• Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы

SPYWARE-RU.COM
Меню
  • Инструкции
    • Как использовать
      • Программы
    • Как удалить
      • Шпионское и рекламное ПО (adware и spyware)
      • Поддельное антиспайваре
      • Руткиты
      • Трояны
      • Кейлоггеры
  • Скачать программы
  • Вопросы и Ответы
  • Форумы
В начало › Компьютер работает только в safe mode
Adguard
 

Компьютер работает только в safe mode

Удаление вирусов и троянов. Защита компьютера. › Помощь в удалении вирусов, троянов, рекламы и других зловредов › Компьютер работает только в safe mode

  • This topic has 1 ответ, 1 участник, and was last updated 14 years, 12 months назад by northerngull.
Просмотр 2 сообщений - с 1 по 2 (из 2 всего)
  • Автор
    Сообщения
  • 18 сентября, 2010 в 9:00 дп #18690
    northerngull
    Participant
    • Темы:1
    • Сообщений:2
    • ☆

    Добрый день!

    Вдруг возникла такая проблема с ноутбуком — в нормальном режиме компьютер фактически перестал работать — никакие программы запустить нельзя (пишет, что у Windows нет device, patch чтобы открыть файл), не работает звук (его можно включить, но через секунду автоматически ставится mute), интернет тоже не работает, все зависает. Попробовав удалить какую-то программу, выскочило сообщение, что не хватает прав администратора, хотя этих настроек я не меняла. Загружается в безопасном режиме — тогда работает интернет, программы, но звук не работает.

    Где-то 3 недели назад я схватила my security shield, вылечила с помощью советов со спайваре. Но потом были небольшие глюки — файрфокс вис, bногда компьюетер выдавал в начале темный экран с проверкой на consistency. Последние обновления установленные — firefox и adobe flash. Антивирус (avast) и антималваре ничего не нашли, плюс стоял Online Armor.

    Заранее большое спасибо!

    ьюLogfile of random’s system information tool 1.08 (written by random/random)
    Run by K at 2010-09-18 09:51:42
    Microsoft Windows 7 Home Premium
    System drive C: has 247 GB (83%) free of 297 GB
    Total RAM: 3935 MB (79% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:51:48, on 18.09.2010
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Safe mode with network support

    Running processes:
    C:Program Files (x86)Mozilla Firefoxfirefox.exe
    C:Program Files (x86)Mozilla Firefoxplugin-container.exe
    C:Program Files (x86)SkypePhoneSkype.exe
    C:UsersKDownloadsRSIT.exe
    C:Program Files (x86)trend microK.exe

    R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.ru/
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
    R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
    R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
    R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
    O1 — Hosts: яю127.0.0.1 localhost
    O1 — Hosts: ::1 localhost
    O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
    O2 — BHO: AskBar BHO — {201f27d4-3704-41d6-89c1-aa35e39143ed} — C:Program Files (x86)AskBarDisbarbinaskBar.dll
    O2 — BHO: (no name) — {5C255C8A-E604-49b4-9D64-90988571CECB} — (no file)
    O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~2MICROS~2Office12GR469A~1.DLL
    O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
    O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
    O2 — BHO: SkypeIEPluginBHO — {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
    O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program Files (x86)GoogleGoogleToolbarNotifier5.5.5126.1836swg.dll
    O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program Files (x86)Javajre6binjp2ssv.dll
    O3 — Toolbar: Ask Toolbar — {3041d03e-fd4b-44e0-b742-2d9b88305f98} — C:Program Files (x86)AskBarDisbarbinaskBar.dll
    O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
    O4 — HKLM..Run: [LaunchUserRequestedPrograms] «C:Program FilesSonyFirst ExperienceMiniprogram.exe»
    O4 — HKLM..Run: [RegistrationReminder] «C:Program FilesSonyFirst ExperienceOOBEFcdRegistration.exe»
    O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe»
    O4 — HKLM..Run: [SmartWiHelper] «C:Program Files (x86)SonySmartWi Connection UtilitySmartWiHelper.exe» /WindowsStartup
    O4 — HKLM..Run: [VAIOSurvey] «C:Program Files (x86)SonyVAIO SurveyVAIO Sat Survey.exe»
    O4 — HKLM..Run: [ISBMgr.exe] «C:Program Files (x86)SonyISB UtilityISBMgr.exe»
    O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program Files (x86)Common FilesJavaJava Updatejusched.exe»
    O4 — HKLM..Run: [GrooveMonitor] «C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe»
    O4 — HKLM..Run: [avast5] «C:Program FilesAlwil SoftwareAvast5avastUI.exe» /nogui
    O4 — HKCU..Run: [swg] «C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
    O4 — HKCU..Run: [Skype] «C:Program Files (x86)SkypePhoneSkype.exe» /nosplash /minimized
    O4 — HKCU..Run: [Octoshape Streaming Services] «C:UsersKAppDataRoamingOctoshapeOctoshape Streaming ServicesOctoshapeClient.exe» -inv:bootrun
    O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User ‘LOCAL SERVICE’)
    O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User ‘NETWORK SERVICE’)
    O4 — HKUSS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User ‘NETWORK SERVICE’)
    O4 — Startup: Punto Switcher.lnk = C:Program Files (x86)YandexPunto Switcherpunto.exe
    O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000
    O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000
    O8 — Extra context menu item: Google Sidewiki… — res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O9 — Extra button: Blog This — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
    O9 — Extra ‘Tools’ menuitem: &Blog This in Windows Live Writer — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
    O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~2MICROS~2Office12ONBttnIE.dll
    O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~2MICROS~2Office12ONBttnIE.dll
    O9 — Extra button: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
    O9 — Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
    O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~2MICROS~2Office12REFIEBAR.DLL
    O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~2MICROS~2Office12GRA32A~1.DLL
    O18 — Protocol: skype-ie-addon-data — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
    O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL
    O23 — Service: ArcSoft Connect Daemon (ACDaemon) — ArcSoft Inc. — C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe
    O23 — Service: @%SystemRoot%system32Alg.exe,-112 (ALG) — Unknown owner — C:WindowsSystem32alg.exe (file missing)
    O23 — Service: avast! Antivirus — AVAST Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
    O23 — Service: avast! Mail Scanner — AVAST Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
    O23 — Service: avast! Web Scanner — AVAST Software — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
    O23 — Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) — Unknown owner — C:WindowsSystem32lsass.exe (file missing)
    O23 — Service: @%systemroot%system32fxsresm.dll,-118 (Fax) — Unknown owner — C:Windowssystem32fxssvc.exe (file missing)
    O23 — Service: Google Update Service (gupdate) (gupdate) — Google Inc. — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    O23 — Service: Google Software Updater (gusvc) — Google — C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
    O23 — Service: IviRegMgr — InterVideo — C:Program Files (x86)Common FilesInterVideoRegMgriviRegMgr.exe
    O23 — Service: @keyiso.dll,-100 (KeyIso) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
    O23 — Service: @comres.dll,-2797 (MSDTC) — Unknown owner — C:WindowsSystem32msdtc.exe (file missing)
    O23 — Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
    O23 — Service: Online Armor Helper Service (OAcat) — Unknown owner — C:Program Files (x86)Online ArmorOAcat.exe
    O23 — Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
    O23 — Service: Roxio UPnP Renderer 10 — Sonic Solutions — C:Program Files (x86)RoxioDigital Home 10RoxioUPnPRenderer10.exe
    O23 — Service: Roxio Upnp Server 10 — Sonic Solutions — C:Program Files (x86)RoxioDigital Home 10RoxioUpnpService10.exe
    O23 — Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) — Unknown owner — C:Windowssystem32locator.exe (file missing)
    O23 — Service: Realtek Audio Service (RtkAudioService) — Realtek Semiconductor — C:Program FilesRealtekAudioHDARtkAudioService64.exe
    O23 — Service: Intel(R) Sample Collector (SampleCollector) — Intel Corporation — C:Program FilesSonyVAIO Carecollsvc.exe
    O23 — Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
    O23 — Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) — Unknown owner — C:WindowsSystem32snmptrap.exe (file missing)
    O23 — Service: VAIO Media plus Content Importer (SOHCImp) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedSOHLibSOHCImp.exe
    O23 — Service: VAIO Media plus Database Manager (SOHDBSvr) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedSOHLibSOHDBSvr.exe
    O23 — Service: VAIO Media plus Digital Media Server (SOHDms) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedSOHLibSOHDms.exe
    O23 — Service: VAIO Media plus Device Searcher (SOHDs) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedSOHLibSOHDs.exe
    O23 — Service: VAIO Media plus Playlist Manager (SOHPlMgr) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedSOHLibSOHPlMgr.exe
    O23 — Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) — Unknown owner — C:WindowsSystem32spoolsv.exe (file missing)
    O23 — Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) — Unknown owner — C:Windowssystem32sppsvc.exe (file missing)
    O23 — Service: Online Armor (SvcOnlineArmor) — Unknown owner — C:Program Files (x86)Online Armoroasrv.exe
    O23 — Service: CamMonitor (uCamMonitor) — ArcSoft, Inc. — C:Program Files (x86)ArcSoftMagic-i Visual Effects 2uCamMonitor.exe
    O23 — Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) — Unknown owner — C:Windowssystem32UI0Detect.exe (file missing)
    O23 — Service: VAIO Entertainment TV Device Arbitration Service — Sony Corporation — C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVzHardwareResourceManagerVzHardwareResourceManagerVzHardwareResourceManager.exe
    O23 — Service: VAIO Event Service — Sony Corporation — C:Program Files (x86)SonyVAIO Event ServiceVESMgr.exe
    O23 — Service: VAIO Power Management — Sony Corporation — C:Program FilesSonyVAIO Power ManagementSPMService.exe
    O23 — Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
    O23 — Service: VAIO Content Folder Watcher (VCFw) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedVAIO Content Folder WatcherVCFw.exe
    O23 — Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) — Sony Corporation — C:Program FilesSonyVCM Intelligent Analyzing ManagerVcmIAlzMgr.exe
    O23 — Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) — Sony Corporation — C:Program FilesSonyVCM Intelligent Network Service ManagerVcmINSMgr.exe
    O23 — Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) — Sony Corporation — C:Program FilesCommon FilesSony SharedVcmXmlVcmXmlIfHelper64.exe
    O23 — Service: VAIO Entertainment UPnP Client Adapter (Vcsw) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVCSWVCSW.exe
    O23 — Service: @%SystemRoot%system32vds.exe,-100 (vds) — Unknown owner — C:WindowsSystem32vds.exe (file missing)
    O23 — Service: @%systemroot%system32vssvc.exe,-102 (VSS) — Unknown owner — C:Windowssystem32vssvc.exe (file missing)
    O23 — Service: VAIO Entertainment Database Service (VzCdbSvc) — Sony Corporation — C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVzCdbVzCdbSvc.exe
    O23 — Service: @%SystemRoot%system32WatWatUX.exe,-601 (WatAdminSvc) — Unknown owner — C:Windowssystem32WatWatAdminSvc.exe (file missing)
    O23 — Service: @%systemroot%system32wbengine.exe,-104 (wbengine) — Unknown owner — C:Windowssystem32wbengine.exe (file missing)
    O23 — Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) — Unknown owner — C:Windowssystem32wbemWmiApSrv.exe (file missing)
    O23 — Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) — Unknown owner — C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

    —
    End of file — 13124 bytes

    ======Scheduled tasks folder======

    C:WindowstasksGoogleUpdateTaskMachineCore.job
    C:WindowstasksGoogleUpdateTaskMachineUA.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper — C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    AskBar BHO — C:Program Files (x86)AskBarDisbarbinaskBar.dll [2008-11-18 333192]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper — C:PROGRA~2MICROS~2Office12GR469A~1.DLL [2006-10-26 2210608]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Sign-in Helper — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2008-11-18 408952]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-07-14 278192]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    Skype add-on for Internet Explorer — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll [2010-02-08 804136]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO — C:Program Files (x86)GoogleGoogleToolbarNotifier5.5.5126.1836swg.dll [2010-06-03 814648]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper — C:Program Files (x86)Javajre6binjp2ssv.dll [2010-08-04 41760]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
    {3041d03e-fd4b-44e0-b742-2d9b88305f98} — Ask Toolbar — C:Program Files (x86)AskBarDisbarbinaskBar.dll [2008-11-18 333192]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2010-07-14 278192]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
    «LaunchUserRequestedPrograms»=C:Program FilesSonyFirst ExperienceMiniprogram.exe [2009-08-26 68608]
    «RegistrationReminder»=C:Program FilesSonyFirst ExperienceOOBEFcdRegistration.exe [2009-07-14 268288]
    «Adobe Reader Speed Launcher»=C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe [2009-02-28 35696]
    «SmartWiHelper»=C:Program Files (x86)SonySmartWi Connection UtilitySmartWiHelper.exe [2009-08-27 79872]
    «VAIOSurvey»=C:Program Files (x86)SonyVAIO SurveyVAIO Sat Survey.exe [2008-07-25 385024]
    «ISBMgr.exe»=C:Program Files (x86)SonyISB UtilityISBMgr.exe [2009-05-26 317288]
    «SunJavaUpdateSched»=C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [2010-05-14 248552]
    «GrooveMonitor»=C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe [2006-10-26 31016]
    «avast5″=C:Program FilesAlwil SoftwareAvast5avastUI.exe [2010-09-07 2838912]

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
    «swg»=C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-09-03 39408]
    «Skype»=C:Program Files (x86)SkypePhoneSkype.exe [2010-05-13 26192168]
    «Octoshape Streaming Services»=C:UsersKAppDataRoamingOctoshapeOctoshape Streaming ServicesOctoshapeClient.exe [2009-01-08 70936]

    C:UsersKAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
    Punto Switcher.lnk — C:Program Files (x86)YandexPunto Switcherpunto.exe

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyVESWinlogon]
    C:Windowssystem32VESWinlogon.dll [2009-07-01 98304]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
    WebCheck — {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
    «{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~2MICROS~2Office12GR469A~1.DLL [2006-10-26 2210608]

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
    «SecurityProviders»=credssp.dll

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkAFD]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
    «ConsentPromptBehaviorUser»=2
    «EnableUIADesktopToggle»=0
    «dontdisplaylastusername»=0
    «legalnoticecaption»=
    «legalnoticetext»=
    «shutdownwithoutlogon»=1
    «undockwithoutlogon»=1

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
    «NoActiveDesktop»=1
    «NoActiveDesktopChanges»=1
    «ForceActiveDesktopOn»=0

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

    ======File associations======

    .js — edit — C:WindowsSystem32Notepad.exe %1
    .js — open — C:WindowsSystem32WScript.exe «%1» %*

    ======List of files/folders created in the last 1 months======

    2010-09-18 09:51:42 —-D—- C:rsit
    2010-09-18 09:51:42 —-D—- C:Program Files (x86)trend micro
    2010-09-17 23:55:25 —-A—- C:WindowsSysWOW64driversmbamswissarmy.sys
    2010-09-17 23:55:24 —-D—- C:Program Files (x86)Malwarebytes’ Anti-Malware
    2010-09-17 23:45:01 —-A—- C:Windowsntbtlog.txt
    2010-09-17 18:29:22 —-D—- C:ProgramDataNOS
    2010-09-17 18:29:22 —-D—- C:Program Files (x86)NOS
    2010-09-15 23:11:33 —-A—- C:WindowsSysWOW64iertutil.dll
    2010-09-02 12:03:30 —-D—- C:UsersKAppDataRoamingOnlineArmor
    2010-09-02 12:03:30 —-D—- C:ProgramDataOnlineArmor
    2010-09-02 12:00:50 —-A—- C:WindowsSysWOW64driversoahlp64.sys
    2010-09-02 12:00:50 —-A—- C:Windowsoaevent.dll
    2010-09-02 12:00:49 —-A—- C:WindowsSysWOW64driversOAmon.sys
    2010-09-02 12:00:49 —-A—- C:WindowsSysWOW64driversOADriver.sys
    2010-09-02 12:00:41 —-D—- C:Program Files (x86)Online Armor
    2010-09-01 15:06:17 —-D—- C:_OTM
    2010-09-01 13:45:57 —-D—- C:UsersKAppDataRoamingMalwarebytes
    2010-09-01 13:45:42 —-D—- C:ProgramDataMalwarebytes
    2010-08-30 21:18:28 —-D—- C:ProgramDataSun
    2010-08-30 21:18:28 —-D—- C:Program Files (x86)Common FilesJava
    2010-08-30 21:18:16 —-A—- C:WindowsSysWOW64javaws.exe
    2010-08-30 21:18:16 —-A—- C:WindowsSysWOW64javaw.exe
    2010-08-30 21:18:16 —-A—- C:WindowsSysWOW64java.exe
    2010-08-30 21:18:16 —-A—- C:WindowsSysWOW64deployJava1.dll
    2010-08-30 13:49:55 —-SHD—- C:ProgramDataMSHVDZS
    2010-08-30 13:49:30 —-SHD—- C:ProgramData3228f27
    2010-08-19 14:27:48 —-A—- C:WindowsSysWOW64schannel.dll
    2010-08-19 14:27:34 —-A—- C:WindowsSysWOW64shell32.dll
    2010-08-19 14:27:26 —-A—- C:WindowsSysWOW64mshtml.dll
    2010-08-19 14:27:26 —-A—- C:WindowsSysWOW64ieframe.dll
    2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64wininet.dll
    2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64urlmon.dll
    2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64mstime.dll
    2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64msfeedsbs.dll
    2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64jsproxy.dll
    2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64ieui.dll
    2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64iepeers.dll
    2010-08-19 14:27:24 —-A—- C:WindowsSysWOW64iedkcs32.dll
    2010-08-19 14:27:23 —-A—- C:WindowsSysWOW64msfeedssync.exe
    2010-08-19 14:27:17 —-A—- C:WindowsSysWOW64ntkrnlpa.exe
    2010-08-19 14:27:16 —-A—- C:WindowsSysWOW64ntoskrnl.exe
    2010-08-19 14:27:12 —-A—- C:WindowsSysWOW64rtutils.dll
    2010-08-19 14:27:06 —-A—- C:WindowsSysWOW64iccvid.dll
    2010-08-19 14:26:54 —-A—- C:WindowsSysWOW64msxml3.dll

    ======List of files/folders modified in the last 1 months======

    2010-09-18 09:51:43 —-D—- C:WindowsTemp
    2010-09-18 09:51:42 —-D—- C:Program Files (x86)
    2010-09-18 09:40:47 —-D—- C:UsersKAppDataRoamingSkype
    2010-09-18 09:36:26 —-D—- C:WindowsPrefetch
    2010-09-17 23:55:25 —-D—- C:WindowsSysWOW64drivers
    2010-09-17 23:54:13 —-D—- C:WindowsSystem32
    2010-09-17 23:54:13 —-D—- C:Windowsinf
    2010-09-17 23:45:01 —-D—- C:Windows
    2010-09-17 23:34:35 —-D—- C:Windowstracing
    2010-09-17 18:29:22 —-HD—- C:ProgramData
    2010-09-17 18:00:05 —-D—- C:Program Files (x86)Mozilla Firefox
    2010-09-17 12:13:58 —-SHD—- C:System Volume Information
    2010-09-16 09:23:18 —-D—- C:Windowswinsxs
    2010-09-16 09:22:44 —-D—- C:WindowsSysWOW64
    2010-09-09 22:35:14 —-D—- C:WindowsTasks
    2010-09-09 22:35:13 —-D—- C:WindowsAppCompat
    2010-09-09 22:35:12 —-D—- C:Windowsregistration
    2010-09-07 16:11:54 —-A—- C:WindowsSysWOW64aswBoot.exe
    2010-09-05 18:34:59 —-D—- C:ProgramDataArcSoft
    2010-09-02 17:28:48 —-D—- C:ProgramDataNorton
    2010-09-02 17:28:48 —-D—- C:Program Files (x86)Norton Security Scan
    2010-09-02 17:28:46 —-D—- C:ProgramDataSymantec
    2010-09-02 17:24:34 —-D—- C:Program Files (x86)Common FilesSymantec Shared
    2010-09-01 11:57:45 —-D—- C:Program Files (x86)DivX
    2010-09-01 11:57:17 —-D—- C:ProgramDataDivX
    2010-09-01 11:27:09 —-SHD—- C:WindowsInstaller
    2010-09-01 11:27:09 —-SHD—- C:Config.Msi
    2010-09-01 11:27:09 —-D—- C:Program Files (x86)Common FilesDivX Shared
    2010-08-30 21:18:28 —-D—- C:Program Files (x86)Common Files
    2010-08-30 21:18:10 —-D—- C:Program Files (x86)Java
    2010-08-20 09:50:46 —-D—- C:WindowsMicrosoft.NET
    2010-08-20 09:50:37 —-RSD—- C:Windowsassembly
    2010-08-20 06:35:56 —-D—- C:WindowsSysWOW64migration
    2010-08-20 06:35:56 —-D—- C:Program Files (x86)Internet Explorer

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 iaStor;Intel AHCI Controller; C:Windowssystem32DRIVERSiaStor.sys []
    R0 PxHlpa64;PxHlpa64; C:WindowsSystem32DriversPxHlpa64.sys []
    R0 rdyboost;ReadyBoost; C:WindowsSystem32driversrdyboost.sys []
    R1 aswRdr;aswRdr; C:WindowsSysWOW64driversaswRdr.sys []
    R1 OAmon;OAmon; ??C:WindowsSysWOW64DriversOAmon.sys [2010-08-27 37872]
    R1 vwififlt;Virtual WiFi Filter Driver; C:Windowssystem32DRIVERSvwififlt.sys []
    R2 rimsptsk;rimsptsk; C:Windowssystem32DRIVERSrimssn64.sys []
    R2 risdptsk;risdptsk; C:Windowssystem32DRIVERSrisdsn64.sys []
    R3 ApfiltrService;Alps Pointing-device Filter Driver; C:Windowssystem32DRIVERSApfiltr.sys []
    R3 athr;Atheros Extensible Wireless LAN device driver; C:Windowssystem32DRIVERSathrx.sys []
    R3 OAnet;OnlineArmor Service; C:Windowssystem32DRIVERSoanet.sys []
    R3 SFEP;Sony Firmware Extension Parser; C:Windowssystem32DRIVERSSFEP.sys []
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:Windowssystem32DRIVERSvwifimp.sys []
    S1 aswSP;aswSP; C:WindowsSysWOW64driversaswSP.sys []
    S1 aswTdi;avast! Network Shield Support; C:WindowsSysWOW64driversaswTdi.sys []
    S1 OADevice;OADriver; ??C:WindowsSysWow64DriversOADriver.sys [2010-08-27 53840]
    S1 oahlpXX;Online Armor helper driver; ??C:Windowssyswow64driversoahlp64.sys [2010-08-27 54896]
    S2 aswFsBlk;aswFsBlk; C:WindowsSysWOW64driversaswFsBlk.sys []
    S2 aswMonFlt;aswMonFlt; ??C:Windowssystem32driversaswMonFlt.sys []
    S2 mdmxsdk;mdmxsdk; C:Windowssystem32DRIVERSmdmxsdk.sys []
    S2 regi;regi; ??C:Windowssystem32driversregi.sys []
    S2 XAudio;XAudio; C:Windowssystem32DRIVERSXAudio64.sys []
    S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:Windowssystem32DRIVERSArcSoftKsUFilter.sys []
    S3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys []
    S3 BthEnum;Bluetooth Request Block Driver; C:Windowssystem32DRIVERSBthEnum.sys []
    S3 BthPan;Bluetooth Device (Personal Area Network); C:Windowssystem32DRIVERSbthpan.sys []
    S3 BTHPORT;Bluetooth Port Driver; C:WindowsSystem32DriversBTHport.sys []
    S3 BTHUSB;Bluetooth Radio USB Driver; C:WindowsSystem32DriversBTHUSB.sys []
    S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:Windowssystem32DRIVERSewusbmdm.sys []
    S3 hwusbdev;Huawei DataCard USB PNP Device; C:Windowssystem32DRIVERSewusbdev.sys []
    S3 igfx;igfx; C:Windowssystem32DRIVERSigdkmd64.sys []
    S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHD64.sys []
    S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:Windowssystem32driversIntcHdmi.sys []
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:Windowssystem32DRIVERSnetw5v64.sys []
    S3 pciide;pciide; C:Windowssystem32DRIVERSpciide.sys []
    S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:Windowssystem32DRIVERSrfcomm.sys []
    S3 RTHDMIAzAudService;Service for HDMI; C:Windowssystem32driversRtHDMIVX.sys []
    S3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys []
    S3 SrvHsfHDA;SrvHsfHDA; C:Windowssystem32DRIVERSVSTAZL6.SYS []
    S3 SrvHsfV92;SrvHsfV92; C:Windowssystem32DRIVERSVSTDPV6.SYS []
    S3 SrvHsfWinac;SrvHsfWinac; C:Windowssystem32DRIVERSVSTCNXT6.SYS []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    S2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-09-07 40384]
    S2 gupdate;Google Update Service (gupdate); C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2009-09-03 133104]
    S2 HsfXAudioService;HsfXAudioService; C:Windowssystem32svchost.exe [2009-07-14 20992]
    S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe [2009-06-05 354840]
    S2 IviRegMgr;IviRegMgr; C:Program Files (x86)Common FilesInterVideoRegMgriviRegMgr.exe [2007-01-05 112152]
    S2 OAcat;Online Armor Helper Service; C:Program Files (x86)Online ArmorOAcat.exe [2010-08-27 380272]
    S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:Program Files (x86)RoxioDigital Home 10RoxioUpnpService10.exe [2009-06-26 362992]
    S2 RtkAudioService;Realtek Audio Service; C:Program FilesRealtekAudioHDARtkAudioService64.exe [2009-07-24 189984]
    S2 SvcOnlineArmor;Online Armor; C:Program Files (x86)Online Armoroasrv.exe [2010-08-27 3638240]
    S2 uCamMonitor;CamMonitor; C:Program Files (x86)ArcSoftMagic-i Visual Effects 2uCamMonitor.exe [2008-09-18 104960]
    S2 VAIO Event Service;VAIO Event Service; C:Program Files (x86)SonyVAIO Event ServiceVESMgr.exe [2009-07-01 204648]
    S2 VAIO Power Management;VAIO Power Management; C:Program FilesSonyVAIO Power ManagementSPMService.exe [2009-08-22 411496]
    S2 VCFw;VAIO Content Folder Watcher; C:Program Files (x86)Common FilesSony SharedVAIO Content Folder WatcherVCFw.exe [2009-07-22 642920]
    S2 VzCdbSvc;VAIO Entertainment Database Service; C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVzCdbVzCdbSvc.exe [2009-07-23 206336]
    S3 ACDaemon;ArcSoft Connect Daemon; C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe [2010-03-18 113152]
    S3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-09-07 40384]
    S3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2010-09-07 40384]
    S3 gusvc;Google Software Updater; C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-09-03 182768]
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program Files (x86)Microsoft OfficeOffice12GrooveAuditService.exe [2006-10-26 65824]
    S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:WindowsSystem32svchost.exe [2009-07-14 20992]
    S3 odserv;Microsoft Office Diagnostics Service; C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-27 441136]
    S3 ose;Office Source Engine; C:Program Files (x86)Common FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
    S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:Program Files (x86)RoxioDigital Home 10RoxioUPnPRenderer10.exe [2009-06-26 313840]
    S3 SampleCollector;Intel(R) Sample Collector; C:Program FilesSonyVAIO Carecollsvc.exe [2009-09-16 167424]
    S3 SOHCImp;VAIO Media plus Content Importer; C:Program Files (x86)Common FilesSony SharedSOHLibSOHCImp.exe [2009-07-28 120104]
    S3 SOHDBSvr;VAIO Media plus Database Manager; C:Program Files (x86)Common FilesSony SharedSOHLibSOHDBSvr.exe [2009-07-28 70952]
    S3 SOHDms;VAIO Media plus Digital Media Server; C:Program Files (x86)Common FilesSony SharedSOHLibSOHDms.exe [2009-07-28 427304]
    S3 SOHDs;VAIO Media plus Device Searcher; C:Program Files (x86)Common FilesSony SharedSOHLibSOHDs.exe [2009-07-28 75048]
    S3 SOHPlMgr;VAIO Media plus Playlist Manager; C:Program Files (x86)Common FilesSony SharedSOHLibSOHPlMgr.exe [2009-07-28 91432]
    S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVzHardwareResourceManagerVzHardwareResourceManagerVzHardwareResourceManager.exe [2009-07-23 69632]
    S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:Program FilesSonyVCM Intelligent Analyzing ManagerVcmIAlzMgr.exe [2009-06-26 468264]
    S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:Program FilesSonyVCM Intelligent Network Service ManagerVcmINSMgr.exe [2009-06-26 357672]
    S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:Program FilesCommon FilesSony SharedVcmXmlVcmXmlIfHelper64.exe [2009-06-18 110888]
    S3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVCSWVCSW.exe [2009-07-23 313264]
    S3 WatAdminSvc;@%SystemRoot%system32WatWatUX.exe,-601; C:Windowssystem32WatWatAdminSvc.exe []

    EOF

    18 сентября, 2010 в 9:01 дп #31433
    northerngull
    Participant
    • Темы:1
    • Сообщений:2
    • ☆

    info.txt logfile of random’s system information tool 1.08 2010-09-18 09:51:49

    ======Uninstall list======

    —>»C:Program Files (x86)InstallShield Installation Information{70991E0A-1108-437E-BA7D-085702C670C0}setup.exe» -runfromtemp -l0x0009 -removeonly
    —>»C:Program Files (x86)InstallShield Installation Information{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}setup.exe» -runfromtemp -l0x0009 -removeonly
    —>»C:Program Files (x86)InstallShield Installation Information{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}setup.exe» -runfromtemp -l0x0009 -removeonly
    —>C:Program Files (x86)DivXDivXCodecUninstall.exe /CODEC
    —>C:Program Files (x86)InstallShield Installation Information{00721C5E-5B17-494C-95E5-208415864F62}setup.exe -runfromtemp -l0x0009 -removeonly
    —>C:Program Files (x86)InstallShield Installation Information{36C41D70-56F5-4E2B-81DA-6BEB7502D7A1}setup.exe -runfromtemp -l0x0009 -removeonly
    —>C:Program Files (x86)InstallShield Installation Information{3D173DC5-4AE5-4B3F-9819-3977DD11B1D0}setup.exe -runfromtemp -l0x0009 -removeonly
    —>C:Program Files (x86)InstallShield Installation Information{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}setup.exe -runfromtemp -l0x0409
    —>C:Program Files (x86)InstallShield Installation Information{B2C4A8C4-AA20-425D-9FEE-C78039238C81}setup.exe -runfromtemp -l0x0009 -removeonly
    —>C:Program Files (x86)InstallShield Installation Information{B34B6E67-FCDD-4E03-8742-B5701427FAFB}setup.exe -runfromtemp -l0x0009 -removeonly
    —>C:WindowsSysWOW64MacromedFlashuninstall_activeX.exe
    —>C:WindowsSysWOW64MacromedFlashuninstall_plugin.exe
    Adobe Download Manager—>»C:Windowssystem32rundll32.exe» «C:Program Files (x86)NOSbingetPlus_Helper_3004.dll»,Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
    Adobe Flash Player 10 ActiveX—>MsiExec.exe /X{B7B3E9B3-FB14-4927-894B-E9124509AF5A}
    Adobe Flash Player 10 Plugin—>MsiExec.exe /X{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}
    Adobe Reader 9.1.2—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
    Application Manager for VAIO—>C:Program Files (x86)SonyVAIO Uninstallervaiouninstaller.exe
    ArcSoft Magic-i Visual Effects 2—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{7BB90344-0647-468E-925A-7F69F7983421}Setup.exe» -l0x9
    ArcSoft WebCam Companion 3—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}Setup.exe» -l0x9
    Ask Toolbar—>»C:Program Files (x86)AskBarDisunins000.exe»
    avast! Free Antivirus—>C:Program FilesAlwil SoftwareAvast5aswRunDll.exe «C:Program FilesAlwil SoftwareAvast5Setupsetiface.dll» RunSetup
    Choice Guard—>MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Click to Disc Editor—>C:Program Files (x86)InstallShield Installation Information{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}setup.exe -runfromtemp -l0x0409
    Click to Disc—>C:Program Files (x86)InstallShield Installation Information{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}setup.exe -runfromtemp -l0x0009 -removeonly
    Compatibility Pack for the 2007 Office system—>MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
    DivX Player—>C:Program Files (x86)DivXDivXPlayerUninstall.exe /PLAYER
    Foxit Reader—>C:Program Files (x86)Foxit SoftwareFoxit ReaderUninstall.exe
    Google Chrome—>»C:Program Files (x86)GoogleChromeApplication6.0.472.59Installersetup.exe» —uninstall —system-level
    Google Toolbar for Internet Explorer—>»C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarManager_223E2B8E7BAD9544.exe» /uninstall
    Google Toolbar for Internet Explorer—>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    Google Update Helper—>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Java(TM) 6 Update 21—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
    Junk Mail filter update—>MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
    Malwarebytes’ Anti-Malware—>»C:Program Files (x86)Malwarebytes’ Anti-Malwareunins000.exe»
    Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007—>»C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2007—>MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
    Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
    Microsoft Office Home and Student 2007—>»C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall HOMESTUDENTR /dll OSETUP.DLL
    Microsoft Office Home and Student 2007—>MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (English) 2007—>MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007—>MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2007 (English)—>MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007—>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007—>MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007—>MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2007—>MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007—>MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office Suite Activation Assistant—>MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
    Microsoft Office Word MUI (English) 2007—>MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
    Microsoft SQL Server 2005 Compact Edition [ENU]—>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 Redistributable — x86 9.0.30729.4148—>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft Works—>MsiExec.exe /I{67E03279-F703-408F-B4BF-46B5FC8D70CD}
    Mozilla Firefox (3.6.10)—>C:Program Files (x86)Mozilla Firefoxuninstallhelper.exe
    MSVCRT—>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)—>MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Music Transfer—>C:Program Files (x86)InstallShield Installation Information{CE2121C6-C94D-4A73-8EA4-6943F33EE335}setup.exe -runfromtemp -l0x0009 -removeonly
    Online Armor 4.5—>»C:Program Files (x86)Online Armorunins000.exe»
    Punto Switcher 3.1—>C:Program Files (x86)YandexPunto Switcheruninstall.exe
    Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}Setup.exe» -removeonly
    Roxio Central Audio—>MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
    Roxio Central Copy—>MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
    Roxio Central Core—>MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
    Roxio Central Data—>MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
    Roxio Central Tools—>MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
    Roxio Easy Media Creator 10 LJ—>C:ProgramDataUninstall{537BF16E-7412-448C-95D8-846E85A1D817}setup.exe /x {537BF16E-7412-448C-95D8-846E85A1D817}
    Roxio Easy Media Creator Home—>MsiExec.exe /I{FE51662F-D8F6-43B5-99D9-D4894AF00F83}
    Setting Utility Series—>»C:Program Files (x86)InstallShield Installation Information{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}setup.exe» -runfromtemp -l0x0009 -removeonly
    Skype Toolbars—>MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
    Skype™ 4.2—>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    SmartWi Connection Utility—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}setup.exe» -l0x9 -removeonly
    Sony Home Network Library—>»C:Program Files (x86)InstallShield Installation Information{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}setup.exe» -runfromtemp -l0x0009 -removeonly
    Sony Picture Utility—>C:Program Files (x86)InstallShield Installation Information{D5068583-D569-468B-9755-5FBF5848F46F}setup.exe -runfromtemp -l0x0009 uninstall -removeonly
    SopCast 3.0.3—>C:Program Files (x86)SopCastuninst.exe
    Update for Office 2007 (KB934528)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
    Update for Office System 2007 Setup (KB929722)—>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D8E9BEBD-655F-467D-8176-CA9959C140A3}
    VAIO Care—>»C:Program Files (x86)InstallShield Installation Information{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}setup.exe» -runfromtemp -l0x0019 -removeonly
    VAIO Content Metadata Intelligent Analyzing Manager—>C:Program Files (x86)InstallShield Installation Information{0A5F02E5-1A52-4F85-892C-A35227641C75}setup.exe -runfromtemp -l0x0009 -removeonly
    VAIO Content Metadata Intelligent Network Service Manager—>C:Program Files (x86)InstallShield Installation Information{3B1168DE-1F8C-471C-AC49-0CA52F096170}setup.exe -runfromtemp -l0x0009 -removeonly
    VAIO Content Metadata Manager Settings—>C:Program Files (x86)InstallShield Installation Information{7395DD51-0D1A-47A7-9993-742073ECF4CE}setup.exe -runfromtemp -l0x0009 -removeonly
    VAIO Content Metadata XML Interface Library—>C:Program Files (x86)InstallShield Installation Information{949419DF-F4AF-4693-B60A-522B24F233C6}setup.exe -runfromtemp -l0x0009 -removeonly
    VAIO Content Monitoring Settings—>»C:Program Files (x86)InstallShield Installation Information{23825B69-36DF-4DAD-9CFD-118D11D80F16}setup.exe» -runfromtemp -l0x0009 -removeonly
    VAIO Control Center—>»C:Program Files (x86)InstallShield Installation Information{72042FA6-5609-489F-A8EA-3C2DD650F667}setup.exe» -runfromtemp -l0x0009 -removeonly
    VAIO Data Restore Tool—>C:Program Files (x86)InstallShield Installation Information{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}setup.exe -runfromtemp -l0x0009 -removeonly
    VAIO DVD Menu Data Basic—>C:Program Files (x86)InstallShield Installation Information{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}setup.exe -runfromtemp -l0x0009 -removeonly
    VAIO Entertainment Platform—>»C:Program Files (x86)InstallShield Installation Information{6B1F20F2-6321-4669-A58C-33DF8E7517FF}setup.exe» -runfromtemp -l0x0009 -removeonly
    VAIO Event Service—>»C:Program Files (x86)InstallShield Installation Information{C7477742-DDB4-43E5-AC8D-0259E1E661B1}setup.exe» -runfromtemp -l0x0009 -removeonly
    VAIO Help and Support—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{D47FE987-EA3D-424B-9886-B752501D7CE7}setup.exe» -l0x9 -removeonly
    VAIO Media plus Opening Movie—>»C:Program Files (x86)InstallShield Installation Information{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}setup.exe» -runfromtemp -l0x0009 -removeonly
    VAIO Media plus—>»C:Program Files (x86)InstallShield Installation Information{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}setup.exe» -runfromtemp -l0x0009 -removeonly
    VAIO Movie Story Template Data—>C:Program Files (x86)InstallShield Installation Information{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}setup.exe -runfromtemp -l0x0009 -removeonly
    VAIO Movie Story—>C:Program Files (x86)InstallShield Installation Information{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}setup.exe -runfromtemp -l0x0009 -removeonly
    VAIO OOBE and Startup Assistant—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{1B500D37-E7CF-480B-8054-8A563594EC4E}setup.exe» -l0x9 -removeonly
    VAIO Original Function Settings—>»C:Program Files (x86)InstallShield Installation Information{A63E7492-A0BC-4BB9-89A7-352965222380}setup.exe» -runfromtemp -l0x0009 -removeonly
    VAIO Power Management—>»C:Program Files (x86)InstallShield Installation Information{5F5867F0-2D23-4338-A206-01A76C823924}setup.exe» -runfromtemp -l0x0009 -removeonly
    VAIO Presentation Support—>»C:Program Files (x86)InstallShield Installation Information{2018C019-30D9-4240-8C01-0865C10DCF5A}setup.exe» -runfromtemp -l0x0009 -removeonly
    VAIO Quick Web Access—>MsiExec.exe /I{931FE23C-BB40-4C7A-A594-DB35908D8E83}
    VAIO Quick Web Access—>MsiExec.exe /x{931FE23C-BB40-4C7A-A594-DB35908D8E83} CUSTOM_HAVE_DIALOG=Yes
    VAIO Survey—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{34B37A74-125E-4406-87BA-E4BD3D097AE5}setup.exe» -l0x9 -removeonly
    VAIO Update 4—>»C:Program Files (x86)InstallShield Installation Information{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}setup.exe» -runfromtemp -l0x0009 -removeonly
    VAIO Wallpaper Contents—>»C:Program Files (x86)InstallShield Installation Information{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}setup.exe» -runfromtemp -l0x0009 -removeonly
    VLC media player 1.0.5—>C:Program Files (x86)VideoLANVLCuninstall.exe
    Windows Live Call—>MsiExec.exe /I{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}
    Windows Live Communications Platform—>MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
    Windows Live Essentials—>C:Program Files (x86)Windows LiveInstallerwlarp.exe
    Windows Live Essentials—>MsiExec.exe /I{D9D754A1-EAC5-406C-A28B-C49B1E846711}
    Windows Live Mail—>MsiExec.exe /I{63C1109E-D977-49ED-BCE3-D00D0BF187D6}
    Windows Live Messenger—>MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
    Windows Live Movie Maker Beta—>MsiExec.exe /X{2208D65A-1BF9-485E-A308-1BA6CADCDC1D}
    Windows Live Photo Gallery—>MsiExec.exe /X{F73A5B18-EB75-4B2C-B32D-9457576E2417}
    Windows Live Sign-in Assistant—>MsiExec.exe /I{505DF7A3-88D5-4DD6-9AD5-C98C2ED0CEC4}
    Windows Live Sync—>MsiExec.exe /X{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}
    Windows Live Upload Tool—>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Windows Live Writer—>MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
    Windows Media Player Firefox Plugin—>MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    WinDVD BD for VAIO—>C:Program Files (x86)InstallShield Installation Information{20471B27-D702-4FE8-8DEC-0702CC8C0A85}setup.exe -runfromtemp -l0x0409
    WinDVD BD for VAIO—>C:Program Files (x86)InstallShield Installation Information{20471B27-D702-4FE8-8DEC-0702CC8C0A85}setup.exe -runfromtemp -l0x0409
    WinRAR archiver—>C:Program Files (x86)WinRARuninstall.exe

    ======Hosts File======

    ::1 localhost

    ======System event log======

    Computer Name: monstriashka
    Event Code: 1014
    Message: Name resolution for the name http://www.away.com timed out after none of the configured DNS servers responded.
    Record Number: 28998
    Source Name: Microsoft-Windows-DNS-Client
    Time Written: 20100304154032.574364-000
    Event Type: Warning
    User: NT AUTHORITYNETWORK SERVICE

    Computer Name: monstriashka
    Event Code: 1014
    Message: Name resolution for the name http://www.ebookers.com timed out after none of the configured DNS servers responded.
    Record Number: 28992
    Source Name: Microsoft-Windows-DNS-Client
    Time Written: 20100304153935.105558-000
    Event Type: Warning
    User: NT AUTHORITYNETWORK SERVICE

    Computer Name: monstriashka
    Event Code: 7009
    Message: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
    Record Number: 28941
    Source Name: Service Control Manager
    Time Written: 20100304153751.255645-000
    Event Type: Error
    User:

    Computer Name: monstriashka
    Event Code: 7000
    Message: The HsfXAudioService service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.
    Record Number: 28937
    Source Name: Service Control Manager
    Time Written: 20100304153750.740844-000
    Event Type: Error
    User:

    Computer Name: monstriashka
    Event Code: 7009
    Message: A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService service to connect.
    Record Number: 28935
    Source Name: Service Control Manager
    Time Written: 20100304153750.725244-000
    Event Type: Error
    User:

    =====Application event log=====

    Computer Name: WIN-E4FRIB8Q5HN
    Event Code: 33
    Message: Activation context generation failed for «C:WindowsInstaller{67E03279-F703-408F-B4BF-46B5FC8D70CD}WksCal.exe». Dependent Assembly msadctls,processorArchitecture=»x86″,type=»win32″,version=»1.0.1801.0″ could not be found. Please use sxstrace.exe for detailed diagnosis.
    Record Number: 1239
    Source Name: SideBySide
    Time Written: 20091023133124.000000-000
    Event Type: Error
    User:

    Computer Name: WIN-E4FRIB8Q5HN
    Event Code: 33
    Message: Activation context generation failed for «C:WindowsInstaller{67E03279-F703-408F-B4BF-46B5FC8D70CD}WksWP.exe». Dependent Assembly msadctls,processorArchitecture=»x86″,type=»win32″,version=»1.0.1801.0″ could not be found. Please use sxstrace.exe for detailed diagnosis.
    Record Number: 1238
    Source Name: SideBySide
    Time Written: 20091023133124.000000-000
    Event Type: Error
    User:

    Computer Name: WIN-E4FRIB8Q5HN
    Event Code: 33
    Message: Activation context generation failed for «C:WindowsInstaller{67E03279-F703-408F-B4BF-46B5FC8D70CD}wksss.exe». Dependent Assembly msadctls,processorArchitecture=»x86″,type=»win32″,version=»1.0.1801.0″ could not be found. Please use sxstrace.exe for detailed diagnosis.
    Record Number: 1237
    Source Name: SideBySide
    Time Written: 20091023133124.000000-000
    Event Type: Error
    User:

    Computer Name: WIN-E4FRIB8Q5HN
    Event Code: 33
    Message: Activation context generation failed for «C:WindowsInstaller{67E03279-F703-408F-B4BF-46B5FC8D70CD}wksdb.exe». Dependent Assembly msadctls,processorArchitecture=»x86″,type=»win32″,version=»1.0.1801.0″ could not be found. Please use sxstrace.exe for detailed diagnosis.
    Record Number: 1236
    Source Name: SideBySide
    Time Written: 20091023133124.000000-000
    Event Type: Error
    User:

    Computer Name: WIN-E4FRIB8Q5HN
    Event Code: 33
    Message: Activation context generation failed for «C:WindowsInstaller{67E03279-F703-408F-B4BF-46B5FC8D70CD}WksCal.exe». Dependent Assembly msadctls,processorArchitecture=»x86″,type=»win32″,version=»1.0.1801.0″ could not be found. Please use sxstrace.exe for detailed diagnosis.
    Record Number: 1235
    Source Name: SideBySide
    Time Written: 20091023133124.000000-000
    Event Type: Error
    User:

    =====Security event log=====

    Computer Name: WIN-E4FRIB8Q5HN
    Event Code: 4624
    Message: An account was successfully logged on.

    Subject:
    Security ID: S-1-5-18
    Account Name: WIN-E4FRIB8Q5HN$
    Account Domain: WORKGROUP
    Logon ID: 0x3e7

    Logon Type: 5

    New Logon:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7
    Logon GUID: {00000000-0000-0000-0000-000000000000}

    Process Information:
    Process ID: 0x244
    Process Name: C:WindowsSystem32services.exe

    Network Information:
    Workstation Name:
    Source Network Address: —
    Source Port: —

    Detailed Authentication Information:
    Logon Process: Advapi
    Authentication Package: Negotiate
    Transited Services: —
    Package Name (NTLM only): —
    Key Length: 0

    This event is generated when a logon session is created. It is generated on the computer that was accessed.

    The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

    The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

    The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

    The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

    The authentication information fields provide detailed information about this specific logon request.
    — Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
    — Transited services indicate which intermediate services have participated in this logon request.
    — Package name indicates which sub-protocol was used among the NTLM protocols.
    — Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    Record Number: 918
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20091023133130.791026-000
    Event Type: Audit Success
    User:

    Computer Name: WIN-E4FRIB8Q5HN
    Event Code: 4672
    Message: Special privileges assigned to new logon.

    Subject:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7

    Privileges: SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 917
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20091023133128.529023-000
    Event Type: Audit Success
    User:

    Computer Name: WIN-E4FRIB8Q5HN
    Event Code: 4624
    Message: An account was successfully logged on.

    Subject:
    Security ID: S-1-5-18
    Account Name: WIN-E4FRIB8Q5HN$
    Account Domain: WORKGROUP
    Logon ID: 0x3e7

    Logon Type: 5

    New Logon:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7
    Logon GUID: {00000000-0000-0000-0000-000000000000}

    Process Information:
    Process ID: 0x244
    Process Name: C:WindowsSystem32services.exe

    Network Information:
    Workstation Name:
    Source Network Address: —
    Source Port: —

    Detailed Authentication Information:
    Logon Process: Advapi
    Authentication Package: Negotiate
    Transited Services: —
    Package Name (NTLM only): —
    Key Length: 0

    This event is generated when a logon session is created. It is generated on the computer that was accessed.

    The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

    The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

    The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

    The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

    The authentication information fields provide detailed information about this specific logon request.
    — Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
    — Transited services indicate which intermediate services have participated in this logon request.
    — Package name indicates which sub-protocol was used among the NTLM protocols.
    — Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    Record Number: 916
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20091023133128.529023-000
    Event Type: Audit Success
    User:

    Computer Name: WIN-E4FRIB8Q5HN
    Event Code: 4738
    Message: A user account was changed.

    Subject:
    Security ID: S-1-5-21-58730894-3101112194-262402868-500
    Account Name: Administrator
    Account Domain: WIN-E4FRIB8Q5HN
    Logon ID: 0x2df08

    Target Account:
    Security ID: S-1-5-21-58730894-3101112194-262402868-500
    Account Name: Administrator
    Account Domain: WIN-E4FRIB8Q5HN

    Changed Attributes:
    SAM Account Name: —
    Display Name: —
    User Principal Name: —
    Home Directory: —
    Home Drive: —
    Script Path: —
    Profile Path: —
    User Workstations: —
    Password Last Set: —
    Account Expires: —
    Primary Group ID: —
    AllowedToDelegateTo: —
    Old UAC Value: 0x211
    New UAC Value: 0x211
    User Account Control: —
    User Parameters: —
    SID History: —
    Logon Hours: —

    Additional Information:
    Privileges: —
    Record Number: 915
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20091023133127.047020-000
    Event Type: Audit Success
    User:

    Computer Name: WIN-E4FRIB8Q5HN
    Event Code: 1102
    Message: The audit log was cleared.
    Subject:
    Security ID: S-1-5-21-58730894-3101112194-262402868-500
    Account Name: Administrator
    Domain Name: WIN-E4FRIB8Q5HN
    Logon ID: 0x2df08
    Record Number: 914
    Source Name: Microsoft-Windows-Eventlog
    Time Written: 20091023133119.574003-000
    Event Type: Audit Success
    User:

    ======Environment variables======

    «ComSpec»=%SystemRoot%system32cmd.exe
    «FP_NO_HOST_CHECK»=NO
    «OS»=Windows_NT
    «Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;C:Program Files (x86)Common FilesRoxio Shared10.0DLLShared;C:Program Files (x86)Common FilesRoxio SharedDLLShared;C:Program Files (x86)Common FilesDivX Shared
    «PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    «PROCESSOR_ARCHITECTURE»=AMD64
    «TEMP»=%SystemRoot%TEMP
    «TMP»=%SystemRoot%TEMP
    «USERNAME»=SYSTEM
    «windir»=%SystemRoot%
    «PSModulePath»=%SystemRoot%system32WindowsPowerShellv1.0Modules
    «NUMBER_OF_PROCESSORS»=2
    «PROCESSOR_LEVEL»=6
    «PROCESSOR_IDENTIFIER»=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
    «PROCESSOR_REVISION»=170a
    «configsetroot»=%SystemRoot%ConfigSetRoot
    «RoxioCentral»=C:Program Files (x86)Common FilesRoxio Shared10.0Roxio Central36
    «EMC_AUTOPLAY»=C:Program Files (x86)Common FilesRoxio Shared
    «SAFEBOOT_OPTION»=NETWORK

    EOF

  • Автор
    Сообщения
Просмотр 2 сообщений - с 1 по 2 (из 2 всего)
  • Для ответа в этой теме необходимо авторизоваться.
Войти

Добро пожаловать

На нашем сайте размещены инструкции и программы, которые помогут вам абсолютно бесплатно и самостоятельно удалить навязчивую рекламу, вирусы и трояны.

Поиск

Последние темы

  • Странность в Malwebytes опубликовано Artem225
    5 years, 10 months назад
  • SUSPICIOUS.FakedMBR.1 что делать, помогите!!! опубликовано White
    5 years, 10 months назад
  • Помогите пожалуйста вирус замучил. опубликовано dimazons1233211
    6 years, 1 month назад
  • Замучила реклама опубликовано Данила Беспятов
    6 years, 1 month назад
  • Замучила реклама опубликовано Марк
    5 years, 11 months назад
  • Вирус S1.video.ru.net опубликовано ludovik
    6 years, 4 months назад
  • Чертов Safe Finder!!!! опубликовано kosta savo
    6 years назад
  • ESET блокирует неизвестный сайт , вход на который не осуществлялся. опубликовано trollhamaren
    6 years, 5 months назад

СПАЙВАРЕ РУ

  • О Спайваре Ру
  • Контакты
  • Реклама на сайте
  • Политика конфиденциальности
  • Правила использования

Нужна помощь?

Задайте свой вопрос прямо сейчас кликнув по следующей ссылке Задать вопрос.

Или обратитесь на наш форум, где команда Spyware-ru поможет вам. Узнайте, как попросить о помощи здесь.

Ссылки

  • Инструкции
  • Скачать программы
  • Помощь в удалении вирусов
  • Как вылечить компьютер
Copyright © 2008 - 2024 Spyware-RU.com (en)