- This topic has 11 ответов, 2 участника, and was last updated 16 years, 1 month назад by
.
-
Сообщения
-
- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Помогите выскакивает заставка порно картинок незнаю как ее удалить.
Нажимаю свойства выскакивает название E21285C1_40E6_435c_A69F_3387E7BD89CB.jpg
Адрес URL file:///C:/Documents%20and%20Settings/ќLocal%20Settings/Temporary%20Internet%20Files/E21285C1_40E6_435c_A69F_3387E7BD89CB.jpg
Помогите я полный чайникЗдравствуйте, добро пожаловать на Spyware-ru форум.
Скачайте сканер RSIT кликнув по этой ссылке и сохраните файл на вашем рабочем столе.
* Дважды кликните по скачанному файлу.
* Если у вас есть файрвал (firewall) и он покажет, что программа RSIT пытается выйти в Интернет, то разрешите ей.
* Кликните по кнопке Continue.
* Когда программа закончит работу, будут показаны два лога (log.txt и info.txt).Вставьте оба RSIT лога в ваш ответ. Каждый лог в отдельное сообщение.
- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Добрый вечер сделал. Только теперь в инет через explorer не могу зайти ,только через мозилу.
Logfile of random’s system information tool 1.05 (written by random/random)
Run by С at 2009-03-12 20:50:19
Microsoft Windows XP Professional Service Pack 2
System drive C: has 21 GB (42%) free of 50 GB
Total RAM: 767 MB (58% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:50:23, on 12.03.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesLogitechSetPointLBTWiz.exe
C:Program FilesDrWebSpIDerAgent.exe
C:Program FilesDrWebspiderml.exe
C:PROGRA~1DrWebspiderui.exe
C:Program FilesWebMoney Agentwmagent.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
C:Program FilesLogitechSetPointSetPoint.exe
C:Program FilesCommon FilesLogitechKhalSharedKHALMNPR.EXE
C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
C:Program FilesIVT CorporationBlueSoleilBlueSoleil_.exe
C:PROGRA~1DrWebspidernt.exe
C:WINDOWSsystem32wuauclt.exe
E:Program FilesMozilla Firefoxfirefox.exe
C:Documents and SettingsСРабочий столRSIT(2).exe
C:Program Filestrend microС.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:8600
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: fxklibP — {42C864C8-E1F9-4546-92E2-BCBA0E0AFB94} — C:Documents and SettingsAll Users.WINDOWSApplication Datafxklib.dll (file missing)
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 — BHO: TBSB03223 — {B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O3 — Toolbar: &Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 — Toolbar: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O4 — HKLM..Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 — HKLM..Run: [DrWebScheduler] «C:Program FilesDrWebDRWEBSCD.EXE»
O4 — HKLM..Run: [SpIDerAgent] «C:Program FilesDrWebSpIDerAgent.exe»
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWebspiderml.exe»
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DrWebspiderui.exe /agent
O4 — HKLM..Run: [wmagent.exe] «C:Program FilesWebMoney Agentwmagent.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: BlueSoleil.lnk = C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
O4 — Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 — Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointSetPoint.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O9 — Extra ‘Tools’ menuitem: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O18 — Protocol: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — C:Program FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O23 — Service: Dr.Web Scanning Engine (DrWebEngine) (DrWebEngine) — Doctor Web, Ltd. — C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Logitech Bluetooth Service (LBTServ) — Logitech, Inc. — C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DrWebspidernt.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Windows Security Guard (winsecguard) — Unknown owner — C:WINDOWSsystem32zpx2.exe (file missing)
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 6572 bytes======Scheduled tasks folder======
C:WINDOWStasksDr.Web Daily scan.job
C:WINDOWStasksDr.Web Update.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{42C864C8-E1F9-4546-92E2-BCBA0E0AFB94}]
DST Data Feeder — C:Documents and SettingsAll Users.WINDOWSApplication Datafxklib.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-03-10 251504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2009-03-10 657904][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10}]
TBSB03223 Class — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll [2008-09-05 2409472][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll [2009-03-10 522224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-03-10 251504]
{3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — WebMoney Advisor — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll [2008-09-05 2409472][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Bluetooth Connection Assistant»=LBTWIZ.EXE -silent []
«DrWebScheduler»=C:Program FilesDrWebDRWEBSCD.EXE []
«SpIDerAgent»=C:Program FilesDrWebSpIDerAgent.exe [2009-02-19 423152]
«SpIDerMail»=C:Program FilesDrWebspiderml.exe [2009-03-05 640240]
«SpIDerNT»=C:PROGRA~1DrWebspiderui.exe [2008-12-09 197896]
«wmagent.exe»=C:Program FilesWebMoney Agentwmagent.exe [2008-10-01 209376][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2007-07-23 68856]C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
BlueSoleil.lnk — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
Logitech Desktop Messenger.lnk — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
Logitech SetPoint.lnk — C:Program FilesLogitechSetPointSetPoint.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyLBTWlgn]
c:program filescommon fileslogishrdbluetoothLBTWlgn.dll [2007-07-26 72208][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdfLoadGroup]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesIVT CorporationBlueSoleilBlueSoleil_.exe»=»C:Program FilesIVT CorporationBlueSoleilBlueSoleil_.exe:*:Enabled:BlueSoleil»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»
«C:Program FilesWebMoneyWebMoney.exe»=»C:Program FilesWebMoneyWebMoney.exe:*:Disabled:WebMoney Keeper Classic Runner Module»
«E:Program FilesPetabyte.RuStrongDc2StrongDC.exe»=»E:Program FilesPetabyte.RuStrongDc2StrongDC.exe:*:Enabled:StrongDC++»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»======List of files/folders created in the last 1 months======
2009-03-12 20:47:21 —-D—- C:Documents and SettingsСApplication DataMozilla
2009-03-12 16:02:02 —-D—- C:Program Filestrend micro
2009-03-12 16:02:00 —-D—- C:rsit
2009-03-12 00:34:39 —-D—- C:Program FilesCommon Files{6EA9B29A-C801-4F76-805F-E41ACF9ED16Z}
2009-03-11 23:14:47 —-D—- C:Documents and SettingsСApplication DataWebMoney
2009-03-11 23:10:55 —-D—- C:Program FilesWebMoney Agent
2009-03-11 23:10:50 —-AD—- C:Documents and SettingsAll Users.WINDOWSApplication DataTEMP
2009-03-11 23:09:15 —-D—- C:Program FilesWebMoney
2009-03-11 22:30:55 —-D—- C:Program FilesWebMoney Advisor
2009-03-09 19:26:32 —-D—- C:Documents and SettingsСApplication DataAdobe
2009-03-09 18:54:31 —-D—- C:WINDOWSRegisteredPackages
2009-03-09 18:52:26 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2009-03-09 18:52:24 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2009-03-09 18:28:07 —-D—- C:WINDOWSMinidump
2009-03-09 18:25:44 —-D—- C:Documents and SettingsСApplication DataGoogle
2009-03-08 11:35:07 —-A—- C:WINDOWSsystem32h323log.txt
2009-03-08 11:32:29 —-A—- C:WINDOWSsystem32wshirda.dll
2009-03-08 11:32:29 —-A—- C:WINDOWSsystem32irmon.dll
2009-03-08 11:32:29 —-A—- C:WINDOWSsystem32irftp.exe
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ativvaxx.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati3duag.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati3d1ag.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati2dvag.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati2cqag.dll
2009-03-08 11:31:39 —-A—- C:WINDOWSsystem32usbui.dll
2009-03-08 11:30:11 —-A—- C:WINDOWSimsins.BAK
2009-03-08 11:30:08 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-03-08 11:30:06 —-A—- C:WINDOWSODBCINST.INI
2009-03-08 11:30:01 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-03-08 11:30:01 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-03-08 11:30:01 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdycc.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbduzb.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdur.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdtat.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdmon.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdkyr.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdkaz.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdbu.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdblr.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdaze.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32irclass.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-03-08 11:29:52 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-03-08 11:29:51 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-03-08 11:29:51 —-A—- C:WINDOWSTASKMAN.EXE
2009-03-08 11:29:50 —-A—- C:WINDOWSsystem32batt.dll
2009-03-08 11:29:50 —-A—- C:WINDOWSNOTEPAD.EXE
2009-03-08 11:29:49 —-A—- C:WINDOWSsystem32storprop.dll
2009-03-08 11:29:41 —-ASH—- C:Documents and SettingsAll Users.WINDOWSApplication Datadesktop.ini
2009-03-08 11:29:37 —-RA—- C:WINDOWSSET8.tmp
2009-03-08 11:29:35 —-RA—- C:WINDOWSSET4.tmp
2009-03-08 11:29:34 —-RA—- C:WINDOWSSET3.tmp
2009-03-08 11:29:29 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-08 11:29:29 —-D—- C:WINDOWSsystem32CatRoot
2009-03-08 11:29:23 —-SD—- C:Documents and SettingsAll Users.WINDOWSApplication DataMicrosoft
2009-03-08 11:29:06 —-A—- C:WINDOWSsetuplog.txt
2009-03-08 11:24:14 —-RSD—- C:WINDOWSFonts
2009-03-08 11:24:14 —-RD—- C:WINDOWSWeb
2009-03-08 11:24:14 —-HD—- C:WINDOWSinf
2009-03-08 11:24:14 —-D—- C:WINDOWSWinSxS
2009-03-08 11:24:14 —-D—- C:WINDOWStwain_32
2009-03-08 11:24:14 —-D—- C:WINDOWSTemp
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32wins
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32wbem
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32usmt
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32spool
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32ShellExt
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32Setup
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32ras
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32oobe
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32npp
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32mui
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32inetsrv
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32IME
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32icsxml
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32ias
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32export
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32drivers
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32dhcp
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32config
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem323com_dmi
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem323076
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem322052
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321054
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321049
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321042
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321041
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321037
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321033
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321031
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321028
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321025
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem
2009-03-08 11:24:14 —-D—- C:WINDOWSsecurity
2009-03-08 11:24:14 —-D—- C:WINDOWSResources
2009-03-08 11:24:14 —-D—- C:WINDOWSrepair
2009-03-08 11:24:14 —-D—- C:WINDOWSProvisioning
2009-03-08 11:24:14 —-D—- C:WINDOWSPeerNet
2009-03-08 11:24:14 —-D—- C:WINDOWSpchealth
2009-03-08 11:24:14 —-D—- C:WINDOWSmui
2009-03-08 11:24:14 —-D—- C:WINDOWSmsapps
2009-03-08 11:24:14 —-D—- C:WINDOWSmsagent
2009-03-08 11:24:14 —-D—- C:WINDOWSMedia
2009-03-08 11:24:14 —-D—- C:WINDOWSjava
2009-03-08 11:24:14 —-D—- C:WINDOWSime
2009-03-08 11:24:14 —-D—- C:WINDOWSHelp
2009-03-08 11:24:14 —-D—- C:WINDOWSehome
2009-03-08 11:24:14 —-D—- C:WINDOWSDriver Cache
2009-03-08 11:24:14 —-D—- C:WINDOWSDebug
2009-03-08 11:24:14 —-D—- C:WINDOWSCursors
2009-03-08 11:24:14 —-D—- C:WINDOWSConnection Wizard
2009-03-08 11:24:14 —-D—- C:WINDOWSConfig
2009-03-08 11:24:14 —-D—- C:WINDOWSAppPatch
2009-03-08 11:24:14 —-D—- C:WINDOWSaddins
2009-03-08 10:50:35 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataGoogle
2009-03-08 10:47:17 —-D—- C:Documents and SettingsСApplication DataMacromedia
2009-03-08 10:25:50 —-D—- C:Program FilesCommon FilesDoctor Web
2009-03-08 10:25:50 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataDoctor Web
2009-03-08 09:52:22 —-A—- C:WINDOWSODBC.INI
2009-03-08 09:52:19 —-A—- C:WINDOWSsystem32mdimon.dll
2009-03-08 09:51:20 —-D—- C:WINDOWSSHELLNEW
2009-03-08 09:07:39 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataLogiShrd
2009-03-08 09:07:19 —-D—- C:Documents and SettingsСApplication DataLogitech
2009-03-08 09:06:55 —-D—- C:Program FilesCommon FilesLogiShared
2009-03-08 09:06:46 —-R—- C:WINDOWSbwUnin-8.1.1.50-8876480SL.exe
2009-03-08 09:06:01 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-03-08 09:05:57 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-03-08 09:05:48 —-A—- C:WINDOWSsystem32BtCoreIf.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32KemXML.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32KemWnd.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32KemUtil.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32kemutb.dll
2009-03-08 09:05:44 —-D—- C:Program FilesCommon FilesLogiShrd
2009-03-08 09:05:38 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataLogitech
2009-03-08 09:05:36 —-D—- C:Program FilesCommon FilesLogitech
2009-03-08 09:05:32 —-D—- C:Program FilesLogitech
2009-03-08 09:05:31 —-D—- C:Documents and SettingsСApplication DataInstallShield
2009-03-08 08:59:35 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataBluetooth
2009-03-08 08:58:03 —-A—- C:WINDOWSsystem32ksuser.dll
2009-03-08 08:57:54 —-D—- C:Program FilesIVT Corporation
2009-03-08 08:48:01 —-D—- C:Documents and SettingsСApplication DataIdentities
2009-03-08 08:47:53 —-ASH—- C:Documents and SettingsСApplication Datadesktop.ini
2009-03-08 08:47:52 —-SD—- C:Documents and SettingsСApplication DataMicrosoft
2009-03-08 08:46:43 —-D—- C:WINDOWSSoftwareDistribution
2009-03-08 08:46:29 —-D—- C:WINDOWSPrefetch
2009-03-08 08:46:28 —-SD—- C:WINDOWSsystem32Microsoft
2009-03-08 08:46:28 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-08 08:42:16 —-D—- C:WINDOWSsystem32xircom
2009-03-08 08:41:56 —-A—- C:WINDOWScontrol.ini
2009-03-08 08:41:39 —-A—- C:WINDOWSOEWABLog.txt
2009-03-08 08:41:34 —-A—- C:WINDOWSsystem32mapi32.dll
2009-03-08 08:40:30 —-SD—- C:WINDOWSDownloaded Program Files
2009-03-08 08:40:30 —-RD—- C:WINDOWSOffline Web Pages
2009-03-08 08:40:30 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-03-08 08:40:22 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-03-08 08:39:58 —-D—- C:WINDOWSsystem32DirectX
2009-03-08 08:39:42 —-A—- C:WINDOWSsystem32atrace.dll
2009-03-08 08:39:40 —-A—- C:WINDOWSsystem32desktop.ini
2009-03-08 08:39:40 —-A—- C:WINDOWSdesktop.ini
2009-03-08 08:39:35 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-03-08 08:39:35 —-A—- C:WINDOWSsystem32acctres.dll
2009-03-08 08:39:34 —-SD—- C:WINDOWSTasks
2009-03-08 08:39:34 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-03-08 08:39:31 —-D—- C:WINDOWSsrchasst
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuweb.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wups.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wucltui.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuapi.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32qmgr.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32safrslv.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32safrdm.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-03-08 08:39:20 —-D—- C:WINDOWSsystem32Restore
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32srsvc.dll
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32srrstr.dll
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32fltMc.exe
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32fltlib.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32srclient.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32msconf.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32ils.dll
2009-03-08 08:39:17 —-A—- C:WINDOWSsystem32msoert2.dll
2009-03-08 08:39:16 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-03-08 08:39:16 —-A—- C:WINDOWSsystem32inetres.dll
2009-03-08 08:39:15 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-03-08 08:39:14 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-03-08 08:39:14 —-A—- C:WINDOWSsystem32mstinit.exe
2009-03-08 08:39:14 —-A—- C:WINDOWSsystem32mstask.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32isign32.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32icwdial.dll
2009-03-08 08:38:24 —-A—- C:WINDOWSvbaddin.ini
2009-03-08 08:38:24 —-A—- C:WINDOWSvb.ini
2009-03-08 08:38:20 —-D—- C:WINDOWSRegistration
2009-03-08 08:38:06 —-A—- C:WINDOWSsystem32write.exe
2009-03-08 08:38:01 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-03-08 08:38:01 —-A—- C:WINDOWSsystem32hticons.dll
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32winchat.exe
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32avwav.dll
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32avtapi.dll
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32avmeter.dll
2009-03-08 08:37:55 —-A—- C:WINDOWSsystem32getuname.dll
2009-03-08 08:37:55 —-A—- C:WINDOWSsystem32charmap.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32winmine.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32sol.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32mshearts.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32calc.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tslabels.ini
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tskill.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tscon.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32shadow.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32reset.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32regini.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32msg.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32logoff.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32freecell.exe
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32mtxex.dll
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32stclient.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32comsnap.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32comrepl.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32comaddin.dll
2009-03-08 08:37:47 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-03-08 08:37:46 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-03-08 08:37:46 —-A—- C:WINDOWSsystem32mplay32.exe
2009-03-08 08:37:46 —-A—- C:WINDOWSsystem32accwiz.exe
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32spider.exe
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32mspaint.exe
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32remotepg.dll
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32rdshost.exe
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32mstscax.dll
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32mstsc.exe
2009-03-08 08:37:43 —-D—- C:WINDOWSsystem32MsDtc
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32termsrv.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdchost.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32qprocess.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32icaapi.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtc.exe
2009-03-08 08:37:41 —-D—- C:WINDOWSsystem32Com
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32colbact.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32catsrv.dll
2009-03-08 08:37:40 —-A—- C:WINDOWSsystem32comuid.dll
2009-03-08 08:37:40 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32servdeps.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32licwmi.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32cmprops.dll
2009-03-07 15:37:29 —-SH—- C:BOOT.BAK
2009-03-07 15:37:13 —-D—- C:$WIN_NT$.~BT======List of files/folders modified in the last 1 months======
2009-03-12 20:47:25 —-D—- C:WINDOWS
2009-03-12 20:17:49 —-D—- C:Program FilesDrWeb
2009-03-12 16:02:02 —-RD—- C:Program Files
2009-03-12 14:56:20 —-D—- C:WINDOWSsystem32
2009-03-12 00:34:39 —-D—- C:Program FilesCommon Files
2009-03-11 09:05:31 —-D—- C:Program FilesGoogle
2009-03-10 20:30:16 —-SHD—- C:WINDOWSInstaller
2009-03-10 20:30:16 —-D—- C:Config.Msi
2009-03-09 19:08:52 —-D—- C:Program FilesNero
2009-03-09 18:55:40 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-08 11:30:03 —-A—- C:WINDOWSsystem.ini
2009-03-08 11:24:12 —-HDC—- C:WINDOWS$NtUninstallKB835732$
2009-03-08 10:48:50 —-D—- C:WINDOWSsystem32Macromed
2009-03-08 10:08:19 —-HD—- C:Program FilesInstallShield Installation Information
2009-03-08 09:52:08 —-A—- C:WINDOWSwin.ini
2009-03-08 09:51:52 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-03-08 09:51:33 —-D—- C:Program FilesMicrosoft Office
2009-03-08 09:51:21 —-D—- C:Program FilesCommon FilesSystem
2009-03-08 09:42:42 —-D—- C:Program FilesWinRAR
2009-03-08 09:19:25 —-SHD—- C:RECYCLER
2009-03-08 08:47:52 —-D—- C:Documents and Settings
2009-03-08 08:46:42 —-SHD—- C:System Volume Information
2009-03-08 08:39:30 —-D—- C:Program FilesWindows Media Player
2009-03-08 08:39:27 —-D—- C:Program FilesMovie Maker
2009-03-08 08:39:18 —-D—- C:Program FilesNetMeeting
2009-03-08 08:39:16 —-D—- C:Program FilesOutlook Express
2009-03-08 08:39:09 —-D—- C:Program FilesInternet Explorer
2009-03-08 08:38:07 —-D—- C:Program FilesMessenger
2009-03-08 08:37:45 —-D—- C:Program FilesWindows NT
2009-03-08 08:35:10 —-SH—- C:boot.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]
R2 irda;ИК-протокол IrDA; C:WINDOWSsystem32DRIVERSirda.sys [2004-08-04 87424]
R2 SPIDER;SpIDer Guard File System Monitor; ??C:PROGRA~1DrWebspider.sys []
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2004-08-17 701440]
R3 BlueletAudio;Bluetooth Audio Service; C:WINDOWSsystem32DRIVERSblueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:WINDOWSsystem32DRIVERSBlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:WINDOWSsystem32DRIVERSbtnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WINDOWSSystem32Driversbtcusb.sys [2007-05-09 36496]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-10-20 9600]
R3 irsir;Драйвер для инфракрасного последовательного порта Microsoft; C:WINDOWSsystem32DRIVERSirsir.sys [2001-08-18 18688]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:WINDOWSsystem32DRIVERSL8042Kbd.sys [2007-06-12 20496]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-20 12160]
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2001-08-18 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2001-10-20 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-04 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 VComm;Virtual Serial port driver; C:WINDOWSsystem32DRIVERSVComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:WINDOWSSystem32DriversVcommMgr.sys [2007-03-05 44304]
R3 VHidMinidrv;Bluetooth HID Device Service; C:WINDOWSsystem32driversVHIDMini.sys [2007-03-05 19472]
S3 CD-Lock;CD-Lock; ??D:cdm.sys []
S3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine); C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe [2009-01-21 886072]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 LBTServ;Logitech Bluetooth Service; C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe [2007-07-26 121360]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DrWebspidernt.exe [2008-12-09 197896]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
S2 winsecguard;Windows Security Guard; C:WINDOWSsystem32zpx2.exe winsecguard C:Program FilesCommon Files{6EA9B29A-C801-4F76-805F-E41ACF9ED16Z}components []
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-03-10 137200]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите OTMoveIt3 и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:services
winsecguard
:reg
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{42C864C8-E1F9-4546-92E2-BCBA0E0AFB94}]
:files
C:WINDOWSsystem32zpx2.exe
C:Program FilesCommon Files{6EA9B29A-C801-4F76-805F-E41ACF9ED16Z}
C:Documents and SettingsAll Users.WINDOWSApplication Datafxklib.dll
:Commands
[emptytemp]
[start explorer]
[Reboot]Проверьте вставленный скрипт, если слева перед директивами появились пробелы, то удалите их, скрипт должен выглядеть так же как в сообщении. Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMoveItMovedFiles.Запустите HijackThis, для этого кликните Пуск, Выполнить, введите
C:Program Filestrend microС.exeи нажмите Enter.
Кликните по кнопке Do a system scan only.
Далее отметьте галочкой (слева) следующие строки, если они присутствуют:R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:8600Закройте все запущенные программы (включая InternetExplorer) и окна Windows.
Кликните по кнопке Fix checked и подтвердите свои действия выбрав YES.
Перезагрузите компьютер.Проверьте IE в работе.
Вставьте в ваше ответное сообщение OTMoveIt лог и свежий RSIT лог.
- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Ответ от RSIT лог
Logfile of random’s system information tool 1.05 (written by random/random)
Run by С at 2009-03-13 23:40:28
Microsoft Windows XP Professional Service Pack 2
System drive C: has 22 GB (43%) free of 50 GB
Total RAM: 767 MB (58% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:40:32, on 13.03.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesLogitechSetPointLBTWiz.exe
C:Program FilesDrWebSpIDerAgent.exe
C:Program FilesDrWebspiderml.exe
C:PROGRA~1DrWebspiderui.exe
C:Program FilesWebMoney Agentwmagent.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
C:Program FilesLogitechSetPointSetPoint.exe
C:Program FilesIVT CorporationBlueSoleilBlueSoleil_.exe
C:Program FilesCommon FilesLogitechKhalSharedKHALMNPR.EXE
C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
C:PROGRA~1DrWebspidernt.exe
E:Program FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsСРабочий столOTMoveIt3.exe
C:Documents and SettingsСРабочий столRSIT(2).exe
C:Program Filestrend microС.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 — BHO: TBSB03223 — {B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O3 — Toolbar: &Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 — Toolbar: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O4 — HKLM..Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 — HKLM..Run: [DrWebScheduler] «C:Program FilesDrWebDRWEBSCD.EXE»
O4 — HKLM..Run: [SpIDerAgent] «C:Program FilesDrWebSpIDerAgent.exe»
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWebspiderml.exe»
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DrWebspiderui.exe /agent
O4 — HKLM..Run: [wmagent.exe] «C:Program FilesWebMoney Agentwmagent.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: BlueSoleil.lnk = C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
O4 — Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 — Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointSetPoint.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O9 — Extra ‘Tools’ menuitem: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O18 — Protocol: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — C:Program FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O23 — Service: Dr.Web Scanning Engine (DrWebEngine) (DrWebEngine) — Doctor Web, Ltd. — C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Logitech Bluetooth Service (LBTServ) — Logitech, Inc. — C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DrWebspidernt.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 6259 bytes======Scheduled tasks folder======
C:WINDOWStasksDr.Web Daily scan.job
C:WINDOWStasksDr.Web Update.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-03-10 251504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2009-03-10 657904][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10}]
TBSB03223 Class — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll [2008-09-05 2409472][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll [2009-03-10 522224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-03-10 251504]
{3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — WebMoney Advisor — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll [2008-09-05 2409472][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Bluetooth Connection Assistant»=LBTWIZ.EXE -silent []
«DrWebScheduler»=C:Program FilesDrWebDRWEBSCD.EXE []
«SpIDerAgent»=C:Program FilesDrWebSpIDerAgent.exe [2009-02-19 423152]
«SpIDerMail»=C:Program FilesDrWebspiderml.exe [2009-03-05 640240]
«SpIDerNT»=C:PROGRA~1DrWebspiderui.exe [2008-12-09 197896]
«wmagent.exe»=C:Program FilesWebMoney Agentwmagent.exe [2008-10-01 209376][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2007-07-23 68856]C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
BlueSoleil.lnk — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
Logitech Desktop Messenger.lnk — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
Logitech SetPoint.lnk — C:Program FilesLogitechSetPointSetPoint.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyLBTWlgn]
c:program filescommon fileslogishrdbluetoothLBTWlgn.dll [2007-07-26 72208][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdfLoadGroup]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesIVT CorporationBlueSoleilBlueSoleil_.exe»=»C:Program FilesIVT CorporationBlueSoleilBlueSoleil_.exe:*:Enabled:BlueSoleil»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»
«C:Program FilesWebMoneyWebMoney.exe»=»C:Program FilesWebMoneyWebMoney.exe:*:Disabled:WebMoney Keeper Classic Runner Module»
«E:Program FilesPetabyte.RuStrongDc2StrongDC.exe»=»E:Program FilesPetabyte.RuStrongDc2StrongDC.exe:*:Enabled:StrongDC++»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{5cf00531-0bba-11de-bbdc-806d6172696f}]
shellAutoRuncommand — F:dvd.exe======List of files/folders created in the last 1 months======
2009-03-13 23:21:55 —-D—- C:_OTMoveIt
2009-03-12 20:47:21 —-D—- C:Documents and SettingsСApplication DataMozilla
2009-03-12 16:02:02 —-D—- C:Program Filestrend micro
2009-03-12 16:02:00 —-D—- C:rsit
2009-03-11 23:14:47 —-D—- C:Documents and SettingsСApplication DataWebMoney
2009-03-11 23:10:55 —-D—- C:Program FilesWebMoney Agent
2009-03-11 23:10:50 —-AD—- C:Documents and SettingsAll Users.WINDOWSApplication DataTEMP
2009-03-11 23:09:15 —-D—- C:Program FilesWebMoney
2009-03-11 22:30:55 —-D—- C:Program FilesWebMoney Advisor
2009-03-09 19:26:32 —-D—- C:Documents and SettingsСApplication DataAdobe
2009-03-09 18:54:31 —-D—- C:WINDOWSRegisteredPackages
2009-03-09 18:52:26 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2009-03-09 18:52:24 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2009-03-09 18:28:07 —-D—- C:WINDOWSMinidump
2009-03-09 18:25:44 —-D—- C:Documents and SettingsСApplication DataGoogle
2009-03-08 11:35:07 —-A—- C:WINDOWSsystem32h323log.txt
2009-03-08 11:32:29 —-A—- C:WINDOWSsystem32wshirda.dll
2009-03-08 11:32:29 —-A—- C:WINDOWSsystem32irmon.dll
2009-03-08 11:32:29 —-A—- C:WINDOWSsystem32irftp.exe
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ativvaxx.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati3duag.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati3d1ag.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati2dvag.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati2cqag.dll
2009-03-08 11:31:39 —-A—- C:WINDOWSsystem32usbui.dll
2009-03-08 11:30:11 —-A—- C:WINDOWSimsins.BAK
2009-03-08 11:30:08 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-03-08 11:30:06 —-A—- C:WINDOWSODBCINST.INI
2009-03-08 11:30:01 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-03-08 11:30:01 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-03-08 11:30:01 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdycc.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbduzb.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdur.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdtat.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdmon.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdkyr.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdkaz.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdbu.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdblr.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdaze.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32irclass.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-03-08 11:29:52 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-03-08 11:29:51 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-03-08 11:29:51 —-A—- C:WINDOWSTASKMAN.EXE
2009-03-08 11:29:50 —-A—- C:WINDOWSsystem32batt.dll
2009-03-08 11:29:50 —-A—- C:WINDOWSNOTEPAD.EXE
2009-03-08 11:29:49 —-A—- C:WINDOWSsystem32storprop.dll
2009-03-08 11:29:41 —-ASH—- C:Documents and SettingsAll Users.WINDOWSApplication Datadesktop.ini
2009-03-08 11:29:37 —-RA—- C:WINDOWSSET8.tmp
2009-03-08 11:29:35 —-RA—- C:WINDOWSSET4.tmp
2009-03-08 11:29:34 —-RA—- C:WINDOWSSET3.tmp
2009-03-08 11:29:29 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-08 11:29:29 —-D—- C:WINDOWSsystem32CatRoot
2009-03-08 11:29:23 —-SD—- C:Documents and SettingsAll Users.WINDOWSApplication DataMicrosoft
2009-03-08 11:29:06 —-A—- C:WINDOWSsetuplog.txt
2009-03-08 11:24:14 —-RSD—- C:WINDOWSFonts
2009-03-08 11:24:14 —-RD—- C:WINDOWSWeb
2009-03-08 11:24:14 —-HD—- C:WINDOWSinf
2009-03-08 11:24:14 —-D—- C:WINDOWSWinSxS
2009-03-08 11:24:14 —-D—- C:WINDOWStwain_32
2009-03-08 11:24:14 —-D—- C:WINDOWSTemp
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32wins
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32wbem
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32usmt
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32spool
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32ShellExt
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32Setup
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32ras
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32oobe
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32npp
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32mui
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32inetsrv
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32IME
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32icsxml
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32ias
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32export
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32drivers
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32dhcp
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32config
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem323com_dmi
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem323076
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem322052
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321054
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321049
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321042
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321041
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321037
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321033
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321031
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321028
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321025
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem
2009-03-08 11:24:14 —-D—- C:WINDOWSsecurity
2009-03-08 11:24:14 —-D—- C:WINDOWSResources
2009-03-08 11:24:14 —-D—- C:WINDOWSrepair
2009-03-08 11:24:14 —-D—- C:WINDOWSProvisioning
2009-03-08 11:24:14 —-D—- C:WINDOWSPeerNet
2009-03-08 11:24:14 —-D—- C:WINDOWSpchealth
2009-03-08 11:24:14 —-D—- C:WINDOWSmui
2009-03-08 11:24:14 —-D—- C:WINDOWSmsapps
2009-03-08 11:24:14 —-D—- C:WINDOWSmsagent
2009-03-08 11:24:14 —-D—- C:WINDOWSMedia
2009-03-08 11:24:14 —-D—- C:WINDOWSjava
2009-03-08 11:24:14 —-D—- C:WINDOWSime
2009-03-08 11:24:14 —-D—- C:WINDOWSHelp
2009-03-08 11:24:14 —-D—- C:WINDOWSehome
2009-03-08 11:24:14 —-D—- C:WINDOWSDriver Cache
2009-03-08 11:24:14 —-D—- C:WINDOWSDebug
2009-03-08 11:24:14 —-D—- C:WINDOWSCursors
2009-03-08 11:24:14 —-D—- C:WINDOWSConnection Wizard
2009-03-08 11:24:14 —-D—- C:WINDOWSConfig
2009-03-08 11:24:14 —-D—- C:WINDOWSAppPatch
2009-03-08 11:24:14 —-D—- C:WINDOWSaddins
2009-03-08 10:50:35 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataGoogle
2009-03-08 10:47:17 —-D—- C:Documents and SettingsСApplication DataMacromedia
2009-03-08 10:25:50 —-D—- C:Program FilesCommon FilesDoctor Web
2009-03-08 10:25:50 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataDoctor Web
2009-03-08 09:52:22 —-A—- C:WINDOWSODBC.INI
2009-03-08 09:52:19 —-A—- C:WINDOWSsystem32mdimon.dll
2009-03-08 09:51:20 —-D—- C:WINDOWSSHELLNEW
2009-03-08 09:07:39 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataLogiShrd
2009-03-08 09:07:19 —-D—- C:Documents and SettingsСApplication DataLogitech
2009-03-08 09:06:55 —-D—- C:Program FilesCommon FilesLogiShared
2009-03-08 09:06:46 —-R—- C:WINDOWSbwUnin-8.1.1.50-8876480SL.exe
2009-03-08 09:06:01 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-03-08 09:05:57 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-03-08 09:05:48 —-A—- C:WINDOWSsystem32BtCoreIf.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32KemXML.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32KemWnd.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32KemUtil.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32kemutb.dll
2009-03-08 09:05:44 —-D—- C:Program FilesCommon FilesLogiShrd
2009-03-08 09:05:38 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataLogitech
2009-03-08 09:05:36 —-D—- C:Program FilesCommon FilesLogitech
2009-03-08 09:05:32 —-D—- C:Program FilesLogitech
2009-03-08 09:05:31 —-D—- C:Documents and SettingsСApplication DataInstallShield
2009-03-08 08:59:35 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataBluetooth
2009-03-08 08:58:03 —-A—- C:WINDOWSsystem32ksuser.dll
2009-03-08 08:57:54 —-D—- C:Program FilesIVT Corporation
2009-03-08 08:48:01 —-D—- C:Documents and SettingsСApplication DataIdentities
2009-03-08 08:47:53 —-ASH—- C:Documents and SettingsСApplication Datadesktop.ini
2009-03-08 08:47:52 —-SD—- C:Documents and SettingsСApplication DataMicrosoft
2009-03-08 08:46:43 —-D—- C:WINDOWSSoftwareDistribution
2009-03-08 08:46:29 —-D—- C:WINDOWSPrefetch
2009-03-08 08:46:28 —-SD—- C:WINDOWSsystem32Microsoft
2009-03-08 08:46:28 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-08 08:42:16 —-D—- C:WINDOWSsystem32xircom
2009-03-08 08:41:56 —-A—- C:WINDOWScontrol.ini
2009-03-08 08:41:39 —-A—- C:WINDOWSOEWABLog.txt
2009-03-08 08:41:34 —-A—- C:WINDOWSsystem32mapi32.dll
2009-03-08 08:40:30 —-SD—- C:WINDOWSDownloaded Program Files
2009-03-08 08:40:30 —-RD—- C:WINDOWSOffline Web Pages
2009-03-08 08:40:30 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-03-08 08:40:22 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-03-08 08:39:58 —-D—- C:WINDOWSsystem32DirectX
2009-03-08 08:39:42 —-A—- C:WINDOWSsystem32atrace.dll
2009-03-08 08:39:40 —-A—- C:WINDOWSsystem32desktop.ini
2009-03-08 08:39:40 —-A—- C:WINDOWSdesktop.ini
2009-03-08 08:39:35 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-03-08 08:39:35 —-A—- C:WINDOWSsystem32acctres.dll
2009-03-08 08:39:34 —-SD—- C:WINDOWSTasks
2009-03-08 08:39:34 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-03-08 08:39:31 —-D—- C:WINDOWSsrchasst
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuweb.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wups.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wucltui.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuapi.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32qmgr.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32safrslv.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32safrdm.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-03-08 08:39:20 —-D—- C:WINDOWSsystem32Restore
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32srsvc.dll
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32srrstr.dll
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32fltMc.exe
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32fltlib.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32srclient.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32msconf.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32ils.dll
2009-03-08 08:39:17 —-A—- C:WINDOWSsystem32msoert2.dll
2009-03-08 08:39:16 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-03-08 08:39:16 —-A—- C:WINDOWSsystem32inetres.dll
2009-03-08 08:39:15 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-03-08 08:39:14 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-03-08 08:39:14 —-A—- C:WINDOWSsystem32mstinit.exe
2009-03-08 08:39:14 —-A—- C:WINDOWSsystem32mstask.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32isign32.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32icwdial.dll
2009-03-08 08:38:24 —-A—- C:WINDOWSvbaddin.ini
2009-03-08 08:38:24 —-A—- C:WINDOWSvb.ini
2009-03-08 08:38:20 —-D—- C:WINDOWSRegistration
2009-03-08 08:38:06 —-A—- C:WINDOWSsystem32write.exe
2009-03-08 08:38:01 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-03-08 08:38:01 —-A—- C:WINDOWSsystem32hticons.dll
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32winchat.exe
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32avwav.dll
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32avtapi.dll
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32avmeter.dll
2009-03-08 08:37:55 —-A—- C:WINDOWSsystem32getuname.dll
2009-03-08 08:37:55 —-A—- C:WINDOWSsystem32charmap.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32winmine.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32sol.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32mshearts.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32calc.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tslabels.ini
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tskill.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tscon.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32shadow.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32reset.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32regini.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32msg.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32logoff.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32freecell.exe
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32mtxex.dll
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32stclient.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32comsnap.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32comrepl.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32comaddin.dll
2009-03-08 08:37:47 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-03-08 08:37:46 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-03-08 08:37:46 —-A—- C:WINDOWSsystem32mplay32.exe
2009-03-08 08:37:46 —-A—- C:WINDOWSsystem32accwiz.exe
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32spider.exe
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32mspaint.exe
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32remotepg.dll
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32rdshost.exe
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32mstscax.dll
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32mstsc.exe
2009-03-08 08:37:43 —-D—- C:WINDOWSsystem32MsDtc
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32termsrv.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdchost.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32qprocess.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32icaapi.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtc.exe
2009-03-08 08:37:41 —-D—- C:WINDOWSsystem32Com
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32colbact.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32catsrv.dll
2009-03-08 08:37:40 —-A—- C:WINDOWSsystem32comuid.dll
2009-03-08 08:37:40 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32servdeps.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32licwmi.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32cmprops.dll
2009-03-07 15:37:29 —-SH—- C:BOOT.BAK
2009-03-07 15:37:13 —-D—- C:$WIN_NT$.~BT======List of files/folders modified in the last 1 months======
2009-03-13 23:27:04 —-D—- C:Program FilesDrWeb
2009-03-13 23:21:55 —-D—- C:Program FilesCommon Files
2009-03-12 20:47:25 —-D—- C:WINDOWS
2009-03-12 16:02:02 —-RD—- C:Program Files
2009-03-12 14:56:20 —-D—- C:WINDOWSsystem32
2009-03-11 09:05:31 —-D—- C:Program FilesGoogle
2009-03-10 20:30:16 —-SHD—- C:WINDOWSInstaller
2009-03-10 20:30:16 —-D—- C:Config.Msi
2009-03-09 19:08:52 —-D—- C:Program FilesNero
2009-03-09 18:55:40 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-08 11:30:03 —-A—- C:WINDOWSsystem.ini
2009-03-08 11:24:12 —-HDC—- C:WINDOWS$NtUninstallKB835732$
2009-03-08 10:48:50 —-D—- C:WINDOWSsystem32Macromed
2009-03-08 10:08:19 —-HD—- C:Program FilesInstallShield Installation Information
2009-03-08 09:52:08 —-A—- C:WINDOWSwin.ini
2009-03-08 09:51:52 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-03-08 09:51:33 —-D—- C:Program FilesMicrosoft Office
2009-03-08 09:51:21 —-D—- C:Program FilesCommon FilesSystem
2009-03-08 09:42:42 —-D—- C:Program FilesWinRAR
2009-03-08 09:19:25 —-SHD—- C:RECYCLER
2009-03-08 08:47:52 —-D—- C:Documents and Settings
2009-03-08 08:46:42 —-SHD—- C:System Volume Information
2009-03-08 08:39:30 —-D—- C:Program FilesWindows Media Player
2009-03-08 08:39:27 —-D—- C:Program FilesMovie Maker
2009-03-08 08:39:18 —-D—- C:Program FilesNetMeeting
2009-03-08 08:39:16 —-D—- C:Program FilesOutlook Express
2009-03-08 08:39:09 —-D—- C:Program FilesInternet Explorer
2009-03-08 08:38:07 —-D—- C:Program FilesMessenger
2009-03-08 08:37:45 —-D—- C:Program FilesWindows NT
2009-03-08 08:35:10 —-SH—- C:boot.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]
R2 irda;ИК-протокол IrDA; C:WINDOWSsystem32DRIVERSirda.sys [2004-08-04 87424]
R2 SPIDER;SpIDer Guard File System Monitor; ??C:PROGRA~1DrWebspider.sys []
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2004-08-17 701440]
R3 BlueletAudio;Bluetooth Audio Service; C:WINDOWSsystem32DRIVERSblueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:WINDOWSsystem32DRIVERSBlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:WINDOWSsystem32DRIVERSbtnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WINDOWSSystem32Driversbtcusb.sys [2007-05-09 36496]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-10-20 9600]
R3 irsir;Драйвер для инфракрасного последовательного порта Microsoft; C:WINDOWSsystem32DRIVERSirsir.sys [2001-08-18 18688]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:WINDOWSsystem32DRIVERSL8042Kbd.sys [2007-06-12 20496]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-20 12160]
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2001-08-18 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2001-10-20 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-04 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 VComm;Virtual Serial port driver; C:WINDOWSsystem32DRIVERSVComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:WINDOWSSystem32DriversVcommMgr.sys [2007-03-05 44304]
R3 VHidMinidrv;Bluetooth HID Device Service; C:WINDOWSsystem32driversVHIDMini.sys [2007-03-05 19472]
S3 CD-Lock;CD-Lock; ??D:cdm.sys []
Ответ RSL логS3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine); C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe [2009-01-21 886072]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 LBTServ;Logitech Bluetooth Service; C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe [2007-07-26 121360]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DrWebspidernt.exe [2008-12-09 197896]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-03-10 137200]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
Ответ от OTMoveIt
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service winsecguard .
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{42C864C8-E1F9-4546-92E2-BCBA0E0AFB94}\ not found.
========== FILES ==========
File/Folder C:WINDOWSsystem32zpx2.exe not found.
File/Folder C:Program FilesCommon Files{6EA9B29A-C801-4F76-805F-E41ACF9ED16Z} not found.
File/Folder C:Documents and SettingsAll Users.WINDOWSApplication Datafxklib.dll not found.
========== COMMANDS ==========
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
File delete failed. C:Documents and SettingsСLocal SettingsApplication DataMozillaFirefoxProfilesj7aiolht.defaultCache_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsСLocal SettingsApplication DataMozillaFirefoxProfilesj7aiolht.defaultCache_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsСLocal SettingsApplication DataMozillaFirefoxProfilesj7aiolht.defaultCache_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsСLocal SettingsApplication DataMozillaFirefoxProfilesj7aiolht.defaultCache_CACHE_MAP_ scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 03132009_234710
- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Что-то очень сильно тормозит и при запуске стало выскакивать»» spiderml.exe — Неверный образ»»и дальше Приложение или библиотека C:WINDOWSsystem32digeste.dll не является образом программы для Windows NT . Проверьте назначение установочного диска.
файл C:WINDOWSsystem32digeste.dll это троян.
Скиньте пожалуйста свежий RSIT лог.- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Высылаю свежий log .Заранее вас благолдарю
Logfile of random’s system information tool 1.05 (written by random/random)
Run by С at 2009-03-18 09:09:39
Microsoft Windows XP Professional Service Pack 2
System drive C: has 20 GB (40%) free of 50 GB
Total RAM: 767 MB (1% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:12:18, on 18.03.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesDrWebSpIDerAgent.exe
C:Program FilesDrWebspiderml.exe
C:PROGRA~1DrWebspiderui.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesIVT CorporationBlueSoleilBlueSoleil_.exe
C:Program FilesLogitechSetPointsys12241848
C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesNeroNero8Nero BackItUpNBService.exe
C:PROGRA~1DrWebspidernt.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe
C:Program FilesCommon FilesNeroLibNMIndexingService.exe
C:Program FilesCommon FilesNeroLibNMBgMonitor.exe
C:WINDOWSSystem32svchost.exe
C:Documents and SettingsС2570
C:WINDOWSSystem32svchost.exe
C:Program FilesNeroNero8Nero Homesys12241848
C:Documents and SettingsС4678
C:WINDOWSsystem32rundll32.exe
E:Program FilesMozilla Firefoxfirefox.exe
C:Documents and SettingsСРабочий столRSIT(2).exe
C:Program Filestrend microС.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 — BHO: TBSB03223 — {B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O3 — Toolbar: &Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 — Toolbar: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O4 — HKLM..Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 — HKLM..Run: [DrWebScheduler] «C:Program FilesDrWebDRWEBSCD.EXE»
O4 — HKLM..Run: [SpIDerAgent] «C:Program FilesDrWebSpIDerAgent.exe»
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWebspiderml.exe»
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DrWebspiderui.exe /agent
O4 — HKLM..Run: [wmagent.exe] «C:Program FilesWebMoney Agentwmagent.exe»
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesNeroLibNeroCheck.exe
O4 — HKLM..Run: [NBKeyScan] «C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesNeroLibNMBgMonitor.exe»
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: BlueSoleil.lnk = C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
O4 — Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 — Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointSetPoint.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O9 — Extra ‘Tools’ menuitem: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O18 — Protocol: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — C:Program FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O23 — Service: Dr.Web Scanning Engine (DrWebEngine) (DrWebEngine) — Doctor Web, Ltd. — C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Протокол HTTP SSL HTTPFilterTermService (HTTPFilterTermService) — Unknown owner — C:WINDOWSsystem32wpv531236951426.cpx.exe (file missing)
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Logitech Bluetooth Service (LBTServ) — Unknown owner — C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe (file missing)
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Nero BackItUp Scheduler 3 — Unknown owner — C:Program FilesNeroNero8Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DrWebspidernt.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 7007 bytes======Scheduled tasks folder======
C:WINDOWStasksDr.Web Daily scan.job
C:WINDOWStasksDr.Web Update.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-03-10 251504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2009-03-10 657904][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10}]
TBSB03223 Class — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll [2008-09-05 2409472][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll [2009-03-10 522224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-03-10 251504]
{3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — WebMoney Advisor — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll [2008-09-05 2409472][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Bluetooth Connection Assistant»=LBTWIZ.EXE -silent []
«DrWebScheduler»=C:Program FilesDrWebDRWEBSCD.EXE []
«SpIDerAgent»=C:Program FilesDrWebSpIDerAgent.exe [2009-02-19 423152]
«SpIDerMail»=C:Program FilesDrWebspiderml.exe [2009-03-05 640240]
«SpIDerNT»=C:PROGRA~1DrWebspiderui.exe [2008-12-09 197896]
«wmagent.exe»=C:Program FilesWebMoney Agentwmagent.exe []
«NeroFilterCheck»=C:Program FilesCommon FilesNeroLibNeroCheck.exe [2007-03-01 153136]
«NBKeyScan»=C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe [2007-09-20 1836328][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe []
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesNeroLibNMBgMonitor.exe [2009-03-18 20113]C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
BlueSoleil.lnk — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
Logitech Desktop Messenger.lnk — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
Logitech SetPoint.lnk — C:Program FilesLogitechSetPointSetPoint.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyLBTWlgn]
c:program filescommon fileslogishrdbluetoothLBTWlgn.dll [2007-07-26 72208][HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdfLoadGroup]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesIVT CorporationBlueSoleilBlueSoleil_.exe»=»C:Program FilesIVT CorporationBlueSoleilBlueSoleil_.exe:*:Enabled:BlueSoleil»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»
«C:Program FilesWebMoneyWebMoney.exe»=»C:Program FilesWebMoneyWebMoney.exe:*:Disabled:WebMoney Keeper Classic Runner Module»
«E:Program FilesPetabyte.RuStrongDc2StrongDC.exe»=»E:Program FilesPetabyte.RuStrongDc2StrongDC.exe:*:Enabled:StrongDC++»
«C:Program FilesNeroNero8Nero HomeNeroHome.exe»=»C:Program FilesNeroNero8Nero HomeNeroHome.exe:*:Enabled:NeroHome»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{5cf00531-0bba-11de-bbdc-806d6172696f}]
shellAutoRuncommand — F:AUTORUNAUTOPLAY.EXE======List of files/folders created in the last 1 months======
2009-03-18 01:51:29 —-A—- C:WINDOWSNeroDigital.ini
2009-03-18 01:46:29 —-D—- C:Documents and SettingsСApplication DataNero
2009-03-18 01:45:58 —-A—- C:WINDOWSsystem32MsiExec.exe.log
2009-03-18 01:41:21 —-D—- C:Program FilesCommon FilesNero
2009-03-18 01:41:21 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataNero
2009-03-14 10:10:53 —-A—- C:WINDOWSsystem32digeste.dll
2009-03-13 23:21:55 —-D—- C:_OTMoveIt
2009-03-12 20:47:21 —-D—- C:Documents and SettingsСApplication DataMozilla
2009-03-12 16:02:02 —-D—- C:Program Filestrend micro
2009-03-12 16:02:00 —-D—- C:rsit
2009-03-11 23:14:47 —-D—- C:Documents and SettingsСApplication DataWebMoney
2009-03-11 23:10:55 —-D—- C:Program FilesWebMoney Agent
2009-03-11 23:10:50 —-AD—- C:Documents and SettingsAll Users.WINDOWSApplication DataTEMP
2009-03-11 23:09:15 —-D—- C:Program FilesWebMoney
2009-03-11 22:30:55 —-D—- C:Program FilesWebMoney Advisor
2009-03-09 19:26:32 —-D—- C:Documents and SettingsСApplication DataAdobe
2009-03-09 18:54:31 —-D—- C:WINDOWSRegisteredPackages
2009-03-09 18:52:26 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2009-03-09 18:52:24 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2009-03-09 18:28:07 —-D—- C:WINDOWSMinidump
2009-03-09 18:25:44 —-D—- C:Documents and SettingsСApplication DataGoogle
2009-03-08 11:35:07 —-A—- C:WINDOWSsystem32h323log.txt
2009-03-08 11:32:29 —-A—- C:WINDOWSsystem32wshirda.dll
2009-03-08 11:32:29 —-A—- C:WINDOWSsystem32irmon.dll
2009-03-08 11:32:29 —-A—- C:WINDOWSsystem32irftp.exe
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ativvaxx.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati3duag.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati3d1ag.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati2dvag.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati2cqag.dll
2009-03-08 11:31:39 —-A—- C:WINDOWSsystem32usbui.dll
2009-03-08 11:30:11 —-A—- C:WINDOWSimsins.BAK
2009-03-08 11:30:08 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-03-08 11:30:06 —-A—- C:WINDOWSODBCINST.INI
2009-03-08 11:30:01 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-03-08 11:30:01 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-03-08 11:30:01 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdycc.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbduzb.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdur.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdtat.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdmon.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdkyr.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdkaz.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdbu.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdblr.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdaze.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32irclass.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-03-08 11:29:52 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-03-08 11:29:51 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-03-08 11:29:51 —-A—- C:WINDOWSTASKMAN.EXE
2009-03-08 11:29:50 —-A—- C:WINDOWSsystem32batt.dll
2009-03-08 11:29:50 —-A—- C:WINDOWSNOTEPAD.EXE
2009-03-08 11:29:49 —-A—- C:WINDOWSsystem32storprop.dll
2009-03-08 11:29:41 —-ASH—- C:Documents and SettingsAll Users.WINDOWSApplication Datadesktop.ini
2009-03-08 11:29:37 —-RA—- C:WINDOWSSET8.tmp
2009-03-08 11:29:35 —-RA—- C:WINDOWSSET4.tmp
2009-03-08 11:29:34 —-RA—- C:WINDOWSSET3.tmp
2009-03-08 11:29:29 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-08 11:29:29 —-D—- C:WINDOWSsystem32CatRoot
2009-03-08 11:29:23 —-SD—- C:Documents and SettingsAll Users.WINDOWSApplication DataMicrosoft
2009-03-08 11:29:06 —-A—- C:WINDOWSsetuplog.txt
2009-03-08 11:24:14 —-RSD—- C:WINDOWSFonts
2009-03-08 11:24:14 —-RD—- C:WINDOWSWeb
2009-03-08 11:24:14 —-HD—- C:WINDOWSinf
2009-03-08 11:24:14 —-D—- C:WINDOWSWinSxS
2009-03-08 11:24:14 —-D—- C:WINDOWStwain_32
2009-03-08 11:24:14 —-D—- C:WINDOWSTemp
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32wins
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32wbem
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32usmt
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32spool
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32ShellExt
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32Setup
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32ras
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32oobe
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32npp
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32mui
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32inetsrv
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32IME
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32icsxml
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32ias
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32export
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32drivers
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32dhcp
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32config
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem323com_dmi
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem323076
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem322052
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321054
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321049
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321042
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321041
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321037
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321033
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321031
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321028
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321025
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem
2009-03-08 11:24:14 —-D—- C:WINDOWSsecurity
2009-03-08 11:24:14 —-D—- C:WINDOWSResources
2009-03-08 11:24:14 —-D—- C:WINDOWSrepair
2009-03-08 11:24:14 —-D—- C:WINDOWSProvisioning
2009-03-08 11:24:14 —-D—- C:WINDOWSPeerNet
2009-03-08 11:24:14 —-D—- C:WINDOWSpchealth
2009-03-08 11:24:14 —-D—- C:WINDOWSmui
2009-03-08 11:24:14 —-D—- C:WINDOWSmsapps
2009-03-08 11:24:14 —-D—- C:WINDOWSmsagent
2009-03-08 11:24:14 —-D—- C:WINDOWSMedia
2009-03-08 11:24:14 —-D—- C:WINDOWSjava
2009-03-08 11:24:14 —-D—- C:WINDOWSime
2009-03-08 11:24:14 —-D—- C:WINDOWSHelp
2009-03-08 11:24:14 —-D—- C:WINDOWSehome
2009-03-08 11:24:14 —-D—- C:WINDOWSDriver Cache
2009-03-08 11:24:14 —-D—- C:WINDOWSDebug
2009-03-08 11:24:14 —-D—- C:WINDOWSCursors
2009-03-08 11:24:14 —-D—- C:WINDOWSConnection Wizard
2009-03-08 11:24:14 —-D—- C:WINDOWSConfig
2009-03-08 11:24:14 —-D—- C:WINDOWSAppPatch
2009-03-08 11:24:14 —-D—- C:WINDOWSaddins
2009-03-08 10:50:35 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataGoogle
2009-03-08 10:47:17 —-D—- C:Documents and SettingsСApplication DataMacromedia
2009-03-08 10:25:50 —-D—- C:Program FilesCommon FilesDoctor Web
2009-03-08 10:25:50 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataDoctor Web
2009-03-08 09:52:22 —-A—- C:WINDOWSODBC.INI
2009-03-08 09:52:19 —-A—- C:WINDOWSsystem32mdimon.dll
2009-03-08 09:51:20 —-D—- C:WINDOWSSHELLNEW
2009-03-08 09:07:39 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataLogiShrd
2009-03-08 09:07:19 —-D—- C:Documents and SettingsСApplication DataLogitech
2009-03-08 09:06:55 —-D—- C:Program FilesCommon FilesLogiShared
2009-03-08 09:06:46 —-R—- C:WINDOWSbwUnin-8.1.1.50-8876480SL.exe
2009-03-08 09:06:01 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-03-08 09:05:57 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-03-08 09:05:48 —-A—- C:WINDOWSsystem32BtCoreIf.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32KemXML.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32KemWnd.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32KemUtil.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32kemutb.dll
2009-03-08 09:05:44 —-D—- C:Program FilesCommon FilesLogiShrd
2009-03-08 09:05:38 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataLogitech
2009-03-08 09:05:36 —-D—- C:Program FilesCommon FilesLogitech
2009-03-08 09:05:32 —-D—- C:Program FilesLogitech
2009-03-08 09:05:31 —-D—- C:Documents and SettingsСApplication DataInstallShield
2009-03-08 08:59:35 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataBluetooth
2009-03-08 08:58:03 —-A—- C:WINDOWSsystem32ksuser.dll
2009-03-08 08:57:54 —-D—- C:Program FilesIVT Corporation
2009-03-08 08:48:01 —-D—- C:Documents and SettingsСApplication DataIdentities
2009-03-08 08:47:53 —-ASH—- C:Documents and SettingsСApplication Datadesktop.ini
2009-03-08 08:47:52 —-SD—- C:Documents and SettingsСApplication DataMicrosoft
2009-03-08 08:46:43 —-D—- C:WINDOWSSoftwareDistribution
2009-03-08 08:46:29 —-D—- C:WINDOWSPrefetch
2009-03-08 08:46:28 —-SD—- C:WINDOWSsystem32Microsoft
2009-03-08 08:46:28 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-08 08:42:16 —-D—- C:WINDOWSsystem32xircom
2009-03-08 08:41:56 —-A—- C:WINDOWScontrol.ini
2009-03-08 08:41:39 —-A—- C:WINDOWSOEWABLog.txt
2009-03-08 08:41:34 —-A—- C:WINDOWSsystem32mapi32.dll
2009-03-08 08:40:30 —-SD—- C:WINDOWSDownloaded Program Files
2009-03-08 08:40:30 —-RD—- C:WINDOWSOffline Web Pages
2009-03-08 08:40:30 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-03-08 08:40:22 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-03-08 08:39:58 —-D—- C:WINDOWSsystem32DirectX
2009-03-08 08:39:42 —-A—- C:WINDOWSsystem32atrace.dll
2009-03-08 08:39:40 —-A—- C:WINDOWSsystem32desktop.ini
2009-03-08 08:39:40 —-A—- C:WINDOWSdesktop.ini
2009-03-08 08:39:35 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-03-08 08:39:35 —-A—- C:WINDOWSsystem32acctres.dll
2009-03-08 08:39:34 —-SD—- C:WINDOWSTasks
2009-03-08 08:39:34 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-03-08 08:39:31 —-D—- C:WINDOWSsrchasst
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuweb.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wups.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wucltui.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuapi.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32qmgr.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32safrslv.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32safrdm.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-03-08 08:39:20 —-D—- C:WINDOWSsystem32Restore
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32srsvc.dll
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32srrstr.dll
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32fltMc.exe
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32fltlib.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32srclient.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32msconf.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32ils.dll
2009-03-08 08:39:17 —-A—- C:WINDOWSsystem32msoert2.dll
2009-03-08 08:39:16 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-03-08 08:39:16 —-A—- C:WINDOWSsystem32inetres.dll
2009-03-08 08:39:15 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-03-08 08:39:14 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-03-08 08:39:14 —-A—- C:WINDOWSsystem32mstinit.exe
2009-03-08 08:39:14 —-A—- C:WINDOWSsystem32mstask.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32isign32.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32icwdial.dll
2009-03-08 08:38:24 —-A—- C:WINDOWSvbaddin.ini
2009-03-08 08:38:24 —-A—- C:WINDOWSvb.ini
2009-03-08 08:38:20 —-D—- C:WINDOWSRegistration
2009-03-08 08:38:06 —-A—- C:WINDOWSsystem32write.exe
2009-03-08 08:38:01 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-03-08 08:38:01 —-A—- C:WINDOWSsystem32hticons.dll
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32winchat.exe
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32avwav.dll
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32avtapi.dll
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32avmeter.dll
2009-03-08 08:37:55 —-A—- C:WINDOWSsystem32getuname.dll
2009-03-08 08:37:55 —-A—- C:WINDOWSsystem32charmap.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32winmine.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32sol.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32mshearts.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32calc.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tslabels.ini
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tskill.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tscon.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32shadow.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32reset.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32regini.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32msg.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32logoff.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32freecell.exe
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32mtxex.dll
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32stclient.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32comsnap.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32comrepl.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32comaddin.dll
2009-03-08 08:37:47 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-03-08 08:37:46 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-03-08 08:37:46 —-A—- C:WINDOWSsystem32mplay32.exe
2009-03-08 08:37:46 —-A—- C:WINDOWSsystem32accwiz.exe
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32spider.exe
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32mspaint.exe
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32remotepg.dll
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32rdshost.exe
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32mstscax.dll
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32mstsc.exe
2009-03-08 08:37:43 —-D—- C:WINDOWSsystem32MsDtc
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32termsrv.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdchost.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32qprocess.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32icaapi.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtc.exe
2009-03-08 08:37:41 —-D—- C:WINDOWSsystem32Com
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32colbact.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32catsrv.dll
2009-03-08 08:37:40 —-A—- C:WINDOWSsystem32comuid.dll
2009-03-08 08:37:40 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32servdeps.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32licwmi.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32cmprops.dll
2009-03-07 15:37:29 —-SH—- C:BOOT.BAK
2009-03-07 15:37:13 —-D—- C:$WIN_NT$.~BT======List of files/folders modified in the last 1 months======
2009-03-18 08:58:17 —-D—- C:Program FilesDrWeb
2009-03-18 01:51:29 —-D—- C:WINDOWS
2009-03-18 01:47:56 —-SHD—- C:WINDOWSInstaller
2009-03-18 01:47:56 —-D—- C:Config.Msi
2009-03-18 01:45:58 —-D—- C:WINDOWSsystem32
2009-03-18 01:41:21 —-D—- C:Program FilesNero
2009-03-18 01:41:21 —-D—- C:Program FilesCommon Files
2009-03-17 23:58:11 —-RD—- C:Program Files
2009-03-17 18:34:53 —-D—- C:Program Files7-Zip
2009-03-17 15:50:51 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-17 15:50:46 —-D—- C:Program FilesOutlook Express
2009-03-14 10:12:54 —-D—- C:Program FilesMozilla Firefox
2009-03-11 09:05:31 —-D—- C:Program FilesGoogle
2009-03-08 11:30:03 —-A—- C:WINDOWSsystem.ini
2009-03-08 11:24:12 —-HDC—- C:WINDOWS$NtUninstallKB835732$
2009-03-08 10:48:50 —-D—- C:WINDOWSsystem32Macromed
2009-03-08 10:08:19 —-HD—- C:Program FilesInstallShield Installation Information
2009-03-08 09:52:08 —-A—- C:WINDOWSwin.ini
2009-03-08 09:51:52 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-03-08 09:51:33 —-D—- C:Program FilesMicrosoft Office
2009-03-08 09:51:21 —-D—- C:Program FilesCommon FilesSystem
2009-03-08 09:42:42 —-D—- C:Program FilesWinRAR
2009-03-08 09:19:25 —-SHD—- C:RECYCLER
2009-03-08 08:47:52 —-D—- C:Documents and Settings
2009-03-08 08:46:42 —-SHD—- C:System Volume Information
2009-03-08 08:39:30 —-D—- C:Program FilesWindows Media Player
2009-03-08 08:39:27 —-D—- C:Program FilesMovie Maker
2009-03-08 08:39:18 —-D—- C:Program FilesNetMeeting
2009-03-08 08:39:09 —-D—- C:Program FilesInternet Explorer
2009-03-08 08:38:07 —-D—- C:Program FilesMessenger
2009-03-08 08:37:45 —-D—- C:Program FilesWindows NT
2009-03-08 08:35:10 —-SH—- C:boot.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]
R2 irda;ИК-протокол IrDA; C:WINDOWSsystem32DRIVERSirda.sys [2004-08-04 87424]
R2 SPIDER;SpIDer Guard File System Monitor; ??C:PROGRA~1DrWebspider.sys []
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2004-08-17 701440]
R3 BlueletAudio;Bluetooth Audio Service; C:WINDOWSsystem32DRIVERSblueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:WINDOWSsystem32DRIVERSBlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:WINDOWSsystem32DRIVERSbtnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WINDOWSSystem32Driversbtcusb.sys [2007-05-09 36496]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-10-20 9600]
R3 irsir;Драйвер для инфракрасного последовательного порта Microsoft; C:WINDOWSsystem32DRIVERSirsir.sys [2001-08-18 18688]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:WINDOWSsystem32DRIVERSL8042Kbd.sys [2007-06-12 20496]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-20 12160]
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2001-08-18 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2001-10-20 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-04 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 VComm;Virtual Serial port driver; C:WINDOWSsystem32DRIVERSVComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:WINDOWSSystem32DriversVcommMgr.sys [2007-03-05 44304]
R3 VHidMinidrv;Bluetooth HID Device Service; C:WINDOWSsystem32driversVHIDMini.sys [2007-03-05 19472]
S2 amd64si;amd64si; ??C:WINDOWSsystem32driversamd64si.sys []
S2 ati64si;ati64si; ??C:WINDOWSsystem32driversati64si.sys []
S2 fips32cup;fips32cup; ??C:WINDOWSsystem32driversfips32cup.sys []
S2 i386si;i386si; ??C:WINDOWSsystem32driversi386si.sys []
S2 netsik;netsik; ??C:WINDOWSsystem32driversnetsik.sys []
S2 nicsk32;nicsk32; ??C:WINDOWSsystem32driversnicsk32.sys []
S2 port135sik;port135sik; ??C:WINDOWSsystem32driversport135sik.sys []
S2 securentm;securentm; ??C:WINDOWSsystem32driverssecurentm.sys []
S2 systemntmi;systemntmi; ??C:WINDOWSsystem32driverssystemntmi.sys []
S3 CD-Lock;CD-Lock; ??D:cdm.sys []
S3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine); C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe [2009-01-21 886072]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:Program FilesNeroNero8Nero BackItUpNBService.exe [2009-03-18 20113]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DrWebspidernt.exe [2008-12-09 197896]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
R3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesNeroLibNMIndexingService.exe [2007-09-20 382248]
S2 HTTPFilterTermService;Протокол HTTP SSL HTTPFilterTermService; C:WINDOWSsystem32wpv531236951426.cpx [2009-03-14 48640]
S2 LBTServ;Logitech Bluetooth Service; C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe []
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-03-10 137200]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
Хм, смотрю новый троян к вам попал.
Запустите OTMoveIt3 и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:services
amd64si
ati64si
fips32cup
i386si
netsik
nicsk32
port135sik
securentm
systemntmi
:reg
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
:Commands
[emptytemp]
[start explorer]
[Reboot]Проверьте вставленный скрипт, если слева перед директивами появились пробелы, то удалите их, скрипт должен выглядеть так же как в сообщении. Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMoveItMovedFiles.Вставьте в ваше ответное сообщение содержимое этого лога. И приложите свежий RSIT лог.
- Темы:532
- Сообщений:1553
- ☆☆☆☆☆
Здрасвуйте уважаемый Валери,вроде бы все нормально, только загрузка файлов притормаживает.
Высылаю Вам ответ OTMoveIt и свежий RSIT лог.
Заранее вам благодарен.========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service amd64si stopped successfully.
Service amd64si deleted successfully.
Service ati64si stopped successfully.
Service ati64si deleted successfully.
Service fips32cup stopped successfully.
Service fips32cup deleted successfully.
Service i386si stopped successfully.
Service i386si deleted successfully.
Service netsik stopped successfully.
Service netsik deleted successfully.
Service nicsk32 stopped successfully.
Service nicsk32 deleted successfully.
Service port135sik stopped successfully.
Service port135sik deleted successfully.
Service securentm stopped successfully.
Service securentm deleted successfully.
Service systemntmi stopped successfully.
Service systemntmi deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders\»SecurityProviders»|»msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll» /E : value set successfully!
========== COMMANDS ==========
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 03222009_124009
RSIT лог
Logfile of random’s system information tool 1.05 (written by random/random)
Run by С at 2009-03-22 13:28:06
Microsoft Windows XP Professional Service Pack 2
System drive C: has 21 GB (42%) free of 50 GB
Total RAM: 767 MB (62% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:34:00, on 22.03.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesDrWebSpIDerAgent.exe
C:Program FilesDrWebspiderml.exe
C:PROGRA~1DrWebspiderui.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesLogitechSetPointSetPoint.exe
C:Program FilesIVT CorporationBlueSoleilBLUESOLEIL__.exe
C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
C:WINDOWSsystem32svchost.exe
C:PROGRA~1DrWebspidernt.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsСРабочий столRSIT(2).exe
C:Program Filestrend microС.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 — BHO: TBSB03223 — {B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O3 — Toolbar: &Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 — Toolbar: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O4 — HKLM..Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 — HKLM..Run: [DrWebScheduler] «C:Program FilesDrWebDRWEBSCD.EXE»
O4 — HKLM..Run: [SpIDerAgent] «C:Program FilesDrWebSpIDerAgent.exe»
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWebspiderml.exe»
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DrWebspiderui.exe /agent
O4 — HKLM..Run: [wmagent.exe] «C:Program FilesWebMoney Agentwmagent.exe»
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesNeroLibNeroCheck.exe
O4 — HKLM..Run: [NBKeyScan] «C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesNeroLibNMBgMonitor.exe»
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: BlueSoleil.lnk = C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
O4 — Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 — Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointSetPoint.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O9 — Extra ‘Tools’ menuitem: WebMoney Advisor — {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O18 — Protocol: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — C:Program FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O23 — Service: Dr.Web Scanning Engine (DrWebEngine) (DrWebEngine) — Doctor Web, Ltd. — C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Протокол HTTP SSL HTTPFilterTermService (HTTPFilterTermService) — Unknown owner — C:WINDOWSsystem32wpv531236951426.cpx.exe (file missing)
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Logitech Bluetooth Service (LBTServ) — Unknown owner — C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe (file missing)
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Nero BackItUp Scheduler 3 — Unknown owner — C:Program FilesNeroNero8Nero BackItUpNBService.exe (file missing)
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DrWebspidernt.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 6574 bytes======Scheduled tasks folder======
C:WINDOWStasksDr.Web Daily scan.job
C:WINDOWStasksDr.Web Update.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-03-10 251504][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2009-03-10 657904][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10}]
TBSB03223 Class — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll [2008-09-05 2409472][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll [2009-03-10 522224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll [2009-03-10 251504]
{3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} — WebMoney Advisor — C:Program FilesWebMoney Advisortbu06031wmadvisor.dll [2008-09-05 2409472][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Bluetooth Connection Assistant»=LBTWIZ.EXE -silent []
«DrWebScheduler»=C:Program FilesDrWebDRWEBSCD.EXE []
«SpIDerAgent»=C:Program FilesDrWebSpIDerAgent.exe [2009-02-19 423152]
«SpIDerMail»=C:Program FilesDrWebspiderml.exe [2009-03-05 640240]
«SpIDerNT»=C:PROGRA~1DrWebspiderui.exe [2008-12-09 197896]
«wmagent.exe»=C:Program FilesWebMoney Agentwmagent.exe []
«NeroFilterCheck»=C:Program FilesCommon FilesNeroLibNeroCheck.exe [2007-03-01 153136]
«NBKeyScan»=C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe [2007-09-20 1836328][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe []
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesNeroLibNMBgMonitor.exe []C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
BlueSoleil.lnk — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
Logitech Desktop Messenger.lnk — C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
Logitech SetPoint.lnk — C:Program FilesLogitechSetPointSetPoint.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyLBTWlgn]
c:program filescommon fileslogishrdbluetoothLBTWlgn.dll [2007-07-26 72208][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdfLoadGroup]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesIVT CorporationBlueSoleilBlueSoleil_.exe»=»C:Program FilesIVT CorporationBlueSoleilBlueSoleil_.exe:*:Enabled:BlueSoleil»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»
«C:Program FilesWebMoneyWebMoney.exe»=»C:Program FilesWebMoneyWebMoney.exe:*:Disabled:WebMoney Keeper Classic Runner Module»
«E:Program FilesPetabyte.RuStrongDc2StrongDC.exe»=»E:Program FilesPetabyte.RuStrongDc2StrongDC.exe:*:Enabled:StrongDC++»
«C:Program FilesNeroNero8Nero HomeNeroHome.exe»=»C:Program FilesNeroNero8Nero HomeNeroHome.exe:*:Enabled:NeroHome»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe»=»C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger»======List of files/folders created in the last 1 months======
2009-03-18 09:22:55 —-HD—- C:WINDOWSPIF
2009-03-18 01:51:29 —-A—- C:WINDOWSNeroDigital.ini
2009-03-18 01:46:29 —-D—- C:Documents and SettingsСApplication DataNero
2009-03-18 01:45:58 —-A—- C:WINDOWSsystem32MsiExec.exe.log
2009-03-18 01:41:21 —-D—- C:Program FilesCommon FilesNero
2009-03-18 01:41:21 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataNero
2009-03-14 10:10:53 —-A—- C:WINDOWSsystem32digeste.dll
2009-03-13 23:21:55 —-D—- C:_OTMoveIt
2009-03-12 20:47:21 —-D—- C:Documents and SettingsСApplication DataMozilla
2009-03-12 16:02:02 —-D—- C:Program Filestrend micro
2009-03-12 16:02:00 —-D—- C:rsit
2009-03-11 23:14:47 —-D—- C:Documents and SettingsСApplication DataWebMoney
2009-03-11 23:10:55 —-D—- C:Program FilesWebMoney Agent
2009-03-11 23:10:50 —-AD—- C:Documents and SettingsAll Users.WINDOWSApplication DataTEMP
2009-03-11 23:09:15 —-D—- C:Program FilesWebMoney
2009-03-11 22:30:55 —-D—- C:Program FilesWebMoney Advisor
2009-03-09 19:26:32 —-D—- C:Documents and SettingsСApplication DataAdobe
2009-03-09 18:54:31 —-D—- C:WINDOWSRegisteredPackages
2009-03-09 18:52:26 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2009-03-09 18:52:24 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2009-03-09 18:28:07 —-D—- C:WINDOWSMinidump
2009-03-09 18:25:44 —-D—- C:Documents and SettingsСApplication DataGoogle
2009-03-08 11:35:07 —-A—- C:WINDOWSsystem32h323log.txt
2009-03-08 11:32:29 —-A—- C:WINDOWSsystem32wshirda.dll
2009-03-08 11:32:29 —-A—- C:WINDOWSsystem32irmon.dll
2009-03-08 11:32:29 —-A—- C:WINDOWSsystem32irftp.exe
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ativvaxx.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati3duag.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati3d1ag.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati2dvag.dll
2009-03-08 11:31:53 —-A—- C:WINDOWSsystem32ati2cqag.dll
2009-03-08 11:31:39 —-A—- C:WINDOWSsystem32usbui.dll
2009-03-08 11:30:11 —-A—- C:WINDOWSimsins.BAK
2009-03-08 11:30:08 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-03-08 11:30:06 —-A—- C:WINDOWSODBCINST.INI
2009-03-08 11:30:01 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-03-08 11:30:01 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-03-08 11:30:01 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-03-08 11:30:00 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-03-08 11:29:59 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-03-08 11:29:57 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdycc.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbduzb.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdur.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdtat.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdmon.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdkyr.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdkaz.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdbu.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdblr.dll
2009-03-08 11:29:54 —-A—- C:WINDOWSsystem32kbdaze.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32irclass.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-03-08 11:29:53 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-03-08 11:29:52 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-03-08 11:29:51 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-03-08 11:29:51 —-A—- C:WINDOWSTASKMAN.EXE
2009-03-08 11:29:50 —-A—- C:WINDOWSsystem32batt.dll
2009-03-08 11:29:50 —-A—- C:WINDOWSNOTEPAD.EXE
2009-03-08 11:29:49 —-A—- C:WINDOWSsystem32storprop.dll
2009-03-08 11:29:41 —-ASH—- C:Documents and SettingsAll Users.WINDOWSApplication Datadesktop.ini
2009-03-08 11:29:37 —-RA—- C:WINDOWSSET8.tmp
2009-03-08 11:29:35 —-RA—- C:WINDOWSSET4.tmp
2009-03-08 11:29:34 —-RA—- C:WINDOWSSET3.tmp
2009-03-08 11:29:29 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-08 11:29:29 —-D—- C:WINDOWSsystem32CatRoot
2009-03-08 11:29:23 —-SD—- C:Documents and SettingsAll Users.WINDOWSApplication DataMicrosoft
2009-03-08 11:29:06 —-A—- C:WINDOWSsetuplog.txt
2009-03-08 11:24:14 —-RSD—- C:WINDOWSFonts
2009-03-08 11:24:14 —-RD—- C:WINDOWSWeb
2009-03-08 11:24:14 —-HD—- C:WINDOWSinf
2009-03-08 11:24:14 —-D—- C:WINDOWSWinSxS
2009-03-08 11:24:14 —-D—- C:WINDOWStwain_32
2009-03-08 11:24:14 —-D—- C:WINDOWSTemp
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32wins
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32wbem
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32usmt
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32spool
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32ShellExt
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32Setup
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32ras
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32oobe
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32npp
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32mui
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32inetsrv
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32IME
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32icsxml
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32ias
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32export
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32drivers
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32dhcp
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem32config
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem323com_dmi
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem323076
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem322052
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321054
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321049
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321042
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321041
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321037
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321033
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321031
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321028
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem321025
2009-03-08 11:24:14 —-D—- C:WINDOWSsystem
2009-03-08 11:24:14 —-D—- C:WINDOWSsecurity
2009-03-08 11:24:14 —-D—- C:WINDOWSResources
2009-03-08 11:24:14 —-D—- C:WINDOWSrepair
2009-03-08 11:24:14 —-D—- C:WINDOWSProvisioning
2009-03-08 11:24:14 —-D—- C:WINDOWSPeerNet
2009-03-08 11:24:14 —-D—- C:WINDOWSpchealth
2009-03-08 11:24:14 —-D—- C:WINDOWSmui
2009-03-08 11:24:14 —-D—- C:WINDOWSmsapps
2009-03-08 11:24:14 —-D—- C:WINDOWSmsagent
2009-03-08 11:24:14 —-D—- C:WINDOWSMedia
2009-03-08 11:24:14 —-D—- C:WINDOWSjava
2009-03-08 11:24:14 —-D—- C:WINDOWSime
2009-03-08 11:24:14 —-D—- C:WINDOWSHelp
2009-03-08 11:24:14 —-D—- C:WINDOWSehome
2009-03-08 11:24:14 —-D—- C:WINDOWSDriver Cache
2009-03-08 11:24:14 —-D—- C:WINDOWSDebug
2009-03-08 11:24:14 —-D—- C:WINDOWSCursors
2009-03-08 11:24:14 —-D—- C:WINDOWSConnection Wizard
2009-03-08 11:24:14 —-D—- C:WINDOWSConfig
2009-03-08 11:24:14 —-D—- C:WINDOWSAppPatch
2009-03-08 11:24:14 —-D—- C:WINDOWSaddins
2009-03-08 10:50:35 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataGoogle
2009-03-08 10:47:17 —-D—- C:Documents and SettingsСApplication DataMacromedia
2009-03-08 10:25:50 —-D—- C:Program FilesCommon FilesDoctor Web
2009-03-08 10:25:50 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataDoctor Web
2009-03-08 09:52:22 —-A—- C:WINDOWSODBC.INI
2009-03-08 09:52:19 —-A—- C:WINDOWSsystem32mdimon.dll
2009-03-08 09:51:20 —-D—- C:WINDOWSSHELLNEW
2009-03-08 09:07:39 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataLogiShrd
2009-03-08 09:07:19 —-D—- C:Documents and SettingsСApplication DataLogitech
2009-03-08 09:06:55 —-D—- C:Program FilesCommon FilesLogiShared
2009-03-08 09:06:46 —-R—- C:WINDOWSbwUnin-8.1.1.50-8876480SL.exe
2009-03-08 09:06:01 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-03-08 09:05:57 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-03-08 09:05:48 —-A—- C:WINDOWSsystem32BtCoreIf.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32KemXML.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32KemWnd.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32KemUtil.dll
2009-03-08 09:05:45 —-A—- C:WINDOWSsystem32kemutb.dll
2009-03-08 09:05:44 —-D—- C:Program FilesCommon FilesLogiShrd
2009-03-08 09:05:38 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataLogitech
2009-03-08 09:05:36 —-D—- C:Program FilesCommon FilesLogitech
2009-03-08 09:05:32 —-D—- C:Program FilesLogitech
2009-03-08 09:05:31 —-D—- C:Documents and SettingsСApplication DataInstallShield
2009-03-08 08:59:35 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataBluetooth
2009-03-08 08:58:03 —-A—- C:WINDOWSsystem32ksuser.dll
2009-03-08 08:57:54 —-D—- C:Program FilesIVT Corporation
2009-03-08 08:48:01 —-D—- C:Documents and SettingsСApplication DataIdentities
2009-03-08 08:47:53 —-ASH—- C:Documents and SettingsСApplication Datadesktop.ini
2009-03-08 08:47:52 —-SD—- C:Documents and SettingsСApplication DataMicrosoft
2009-03-08 08:46:43 —-D—- C:WINDOWSSoftwareDistribution
2009-03-08 08:46:29 —-D—- C:WINDOWSPrefetch
2009-03-08 08:46:28 —-SD—- C:WINDOWSsystem32Microsoft
2009-03-08 08:46:28 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-08 08:42:16 —-D—- C:WINDOWSsystem32xircom
2009-03-08 08:41:56 —-A—- C:WINDOWScontrol.ini
2009-03-08 08:41:39 —-A—- C:WINDOWSOEWABLog.txt
2009-03-08 08:41:34 —-A—- C:WINDOWSsystem32mapi32.dll
2009-03-08 08:40:30 —-SD—- C:WINDOWSDownloaded Program Files
2009-03-08 08:40:30 —-RD—- C:WINDOWSOffline Web Pages
2009-03-08 08:40:30 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-03-08 08:40:22 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-03-08 08:39:58 —-D—- C:WINDOWSsystem32DirectX
2009-03-08 08:39:42 —-A—- C:WINDOWSsystem32atrace.dll
2009-03-08 08:39:40 —-A—- C:WINDOWSsystem32desktop.ini
2009-03-08 08:39:40 —-A—- C:WINDOWSdesktop.ini
2009-03-08 08:39:35 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-03-08 08:39:35 —-A—- C:WINDOWSsystem32acctres.dll
2009-03-08 08:39:34 —-SD—- C:WINDOWSTasks
2009-03-08 08:39:34 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-03-08 08:39:31 —-D—- C:WINDOWSsrchasst
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuweb.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wups.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wucltui.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-03-08 08:39:28 —-A—- C:WINDOWSsystem32wuapi.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32qmgr.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-03-08 08:39:27 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32safrslv.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32safrdm.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-03-08 08:39:23 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-03-08 08:39:20 —-D—- C:WINDOWSsystem32Restore
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32srsvc.dll
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32srrstr.dll
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32fltMc.exe
2009-03-08 08:39:20 —-A—- C:WINDOWSsystem32fltlib.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32srclient.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32msconf.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-03-08 08:39:19 —-A—- C:WINDOWSsystem32ils.dll
2009-03-08 08:39:17 —-A—- C:WINDOWSsystem32msoert2.dll
2009-03-08 08:39:16 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-03-08 08:39:16 —-A—- C:WINDOWSsystem32inetres.dll
2009-03-08 08:39:15 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-03-08 08:39:14 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-03-08 08:39:14 —-A—- C:WINDOWSsystem32mstinit.exe
2009-03-08 08:39:14 —-A—- C:WINDOWSsystem32mstask.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32isign32.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-03-08 08:39:13 —-A—- C:WINDOWSsystem32icwdial.dll
2009-03-08 08:38:24 —-A—- C:WINDOWSvbaddin.ini
2009-03-08 08:38:24 —-A—- C:WINDOWSvb.ini
2009-03-08 08:38:20 —-D—- C:WINDOWSRegistration
2009-03-08 08:38:06 —-A—- C:WINDOWSsystem32write.exe
2009-03-08 08:38:01 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-03-08 08:38:01 —-A—- C:WINDOWSsystem32hticons.dll
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32winchat.exe
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32avwav.dll
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32avtapi.dll
2009-03-08 08:38:00 —-A—- C:WINDOWSsystem32avmeter.dll
2009-03-08 08:37:55 —-A—- C:WINDOWSsystem32getuname.dll
2009-03-08 08:37:55 —-A—- C:WINDOWSsystem32charmap.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32winmine.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32sol.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32mshearts.exe
2009-03-08 08:37:54 —-A—- C:WINDOWSsystem32calc.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tslabels.ini
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tskill.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32tscon.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32shadow.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32reset.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32regini.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32msg.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32logoff.exe
2009-03-08 08:37:53 —-A—- C:WINDOWSsystem32freecell.exe
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32mtxex.dll
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-03-08 08:37:52 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32stclient.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32comsnap.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32comrepl.dll
2009-03-08 08:37:51 —-A—- C:WINDOWSsystem32comaddin.dll
2009-03-08 08:37:47 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-03-08 08:37:46 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-03-08 08:37:46 —-A—- C:WINDOWSsystem32mplay32.exe
2009-03-08 08:37:46 —-A—- C:WINDOWSsystem32accwiz.exe
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32spider.exe
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32mspaint.exe
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-03-08 08:37:45 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32remotepg.dll
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32rdshost.exe
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32mstscax.dll
2009-03-08 08:37:44 —-A—- C:WINDOWSsystem32mstsc.exe
2009-03-08 08:37:43 —-D—- C:WINDOWSsystem32MsDtc
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32termsrv.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32rdchost.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32qprocess.exe
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32icaapi.dll
2009-03-08 08:37:43 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-03-08 08:37:42 —-A—- C:WINDOWSsystem32msdtc.exe
2009-03-08 08:37:41 —-D—- C:WINDOWSsystem32Com
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32colbact.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-03-08 08:37:41 —-A—- C:WINDOWSsystem32catsrv.dll
2009-03-08 08:37:40 —-A—- C:WINDOWSsystem32comuid.dll
2009-03-08 08:37:40 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32servdeps.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32licwmi.dll
2009-03-08 08:37:35 —-A—- C:WINDOWSsystem32cmprops.dll
2009-03-07 15:37:29 —-SH—- C:BOOT.BAK
2009-03-07 15:37:13 —-D—- C:$WIN_NT$.~BT======List of files/folders modified in the last 1 months======
2009-03-22 13:28:01 —-D—- C:Program FilesDrWeb
2009-03-18 09:22:55 —-D—- C:WINDOWS
2009-03-18 01:47:56 —-SHD—- C:WINDOWSInstaller
2009-03-18 01:47:56 —-D—- C:Config.Msi
2009-03-18 01:45:58 —-D—- C:WINDOWSsystem32
2009-03-18 01:41:21 —-D—- C:Program FilesNero
2009-03-18 01:41:21 —-D—- C:Program FilesCommon Files
2009-03-17 23:58:11 —-RD—- C:Program Files
2009-03-17 18:34:53 —-D—- C:Program Files7-Zip
2009-03-17 15:50:51 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-17 15:50:46 —-D—- C:Program FilesOutlook Express
2009-03-14 10:12:54 —-D—- C:Program FilesMozilla Firefox
2009-03-11 09:05:31 —-D—- C:Program FilesGoogle
2009-03-08 11:30:03 —-A—- C:WINDOWSsystem.ini
2009-03-08 11:24:12 —-HDC—- C:WINDOWS$NtUninstallKB835732$
2009-03-08 10:48:50 —-D—- C:WINDOWSsystem32Macromed
2009-03-08 10:08:19 —-HD—- C:Program FilesInstallShield Installation Information
2009-03-08 09:52:08 —-A—- C:WINDOWSwin.ini
2009-03-08 09:51:52 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-03-08 09:51:33 —-D—- C:Program FilesMicrosoft Office
2009-03-08 09:51:21 —-D—- C:Program FilesCommon FilesSystem
2009-03-08 09:42:42 —-D—- C:Program FilesWinRAR
2009-03-08 09:19:25 —-SHD—- C:RECYCLER
2009-03-08 08:47:52 —-D—- C:Documents and Settings
2009-03-08 08:46:42 —-SHD—- C:System Volume Information
2009-03-08 08:39:30 —-D—- C:Program FilesWindows Media Player
2009-03-08 08:39:27 —-D—- C:Program FilesMovie Maker
2009-03-08 08:39:18 —-D—- C:Program FilesNetMeeting
2009-03-08 08:39:09 —-D—- C:Program FilesInternet Explorer
2009-03-08 08:38:07 —-D—- C:Program FilesMessenger
2009-03-08 08:37:45 —-D—- C:Program FilesWindows NT
2009-03-08 08:35:10 —-SH—- C:boot.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]
R2 irda;ИК-протокол IrDA; C:WINDOWSsystem32DRIVERSirda.sys [2004-08-04 87424]
R2 SPIDER;SpIDer Guard File System Monitor; ??C:PROGRA~1DrWebspider.sys []
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2004-08-17 701440]
R3 BlueletAudio;Bluetooth Audio Service; C:WINDOWSsystem32DRIVERSblueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:WINDOWSsystem32DRIVERSBlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:WINDOWSsystem32DRIVERSbtnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WINDOWSSystem32Driversbtcusb.sys [2007-05-09 36496]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-10-20 9600]
R3 irsir;Драйвер для инфракрасного последовательного порта Microsoft; C:WINDOWSsystem32DRIVERSirsir.sys [2001-08-18 18688]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:WINDOWSsystem32DRIVERSL8042Kbd.sys [2007-06-12 20496]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-20 12160]
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2001-08-18 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2001-10-20 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-04 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 VComm;Virtual Serial port driver; C:WINDOWSsystem32DRIVERSVComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:WINDOWSSystem32DriversVcommMgr.sys [2007-03-05 44304]
S3 CD-Lock;CD-Lock; ??D:cdm.sys []
S3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 VHidMinidrv;Bluetooth HID Device Service; C:WINDOWSsystem32driversVHIDMini.sys [2007-03-05 19472]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine); C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe [2009-01-21 886072]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DrWebspidernt.exe [2008-12-09 197896]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
S2 HTTPFilterTermService;Протокол HTTP SSL HTTPFilterTermService; C:WINDOWSsystem32wpv531236951426.cpx [2009-03-14 48640]
S2 LBTServ;Logitech Bluetooth Service; C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe []
S2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:Program FilesNeroNero8Nero BackItUpNBService.exe []
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-03-10 137200]
S3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesNeroLibNMIndexingService.exe [2007-09-20 382248]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
RSIT лог выглядит нормально.
Проверьте ещё ваш компьютер используя Kaspersky Online Scanner, для этого кликните по этой ссылке.
Результаты проверки вставьте в ваш ответ.
- Для ответа в этой теме необходимо авторизоваться.
