- C:WINDOWSsystem32Microsoft
2009-01-28 20:14:52 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-28 20:09:11 —-D—- C:WINDOWSsystem32xircom
2009-01-28 20:09:11 —-D—- C:Program Filesxerox
2009-01-28 20:09:11 —-D—- C:Program Filesmicrosoft frontpage
2009-01-28 20:08:57 —-A—- C:WINDOWScontrol.ini
2009-01-28 20:08:57 —-A—- C:AUTOEXEC.BAT
2009-01-28 20:08:42 —-A—- C:WINDOWSOEWABLog.txt
2009-01-28 20:08:40 —-A—- C:WINDOWSsystem32mapi32.dll
2009-01-28 20:07:52 —-SD—- C:WINDOWSDownloaded Program Files
2009-01-28 20:07:52 —-RD—- C:WINDOWSOffline Web Pages
2009-01-28 20:07:52 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-01-28 20:07:47 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-01-28 20:07:43 —-HD—- C:Program FilesWindowsUpdate
2009-01-28 20:07:24 —-D—- C:WINDOWSsystem32DirectX
2009-01-28 20:07:06 —-A—- C:WINDOWSsystem32atrace.dll
2009-01-28 20:07:03 —-A—- C:WINDOWSsystem32desktop.ini
2009-01-28 20:07:03 —-A—- C:WINDOWSdesktop.ini
2009-01-28 20:06:58 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-01-28 20:06:57 —-D—- C:Program FilesCommon FilesServices
2009-01-28 20:06:57 —-A—- C:WINDOWSsystem32acctres.dll
2009-01-28 20:06:54 —-SD—- C:WINDOWSTasks
2009-01-28 20:06:54 —-D—- C:Program FilesCommon FilesMSSoap
2009-01-28 20:06:54 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-01-28 20:06:49 —-D—- C:WINDOWSsystem32Macromed
2009-01-28 20:06:49 —-D—- C:WINDOWSsrchasst
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wuweb.dll
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wucltui.dll
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wups.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuapi.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-01-28 20:06:44 —-A—- C:WINDOWSsystem32qmgr.dll
2009-01-28 20:06:40 —-D—- C:Program FilesMovie Maker
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32safrslv.dll
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32safrdm.dll
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-01-28 20:06:33 —-A—- C:WINDOWSsystem32fltMc.exe
2009-01-28 20:06:33 —-A—- C:WINDOWSsystem32fltlib.dll
2009-01-28 20:06:32 —-D—- C:WINDOWSsystem32Restore
2009-01-28 20:06:32 —-A—- C:WINDOWSsystem32srsvc.dll
2009-01-28 20:06:32 —-A—- C:WINDOWSsystem32srrstr.dll
2009-01-28 20:06:32 —-A—- C:WINDOWSsystem32srclient.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32msconf.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32ils.dll
2009-01-28 20:06:29 —-D—- C:Program FilesNetMeeting
2009-01-28 20:06:29 —-A—- C:WINDOWSsystem32msoert2.dll
2009-01-28 20:06:28 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-01-28 20:06:28 —-A—- C:WINDOWSsystem32inetres.dll
2009-01-28 20:06:27 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-01-28 20:06:25 —-D—- C:Program FilesOutlook Express
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32mstinit.exe
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32mstask.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32isign32.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32icwdial.dll
2009-01-28 20:06:19 —-D—- C:Program FilesCommon FilesSystem
2009-01-28 20:06:18 —-D—- C:Program FilesInternet Explorer
2009-01-28 20:05:43 —-D—- C:Program FilesComPlus Applications
2009-01-28 20:05:41 —-A—- C:WINDOWSvbaddin.ini
2009-01-28 20:05:41 —-A—- C:WINDOWSvb.ini
2009-01-28 20:05:38 —-D—- C:WINDOWSRegistration
2009-01-28 20:05:33 —-D—- C:Program FilesWindows Media Player
2009-01-28 20:05:33 —-D—- C:Program FilesOnline Services
2009-01-28 20:05:27 —-D—- C:Program FilesMessenger
2009-01-28 20:05:23 —-D—- C:Program FilesMSN Gaming Zone
2009-01-28 20:05:23 —-A—- C:WINDOWSsystem32write.exe
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32winchat.exe
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32hticons.dll
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32avwav.dll
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32avtapi.dll
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32avmeter.dll
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32winmine.exe
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32sol.exe
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32getuname.dll
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32charmap.exe
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32calc.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tslabels.ini
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tskill.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tscon.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32shadow.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32reset.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32mshearts.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32freecell.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32regini.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32msg.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32logoff.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32stclient.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32mtxex.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32comsnap.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32comrepl.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32comaddin.dll
2009-01-28 20:05:01 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-01-28 20:04:45 —-D—- C:Program FilesMSN
2009-01-28 20:04:44 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-01-28 20:04:44 —-A—- C:WINDOWSsystem32mplay32.exe
2009-01-28 20:04:44 —-A—- C:WINDOWSsystem32accwiz.exe
2009-01-28 20:04:43 —-D—- C:Program FilesWindows NT
2009-01-28 20:04:43 —-A—- C:WINDOWSsystem32mspaint.exe
2009-01-28 20:04:43 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-01-28 20:04:43 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32spider.exe
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32mstscax.dll
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32mstsc.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32termsrv.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32remotepg.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdshost.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdchost.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32qprocess.exe
2009-01-28 20:04:40 —-D—- C:WINDOWSsystem32MsDtc
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32icaapi.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-01-28 20:04:39 —-D—- C:WINDOWSsystem32Com
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32msdtc.exe
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32colbact.dll
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32catsrv.dll
2009-01-28 20:04:37 —-A—- C:WINDOWSsystem32comuid.dll
2009-01-28 20:04:37 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-01-28 20:04:32 —-A—- C:WINDOWSsystem32servdeps.dll
2009-01-28 20:04:32 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-01-28 20:04:31 —-A—- C:WINDOWSsystem32licwmi.dll
2009-01-28 20:04:31 —-A—- C:WINDOWSsystem32cmprops.dll
2009-01-28 20:03:30 —-A—- C:WINDOWSsystem32h323log.txt
2009-01-28 20:01:25 —-A—- C:WINDOWSsystem32usbui.dll
2009-01-28 20:00:31 —-A—- C:WINDOWSimsins.BAK
2009-01-28 20:00:28 —-SHD—- C:WINDOWSInstaller
2009-01-28 20:00:28 —-D—- C:Program FilesCommon FilesODBC
2009-01-28 20:00:28 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-28 20:00:28 —-A—- C:WINDOWSODBCINST.INI
2009-01-28 20:00:24 —-RD—- C:Program Files
2009-01-28 20:00:24 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-01-28 20:00:24 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-01-28 20:00:24 —-D—- C:Program FilesCommon Files
2009-01-28 20:00:22 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-01-28 20:00:21 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-01-28 20:00:21 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdycc.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbduzb.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdur.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdtat.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdru1.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdru.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdmon.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdkyr.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdkaz.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdbu.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdblr.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdaze.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-01-28 20:00:14 —-A—- C:WINDOWSsystem32irclass.dll
2009-01-28 20:00:14 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-01-28 20:00:13 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-01-28 20:00:13 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-01-28 20:00:13 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-01-28 20:00:12 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-01-28 20:00:12 —-A—- C:WINDOWSTASKMAN.EXE
2009-01-28 20:00:11 —-A—- C:WINDOWSsystem32batt.dll
2009-01-28 20:00:11 —-A—- C:WINDOWSNOTEPAD.EXE
2009-01-28 20:00:10 —-A—- C:WINDOWSsystem32storprop.dll
2009-01-28 20:00:05 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-01-28 20:00:00 —-RA—- C:WINDOWSSET8.tmp
2009-01-28 19:59:58 —-RA—- C:WINDOWSSET4.tmp
2009-01-28 19:59:56 —-RA—- C:WINDOWSSET3.tmp
2009-01-28 19:59:51 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-28 19:59:51 —-D—- C:WINDOWSsystem32CatRoot
2009-01-28 19:59:45 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-01-28 19:59:24 —-A—- C:WINDOWSsetuplog.txt
2009-01-28 19:59:21 —-D—- C:Documents and Settings
2009-01-28 19:58:45 —-SH—- C:boot.ini
2009-01-28 19:52:09 —-RSHD—- C:WINDOWSsystem32dllcache
2009-01-28 19:52:09 —-RSD—- C:WINDOWSFonts
2009-01-28 19:52:09 —-RD—- C:WINDOWSWeb
2009-01-28 19:52:09 —-HD—- C:WINDOWSinf
2009-01-28 19:52:09 —-D—- C:WINDOWSWinSxS
2009-01-28 19:52:09 —-D—- C:WINDOWStwain_32
2009-01-28 19:52:09 —-D—- C:WINDOWSTemp
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32wbem
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32usmt
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32ShellExt
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32Setup
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32oobe
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32npp
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32mui
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32inetsrv
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32IME
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32icsxml
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32ias
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32export
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem323com_dmi
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem323076
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem322052
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321054
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321042
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321041
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321037
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321033
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321031
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321028
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321025
2009-01-28 19:52:09 —-D—- C:WINDOWSsecurity
2009-01-28 19:52:09 —-D—- C:WINDOWSResources
2009-01-28 19:52:09 —-D—- C:WINDOWSProvisioning
2009-01-28 19:52:09 —-D—- C:WINDOWSPeerNet
2009-01-28 19:52:09 —-D—- C:WINDOWSpchealth
2009-01-28 19:52:09 —-D—- C:WINDOWSmui
2009-01-28 19:52:09 —-D—- C:WINDOWSmsapps
2009-01-28 19:52:09 —-D—- C:WINDOWSmsagent
2009-01-28 19:52:09 —-D—- C:WINDOWSMedia
2009-01-28 19:52:09 —-D—- C:WINDOWSjava
2009-01-28 19:52:09 —-D—- C:WINDOWSime
2009-01-28 19:52:09 —-D—- C:WINDOWSHelp
2009-01-28 19:52:09 —-D—- C:WINDOWSehome
2009-01-28 19:52:09 —-D—- C:WINDOWSDriver Cache
2009-01-28 19:52:09 —-D—- C:WINDOWSDebug
2009-01-28 19:52:09 —-D—- C:WINDOWSCursors
2009-01-28 19:52:09 —-D—- C:WINDOWSConnection Wizard
2009-01-28 19:52:09 —-D—- C:WINDOWSConfig
2009-01-28 19:52:09 —-D—- C:WINDOWSAppPatch
2009-01-28 19:52:09 —-D—- C:WINDOWSaddins
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32wins
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32spool
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32ras
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32drivers
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32dhcp
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32config
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem
2009-01-28 19:52:08 —-D—- C:WINDOWSrepair
2009-01-28 19:52:08 —-D—- C:WINDOWS
2008-02-04 22:34:41 —-D—- C:_OTMoveIt
2008-02-04 22:25:50 —-RASHD—- C:autorun.inf
2008-02-03 22:46:34 —-D—- C:Documents and SettingsAll UsersApplication DataSpybot — Search & Destroy
2008-02-03 19:24:21 —-HD—- C:$AVG8.VAULT$
2008-02-03 18:46:57 —-D—- C:rsit
2008-02-03 18:46:57 —-D—- C:Program Filestrend micro
2008-02-03 17:54:48 —-A—- C:WINDOWSsystem32avgrsstx.dll
2008-02-03 17:54:43 —-D—- C:Documents and SettingsAdministratorApplication DataAVGTOOLBAR
2008-02-03 17:54:36 —-D—- C:Program FilesAVG
2008-02-03 17:54:35 —-D—- C:Documents and SettingsAll UsersApplication Dataavg8
2008-02-02 22:34:56 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2008-01-28 20:39:13 —-D—- C:Program FilesWebshots
2008-01-28 20:36:41 —-D—- C:Documents and SettingsAll UsersApplication DataCyberLink
2008-01-28 20:36:34 —-D—- C:Program FilesCyberLink
2008-01-28 20:36:07 —-A—- C:WINDOWSsystem32unrar.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem32vp7vfw.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem32vp6vfw.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem32vp31vfw.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem323ivxVfWCodec.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem323ivx.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32xvidvfw.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32xvidcore.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32WMV9VCM.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32ssldivx.dll
2008-01-28 20:36:00 —-A—- C:WINDOWSsystem32qt-dx331.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32libdivx.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dtu100.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpv11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpus11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpuGUI11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpu11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpl100.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32divx.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32unicows.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32msvcr71.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32msvcr70.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32ff_vfw.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32cpuinf32.dll
2008-01-28 20:35:51 —-D—- C:Program FilesK-Lite Codec Pack
2008-01-28 20:35:07 —-D—- C:Program FilesCommon FilesCOWON
2008-01-28 20:35:05 —-D—- C:Program FilesJetAudio
2008-01-28 20:33:24 —-D—- C:Program FilesACD
2008-01-20 21:49:48 —-A—- C:WINDOWSsystem32shell31.dll
2008-01-20 21:49:28 —-A—- C:WINDOWSsystem32digeste.dll
2008-01-20 21:49:27 —-A—- C:WINDOWSIE4 Error Log.txt
2008-01-11 19:43:45 —-D—- C:Documents and SettingsAdministratorApplication DataAdobeUM
2008-01-08 23:39:18 —-A—- C:WINDOWSAlfaStart.CMD
2008-01-08 23:39:18 —-A—- C:WINDOWSAlfaReport.txt
2008-01-08 23:38:52 —-D—- C:Program FilesAlfa Autorun Killer 2
2008-01-08 21:06:48 —-D—- C:Program FilesGENIUS TABLET
2008-01-07 20:29:17 —-A—- C:Documents and SettingsAll UsersApplication Datazyhlib.dll
2008-01-06 18:20:13 —-A—- C:WINDOWSPhotoSnapViewer.INI
2008-01-06 17:53:17 —-D—- C:WINDOWSsystem32Adobe
2008-01-06 17:53:17 —-A—- C:WINDOWSsystem32FileOps.exe
2008-01-06 17:49:26 —-D—- C:WINDOWSAdobe Illustrator CS
2008-01-06 15:29:16 —-D—- C:Program FilesAdobe
2008-01-06 15:28:50 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe Systems
2008-01-06 15:28:43 —-D—- C:Program FilesCommon FilesAdobe Systems Shared
2008-01-06 13:10:58 —-A—- C:WINDOWSsystem32xinput1_2.dll
2008-01-06 13:10:58 —-A—- C:WINDOWSsystem32xactengine2_3.dll
2008-01-06 13:10:57 —-A—- C:WINDOWSsystem32xactengine2_2.dll
2008-01-06 13:10:56 —-A—- C:WINDOWSsystem32xinput1_1.dll
2008-01-06 13:10:56 —-A—- C:WINDOWSsystem32xactengine2_1.dll
2008-01-06 13:10:54 —-A—- C:WINDOWSsystem32xactengine2_0.dll
2008-01-06 13:10:54 —-A—- C:WINDOWSsystem32x3daudio1_0.dll
2008-01-06 13:10:53 —-A—- C:WINDOWSsystem32d3dx9_29.dll
2008-01-06 13:10:49 —-A—- C:WINDOWSsystem32xinput9_1_0.dll
2008-01-06 13:10:48 —-A—- C:WINDOWSsystem32d3dx9_27.dll
2008-01-06 13:10:46 —-A—- C:WINDOWSsystem32d3dx9_26.dll
2008-01-06 13:10:46 —-A—- C:WINDOWSsystem32d3dx9_25.dll
2008-01-06 13:10:42 —-A—- C:WINDOWSsystem32d3dx9_24.dll
2008-01-06 13:07:40 —-D—- C:Documents and SettingsAll UsersApplication DataActivision Value======List of files/folders modified in the last 1 months======
2008-02-02 23:13:18 —-A—- C:WINDOWSNeroDigital.ini
2008-02-02 21:06:14 —-A—- C:WINDOWSwin.ini
2008-01-30 22:49:50 —-A—- C:YServer.txt======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2008-02-03 96520]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2008-02-03 26184]
R1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-04 36096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:WINDOWSsystem32DRIVERSigxpmp32.sys [2007-12-18 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2008-01-29 4725760]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtenicxp.sys [2008-01-03 105856]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-04 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-04 20480]
R3 ZSMC211;ZSMC USB PC Camera (ZS211); C:WINDOWSSystem32DriversZS211.sys [2007-06-13 1469312]
S1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-03 14848]
S2 ujddfqqcujzw;ujddfqqcujzw; ??C:WINDOWSsystem32driversemwnhfdulonpe.sys []
S3 CCDECODE;Closed Caption Decoder; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; ??G:INSTALLGMSIPCI.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 Tablet2k;Serial Tablet Port Driver; C:WINDOWSSystem32DriversTablet2k.sys [2000-06-12 15370]
S3 TClass2k;Tablet Class Driver; C:WINDOWSsystem32DRIVERSTClass2k.sys [2003-03-05 23202]
S3 UCTblHid;HID Tablet Port Driver; C:WINDOWSsystem32DRIVERSUCTblHid.sys [2003-03-04 11090]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8wd;AVG8 WatchDog; C:PROGRA~1AVGAVG8avgwdsvc.exe [2008-02-03 282904]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
R2 WinTabService;WinTab Service; C:WINDOWSsystem32DRIVERSWtSrv.exe [2003-09-29 40960]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-01-06 72704]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-01-04 137200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
EOF
ну что ?у меня всё постарому лента новостей не удалилась………ох я так устала помогите мне!!!!Сделала всё как вы сказали и лента новостей исчезла….я вам очень благодарна!!!!!сначяла вместо флеш вставила диск….вот почему не вышло!а потом с флеш всё исчезло…..ещё раз спасибо за помощ….так хорошо что существует ваш форум!!!!самое пекрасное помогать людям!дай бог вам здоровья и успехов!!!
с уважением МАРИНА САЛЕХМАРИНА, рад вам помочь.
Но для контрольной проверки пришлите свежий RSIT лог.Logfile of random’s system information tool 1.05 (written by random/random)
Run by Administrator at 2008-02-08 19:27:18
Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (42%) free of 19 GB
Total RAM: 1015 MB (43% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:27:41 ?, on 08/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSZSSnp211.exe
C:WINDOWSDomino.exe
D:Program Filescalcheck.exe
C:WINDOWSsystem32WService.EXE
C:PROGRA~1AVGAVG8avgtray.exe
C:WINDOWSsystem32ctfmon.exe
C:PROGRA~1AVGAVG8avgwdsvc.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:Program FilesDownload Masterdmaster.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
D:Program Files11111111111111Spybot — Search & DestroyTeaTimer.exe
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:WINDOWSsystem32DRIVERSWtSrv.exe
D:Program Files11111111111111WZQKPICK.EXE
C:PROGRA~1AVGAVG8avgrsx.exe
F:illustretorSupport FilesContentsWindowsIllustrator.exe
C:Program FilesInternet Exploreriexplore.exe
D:Program Files11111111111111MessengerYahooMessenger.exe
C:Program FilesAVGAVG8avgscanx.exe
C:Program FilesAVGAVG8avgcsrvx.exe
C:Documents and SettingsAdministratorMy DocumentsАНТИВИРУСЫRSIT.exe
C:Program Filestrend microAdministrator.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=36253
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — D:Program FilesReaderActiveXAcroIEHelper.dll
O2 — BHO: WormRadar.com IESiteBlocker.NavFilter — {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} — C:Program FilesAVGAVG8avgssie.dll
O2 — BHO: Spybot-S&D IE Protection — {53707962-6F74-2D53-2644-206D7942484F} — D:PROGRA~1111111~1SPYBOT~1SDHelper.dll
O2 — BHO: zyhlibP — {59E7ACF5-7887-4256-89DC-133B9D9D0424} — C:Documents and SettingsAll UsersApplication Datazyhlib.dll (file missing)
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: AVG Security Toolbar — {A057A204-BACC-4D26-9990-79A187E2698E} — C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O3 — Toolbar: Easy-WebPrint — {327C2873-E90D-4c37-AA9D-10AC9BABA46C} — C:Program FilesCanonEasy-WebPrintToolband.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — C:Program FilesDownload Masterdmbar.dll
O3 — Toolbar: ????e?.?a? — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: &Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 — Toolbar: AVG Security Toolbar — {A057A204-BACC-4D26-9990-79A187E2698E} — C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O4 — HKLM..Run: [Easy-PrintToolBox] C:Program FilesCanonEasy-PrintToolBoxBJPSMAIN.EXE /logon
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [ZSSnp211] C:WINDOWSZSSnp211.exe
O4 — HKLM..Run: [Domino] C:WINDOWSDomino.exe
O4 — HKLM..Run: [Ulead Photo Express Calendar Checker] D:Program Filescalcheck.exe
O4 — HKLM..Run: [WService] WService.EXE
O4 — HKLM..Run: [AVG8_TRAY] C:PROGRA~1AVGAVG8avgtray.exe
O4 — HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [Pragma5] D:Program FilesProgram FilesPragmaprestart.exe
O4 — HKCU..Run: [Download Master] C:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [Yahoo! Pager] «D:Program Files11111111111111MessengerYahooMessenger.exe» -quiet
O4 — HKCU..Run: [SpybotSD TeaTimer] D:Program Files11111111111111Spybot — Search & DestroyTeaTimer.exe
O4 — HKUSS-1-5-18..Run: [ctfmon.exe] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [ctfmon.exe] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Global Startup: WinZip Quick Pick.lnk = D:Program Files11111111111111WZQKPICK.EXE
O4 — Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Easy-WebPrint Add To Print List — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 — Extra context menu item: Easy-WebPrint High Speed Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 — Extra context menu item: Easy-WebPrint Preview — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O8 — Extra context menu item: Easy-WebPrint Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O9 — Extra button: Send to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: S&end to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: (no name) — {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} — D:PROGRA~1111111~1SPYBOT~1SDHelper.dll
O9 — Extra ‘Tools’ menuitem: Spybot — Search & Destroy Configuration — {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} — D:PROGRA~1111111~1SPYBOT~1SDHelper.dll
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{CD5EA9D4-AC08-4AD7-BD1F-10D36B7FB4FD}: NameServer = 196.27.0.35 196.27.0.230
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~1MICROS~2Office12GR99D3~1.DLL
O18 — Protocol: linkscanner — {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} — C:Program FilesAVGAVG8avgpp.dll
O20 — Winlogon Notify: avgrsstarter — C:WINDOWSSYSTEM32avgrsstx.dll
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: AVG8 WatchDog (avg8wd) — AVG Technologies CZ, s.r.o. — C:PROGRA~1AVGAVG8avgwdsvc.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: WinTab Service (WinTabService) — Tablet Driver — C:WINDOWSsystem32DRIVERSWtSrv.exe—
End of file — 8397 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — D:Program FilesReaderActiveXAcroIEHelper.dll [2003-05-15 50376][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Program FilesAVGAVG8avgssie.dll [2008-02-04 1078552][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection — D:PROGRA~1111111~1SPYBOT~1SDHelper.dll [2009-01-26 1879896][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59E7ACF5-7887-4256-89DC-133B9D9D0424}]
Crypted Data Provider — C:Documents and SettingsAll UsersApplication Datazyhlib.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2008-10-24 157696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2008-02-04 1968920][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2008-01-04 251504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2008-01-04 657904][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll [2008-01-04 522224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} — Easy-WebPrint — C:Program FilesCanonEasy-WebPrintToolband.dll [2004-08-26 405504]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — C:Program FilesDownload Masterdmbar.dll [2007-11-26 180224]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — ????e?.?a? — C:Program FilesYandexYandexBarIEyndbar.dll [2009-01-13 3112736]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2008-01-04 251504]
{A057A204-BACC-4D26-9990-79A187E2698E} — AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2008-02-04 1968920][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Easy-PrintToolBox»=C:Program FilesCanonEasy-PrintToolBoxBJPSMAIN.EXE [2004-01-14 409600]
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]
«ZSSnp211″=C:WINDOWSZSSnp211.exe [2007-04-06 57344]
«Domino»=C:WINDOWSDomino.exe [2006-08-18 49152]
«Ulead Photo Express Calendar Checker»=D:Program Filescalcheck.exe [2004-01-12 69632]
«WService»=C:WINDOWSsystem32WService.EXE [2002-09-07 28672]
«AVG8_TRAY»=C:PROGRA~1AVGAVG8avgtray.exe [2008-02-04 1601304]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2004-08-04 15360]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-11-16 139264]
«Pragma5″=D:Program FilesProgram FilesPragmaprestart.exe []
«Download Master»=C:Program FilesDownload Masterdmaster.exe [2009-01-28 3299840]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-01-04 39408]
«Yahoo! Pager»=D:Program Files11111111111111MessengerYahooMessenger.exe [2007-08-30 4670704]
«SpybotSD TeaTimer»=D:Program Files11111111111111Spybot — Search & DestroyTeaTimer.exe [2009-01-26 2144088][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcmtr]
C:WINDOWSALCMTR.EXE [2005-05-03 69632][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAVG8_TRAY]
C:PROGRA~1AVGAVG8avgtray.exe [2008-02-04 1601304][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregctfmon.exe]
C:WINDOWSsystem32ctfmon.exe [2004-08-04 15360][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGrooveMonitor]
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2006-10-27 31016][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregHotKeysCmds]
C:WINDOWSsystem32hkcmd.exe [2007-12-18 159744][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregIgfxTray]
C:WINDOWSsystem32igfxtray.exe [2007-12-18 135168][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPersistence]
C:WINDOWSsystem32igfxpers.exe [2007-12-18 131072][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
C:WINDOWSRTHDCPL.EXE [2008-01-28 16859648][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregTkBellExe]
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [2008-01-01 180269][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Webshots.lnk]
C:PROGRA~1WebshotsLauncher.exe [2003-10-30 45056]C:Documents and SettingsAll UsersStart MenuProgramsStartup
WinZip Quick Pick.lnk — D:Program Files11111111111111WZQKPICK.EXE
Adobe Gamma Loader.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exeC:Documents and SettingsAdministratorStart MenuProgramsStartup
Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavgrsstarter]
C:WINDOWSsystem32avgrsstx.dll [2008-02-04 10520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:WINDOWSsystem32igfxdev.dll [2007-12-18 208896][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
«C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»
«D:Program Files3333333MessengerYahooMessenger.exe»=»D:Program Files3333333MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«D:Program Files3333333MessengerYServer.exe»=»D:Program Files3333333MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Program FilesYahoo!MessengerYahooMessenger.exe»=»C:Program FilesYahoo!MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«C:Program FilesYahoo!MessengerYServer.exe»=»C:Program FilesYahoo!MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«D:Program Files11111111111111MessengerYahooMessenger.exe»=»D:Program Files11111111111111MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«D:Program Files11111111111111MessengerYServer.exe»=»D:Program Files11111111111111MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«C:Program FilesAVGAVG8avgupd.exe»=»C:Program FilesAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a3b59d80-bf36-11dc-88f0-0019dbba5d0c}]
shellAutoRuncommand — H:ln9.exe
shellexplorecommand — H:ln9.exe
shellopencommand — H:ln9.exe======List of files/folders created in the last 1 months======
2009-01-28 20:21:36 —-R—- C:WINDOWSsystem32ChCfg.exe
2009-01-28 20:21:21 —-D—- C:WINDOWSsystem32RTCOM
2009-01-28 20:21:19 —-A—- C:WINDOWSsystem32ksuser.dll
2009-01-28 20:20:52 —-A—- C:WINDOWSsystem32spupdsvc.exe
2009-01-28 20:20:51 —-HD—- C:WINDOWS$NtUninstallKB888111WXPSP2$
2009-01-28 20:20:47 —-R—- C:WINDOWSSoundMan.exe
2009-01-28 20:20:45 —-R—- C:WINDOWSSkyTel.exe
2009-01-28 20:20:43 —-R—- C:WINDOWSRtlUpd.exe
2009-01-28 20:20:35 —-R—- C:WINDOWSRTLCPL.exe
2009-01-28 20:20:17 —-R—- C:WINDOWSRTHDCPL.exe
2009-01-28 20:20:15 —-R—- C:WINDOWSMicCal.exe
2009-01-28 20:20:10 —-R—- C:WINDOWSAlcmtr.exe
2009-01-28 20:20:08 —-R—- C:WINDOWSalcwzrd.exe
2009-01-28 20:20:07 —-D—- C:Program FilesRealtek
2009-01-28 20:20:05 —-HD—- C:Program FilesInstallShield Installation Information
2009-01-28 20:19:53 —-RA—- C:WINDOWSsystem32igfxres.dll
2009-01-28 20:19:39 —-R—- C:WINDOWSRtlExUpd.dll
2009-01-28 20:19:39 —-A—- C:WINDOWSHideWin.exe
2009-01-28 20:19:34 —-D—- C:Program FilesCommon FilesInstallShield
2009-01-28 20:19:19 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxprd32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxpgd32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxpdx32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxpdv32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32iglicd32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igldev32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxzoom.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxtray.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxsrvc.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxsrvc.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxress.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxpph.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxpers.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxext.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxexps.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxdo.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxdev.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxCoIn_v4906.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxcfg.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32hkcmd.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32hccutils.dll
2009-01-28 20:18:47 —-D—- C:WINDOWSsystem32Lang
2009-01-28 20:18:47 —-D—- C:WINDOWSsystem32DRVSTORE
2009-01-28 20:18:46 —-RA—- C:WINDOWSsystem32igxpun.exe
2009-01-28 20:18:46 —-RA—- C:WINDOWSsystem32difxapi.dll
2009-01-28 20:18:32 —-D—- C:Intel
2009-01-28 20:15:12 —-D—- C:Documents and SettingsAdministratorApplication DataIdentities
2009-01-28 20:15:10 —-HD—- C:Program FilesUninstall Information
2009-01-28 20:15:02 —-ASH—- C:Documents and SettingsAdministratorApplication Datadesktop.ini
2009-01-28 20:15:01 —-SD—- C:Documents and SettingsAdministratorApplication DataMicrosoft
2009-01-28 20:14:54 —-SHD—- C:System Volume Information
2009-01-28 20:14:54 —-D—- C:WINDOWSSoftwareDistribution
2009-01-28 20:14:53 —-D—- C:WINDOWSPrefetch
2009-01-28 20:14:52 —-SD—- C:WINDOWSsystem32Microsoft
2009-01-28 20:14:52 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-28 20:09:11 —-D—- C:WINDOWSsystem32xircom
2009-01-28 20:09:11 —-D—- C:Program Filesxerox
2009-01-28 20:09:11 —-D—- C:Program Filesmicrosoft frontpage
2009-01-28 20:08:57 —-A—- C:WINDOWScontrol.ini
2009-01-28 20:08:57 —-A—- C:AUTOEXEC.BAT
2009-01-28 20:08:42 —-A—- C:WINDOWSOEWABLog.txt
2009-01-28 20:08:40 —-A—- C:WINDOWSsystem32mapi32.dll
2009-01-28 20:07:52 —-SD—- C:WINDOWSDownloaded Program Files
2009-01-28 20:07:52 —-RD—- C:WINDOWSOffline Web Pages
2009-01-28 20:07:52 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-01-28 20:07:47 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-01-28 20:07:43 —-HD—- C:Program FilesWindowsUpdate
2009-01-28 20:07:24 —-D—- C:WINDOWSsystem32DirectX
2009-01-28 20:07:06 —-A—- C:WINDOWSsystem32atrace.dll
2009-01-28 20:07:03 —-A—- C:WINDOWSsystem32desktop.ini
2009-01-28 20:07:03 —-A—- C:WINDOWSdesktop.ini
2009-01-28 20:06:58 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-01-28 20:06:57 —-D—- C:Program FilesCommon FilesServices
2009-01-28 20:06:57 —-A—- C:WINDOWSsystem32acctres.dll
2009-01-28 20:06:54 —-SD—- C:WINDOWSTasks
2009-01-28 20:06:54 —-D—- C:Program FilesCommon FilesMSSoap
2009-01-28 20:06:54 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-01-28 20:06:49 —-D—- C:WINDOWSsystem32Macromed
2009-01-28 20:06:49 —-D—- C:WINDOWSsrchasst
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wuweb.dll
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wucltui.dll
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wups.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuapi.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-01-28 20:06:44 —-A—- C:WINDOWSsystem32qmgr.dll
2009-01-28 20:06:40 —-D—- C:Program FilesMovie Maker
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32safrslv.dll
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32safrdm.dll
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-01-28 20:06:33 —-A—- C:WINDOWSsystem32fltMc.exe
2009-01-28 20:06:33 —-A—- C:WINDOWSsystem32fltlib.dll
2009-01-28 20:06:32 —-D—- C:WINDOWSsystem32Restore
2009-01-28 20:06:32 —-A—- C:WINDOWSsystem32srsvc.dll
2009-01-28 20:06:32 —-A—- C:WINDOWSsystem32srrstr.dll
2009-01-28 20:06:32 —-A—- C:WINDOWSsystem32srclient.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32msconf.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32ils.dll
2009-01-28 20:06:29 —-D—- C:Program FilesNetMeeting
2009-01-28 20:06:29 —-A—- C:WINDOWSsystem32msoert2.dll
2009-01-28 20:06:28 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-01-28 20:06:28 —-A—- C:WINDOWSsystem32inetres.dll
2009-01-28 20:06:27 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-01-28 20:06:25 —-D—- C:Program FilesOutlook Express
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32mstinit.exe
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32mstask.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32isign32.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32icwdial.dll
2009-01-28 20:06:19 —-D—- C:Program FilesCommon FilesSystem
2009-01-28 20:06:18 —-D—- C:Program FilesInternet Explorer
2009-01-28 20:05:43 —-D—- C:Program FilesComPlus Applications
2009-01-28 20:05:41 —-A—- C:WINDOWSvbaddin.ini
2009-01-28 20:05:41 —-A—- C:WINDOWSvb.ini
2009-01-28 20:05:38 —-D—- C:WINDOWSRegistration
2009-01-28 20:05:33 —-D—- C:Program FilesWindows Media Player
2009-01-28 20:05:33 —-D—- C:Program FilesOnline Services
2009-01-28 20:05:27 —-D—- C:Program FilesMessenger
2009-01-28 20:05:23 —-D—- C:Program FilesMSN Gaming Zone
2009-01-28 20:05:23 —-A—- C:WINDOWSsystem32write.exe
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32winchat.exe
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32hticons.dll
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32avwav.dll
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32avtapi.dll
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32avmeter.dll
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32winmine.exe
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32sol.exe
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32getuname.dll
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32charmap.exe
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32calc.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tslabels.ini
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tskill.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tscon.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32shadow.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32reset.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32mshearts.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32freecell.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32regini.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32msg.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32logoff.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32stclient.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32mtxex.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32comsnap.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32comrepl.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32comaddin.dll
2009-01-28 20:05:01 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-01-28 20:04:45 —-D—- C:Program FilesMSN
2009-01-28 20:04:44 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-01-28 20:04:44 —-A—- C:WINDOWSsystem32mplay32.exe
2009-01-28 20:04:44 —-A—- C:WINDOWSsystem32accwiz.exe
2009-01-28 20:04:43 —-D—- C:Program FilesWindows NT
2009-01-28 20:04:43 —-A—- C:WINDOWSsystem32mspaint.exe
2009-01-28 20:04:43 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-01-28 20:04:43 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32spider.exe
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32mstscax.dll
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32mstsc.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32termsrv.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32remotepg.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdshost.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdchost.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32qprocess.exe
2009-01-28 20:04:40 —-D—- C:WINDOWSsystem32MsDtc
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32icaapi.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-01-28 20:04:39 —-D—- C:WINDOWSsystem32Com
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32msdtc.exe
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32colbact.dll
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32catsrv.dll
2009-01-28 20:04:37 —-A—- C:WINDOWSsystem32comuid.dll
2009-01-28 20:04:37 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-01-28 20:04:32 —-A—- C:WINDOWSsystem32servdeps.dll
2009-01-28 20:04:32 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-01-28 20:04:31 —-A—- C:WINDOWSsystem32licwmi.dll
2009-01-28 20:04:31 —-A—- C:WINDOWSsystem32cmprops.dll
2009-01-28 20:03:30 —-A—- C:WINDOWSsystem32h323log.txt
2009-01-28 20:01:25 —-A—- C:WINDOWSsystem32usbui.dll
2009-01-28 20:00:31 —-A—- C:WINDOWSimsins.BAK
2009-01-28 20:00:28 —-SHD—- C:WINDOWSInstaller
2009-01-28 20:00:28 —-D—- C:Program FilesCommon FilesODBC
2009-01-28 20:00:28 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-28 20:00:28 —-A—- C:WINDOWSODBCINST.INI
2009-01-28 20:00:24 —-RD—- C:Program Files
2009-01-28 20:00:24 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-01-28 20:00:24 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-01-28 20:00:24 —-D—- C:Program FilesCommon Files
2009-01-28 20:00:22 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-01-28 20:00:21 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-01-28 20:00:21 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdycc.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbduzb.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdur.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdtat.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdru1.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdru.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdmon.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdkyr.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdkaz.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdbu.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdblr.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdaze.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-01-28 20:00:14 —-A—- C:WINDOWSsystem32irclass.dll
2009-01-28 20:00:14 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-01-28 20:00:13 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-01-28 20:00:13 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-01-28 20:00:13 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-01-28 20:00:12 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-01-28 20:00:12 —-A—- C:WINDOWSTASKMAN.EXE
2009-01-28 20:00:11 —-A—- C:WINDOWSsystem32batt.dll
2009-01-28 20:00:11 —-A—- C:WINDOWSNOTEPAD.EXE
2009-01-28 20:00:10 —-A—- C:WINDOWSsystem32storprop.dll
2009-01-28 20:00:05 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-01-28 20:00:00 —-RA—- C:WINDOWSSET8.tmp
2009-01-28 19:59:58 —-RA—- C:WINDOWSSET4.tmp
2009-01-28 19:59:56 —-RA—- C:WINDOWSSET3.tmp
2009-01-28 19:59:51 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-28 19:59:51 —-D—- C:WINDOWSsystem32CatRoot
2009-01-28 19:59:45 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-01-28 19:59:24 —-A—- C:WINDOWSsetuplog.txt
2009-01-28 19:59:21 —-D—- C:Documents and Settings
2009-01-28 19:58:45 —-SH—- C:boot.ini
2009-01-28 19:52:09 —-RSHD—- C:WINDOWSsystem32dllcache
2009-01-28 19:52:09 —-RSD—- C:WINDOWSFonts
2009-01-28 19:52:09 —-RD—- C:WINDOWSWeb
2009-01-28 19:52:09 —-HD—- C:WINDOWSinf
2009-01-28 19:52:09 —-D—- C:WINDOWSWinSxS
2009-01-28 19:52:09 —-D—- C:WINDOWStwain_32
2009-01-28 19:52:09 —-D—- C:WINDOWSTemp
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32wbem
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32usmt
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32ShellExt
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32Setup
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32oobe
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32npp
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32mui
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32inetsrv
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32IME
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32icsxml
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32ias
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32export
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem323com_dmi
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem323076
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem322052
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321054
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321042
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321041
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321037
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321033
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321031
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321028
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321025
2009-01-28 19:52:09 —-D—- C:WINDOWSsecurity
2009-01-28 19:52:09 —-D—- C:WINDOWSResources
2009-01-28 19:52:09 —-D—- C:WINDOWSProvisioning
2009-01-28 19:52:09 —-D—- C:WINDOWSPeerNet
2009-01-28 19:52:09 —-D—- C:WINDOWSpchealth
2009-01-28 19:52:09 —-D—- C:WINDOWSmui
2009-01-28 19:52:09 —-D—- C:WINDOWSmsapps
2009-01-28 19:52:09 —-D—- C:WINDOWSmsagent
2009-01-28 19:52:09 —-D—- C:WINDOWSMedia
2009-01-28 19:52:09 —-D—- C:WINDOWSjava
2009-01-28 19:52:09 —-D—- C:WINDOWSime
2009-01-28 19:52:09 —-D—- C:WINDOWSHelp
2009-01-28 19:52:09 —-D—- C:WINDOWSehome
2009-01-28 19:52:09 —-D—- C:WINDOWSDriver Cache
2009-01-28 19:52:09 —-D—- C:WINDOWSDebug
2009-01-28 19:52:09 —-D—- C:WINDOWSCursors
2009-01-28 19:52:09 —-D—- C:WINDOWSConnection Wizard
2009-01-28 19:52:09 —-D—- C:WINDOWSConfig
2009-01-28 19:52:09 —-D—- C:WINDOWSAppPatch
2009-01-28 19:52:09 —-D—- C:WINDOWSaddins
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32wins
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32spool
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32ras
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32drivers
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32dhcp
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32config
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem
2009-01-28 19:52:08 —-D—- C:WINDOWSrepair
2009-01-28 19:52:08 —-D—- C:WINDOWS
2008-02-08 12:12:57 —-D—- C:WINDOWSMinidump
2008-02-07 10:40:10 —-SHD—- C:FOUND.000
2008-02-04 22:34:41 —-D—- C:_OTMoveIt
2008-02-04 22:25:50 —-RASHD—- C:autorun.inf
2008-02-03 22:46:34 —-D—- C:Documents and SettingsAll UsersApplication DataSpybot — Search & Destroy
2008-02-03 19:24:21 —-HD—- C:$AVG8.VAULT$
2008-02-03 18:46:57 —-D—- C:rsit
2008-02-03 18:46:57 —-D—- C:Program Filestrend micro
2008-02-03 17:54:48 —-A—- C:WINDOWSsystem32avgrsstx.dll
2008-02-03 17:54:43 —-D—- C:Documents and SettingsAdministratorApplication DataAVGTOOLBAR
2008-02-03 17:54:36 —-D—- C:Program FilesAVG
2008-02-03 17:54:35 —-D—- C:Documents and SettingsAll UsersApplication Dataavg8
2008-02-02 22:34:56 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2008-01-28 20:39:13 —-D—- C:Program FilesWebshots
2008-01-28 20:36:41 —-D—- C:Documents and SettingsAll UsersApplication DataCyberLink
2008-01-28 20:36:34 —-D—- C:Program FilesCyberLink
2008-01-28 20:36:07 —-A—- C:WINDOWSsystem32unrar.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem32vp7vfw.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem32vp6vfw.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem32vp31vfw.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem323ivxVfWCodec.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem323ivx.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32xvidvfw.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32xvidcore.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32WMV9VCM.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32ssldivx.dll
2008-01-28 20:36:00 —-A—- C:WINDOWSsystem32qt-dx331.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32libdivx.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dtu100.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpv11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpus11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpuGUI11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpu11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpl100.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32divx.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32unicows.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32msvcr71.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32msvcr70.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32ff_vfw.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32cpuinf32.dll
2008-01-28 20:35:51 —-D—- C:Program FilesK-Lite Codec Pack
2008-01-28 20:35:07 —-D—- C:Program FilesCommon FilesCOWON
2008-01-28 20:35:05 —-D—- C:Program FilesJetAudio
2008-01-28 20:33:24 —-D—- C:Program FilesACD
2008-01-20 21:49:48 —-A—- C:WINDOWSsystem32shell31.dll
2008-01-20 21:49:28 —-A—- C:WINDOWSsystem32digeste.dll
2008-01-20 21:49:27 —-A—- C:WINDOWSIE4 Error Log.txt
2008-01-11 19:43:45 —-D—- C:Documents and SettingsAdministratorApplication DataAdobeUM======List of files/folders modified in the last 1 months======
2008-02-08 19:02:14 —-A—- C:WINDOWSwin.ini
2008-02-05 19:51:52 —-A—- C:WINDOWSNeroDigital.ini
2008-02-02 22:07:46 —-A—- C:WINDOWSAlfaStart.CMD
2008-02-02 22:07:46 —-A—- C:WINDOWSAlfaReport.txt
2008-01-30 22:49:50 —-A—- C:YServer.txt======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2008-02-04 325128]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2008-02-04 27656]
R1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-04 36096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:WINDOWSsystem32DRIVERSigxpmp32.sys [2007-12-18 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2008-01-29 4725760]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtenicxp.sys [2008-01-03 105856]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-04 57600]
R3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-04 20480]
R3 ZSMC211;ZSMC USB PC Camera (ZS211); C:WINDOWSSystem32DriversZS211.sys [2007-06-13 1469312]
S1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-03 14848]
S2 ujddfqqcujzw;ujddfqqcujzw; ??C:WINDOWSsystem32driversemwnhfdulonpe.sys []
S3 CCDECODE;Closed Caption Decoder; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; ??G:INSTALLGMSIPCI.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 Tablet2k;Serial Tablet Port Driver; C:WINDOWSSystem32DriversTablet2k.sys [2000-06-12 15370]
S3 TClass2k;Tablet Class Driver; C:WINDOWSsystem32DRIVERSTClass2k.sys [2003-03-05 23202]
S3 UCTblHid;HID Tablet Port Driver; C:WINDOWSsystem32DRIVERSUCTblHid.sys [2003-03-04 11090]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8wd;AVG8 WatchDog; C:PROGRA~1AVGAVG8avgwdsvc.exe [2008-02-04 298264]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
R2 WinTabService;WinTab Service; C:WINDOWSsystem32DRIVERSWtSrv.exe [2003-09-29 40960]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-01-06 72704]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-01-04 137200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
EOF
с уважением МАРИНА САЛЕХ…ИОРДАНИЯ.АММАННужно ещё немного поработать.
Запустите OTMoveIt3 и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.
:Processes
explorer.exe
:services
ujddfqqcujzw
:reg
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59E7ACF5-7887-4256-89DC-133B9D9D0424}]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a3b59d80-bf36-11dc-88f0-0019dbba5d0c}]
:files
C:WINDOWSsystem32driversemwnhfdulonpe.sys
:Commands
[emptytemp]
[start explorer]
[Reboot]Проверьте вставленный скрипт, если слева перед директивами появились пробелы, то удалите их, скрипт должен выглядеть так же как в сообщении. Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMoveItMovedFiles.Вставьте в ваше ответное сообщение содержимое этого лога и ещё приложите свежий RSIT лог.
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service ujddfqqcujzw stopped successfully.
Service ujddfqqcujzw deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59E7ACF5-7887-4256-89DC-133B9D9D0424}\ deleted successfully.
HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders\»SecurityProviders»|»msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll» /E : value set successfully!
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a3b59d80-bf36-11dc-88f0-0019dbba5d0c}\ deleted successfully.
========== FILES ==========
File/Folder C:WINDOWSsystem32driversemwnhfdulonpe.sys not found.
========== COMMANDS ==========
File delete failed. C:DOCUME~1ADMINI~1LOCALS~1TempAcrA.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1ADMINI~1LOCALS~1TempAcrB.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1ADMINI~1LOCALS~1TempAcrC.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1ADMINI~1LOCALS~1TempAcrD.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1ADMINI~1LOCALS~1TempAcrE.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1ADMINI~1LOCALS~1TempAcrF.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1ADMINI~1LOCALS~1TempAcr10.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1ADMINI~1LOCALS~1TempAcr11.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1ADMINI~1LOCALS~1TempAcr12.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1ADMINI~1LOCALS~1TempAIVMFile0825165394 scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1ADMINI~1LOCALS~1TempAcr3.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1ADMINI~1LOCALS~1TempAcr4.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 02092008_212409
Files moved on Reboot…
C:DOCUME~1ADMINI~1LOCALS~1TempAcrA.tmp moved successfully.
File C:DOCUME~1ADMINI~1LOCALS~1TempAcrB.tmp not found!
File C:DOCUME~1ADMINI~1LOCALS~1TempAcrC.tmp not found!
File C:DOCUME~1ADMINI~1LOCALS~1TempAcrD.tmp not found!
File C:DOCUME~1ADMINI~1LOCALS~1TempAcrE.tmp not found!
File C:DOCUME~1ADMINI~1LOCALS~1TempAcrF.tmp not found!
C:DOCUME~1ADMINI~1LOCALS~1TempAcr10.tmp moved successfully.
C:DOCUME~1ADMINI~1LOCALS~1TempAcr11.tmp moved successfully.
File C:DOCUME~1ADMINI~1LOCALS~1TempAcr12.tmp not found!
File C:DOCUME~1ADMINI~1LOCALS~1TempAIVMFile0825165394 not found!
C:DOCUME~1ADMINI~1LOCALS~1TempAcr3.tmp moved successfully.
C:DOCUME~1ADMINI~1LOCALS~1TempAcr4.tmp moved successfully.
C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat moved successfully.Logfile of random’s system information tool 1.05 (written by random/random)
Run by Administrator at 2008-02-09 21:29:49
Microsoft Windows XP Professional Service Pack 2
System drive C: has 9 GB (47%) free of 19 GB
Total RAM: 1015 MB (54% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:29:56 ?, on 09/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSnotepad.exe
C:WINDOWSZSSnp211.exe
C:WINDOWSDomino.exe
D:Program Filescalcheck.exe
C:PROGRA~1AVGAVG8avgtray.exe
C:WINDOWSsystem32WService.EXE
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:Program FilesDownload Masterdmaster.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:PROGRA~1AVGAVG8avgwdsvc.exe
D:Program Files11111111111111Spybot — Search & DestroyTeaTimer.exe
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:WINDOWSsystem32svchost.exe
D:Program Files11111111111111WZQKPICK.EXE
C:WINDOWSsystem32DRIVERSWtSrv.exe
C:PROGRA~1AVGAVG8avgrsx.exe
D:Program Files11111111111111Messengerymsgr_tray.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsAdministratorMy DocumentsАНТИВИРУСЫRSIT.exe
C:Program Filestrend microAdministrator.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=36253
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — D:Program FilesReaderActiveXAcroIEHelper.dll
O2 — BHO: WormRadar.com IESiteBlocker.NavFilter — {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} — C:Program FilesAVGAVG8avgssie.dll
O2 — BHO: Spybot-S&D IE Protection — {53707962-6F74-2D53-2644-206D7942484F} — D:PROGRA~1111111~1SPYBOT~1SDHelper.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: AVG Security Toolbar — {A057A204-BACC-4D26-9990-79A187E2698E} — C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O3 — Toolbar: Easy-WebPrint — {327C2873-E90D-4c37-AA9D-10AC9BABA46C} — C:Program FilesCanonEasy-WebPrintToolband.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — C:Program FilesDownload Masterdmbar.dll
O3 — Toolbar: ????e?.?a? — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: &Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 — Toolbar: AVG Security Toolbar — {A057A204-BACC-4D26-9990-79A187E2698E} — C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O4 — HKLM..Run: [Easy-PrintToolBox] C:Program FilesCanonEasy-PrintToolBoxBJPSMAIN.EXE /logon
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [ZSSnp211] C:WINDOWSZSSnp211.exe
O4 — HKLM..Run: [Domino] C:WINDOWSDomino.exe
O4 — HKLM..Run: [Ulead Photo Express Calendar Checker] D:Program Filescalcheck.exe
O4 — HKLM..Run: [WService] WService.EXE
O4 — HKLM..Run: [AVG8_TRAY] C:PROGRA~1AVGAVG8avgtray.exe
O4 — HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [Pragma5] D:Program FilesProgram FilesPragmaprestart.exe
O4 — HKCU..Run: [Download Master] C:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [Yahoo! Pager] «D:Program Files11111111111111MessengerYahooMessenger.exe» -quiet
O4 — HKCU..Run: [SpybotSD TeaTimer] D:Program Files11111111111111Spybot — Search & DestroyTeaTimer.exe
O4 — HKUSS-1-5-18..Run: [ctfmon.exe] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [ctfmon.exe] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 — Global Startup: WinZip Quick Pick.lnk = D:Program Files11111111111111WZQKPICK.EXE
O4 — Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Easy-WebPrint Add To Print List — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 — Extra context menu item: Easy-WebPrint High Speed Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 — Extra context menu item: Easy-WebPrint Preview — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O8 — Extra context menu item: Easy-WebPrint Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O9 — Extra button: Send to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: S&end to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: (no name) — {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} — D:PROGRA~1111111~1SPYBOT~1SDHelper.dll
O9 — Extra ‘Tools’ menuitem: Spybot — Search & Destroy Configuration — {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} — D:PROGRA~1111111~1SPYBOT~1SDHelper.dll
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{CD5EA9D4-AC08-4AD7-BD1F-10D36B7FB4FD}: NameServer = 196.27.0.35 196.27.0.230
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~1MICROS~2Office12GR99D3~1.DLL
O18 — Protocol: linkscanner — {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} — C:Program FilesAVGAVG8avgpp.dll
O20 — Winlogon Notify: avgrsstarter — C:WINDOWSSYSTEM32avgrsstx.dll
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: AVG8 WatchDog (avg8wd) — AVG Technologies CZ, s.r.o. — C:PROGRA~1AVGAVG8avgwdsvc.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: WinTab Service (WinTabService) — Tablet Driver — C:WINDOWSsystem32DRIVERSWtSrv.exe—
End of file — 8166 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — D:Program FilesReaderActiveXAcroIEHelper.dll [2003-05-15 50376][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Program FilesAVGAVG8avgssie.dll [2008-02-04 1078552][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection — D:PROGRA~1111111~1SPYBOT~1SDHelper.dll [2009-01-26 1879896][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2008-10-24 157696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2008-02-04 1968920][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2008-01-04 251504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2008-01-04 657904][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll [2008-01-04 522224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} — Easy-WebPrint — C:Program FilesCanonEasy-WebPrintToolband.dll [2004-08-26 405504]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — C:Program FilesDownload Masterdmbar.dll [2007-11-26 180224]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — ????e?.?a? — C:Program FilesYandexYandexBarIEyndbar.dll [2009-01-13 3112736]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2008-01-04 251504]
{A057A204-BACC-4D26-9990-79A187E2698E} — AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2008-02-04 1968920][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Easy-PrintToolBox»=C:Program FilesCanonEasy-PrintToolBoxBJPSMAIN.EXE [2004-01-14 409600]
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]
«ZSSnp211″=C:WINDOWSZSSnp211.exe [2007-04-06 57344]
«Domino»=C:WINDOWSDomino.exe [2006-08-18 49152]
«Ulead Photo Express Calendar Checker»=D:Program Filescalcheck.exe [2004-01-12 69632]
«WService»=C:WINDOWSsystem32WService.EXE [2002-09-07 28672]
«AVG8_TRAY»=C:PROGRA~1AVGAVG8avgtray.exe [2008-02-04 1601304]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2004-08-04 15360]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-11-16 139264]
«Pragma5″=D:Program FilesProgram FilesPragmaprestart.exe []
«Download Master»=C:Program FilesDownload Masterdmaster.exe [2009-01-28 3299840]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-01-04 39408]
«Yahoo! Pager»=D:Program Files11111111111111MessengerYahooMessenger.exe [2007-08-30 4670704]
«SpybotSD TeaTimer»=D:Program Files11111111111111Spybot — Search & DestroyTeaTimer.exe [2009-01-26 2144088][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcmtr]
C:WINDOWSALCMTR.EXE [2005-05-03 69632][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAVG8_TRAY]
C:PROGRA~1AVGAVG8avgtray.exe [2008-02-04 1601304][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregctfmon.exe]
C:WINDOWSsystem32ctfmon.exe [2004-08-04 15360][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGrooveMonitor]
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2006-10-27 31016][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregHotKeysCmds]
C:WINDOWSsystem32hkcmd.exe [2007-12-18 159744][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregIgfxTray]
C:WINDOWSsystem32igfxtray.exe [2007-12-18 135168][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPersistence]
C:WINDOWSsystem32igfxpers.exe [2007-12-18 131072][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
C:WINDOWSRTHDCPL.EXE [2008-01-28 16859648][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregTkBellExe]
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [2008-01-01 180269][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Webshots.lnk]
C:PROGRA~1WebshotsLauncher.exe [2003-10-30 45056]C:Documents and SettingsAll UsersStart MenuProgramsStartup
WinZip Quick Pick.lnk — D:Program Files11111111111111WZQKPICK.EXE
Adobe Gamma Loader.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exeC:Documents and SettingsAdministratorStart MenuProgramsStartup
Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavgrsstarter]
C:WINDOWSsystem32avgrsstx.dll [2008-02-04 10520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:WINDOWSsystem32igfxdev.dll [2007-12-18 208896][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
«C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»
«D:Program Files3333333MessengerYahooMessenger.exe»=»D:Program Files3333333MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«D:Program Files3333333MessengerYServer.exe»=»D:Program Files3333333MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Program FilesYahoo!MessengerYahooMessenger.exe»=»C:Program FilesYahoo!MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«C:Program FilesYahoo!MessengerYServer.exe»=»C:Program FilesYahoo!MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«D:Program Files11111111111111MessengerYahooMessenger.exe»=»D:Program Files11111111111111MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger»
«D:Program Files11111111111111MessengerYServer.exe»=»D:Program Files11111111111111MessengerYServer.exe:*:Enabled:Yahoo! FT Server»
«C:Program FilesAVGAVG8avgupd.exe»=»C:Program FilesAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-01-28 20:21:36 —-R—- C:WINDOWSsystem32ChCfg.exe
2009-01-28 20:21:21 —-D—- C:WINDOWSsystem32RTCOM
2009-01-28 20:21:19 —-A—- C:WINDOWSsystem32ksuser.dll
2009-01-28 20:20:52 —-A—- C:WINDOWSsystem32spupdsvc.exe
2009-01-28 20:20:51 —-HD—- C:WINDOWS$NtUninstallKB888111WXPSP2$
2009-01-28 20:20:47 —-R—- C:WINDOWSSoundMan.exe
2009-01-28 20:20:45 —-R—- C:WINDOWSSkyTel.exe
2009-01-28 20:20:43 —-R—- C:WINDOWSRtlUpd.exe
2009-01-28 20:20:35 —-R—- C:WINDOWSRTLCPL.exe
2009-01-28 20:20:17 —-R—- C:WINDOWSRTHDCPL.exe
2009-01-28 20:20:15 —-R—- C:WINDOWSMicCal.exe
2009-01-28 20:20:10 —-R—- C:WINDOWSAlcmtr.exe
2009-01-28 20:20:08 —-R—- C:WINDOWSalcwzrd.exe
2009-01-28 20:20:07 —-D—- C:Program FilesRealtek
2009-01-28 20:20:05 —-HD—- C:Program FilesInstallShield Installation Information
2009-01-28 20:19:53 —-RA—- C:WINDOWSsystem32igfxres.dll
2009-01-28 20:19:39 —-R—- C:WINDOWSRtlExUpd.dll
2009-01-28 20:19:39 —-A—- C:WINDOWSHideWin.exe
2009-01-28 20:19:34 —-D—- C:Program FilesCommon FilesInstallShield
2009-01-28 20:19:19 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxprd32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxpgd32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxpdx32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igxpdv32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32iglicd32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igldev32.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxzoom.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxtray.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxsrvc.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxsrvc.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxress.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxpph.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxpers.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxext.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxexps.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxdo.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxdev.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxCoIn_v4906.dll
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32igfxcfg.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32hkcmd.exe
2009-01-28 20:19:14 —-RA—- C:WINDOWSsystem32hccutils.dll
2009-01-28 20:18:47 —-D—- C:WINDOWSsystem32Lang
2009-01-28 20:18:47 —-D—- C:WINDOWSsystem32DRVSTORE
2009-01-28 20:18:46 —-RA—- C:WINDOWSsystem32igxpun.exe
2009-01-28 20:18:46 —-RA—- C:WINDOWSsystem32difxapi.dll
2009-01-28 20:18:32 —-D—- C:Intel
2009-01-28 20:15:12 —-D—- C:Documents and SettingsAdministratorApplication DataIdentities
2009-01-28 20:15:10 —-HD—- C:Program FilesUninstall Information
2009-01-28 20:15:02 —-ASH—- C:Documents and SettingsAdministratorApplication Datadesktop.ini
2009-01-28 20:15:01 —-SD—- C:Documents and SettingsAdministratorApplication DataMicrosoft
2009-01-28 20:14:54 —-SHD—- C:System Volume Information
2009-01-28 20:14:54 —-D—- C:WINDOWSSoftwareDistribution
2009-01-28 20:14:53 —-D—- C:WINDOWSPrefetch
2009-01-28 20:14:52 —-SD—- C:WINDOWSsystem32Microsoft
2009-01-28 20:14:52 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-28 20:09:11 —-D—- C:WINDOWSsystem32xircom
2009-01-28 20:09:11 —-D—- C:Program Filesxerox
2009-01-28 20:09:11 —-D—- C:Program Filesmicrosoft frontpage
2009-01-28 20:08:57 —-A—- C:WINDOWScontrol.ini
2009-01-28 20:08:57 —-A—- C:AUTOEXEC.BAT
2009-01-28 20:08:42 —-A—- C:WINDOWSOEWABLog.txt
2009-01-28 20:08:40 —-A—- C:WINDOWSsystem32mapi32.dll
2009-01-28 20:07:52 —-SD—- C:WINDOWSDownloaded Program Files
2009-01-28 20:07:52 —-RD—- C:WINDOWSOffline Web Pages
2009-01-28 20:07:52 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-01-28 20:07:47 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-01-28 20:07:43 —-HD—- C:Program FilesWindowsUpdate
2009-01-28 20:07:24 —-D—- C:WINDOWSsystem32DirectX
2009-01-28 20:07:06 —-A—- C:WINDOWSsystem32atrace.dll
2009-01-28 20:07:03 —-A—- C:WINDOWSsystem32desktop.ini
2009-01-28 20:07:03 —-A—- C:WINDOWSdesktop.ini
2009-01-28 20:06:58 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-01-28 20:06:57 —-D—- C:Program FilesCommon FilesServices
2009-01-28 20:06:57 —-A—- C:WINDOWSsystem32acctres.dll
2009-01-28 20:06:54 —-SD—- C:WINDOWSTasks
2009-01-28 20:06:54 —-D—- C:Program FilesCommon FilesMSSoap
2009-01-28 20:06:54 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-01-28 20:06:49 —-D—- C:WINDOWSsystem32Macromed
2009-01-28 20:06:49 —-D—- C:WINDOWSsrchasst
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wuweb.dll
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wucltui.dll
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-01-28 20:06:46 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wups.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32wuapi.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-01-28 20:06:45 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-01-28 20:06:44 —-A—- C:WINDOWSsystem32qmgr.dll
2009-01-28 20:06:40 —-D—- C:Program FilesMovie Maker
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32safrslv.dll
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32safrdm.dll
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-01-28 20:06:37 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-01-28 20:06:33 —-A—- C:WINDOWSsystem32fltMc.exe
2009-01-28 20:06:33 —-A—- C:WINDOWSsystem32fltlib.dll
2009-01-28 20:06:32 —-D—- C:WINDOWSsystem32Restore
2009-01-28 20:06:32 —-A—- C:WINDOWSsystem32srsvc.dll
2009-01-28 20:06:32 —-A—- C:WINDOWSsystem32srrstr.dll
2009-01-28 20:06:32 —-A—- C:WINDOWSsystem32srclient.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32msconf.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-01-28 20:06:31 —-A—- C:WINDOWSsystem32ils.dll
2009-01-28 20:06:29 —-D—- C:Program FilesNetMeeting
2009-01-28 20:06:29 —-A—- C:WINDOWSsystem32msoert2.dll
2009-01-28 20:06:28 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-01-28 20:06:28 —-A—- C:WINDOWSsystem32inetres.dll
2009-01-28 20:06:27 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-01-28 20:06:25 —-D—- C:Program FilesOutlook Express
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32mstinit.exe
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32mstask.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32isign32.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-01-28 20:06:25 —-A—- C:WINDOWSsystem32icwdial.dll
2009-01-28 20:06:19 —-D—- C:Program FilesCommon FilesSystem
2009-01-28 20:06:18 —-D—- C:Program FilesInternet Explorer
2009-01-28 20:05:43 —-D—- C:Program FilesComPlus Applications
2009-01-28 20:05:41 —-A—- C:WINDOWSvbaddin.ini
2009-01-28 20:05:41 —-A—- C:WINDOWSvb.ini
2009-01-28 20:05:38 —-D—- C:WINDOWSRegistration
2009-01-28 20:05:33 —-D—- C:Program FilesWindows Media Player
2009-01-28 20:05:33 —-D—- C:Program FilesOnline Services
2009-01-28 20:05:27 —-D—- C:Program FilesMessenger
2009-01-28 20:05:23 —-D—- C:Program FilesMSN Gaming Zone
2009-01-28 20:05:23 —-A—- C:WINDOWSsystem32write.exe
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32winchat.exe
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32hticons.dll
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32avwav.dll
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32avtapi.dll
2009-01-28 20:05:15 —-A—- C:WINDOWSsystem32avmeter.dll
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32winmine.exe
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32sol.exe
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32getuname.dll
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32charmap.exe
2009-01-28 20:05:09 —-A—- C:WINDOWSsystem32calc.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tslabels.ini
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tskill.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32tscon.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32shadow.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32reset.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32mshearts.exe
2009-01-28 20:05:08 —-A—- C:WINDOWSsystem32freecell.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32regini.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32msg.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32logoff.exe
2009-01-28 20:05:07 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32stclient.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32mtxex.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32comsnap.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32comrepl.dll
2009-01-28 20:05:06 —-A—- C:WINDOWSsystem32comaddin.dll
2009-01-28 20:05:01 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-01-28 20:04:45 —-D—- C:Program FilesMSN
2009-01-28 20:04:44 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-01-28 20:04:44 —-A—- C:WINDOWSsystem32mplay32.exe
2009-01-28 20:04:44 —-A—- C:WINDOWSsystem32accwiz.exe
2009-01-28 20:04:43 —-D—- C:Program FilesWindows NT
2009-01-28 20:04:43 —-A—- C:WINDOWSsystem32mspaint.exe
2009-01-28 20:04:43 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-01-28 20:04:43 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32spider.exe
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32mstscax.dll
2009-01-28 20:04:42 —-A—- C:WINDOWSsystem32mstsc.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32termsrv.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32remotepg.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdshost.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32rdchost.dll
2009-01-28 20:04:41 —-A—- C:WINDOWSsystem32qprocess.exe
2009-01-28 20:04:40 —-D—- C:WINDOWSsystem32MsDtc
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32icaapi.dll
2009-01-28 20:04:40 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-01-28 20:04:39 —-D—- C:WINDOWSsystem32Com
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32msdtc.exe
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32colbact.dll
2009-01-28 20:04:39 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-01-28 20:04:38 —-A—- C:WINDOWSsystem32catsrv.dll
2009-01-28 20:04:37 —-A—- C:WINDOWSsystem32comuid.dll
2009-01-28 20:04:37 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-01-28 20:04:32 —-A—- C:WINDOWSsystem32servdeps.dll
2009-01-28 20:04:32 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-01-28 20:04:31 —-A—- C:WINDOWSsystem32licwmi.dll
2009-01-28 20:04:31 —-A—- C:WINDOWSsystem32cmprops.dll
2009-01-28 20:03:30 —-A—- C:WINDOWSsystem32h323log.txt
2009-01-28 20:01:25 —-A—- C:WINDOWSsystem32usbui.dll
2009-01-28 20:00:31 —-A—- C:WINDOWSimsins.BAK
2009-01-28 20:00:28 —-SHD—- C:WINDOWSInstaller
2009-01-28 20:00:28 —-D—- C:Program FilesCommon FilesODBC
2009-01-28 20:00:28 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-28 20:00:28 —-A—- C:WINDOWSODBCINST.INI
2009-01-28 20:00:24 —-RD—- C:Program Files
2009-01-28 20:00:24 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-01-28 20:00:24 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-01-28 20:00:24 —-D—- C:Program FilesCommon Files
2009-01-28 20:00:22 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-01-28 20:00:21 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-01-28 20:00:21 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdycc.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbduzb.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdur.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdtat.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdru1.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdru.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdmon.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdkyr.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdkaz.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdbu.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdblr.dll
2009-01-28 20:00:20 —-RA—- C:WINDOWSsystem32kbdaze.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-01-28 20:00:18 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-01-28 20:00:17 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-01-28 20:00:16 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-01-28 20:00:15 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-01-28 20:00:14 —-A—- C:WINDOWSsystem32irclass.dll
2009-01-28 20:00:14 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-01-28 20:00:13 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-01-28 20:00:13 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-01-28 20:00:13 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-01-28 20:00:12 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-01-28 20:00:12 —-A—- C:WINDOWSTASKMAN.EXE
2009-01-28 20:00:11 —-A—- C:WINDOWSsystem32batt.dll
2009-01-28 20:00:11 —-A—- C:WINDOWSNOTEPAD.EXE
2009-01-28 20:00:10 —-A—- C:WINDOWSsystem32storprop.dll
2009-01-28 20:00:05 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-01-28 20:00:00 —-RA—- C:WINDOWSSET8.tmp
2009-01-28 19:59:58 —-RA—- C:WINDOWSSET4.tmp
2009-01-28 19:59:56 —-RA—- C:WINDOWSSET3.tmp
2009-01-28 19:59:51 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-28 19:59:51 —-D—- C:WINDOWSsystem32CatRoot
2009-01-28 19:59:45 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-01-28 19:59:24 —-A—- C:WINDOWSsetuplog.txt
2009-01-28 19:59:21 —-D—- C:Documents and Settings
2009-01-28 19:58:45 —-SH—- C:boot.ini
2009-01-28 19:52:09 —-RSHD—- C:WINDOWSsystem32dllcache
2009-01-28 19:52:09 —-RSD—- C:WINDOWSFonts
2009-01-28 19:52:09 —-RD—- C:WINDOWSWeb
2009-01-28 19:52:09 —-HD—- C:WINDOWSinf
2009-01-28 19:52:09 —-D—- C:WINDOWSWinSxS
2009-01-28 19:52:09 —-D—- C:WINDOWStwain_32
2009-01-28 19:52:09 —-D—- C:WINDOWSTemp
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32wbem
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32usmt
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32ShellExt
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32Setup
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32oobe
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32npp
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32mui
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32inetsrv
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32IME
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32icsxml
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32ias
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem32export
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem323com_dmi
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem323076
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem322052
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321054
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321042
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321041
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321037
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321033
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321031
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321028
2009-01-28 19:52:09 —-D—- C:WINDOWSsystem321025
2009-01-28 19:52:09 —-D—- C:WINDOWSsecurity
2009-01-28 19:52:09 —-D—- C:WINDOWSResources
2009-01-28 19:52:09 —-D—- C:WINDOWSProvisioning
2009-01-28 19:52:09 —-D—- C:WINDOWSPeerNet
2009-01-28 19:52:09 —-D—- C:WINDOWSpchealth
2009-01-28 19:52:09 —-D—- C:WINDOWSmui
2009-01-28 19:52:09 —-D—- C:WINDOWSmsapps
2009-01-28 19:52:09 —-D—- C:WINDOWSmsagent
2009-01-28 19:52:09 —-D—- C:WINDOWSMedia
2009-01-28 19:52:09 —-D—- C:WINDOWSjava
2009-01-28 19:52:09 —-D—- C:WINDOWSime
2009-01-28 19:52:09 —-D—- C:WINDOWSHelp
2009-01-28 19:52:09 —-D—- C:WINDOWSehome
2009-01-28 19:52:09 —-D—- C:WINDOWSDriver Cache
2009-01-28 19:52:09 —-D—- C:WINDOWSDebug
2009-01-28 19:52:09 —-D—- C:WINDOWSCursors
2009-01-28 19:52:09 —-D—- C:WINDOWSConnection Wizard
2009-01-28 19:52:09 —-D—- C:WINDOWSConfig
2009-01-28 19:52:09 —-D—- C:WINDOWSAppPatch
2009-01-28 19:52:09 —-D—- C:WINDOWSaddins
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32wins
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32spool
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32ras
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32drivers
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32dhcp
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32config
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem32
2009-01-28 19:52:08 —-D—- C:WINDOWSsystem
2009-01-28 19:52:08 —-D—- C:WINDOWSrepair
2009-01-28 19:52:08 —-D—- C:WINDOWS
2008-02-08 12:12:57 —-D—- C:WINDOWSMinidump
2008-02-07 10:40:10 —-SHD—- C:FOUND.000
2008-02-04 22:34:41 —-D—- C:_OTMoveIt
2008-02-04 22:25:50 —-RASHD—- C:autorun.inf
2008-02-03 22:46:34 —-D—- C:Documents and SettingsAll UsersApplication DataSpybot — Search & Destroy
2008-02-03 19:24:21 —-HD—- C:$AVG8.VAULT$
2008-02-03 18:46:57 —-D—- C:rsit
2008-02-03 18:46:57 —-D—- C:Program Filestrend micro
2008-02-03 17:54:48 —-A—- C:WINDOWSsystem32avgrsstx.dll
2008-02-03 17:54:43 —-D—- C:Documents and SettingsAdministratorApplication DataAVGTOOLBAR
2008-02-03 17:54:36 —-D—- C:Program FilesAVG
2008-02-03 17:54:35 —-D—- C:Documents and SettingsAll UsersApplication Dataavg8
2008-02-02 22:34:56 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2008-01-28 20:39:13 —-D—- C:Program FilesWebshots
2008-01-28 20:36:41 —-D—- C:Documents and SettingsAll UsersApplication DataCyberLink
2008-01-28 20:36:34 —-D—- C:Program FilesCyberLink
2008-01-28 20:36:07 —-A—- C:WINDOWSsystem32unrar.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem32vp7vfw.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem32vp6vfw.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem32vp31vfw.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem323ivxVfWCodec.dll
2008-01-28 20:36:02 —-A—- C:WINDOWSsystem323ivx.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32xvidvfw.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32xvidcore.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32WMV9VCM.dll
2008-01-28 20:36:01 —-A—- C:WINDOWSsystem32ssldivx.dll
2008-01-28 20:36:00 —-A—- C:WINDOWSsystem32qt-dx331.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32libdivx.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dtu100.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpv11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpus11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpuGUI11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpu11.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32dpl100.dll
2008-01-28 20:35:59 —-A—- C:WINDOWSsystem32divx.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32unicows.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32msvcr71.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32msvcr70.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32ff_vfw.dll
2008-01-28 20:35:52 —-A—- C:WINDOWSsystem32cpuinf32.dll
2008-01-28 20:35:51 —-D—- C:Program FilesK-Lite Codec Pack
2008-01-28 20:35:07 —-D—- C:Program FilesCommon FilesCOWON
2008-01-28 20:35:05 —-D—- C:Program FilesJetAudio
2008-01-28 20:33:24 —-D—- C:Program FilesACD
2008-01-20 21:49:48 —-A—- C:WINDOWSsystem32shell31.dll
2008-01-20 21:49:28 —-A—- C:WINDOWSsystem32digeste.dll
2008-01-20 21:49:27 —-A—- C:WINDOWSIE4 Error Log.txt
2008-01-11 19:43:45 —-D—- C:Documents and SettingsAdministratorApplication DataAdobeUM======List of files/folders modified in the last 1 months======
2008-02-09 18:25:06 —-A—- C:WINDOWSwin.ini
2008-02-05 19:51:52 —-A—- C:WINDOWSNeroDigital.ini
2008-02-02 22:07:46 —-A—- C:WINDOWSAlfaStart.CMD
2008-02-02 22:07:46 —-A—- C:WINDOWSAlfaReport.txt
2008-01-30 22:49:50 —-A—- C:YServer.txt======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2008-02-04 325128]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2008-02-04 27656]
R1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-04 36096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:WINDOWSsystem32DRIVERSigxpmp32.sys [2007-12-18 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2008-01-29 4725760]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtenicxp.sys [2008-01-03 105856]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-04 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-04 20480]
R3 ZSMC211;ZSMC USB PC Camera (ZS211); C:WINDOWSSystem32DriversZS211.sys [2007-06-13 1469312]
S1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-03 14848]
S3 CCDECODE;Closed Caption Decoder; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; ??G:INSTALLGMSIPCI.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 Tablet2k;Serial Tablet Port Driver; C:WINDOWSSystem32DriversTablet2k.sys [2000-06-12 15370]
S3 TClass2k;Tablet Class Driver; C:WINDOWSsystem32DRIVERSTClass2k.sys [2003-03-05 23202]
S3 UCTblHid;HID Tablet Port Driver; C:WINDOWSsystem32DRIVERSUCTblHid.sys [2003-03-04 11090]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8wd;AVG8 WatchDog; C:PROGRA~1AVGAVG8avgwdsvc.exe [2008-02-04 298264]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
R2 WinTabService;WinTab Service; C:WINDOWSsystem32DRIVERSWtSrv.exe [2003-09-29 40960]
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-01-06 72704]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-01-04 137200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
EOF
всё ок?Да, всё ок 🙂
Несколько завершающих действий.
1. Обновите ваши программы.
Зайдите на сайт update.microsoft.com и обновите Windows.2. Удалите все программы, которые вы использовали в процессе лечения, в случае необходимости, вы всегда сможете скачать их заново. Удаление их необходимо по-причине того, что они содержат компоненты, которые вирусы и трояны могут использовать в плохих целях.
Запустите программу OTMoveIT3. Кликните по кнопке CleanUp. Если появится запрос на перезагрузку компьютера, то кликните Да/Yes.
Удалите RSIT и другие скачанные вами сканеры и небольшие утилиты, а так же все файлы и каталоги который были созданы в процессе лечения компьютера.3. Подойдите к защите вашего компьютера более серьёзно.
Большинство троянов и вирусов разработаны для поражения Internet Explorer`а, поэтому рекомендую использовать Оперу или Firefox.
4. Создайте новую точку восстановления и удалите все старые.
Удалите старые точки восстановления, так как в них возможно нахождения инфицированных файлов, троянов и других вредоносных программ. Для этого кликните по иконке Мой компьютер, выберите пункт Свойства. В открывшемся окне выберите вкладку Восстановление системы. Поставьте галочку напротив пункта Отключить восстановление системы на всех дисках. Кликните по кнопке Применить. Подтвердите свои действия кликнув по кнопке OK в открывшемся диалоге. Закройте окно Свойства системы, кликнув по кнопке OK.
После загрузки компьютера выполните действия описанные выше, только в этот раз снимите галочку.
Создайте новую точку восстановления. Это поможет вам в случае необходимости загрузить текущую конфигурацию Windows и быстро излечиться от спайваре/вируса. Для этого кликните по кнопке Пуск, далее выберите пункт Стандартные, в нём Служебные и запустите программу Восстановление системы. В открывшемся окне выберите задачу Создать точку восстановления и нажмите кнопку Далее и следуйте указаниям.
5. И несколько дополнительных советов.
Запустите ваш антивирус и проверьте состояние автоматической защиты. Включите, если она выключена.
Не забывайте обновлять Windows, ваши программы и особенно ваш антивирус.
Не посещайте незнакомые сайты, очень внимательно относитесь к файлам скаченным с Интернета.
Всего доброго!
- Для ответа в этой теме необходимо авторизоваться.
