- This topic has 5 ответов, 2 участника, and was last updated 16 years, 5 months назад by
.
-
Сообщения
-
info.txt logfile of random’s system information tool 1.05 2009-02-02 20:55:48
======Uninstall list======
—>C:Program FilesNeroNero 7nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
«Большой энциклопедии Кирилла и Мефодия 2003»—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0F0DBE12-2C64-4B9A-9016-B27A8EF651BA}setup.exe» -l0x19
ABBYY FineReader 4.0 Sprint—>C:WINDOWSbitdeins.exe C:PROGRA~1ABBYYF~1.0SPbitdeins.ini
ACDSee Pro 2—>MsiExec.exe /I{4AAC95F4-A30E-4EE5-A086-6F79581D0D70}
Adobe Acrobat 5.0—>C:WINDOWSISUNINST.EXE -f»C:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.isu» -c»C:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.dll»
Adobe Anchor Service CS3—>MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3—>MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3—>MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting—>MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0—>MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps—>MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color — Photoshop Specific—>MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings—>MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings—>MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings—>MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings—>MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Default Language CS3—>MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3—>MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2—>MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Fonts All—>MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3—>MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3—>MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files—>MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3—>C:Program FilesCommon FilesAdobeInstallers�d5fe1f44895aadff2baacf24fe1402Setup.exe
Adobe Photoshop CS3—>MsiExec.exe /I{FD0399AC-A38B-4D4B-8164-D7B73AC24030}
Adobe Setup—>MsiExec.exe /I{30981FCD-4150-4AB4-BAC5-75C9E914347D}
Adobe Stock Photos CS3—>MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support—>MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3—>MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client—>MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin—>MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3—>MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Akatsuki Blitzkampf version 1.1.3.1 SP—>C:Program FilesSubtle StyleAkatsuki BlitzkampfUninstall.exe
Battlefield 1942: Secret Weapons of WWII—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B73B4A99-4173-4747-BBEC-0F05E966F9D2}setup.exe» -l0x9
Battlefield 1942: The Road To Rome—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}setup.exe» -l0x9
Battlefield 1942—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}setup.exe» -l0x9
BearPaw 2448TA Plus v1.1—>C:PROGRA~1BEARPA~1DriverUNINST.EXE
Classic Menu 1.51 for Office—>»C:Program FilesClassic Menu for Officeunins000.exe»
Condition Zero Deleted Scenes—>»C:PROGRA~1Steamsteam.exe» steam://uninstall/100
Condition Zero—>»C:PROGRA~1Steamsteam.exe» steam://uninstall/80
Counter-Strike Steamworks Beta—>»C:PROGRA~1Steamsteam.exe» steam://uninstall/150
Counter-Strike(TM)—>MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
Counter-Strike—>»C:PROGRA~1Steamsteam.exe» steam://uninstall/10
CursorXP—>C:Program FilesCursorXPCurXPUtil.exe -u
Day of Defeat—>»C:PROGRA~1Steamsteam.exe» steam://uninstall/30
Deathmatch Classic—>»C:PROGRA~1Steamsteam.exe» steam://uninstall/40
e-Life Pal—>C:PROGRA~1E-LIFE~1UNWISE.EXE C:PROGRA~1E-LIFE~1INSTALL.LOG
Google Toolbar for Internet Explorer—>MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer—>regsvr32 /u /s «c:program filesgooglegoogletoolbar1.dll»
Guilty Gear X—>C:Program FilesSammy StudiosGuiltyUninstall.exe
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)—>»C:WINDOWS$NtUninstallKB929399$spuninstspuninst.exe»
Hotfix for Windows XP (KB926239)—>»C:WINDOWS$NtUninstallKB926239$spuninstspuninst.exe»
ICQ Toolbar—>C:Program FilesICQ6ToolbarICQUnToolbar.exe
ICQ6.5—>»C:Program FilesInstallShield Installation Information{60DE4033-9503-48D1-A483-7846BD217CA9}setup.exe» -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 11—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
K-Lite Codec Pack 4.1.0 (Full)—>»C:Program FilesK-Lite Codec Packunins000.exe»
last blade 2 1.01—>C:Program Fileslast blade 2Uninstall.exe
Light Alloy 4.3 (build 717)—>C:Program FilesLight Alloyuninst.exe
Mail.Ru Агент 5.3 (сборка 2560, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
Mail.Ru Спутник 2.0.1.54—>C:Program FilesMail.RuSputnikSputnikInstaller.exe -uninstall
Microsoft Compression Client Pack 1.0 for Windows XP—>»C:WINDOWS$NtUninstallMSCompPackV1$spuninstspuninst.exe»
Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.5—>»C:WINDOWS$NtUninstallWudf01005$spuninstspuninst.exe»
Mozilla Firefox (3.0.5)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Ultra Edition—>MsiExec.exe /I{F14B8ECC-BDA0-4987-9201-D7B7DBE11049}
Nokia Connectivity Cable Driver—>MsiExec.exe /X{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}
Nokia PC Suite—>C:Documents and SettingsAll UsersApplication DataInstallations{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}Nokia_PC_Suite_683_rel_14_1_EA.exe /LANG=»1049″
Nokia PC Suite—>MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
NVIDIA Drivers—>C:WINDOWSsystem32nvudisp.exe UninstallGUI
PC Connectivity Solution—>MsiExec.exe /I{066D65EA-ED53-44E4-A96A-F81B6E409D2E}
PDF Settings—>MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
Peers r420—>»C:Program FilesPeersunins000.exe»
PunkBuster for Battlefield 1942—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{127B684B-A002-44C8-99A7-6CF8F1E26873}setup.exe» -l0x9
Realtek AC’97 Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime11�0Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}Setup.exe» -l0x19 -removeonly
Ricochet—>»C:PROGRA~1Steamsteam.exe» steam://uninstall/60
Sound’Em 1.0—>C:Program FilesBearPaw 2448TA PlusUNWISE.EXE C:Program FilesBearPaw 2448TA Plusinstall.log
Steam(TM)—>MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Styler—>MsiExec.exe /I{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}
StyleXP (remove only)—>»C:Program FilesTGTSoftStyleXPStyleXP-uninstall.exe»
Ulead Photo Express 4.0 SE—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{BBC0D330-C37B-4472-BFB9-AA217CF0C95F}Setup.exe» -l0x9
Windows Driver Package — Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)—>C:PROGRA~1DIFXD6ACC4BE676423A2B130B78A4B627FC457D98997dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33Epccswpddriver.inf
Windows Driver Package — Nokia Modem (02/15/2007 3.1)—>C:PROGRA~1DIFXD6ACC4BE676423A2B130B78A4B627FC457D98997dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293Bpccs_bluetooth.inf
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803v2$spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»C:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Данные ДубльГИС г.Новосибирск 01.02.2009—>MsiExec.exe /X{C1A0BC01-514D-4F60-BA86-FD9A086B4D70}
ДубльГИС 3.0.4.1—>MsiExec.exe /X{FA671504-B676-42B9-A5E5-30399BD8F676}
Интернет помощник MyCentria—>C:Program FilesMyCentriaMyCentriaUninstall.exe
Исправление для Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Исправление для проигрывателя Windows Media 11 — (KB939683)—>»C:WINDOWS$NtUninstallKB939683$spuninstspuninst.exe»
Обновление безопасности для Windows XP — (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB896423)—>»C:WINDOWS$NtUninstallKB896423$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB899587)—>»C:WINDOWS$NtUninstallKB899587$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB899591)—>»C:WINDOWS$NtUninstallKB899591$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB901017)—>»C:WINDOWS$NtUninstallKB901017$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB924667)—>»C:WINDOWS$NtUninstallKB924667$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB925902)—>»C:WINDOWS$NtUninstallKB925902$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB927802)—>»C:WINDOWS$NtUninstallKB927802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB933729)—>»C:WINDOWS$NtUninstallKB933729$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB937894)—>»C:WINDOWS$NtUninstallKB937894$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB943460)—>»C:WINDOWS$NtUninstallKB943460$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB944338-v2)—>»C:WINDOWS$NtUninstallKB944338-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954211)—>»C:WINDOWS$NtUninstallKB954211$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956390)—>»C:WINDOWS$NtUninstallKB956390$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956391)—>»C:WINDOWS$NtUninstallKB956391$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956841)—>»C:WINDOWS$NtUninstallKB956841$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957095)—>»C:WINDOWS$NtUninstallKB957095$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958215)—>»C:WINDOWS$NtUninstallKB958215$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960714)—>»C:WINDOWS$NtUninstallKB960714$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB911564)—>»C:WINDOWS$NtUninstallKB911564$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 11 — (KB936782)—>»C:WINDOWS$NtUninstallKB936782_WMP11$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 11 — (KB954154)—>»C:WINDOWS$NtUninstallKB954154_WM11$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 6.4 — (KB925398)—>»C:WINDOWS$NtUninstallKB925398_WMP64$spuninstspuninst.exe»
Обновление для Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Обновление для Windows XP (KB910437)—>»C:WINDOWS$NtUninstallKB910437$spuninstspuninst.exe»
Обновление для Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
Обновление для Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
Пакет драйверов Windows — Nokia Modem (11/03/2006 6.82.0.1)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567nokbtmdm.inf
Пакет исправлений для Windows XP — KB885835—>C:WINDOWS$NtUninstallKB885835$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB885836—>C:WINDOWS$NtUninstallKB885836$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB891781—>C:WINDOWS$NtUninstallKB891781$spuninstspuninst.exe
Проигрыватель Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
Центр обновлений ДубльГИС—>MsiExec.exe /X{2FB165EB-69C0-416D-9B4E-E805ABC8CB1F}System event log
Computer Name: 95B794FB7E69472
Event Code: 7036
Message: Служба «Телефония» перешла в состояние Работает.Record Number: 18774
Source Name: Service Control Manager
Time Written: 20090122224720.000000+360
Event Type: информация
User:Computer Name: 95B794FB7E69472
Event Code: 7035
Message: Служба «ServiceLayer» успешно отправила управляющий элемент «запустить».Record Number: 18773
Source Name: Service Control Manager
Time Written: 20090122224720.000000+360
Event Type: информация
User: NT AUTHORITYSYSTEMComputer Name: 95B794FB7E69472
Event Code: 7036
Message: Служба «Совместимость быстрого переключения пользователей» перешла в состояние Работает.Record Number: 18772
Source Name: Service Control Manager
Time Written: 20090122224720.000000+360
Event Type: информация
User:Computer Name: 95B794FB7E69472
Event Code: 7035
Message: Служба «Совместимость быстрого переключения пользователей» успешно отправила управляющий элемент «запустить».Record Number: 18771
Source Name: Service Control Manager
Time Written: 20090122224720.000000+360
Event Type: информация
User: NT AUTHORITYSYSTEMComputer Name: 95B794FB7E69472
Event Code: 7036
Message: Служба «Службы терминалов» перешла в состояние Работает.Record Number: 18770
Source Name: Service Control Manager
Time Written: 20090122224720.000000+360
Event Type: информация
User:Application event log
Computer Name: 95B794FB7E69472
Event Code: 0
Message:
Record Number: 2437
Source Name: 2GIS UpdateClientService
Time Written: 20090106201459.000000+360
Event Type: информация
User:Computer Name: 95B794FB7E69472
Event Code: 0
Message:
Record Number: 2436
Source Name: ICQ Service
Time Written: 20090106201432.000000+360
Event Type: информация
User:Computer Name: 95B794FB7E69472
Event Code: 1
Message:
Record Number: 2435
Source Name: Bonjour Service
Time Written: 20090106201432.000000+360
Event Type: информация
User:Computer Name: 95B794FB7E69472
Event Code: 0
Message:
Record Number: 2434
Source Name: 2GIS UpdateClientService
Time Written: 20090106201432.000000+360
Event Type: информация
User:Computer Name: 95B794FB7E69472
Event Code: 0
Message:
Record Number: 2433
Source Name: ServiceLayer
Time Written: 20090106124954.000000+360
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=C:Program FilesPC Connectivity Solution;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
«PROCESSOR_REVISION»=2f02
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Администратор at 2009-02-02 20:55:34
Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (5%) free of 143 GB
Total RAM: 1023 MB (36% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:55:45, on 02.02.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesTGTSoftStyleXPStyleXPService.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program Files2gisUpdateClientWin32UpdateClientService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesICQ6ToolbarICQ Service.exe
C:Program FilesJavajre6binjqs.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32RunDLL32.exe
C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesCommon FilesACD SystemsENDevDetect.exe
C:Program FilesJavajre6binjusched.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesSteamSteam.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesCursorXPCursorXP.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:Program FilesICQ6.5ICQ.exe
C:Program FilesPeersPeers.exe
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:Program FilesUlead SystemsUlead Photo Express 4.0 SECalCheck.exe
C:Program FilesStylerStyler.exe
C:WINDOWSsystem32wscntfy.exe
C:Program FilesLight AlloyLA.exe
C:Program FilesMail.RuAgentmagent.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Documents and SettingsАдминистраторРабочий столRSIT.exe
C:Program Filestrend microАдминистратор.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: (no name) — — (no file)
R3 — URLSearchHook: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL
O2 — BHO: Java(tm) Plug-In SSV Helper — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre6binssv.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O2 — BHO: MyCentria Internet Mate v2.3 — {FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86} — C:PROGRA~1MYCENT~1InfoBarMYCENT~1.DLL
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O3 — Toolbar: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: StylerToolBar — {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} — C:Program FilesStylerTBStylerTB.dll
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [GrooveMonitor] «C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [Device Detector] DevDetect.exe -autorun
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [Steam] «C:Program FilesSteamSteam.exe» -silent
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [STYLEXP] C:Program FilesTGTSoftStyleXPStyleXP.exe -Hide
O4 — HKCU..Run: [CursorXP] C:Program FilesCursorXPCursorXP.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6.5ICQ.exe» silent
O4 — HKCU..Run: [amva] C:WINDOWSsystem32amvo.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Styler.lnk = ?
O4 — Global Startup: Peers.lnk = C:Program FilesPeersPeers.exe
O4 — Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:Program FilesUlead SystemsUlead Photo Express 4.0 SECalCheck.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Поиск@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Словари@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/283
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 — DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) — http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 — DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) — http://vkontakte.ru/uploader/ImageUploader4.cab
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~1MICROS~2Office12GR99D3~1.DLL
O20 — Winlogon Notify: winjrs32 — C:WINDOWSSYSTEM32winjrs32.dll
O23 — Service: 2GIS UpdateClientService — ДубльГИС — C:Program Files2gisUpdateClientWin32UpdateClientService.exe
O23 — Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) — Apple Computer, Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: ICQ Service — Unknown owner — C:Program FilesICQ6ToolbarICQ Service.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: StyleXPService — Unknown owner — C:Program FilesTGTSoftStyleXPStyleXPService.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 10541 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx [2001-03-02 37808][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper — C:Program FilesJavajre6binssv.dll [2008-12-14 320920][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-02-02 676704][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2008-11-23 2427968][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll [2008-11-30 737776][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2008-12-14 34816][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2008-12-14 73728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86}]
MyCentria Internet Mate v2.3 — C:PROGRA~1MYCENT~1InfoBarMYCENT~1.DLL [2008-12-02 690688][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-11-23 2427968]
{855F3B16-6D32-4fe6-8A56-BBB695989046} — ICQToolBar — C:Program FilesICQ6ToolbarICQToolBar.dll [2008-06-12 958712]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-02-02 676704]
{D2F8F919-690B-4EA2-9FA7-A203D1E04F75} — StylerToolBar — C:Program FilesStylerTBStylerTB.dll [2006-05-02 102400][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2005-10-24 90112]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2006-06-01 7618560]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMCTray.dll [2006-06-01 86016]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-02-02 5603000]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2007-03-23 227328]
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]
«GrooveMonitor»=C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2006-10-27 31016]
«Device Detector»=DevDetect.exe -autorun []
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2008-12-14 136600][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«Steam»=C:Program FilesSteamSteam.exe [2006-11-09 1410296]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-11-30 68856]
«STYLEXP»=C:Program FilesTGTSoftStyleXPStyleXP.exe [2006-05-25 1372160]
«CursorXP»=C:Program FilesCursorXPCursorXP.exe [2005-01-19 128000]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-10-09 139264]
«ICQ»=C:Program FilesICQ6.5ICQ.exe [2008-11-30 172792]
«amva»=C:WINDOWSsystem32amvo.exe [2007-12-26 105448]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Peers.lnk — C:Program FilesPeersPeers.exe
Ulead Photo Express 4.0 SE Calendar Checker .lnk — C:Program FilesUlead SystemsUlead Photo Express 4.0 SECalCheck.exeC:Documents and SettingsАдминистраторГлавное менюПрограммыАвтозагрузка
Styler.lnk — C:Documents and SettingsАдминистраторApplication DataMicrosoftInstaller{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}_585b207a.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifywinjrs32]
C:WINDOWSsystem32winjrs32.dll [2008-12-05 39424][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesICQ6ICQ.exe»=»C:Program FilesICQ6ICQ.exe:*:Enabled:ICQ6»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
«C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»
«C:WINDOWSsystem32winver.exe»=»C:WINDOWSsystem32winver.exe:*:Enabled:winver»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{08ca2d61-7013-11db-9ac5-806d6172696f}]
shellAutoRuncommand — D:usdeiect.com
shellexplorecommand — D:usdeiect.com
shellopencommand — D:usdeiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{08ca2d63-7013-11db-9ac5-806d6172696f}]
shellAutoRuncommand — C:usdeiect.com
shellexplorecommand — C:usdeiect.com
shellopencommand — C:usdeiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{29933bad-709f-11db-b788-00173164511c}]
shellAutoRuncommand — E:usdeiect.com
shellexplorecommand — E:usdeiect.com
shellopencommand — E:usdeiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{475935d8-76df-11db-b79b-00173164511c}]
shellAutoRuncommand — E:usdeiect.com
shellexplorecommand — E:usdeiect.com
shellopencommand — E:usdeiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{47966b8a-7539-11db-b793-00173164511c}]
shellAutoRuncommand — E:usdeiect.com
shellexplorecommand — E:usdeiect.com
shellopencommand — E:usdeiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{52eabf6f-7227-11db-b78b-00173164511c}]
shellAutoRuncommand — G:usdeiect.com
shellexplorecommand — G:usdeiect.com
shellopencommand — G:usdeiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{eee20d94-77bf-11db-b79d-00173164511c}]
shellAutoRuncommand — E:usdeiect.com
shellexplorecommand — E:usdeiect.com
shellopencommand — E:usdeiect.com======List of files/folders created in the last 1 months======
2009-02-02 20:55:35 —-D—- C:Program Filestrend micro
2009-02-02 20:55:34 —-D—- C:rsit
2009-01-24 23:52:13 —-RSH—- C:usdeiect.com
2009-01-16 19:14:58 —-RSH—- C:WINDOWSsystem32amvo.exe
2009-01-14 23:04:12 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-01-14 23:04:06 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-01-14 17:01:06 —-HDC—- C:WINDOWS$NtUninstallKB899587$
2009-01-14 17:01:02 —-HDC—- C:WINDOWS$NtUninstallKB927802$
2009-01-14 17:00:56 —-HDC—- C:WINDOWS$NtUninstallKB943460$
2009-01-14 17:00:51 —-HDC—- C:WINDOWS$NtUninstallKB885835$
2009-01-14 17:00:46 —-HDC—- C:WINDOWS$NtUninstallKB885836$
2009-01-14 17:00:41 —-HDC—- C:WINDOWS$NtUninstallKB937894$
2009-01-14 17:00:37 —-HDC—- C:WINDOWS$NtUninstallKB901017$
2009-01-14 17:00:33 —-HDC—- C:WINDOWS$NtUninstallKB899591$
2009-01-14 17:00:29 —-HDC—- C:WINDOWS$NtUninstallKB933729$
2009-01-14 17:00:26 —-HDC—- C:WINDOWS$NtUninstallKB924667$
2009-01-14 17:00:22 —-HDC—- C:WINDOWS$NtUninstallKB896423$
2009-01-14 17:00:18 —-HDC—- C:WINDOWS$NtUninstallKB925398_WMP64$
2009-01-14 17:00:07 —-HDC—- C:WINDOWS$NtUninstallKB910437$
2009-01-14 17:00:02 —-HDC—- C:WINDOWS$NtUninstallKB911564$
2009-01-14 16:59:45 —-HDC—- C:WINDOWS$NtUninstallKB925902$
2009-01-13 23:44:11 —-HDC—- C:WINDOWS$NtUninstallKB891781$
2009-01-13 23:44:07 —-HDC—- C:WINDOWS$NtUninstallKB926436$
2009-01-13 23:44:02 —-HDC—- C:WINDOWS$NtUninstallKB932168$
2009-01-13 23:43:58 —-HDC—- C:WINDOWS$NtUninstallKB922582$
2009-01-13 23:43:52 —-HDC—- C:WINDOWS$NtUninstallKB900725$
2009-01-13 23:43:48 —-HDC—- C:WINDOWS$NtUninstallKB920213$
2009-01-13 23:43:44 —-HDC—- C:WINDOWS$NtUninstallKB886185$
2009-01-13 23:43:37 —-HDC—- C:WINDOWS$NtUninstallKB950749$
2009-01-13 23:43:31 —-HDC—- C:WINDOWS$NtUninstallKB908531$
2009-01-13 23:43:26 —-HDC—- C:WINDOWS$NtUninstallKB913580$
2009-01-13 23:43:22 —-HDC—- C:WINDOWS$NtUninstallKB894391$
2009-01-13 23:43:15 —-HDC—- C:WINDOWS$NtUninstallKB914389$======List of files/folders modified in the last 1 months======
2009-02-02 20:55:43 —-D—- C:WINDOWSPrefetch
2009-02-02 20:55:35 —-RD—- C:Program Files
2009-02-02 20:51:26 —-D—- C:Program FilesMozilla Firefox
2009-02-02 20:37:11 —-D—- C:WINDOWSTemp
2009-02-02 17:43:28 —-D—- C:Program FilesSteam
2009-02-02 17:43:27 —-D—- C:WINDOWSsystem32
2009-02-02 17:43:25 —-RSH—- C:WINDOWSsystem32amvo0.dll
2009-02-01 14:59:13 —-SHD—- C:WINDOWSInstaller
2009-01-31 18:34:22 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-31 18:20:07 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-01-26 18:05:37 —-A—- C:WINDOWSNeroDigital.ini
2009-01-19 00:25:55 —-D—- C:WINDOWS
2009-01-18 23:15:15 —-HD—- C:WINDOWSinf
2009-01-15 15:46:48 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-01-14 23:04:14 —-D—- C:WINDOWSsystem32drivers
2009-01-14 23:04:12 —-HD—- C:WINDOWS$hf_mig$
2009-01-14 23:04:11 —-A—- C:WINDOWSimsins.BAK
2009-01-14 23:03:36 —-A—- C:WINDOWSsystem32MRT.INI
2009-01-14 17:00:26 —-D—- C:WINDOWSWinSxS
2009-01-14 17:00:03 —-D—- C:Program FilesWindows Media Player
2009-01-14 13:36:01 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-14 13:31:39 —-D—- C:WINDOWSmsagent
2009-01-10 07:35:28 —-A—- C:WINDOWSsystem32MRT.exe======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-17 14848]
R1 StyleXPHelper;StyleXPHelper; ??C:Program FilesTGTSoftStyleXPStyleXPHelper.exe []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2005-10-26 3786944]
R3 GT680x;BearPaw 2448TA Plus Usb Scanner; C:WINDOWSSystem32DriversGt680x.sys [2003-02-18 17504]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-10-20 9600]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
R3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-18 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 npkcusb;npkcusb; ??C:Documents and SettingsАдминистраторМои документыЗагрузки PeersНовая папкаsystemnpkcusb.sys []
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2006-06-01 3925920]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2005-04-06 12928]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-04 31616]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-04 57600]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-04 17024]
S3 dump_wmimmc;dump_wmimmc; ??C:Program Files4GAMELineageIIsystemGameGuarddump_wmimmc.sys []
S3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversnmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversnmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:WINDOWSsystem32driversnmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:WINDOWSsystem32driversnmwcdcm.sys [2007-02-22 12288]
S3 npkcrypt;npkcrypt; ??C:Documents and SettingsАдминистраторМои документыЗагрузки PeersНовая папкаsystemnpkcrypt.sys []
S3 NPPTNT2;NPPTNT2; ??C:WINDOWSsystem32npptNT2.sys []
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 2GIS UpdateClientService;2GIS UpdateClientService; C:Program Files2gisUpdateClientWin32UpdateClientService.exe [2008-09-17 1134592]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:Program FilesBonjourmDNSResponder.exe [2006-02-28 229376]
R2 ICQ Service;ICQ Service; C:Program FilesICQ6ToolbarICQ Service.exe [2008-06-10 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2008-12-14 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2006-06-01 155715]
R2 StyleXPService;StyleXPService; C:Program FilesTGTSoftStyleXPStyleXPService.exe [2006-05-25 372736]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2007-03-26 292864]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2008-12-08 654848]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-23 138168]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-10-09 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 usprserv;User Privilege Service; C:WINDOWSSystem32svchost.exe [2004-08-17 14336]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]
EOF
Здравствуйте, добро пожаловать на Spyware-ru форум.
Судя по логам ваш компьютер заражён несколькими троянами, включая autorun.inf троян.
Прочитайте эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов. Скачайте и запустите Flash_Disinfector, не забудьте при этом по требованию программы вставить ваш флэш диск или подключить другие внешние устройства хранения информации.Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите программу и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:services
usprserv
:reg
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86}]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
"amva"=-
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifywinjrs32]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{08ca2d61-7013-11db-9ac5-806d6172696f}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{08ca2d63-7013-11db-9ac5-806d6172696f}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{29933bad-709f-11db-b788-00173164511c}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{475935d8-76df-11db-b79b-00173164511c}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{47966b8a-7539-11db-b793-00173164511c}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{52eabf6f-7227-11db-b78b-00173164511c}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{eee20d94-77bf-11db-b79d-00173164511c}]
:files
C:usdeiect.com
C:WINDOWSsystem32amvo.exe
C:WINDOWSsystem32winjrs32.dll
C:PROGRA~1MYCENT~1
:Commands
[emptytemp]
[start explorer]
[Reboot]Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог, вставьте его в ваш ответ.
Так же к вашему ответу приложите свежий RSIT лог.========== PROCESSES ==========
Process explorer.exe killed successfully.
Unable to kill process: :services
Unable to kill process: usprserv
Unable to kill process: :reg
Unable to kill process: [-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86}]
Unable to kill process: [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
Unable to kill process: «amva»=-
Unable to kill process: [-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifywinjrs32]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{08ca2d61-7013-11db-9ac5-806d6172696f}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{08ca2d63-7013-11db-9ac5-806d6172696f}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{29933bad-709f-11db-b788-00173164511c}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{475935d8-76df-11db-b79b-00173164511c}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{47966b8a-7539-11db-b793-00173164511c}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{52eabf6f-7227-11db-b78b-00173164511c}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{eee20d94-77bf-11db-b79d-00173164511c}]
Unable to kill process: :files
Unable to kill process: C:usdeiect.com
Unable to kill process: C:WINDOWSsystem32amvo.exe
Unable to kill process: C:WINDOWSsystem32winjrs32.dll
Unable to kill process: C:PROGRA~1MYCENT~1
Unable to kill process: :Commands
Unable to kill process: [emptytemp]
Unable to kill process: [start explorer]
Unable to kill process: [Reboot]OTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 02042009_234837
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Администратор at 2009-02-04 23:49:15
Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (5%) free of 143 GB
Total RAM: 1023 MB (54% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:49:18, on 04.02.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesTGTSoftStyleXPStyleXPService.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32RunDLL32.exe
C:Program FilesMail.RuAgentMAgent.exe
C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesCommon FilesACD SystemsENDevDetect.exe
C:Program FilesJavajre6binjusched.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesSteamSteam.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesCursorXPCursorXP.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:Program FilesICQ6.5ICQ.exe
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:Program FilesPeersPeers.exe
C:Program FilesUlead SystemsUlead Photo Express 4.0 SECalCheck.exe
C:Program FilesStylerStyler.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesICQ6ToolbarICQ Service.exe
C:Program FilesJavajre6binjqs.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSsystem32taskmgr.exe
C:Documents and SettingsАдминистраторРабочий столRSIT.exe
C:Program Filestrend microАдминистратор.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: (no name) — — (no file)
R3 — URLSearchHook: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL
O2 — BHO: Java(tm) Plug-In SSV Helper — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre6binssv.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O2 — BHO: MyCentria Internet Mate v2.3 — {FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86} — C:PROGRA~1MYCENT~1InfoBarMYCENT~1.DLL
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O3 — Toolbar: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: StylerToolBar — {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} — C:Program FilesStylerTBStylerTB.dll
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [GrooveMonitor] «C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [Device Detector] DevDetect.exe -autorun
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [Steam] «C:Program FilesSteamSteam.exe» -silent
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [STYLEXP] C:Program FilesTGTSoftStyleXPStyleXP.exe -Hide
O4 — HKCU..Run: [CursorXP] C:Program FilesCursorXPCursorXP.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6.5ICQ.exe» silent
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Styler.lnk = ?
O4 — Global Startup: Peers.lnk = C:Program FilesPeersPeers.exe
O4 — Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:Program FilesUlead SystemsUlead Photo Express 4.0 SECalCheck.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Поиск@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Словари@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/283
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 — DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) — http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 — DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) — http://vkontakte.ru/uploader/ImageUploader4.cab
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~1MICROS~2Office12GR99D3~1.DLL
O20 — Winlogon Notify: winjrs32 — C:WINDOWSSYSTEM32winjrs32.dll
O23 — Service: 2GIS UpdateClientService — ДубльГИС — C:Program Files2gisUpdateClientWin32UpdateClientService.exe
O23 — Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) — Apple Computer, Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: ICQ Service — Unknown owner — C:Program FilesICQ6ToolbarICQ Service.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: StyleXPService — Unknown owner — C:Program FilesTGTSoftStyleXPStyleXPService.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 10425 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx [2001-03-02 37808][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper — C:Program FilesJavajre6binssv.dll [2008-12-14 320920][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-02-02 676704][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2008-11-23 2427968][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll [2008-11-30 737776][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2008-12-14 34816][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2008-12-14 73728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86}]
MyCentria Internet Mate v2.3 — C:PROGRA~1MYCENT~1InfoBarMYCENT~1.DLL [2008-12-02 690688][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-11-23 2427968]
{855F3B16-6D32-4fe6-8A56-BBB695989046} — ICQToolBar — C:Program FilesICQ6ToolbarICQToolBar.dll [2008-06-12 958712]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-02-02 676704]
{D2F8F919-690B-4EA2-9FA7-A203D1E04F75} — StylerToolBar — C:Program FilesStylerTBStylerTB.dll [2006-05-02 102400][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2005-10-24 90112]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2006-06-01 7618560]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMCTray.dll [2006-06-01 86016]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-02-02 5603000]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2007-03-23 227328]
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]
«GrooveMonitor»=C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2006-10-27 31016]
«Device Detector»=DevDetect.exe -autorun []
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2008-12-14 136600][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«Steam»=C:Program FilesSteamSteam.exe [2006-11-09 1410296]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-11-30 68856]
«STYLEXP»=C:Program FilesTGTSoftStyleXPStyleXP.exe [2006-05-25 1372160]
«CursorXP»=C:Program FilesCursorXPCursorXP.exe [2005-01-19 128000]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-10-09 139264]
«ICQ»=C:Program FilesICQ6.5ICQ.exe [2008-11-30 172792]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Peers.lnk — C:Program FilesPeersPeers.exe
Ulead Photo Express 4.0 SE Calendar Checker .lnk — C:Program FilesUlead SystemsUlead Photo Express 4.0 SECalCheck.exeC:Documents and SettingsАдминистраторГлавное менюПрограммыАвтозагрузка
Styler.lnk — C:Documents and SettingsАдминистраторApplication DataMicrosoftInstaller{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}_585b207a.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifywinjrs32]
C:WINDOWSsystem32winjrs32.dll [2008-12-05 39424][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~1MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesICQ6ICQ.exe»=»C:Program FilesICQ6ICQ.exe:*:Enabled:ICQ6»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
«C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»
«C:WINDOWSsystem32winver.exe»=»C:WINDOWSsystem32winver.exe:*:Enabled:winver»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{29933bad-709f-11db-b788-00173164511c}]
shellAutoRuncommand — E:usdeiect.com
shellexplorecommand — E:usdeiect.com
shellopencommand — E:usdeiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{475935d8-76df-11db-b79b-00173164511c}]
shellAutoRuncommand — E:usdeiect.com
shellexplorecommand — E:usdeiect.com
shellopencommand — E:usdeiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{47966b8a-7539-11db-b793-00173164511c}]
shellAutoRuncommand — E:usdeiect.com
shellexplorecommand — E:usdeiect.com
shellopencommand — E:usdeiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{52eabf6f-7227-11db-b78b-00173164511c}]
shellAutoRuncommand — G:usdeiect.com
shellexplorecommand — G:usdeiect.com
shellopencommand — G:usdeiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c6ee689a-f2e3-11dd-b8a1-00173164511c}]
shell1command — E:RUNAUT~1autorun.pif
shell2command — E:RUNAUT~1autorun.pif
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNAUT~1autorun.pif[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{eee20d94-77bf-11db-b79d-00173164511c}]
shellAutoRuncommand — E:usdeiect.com
shellexplorecommand — E:usdeiect.com
shellopencommand — E:usdeiect.com======List of files/folders created in the last 1 months======
2009-02-04 23:41:55 —-D—- C:_OTMoveIt
2009-02-02 20:55:35 —-D—- C:Program Filestrend micro
2009-02-02 20:55:34 —-D—- C:rsit
2009-01-24 23:52:13 —-RSH—- C:usdeiect.com
2009-01-14 23:04:12 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-01-14 23:04:06 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-01-14 17:01:06 —-HDC—- C:WINDOWS$NtUninstallKB899587$
2009-01-14 17:01:02 —-HDC—- C:WINDOWS$NtUninstallKB927802$
2009-01-14 17:00:56 —-HDC—- C:WINDOWS$NtUninstallKB943460$
2009-01-14 17:00:51 —-HDC—- C:WINDOWS$NtUninstallKB885835$
2009-01-14 17:00:46 —-HDC—- C:WINDOWS$NtUninstallKB885836$
2009-01-14 17:00:41 —-HDC—- C:WINDOWS$NtUninstallKB937894$
2009-01-14 17:00:37 —-HDC—- C:WINDOWS$NtUninstallKB901017$
2009-01-14 17:00:33 —-HDC—- C:WINDOWS$NtUninstallKB899591$
2009-01-14 17:00:29 —-HDC—- C:WINDOWS$NtUninstallKB933729$
2009-01-14 17:00:26 —-HDC—- C:WINDOWS$NtUninstallKB924667$
2009-01-14 17:00:22 —-HDC—- C:WINDOWS$NtUninstallKB896423$
2009-01-14 17:00:18 —-HDC—- C:WINDOWS$NtUninstallKB925398_WMP64$
2009-01-14 17:00:07 —-HDC—- C:WINDOWS$NtUninstallKB910437$
2009-01-14 17:00:02 —-HDC—- C:WINDOWS$NtUninstallKB911564$
2009-01-14 16:59:45 —-HDC—- C:WINDOWS$NtUninstallKB925902$
2009-01-13 23:44:11 —-HDC—- C:WINDOWS$NtUninstallKB891781$
2009-01-13 23:44:07 —-HDC—- C:WINDOWS$NtUninstallKB926436$
2009-01-13 23:44:02 —-HDC—- C:WINDOWS$NtUninstallKB932168$
2009-01-13 23:43:58 —-HDC—- C:WINDOWS$NtUninstallKB922582$
2009-01-13 23:43:52 —-HDC—- C:WINDOWS$NtUninstallKB900725$
2009-01-13 23:43:48 —-HDC—- C:WINDOWS$NtUninstallKB920213$
2009-01-13 23:43:44 —-HDC—- C:WINDOWS$NtUninstallKB886185$
2009-01-13 23:43:37 —-HDC—- C:WINDOWS$NtUninstallKB950749$
2009-01-13 23:43:31 —-HDC—- C:WINDOWS$NtUninstallKB908531$
2009-01-13 23:43:26 —-HDC—- C:WINDOWS$NtUninstallKB913580$
2009-01-13 23:43:22 —-HDC—- C:WINDOWS$NtUninstallKB894391$
2009-01-13 23:43:15 —-HDC—- C:WINDOWS$NtUninstallKB914389$======List of files/folders modified in the last 1 months======
2009-02-04 23:49:04 —-D—- C:Program FilesSteam
2009-02-04 23:46:51 —-D—- C:WINDOWSTemp
2009-02-04 23:46:27 —-D—- C:WINDOWSPrefetch
2009-02-04 23:46:22 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-04 23:46:06 —-D—- C:Program FilesMozilla Firefox
2009-02-04 23:39:35 —-D—- C:WINDOWSsystem32
2009-02-04 23:38:40 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-02-02 23:19:22 —-A—- C:WINDOWSNeroDigital.ini
2009-02-02 20:55:35 —-RD—- C:Program Files
2009-02-01 14:59:13 —-SHD—- C:WINDOWSInstaller
2009-01-19 00:25:55 —-D—- C:WINDOWS
2009-01-18 23:15:15 —-HD—- C:WINDOWSinf
2009-01-15 15:46:48 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-01-14 23:04:14 —-D—- C:WINDOWSsystem32drivers
2009-01-14 23:04:12 —-HD—- C:WINDOWS$hf_mig$
2009-01-14 23:04:11 —-A—- C:WINDOWSimsins.BAK
2009-01-14 23:03:36 —-A—- C:WINDOWSsystem32MRT.INI
2009-01-14 17:00:26 —-D—- C:WINDOWSWinSxS
2009-01-14 17:00:03 —-D—- C:Program FilesWindows Media Player
2009-01-14 13:36:01 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-14 13:31:39 —-D—- C:WINDOWSmsagent
2009-01-10 07:35:28 —-A—- C:WINDOWSsystem32MRT.exe======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-17 14848]
R1 StyleXPHelper;StyleXPHelper; ??C:Program FilesTGTSoftStyleXPStyleXPHelper.exe []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2005-10-26 3786944]
R3 GT680x;BearPaw 2448TA Plus Usb Scanner; C:WINDOWSSystem32DriversGt680x.sys [2003-02-18 17504]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-10-20 9600]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
R3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-18 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 npkcusb;npkcusb; ??C:Documents and SettingsАдминистраторМои документыЗагрузки PeersНовая папкаsystemnpkcusb.sys []
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2006-06-01 3925920]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2005-04-06 12928]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-04 31616]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-04 57600]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-04 17024]
R3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 dump_wmimmc;dump_wmimmc; ??C:Program Files4GAMELineageIIsystemGameGuarddump_wmimmc.sys []
S3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversnmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversnmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:WINDOWSsystem32driversnmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:WINDOWSsystem32driversnmwcdcm.sys [2007-02-22 12288]
S3 npkcrypt;npkcrypt; ??C:Documents and SettingsАдминистраторМои документыЗагрузки PeersНовая папкаsystemnpkcrypt.sys []
S3 NPPTNT2;NPPTNT2; ??C:WINDOWSsystem32npptNT2.sys []
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:Program FilesBonjourmDNSResponder.exe [2006-02-28 229376]
R2 ICQ Service;ICQ Service; C:Program FilesICQ6ToolbarICQ Service.exe [2008-06-10 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2008-12-14 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2006-06-01 155715]
R2 StyleXPService;StyleXPService; C:Program FilesTGTSoftStyleXPStyleXPService.exe [2006-05-25 372736]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2007-03-26 292864]
S2 2GIS UpdateClientService;2GIS UpdateClientService; C:Program Files2gisUpdateClientWin32UpdateClientService.exe [2008-09-17 1134592]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2008-12-08 654848]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-23 138168]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-10-09 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 usprserv;User Privilege Service; C:WINDOWSSystem32svchost.exe [2004-08-17 14336]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]
EOF
Повторите инструкцию из моего предыдущего сообщения ещё раз, но когда вставите текст скрипта в окно OTMoveIt убедитесь что он выглядит так же как в моём сообщении, если есть пробелы перед директивами, то удалите их.
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service usprserv stopped successfully.
Service usprserv deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86}\ deleted successfully.
Registry value HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun\amva deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifywinjrs32\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{08ca2d61-7013-11db-9ac5-806d6172696f}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{08ca2d63-7013-11db-9ac5-806d6172696f}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{29933bad-709f-11db-b788-00173164511c}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{475935d8-76df-11db-b79b-00173164511c}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{47966b8a-7539-11db-b793-00173164511c}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{52eabf6f-7227-11db-b78b-00173164511c}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{eee20d94-77bf-11db-b79d-00173164511c}\ deleted successfully.
========== FILES ==========
C:usdeiect.com moved successfully.
C:WINDOWSsystem32amvo.exe moved successfully.
DllUnregisterServer procedure not found in C:WINDOWSsystem32winjrs32.dll
C:WINDOWSsystem32winjrs32.dll NOT unregistered.
C:WINDOWSsystem32winjrs32.dll moved successfully.
C:PROGRA~1MyCentriaInfoBar moved successfully.
C:PROGRA~1MyCentriaFirefox moved successfully.
C:PROGRA~1MyCentria moved successfully.
========== COMMANDS ==========
File delete failed. C:DOCUME~19335~1LOCALS~1Tempetilqs_KM1kNL2emSjKfn4JGgfg scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1TempJETA6DA.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1Temp~DF7454.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:WINDOWStempPerflib_Perfdata_7ac.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsApplication DataMozillaFirefoxProfiles7dk32gsk.defaulturlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 02062009_231124
Files moved on Reboot…
File C:DOCUME~19335~1LOCALS~1Tempetilqs_KM1kNL2emSjKfn4JGgfg not found!
File C:DOCUME~19335~1LOCALS~1TempJETA6DA.tmp not found!
C:DOCUME~19335~1LOCALS~1Temp~DF7454.tmp moved successfully.
File move failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be moved on reboot.
C:WINDOWStempPerflib_Perfdata_7ac.dat moved successfully.
C:Documents and SettingsАдминистраторLocal SettingsApplication DataMozillaFirefoxProfiles7dk32gsk.defaulturlclassifier3.sqlite moved successfully.
- Для ответа в этой теме необходимо авторизоваться.
