Незапускются антивирусники

[talik_m]

Полетел диспетчер задач, при вызове пишет что отключен админом, затем перестали запускаться антивирусники. Переставила систему но правды очистила только один диск на втором много полезного скинуть некуда, непомогло, после первой перезагрузки весь процесс блокировки программ начался по новой.
на вашем сайте скачала сканер RSIT и запустила, что выдал пересылаю что делать, неужели только сносить оба диска и все что на них???

Logfile of random’s system information tool 1.06 (written by random/random)
Run by тимон at 2009-11-20 17:13:49
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (12%) free of 20 GB
Total RAM: 3327 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:13:52, on 20.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinampwinampa.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSRTHDCPL.EXE
C:Program FilesDrWebSpIDerAgent.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesSony EricssonMobile2Application LauncherApplication Launcher.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe
C:Program FilesuTorrentuTorrent.exe
C:Program FilesCommon FilesTeleca SharedGeneric.exe
C:Program FilesSony EricssonMobile2Mobile Phone Monitorepmworker.exe
C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
C:Program FilesNeroNero8Nero BackItUpNBService.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32IoctlSvc.exe
C:Program FilesCommon FilesNeroLibNMIndexingService.exe
C:WINDOWSsystem32wscntfy.exe
C:Program FilesMalwarebytes’ Anti-Malwarembam.exe
C:Program FilesOpera 10.10 Betaopera.exe
C:Program FilesOperaOpera.exe
C:DOCUME~1DAE6~1LOCALS~1Tempwinkdbv.exe
C:DOCUME~1DAE6~1LOCALS~1Tempwinmmwvxi.exe
C:Documents and SettingsтимонРабочий столRSIT.exe
C:Program Filestrend microтимон.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=47639
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {9CB65206-89C4-402c-BA80-02D8C59F9B1D} — C:Program FilesAskTBarSrchAstt1.binA5SRCHAS.DLL
O2 — BHO: Ask Search Assistant BHO — {9CB65201-89C4-402c-BA80-02D8C59F9B1D} — C:Program FilesAskTBarSrchAstt1.binA5SRCHAS.DLL
O2 — BHO: Ask Toolbar BHO — {FE063DB1-4EC0-403e-8DD8-394C54984B2C} — C:Program FilesAskTBarbar1.binASKTBAR.DLL
O3 — Toolbar: Ask Toolbar — {FE063DB9-4EC0-403e-8DD8-394C54984B2C} — C:Program FilesAskTBarbar1.binASKTBAR.DLL
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesNeroLibNeroCheck.exe
O4 — HKLM..Run: [NBKeyScan] «C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe»
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [TrojanScanner] C:Program FilesTrojan RemoverTrjscan.exe /boot
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [SpIDerAgent] «C:Program FilesDrWebSpIDerAgent.exe»
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWebspiderml.exe»
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DrWebspiderui.exe /agent
O4 — HKLM..Run: [Malwarebytes Anti-Malware (reboot)] «C:Program FilesMalwarebytes’ Anti-Malwarembam.exe» /runcleanupscript
O4 — HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeqttask.exe» -atboottime
O4 — HKLM..Run: [Sony Ericsson PC Suite] «C:Program FilesSony EricssonMobile2Application LauncherApplication Launcher.exe» /startoptions
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe» ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 — HKCU..Run: [uTorrent] «C:Program FilesuTorrentuTorrent.exe»
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O7 — HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem, DisableRegedit=1
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{34797C1B-ADED-4068-BFEB-E9BDD25452F5}: NameServer = 212.94.96.124 212.94.96.70
O23 — Service: Dr.Web ® Scanning Engine (DrWebEngine) (DrWebEngine) — Doctor Web, Ltd. — C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Nero BackItUp Scheduler 3 — Nero AG — C:Program FilesNeroNero8Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: PLFlash DeviceIoControl Service — Prolific Technology Inc. — C:WINDOWSsystem32IoctlSvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DrWebspidernt.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 6838 bytes

======Scheduled tasks folder======

C:WINDOWStasksAppleSoftwareUpdate.job
C:WINDOWStasksDr.Web Update.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
Ask Search Assistant BHO — C:Program FilesAskTBarSrchAstt1.binA5SRCHAS.DLL [2009-11-18 57344]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
Ask Toolbar BHO — C:Program FilesAskTBarbar1.binASKTBAR.DLL [2009-11-18 245760]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{FE063DB9-4EC0-403e-8DD8-394C54984B2C} — Ask Toolbar — C:Program FilesAskTBarbar1.binASKTBAR.DLL [2009-11-18 245760]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-07-24 5586208]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2008-12-26 13680640]
«nwiz»=nwiz.exe /install []
«NeroFilterCheck»=C:Program FilesCommon FilesNeroLibNeroCheck.exe [2008-02-28 648488]
«NBKeyScan»=C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe [2008-02-18 2295080]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2008-03-27 36352]
«TrojanScanner»=C:Program FilesTrojan RemoverTrjscan.exe [2009-01-01 1231752]
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2008-12-26 86016]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2007-06-13 16377344]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 139264]
«SpIDerAgent»=C:Program FilesDrWebSpIDerAgent.exe [2008-12-17 697584]
«SpIDerMail»=C:Program FilesDrWebspiderml.exe [2008-12-12 627952]
«SpIDerNT»=C:PROGRA~1DrWebspiderui.exe [2008-12-09 197896]
«Malwarebytes Anti-Malware (reboot)»=C:Program FilesMalwarebytes’ Anti-Malwarembam.exe [2009-09-10 1381712]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2007-02-16 360448]
«Sony Ericsson PC Suite»=C:Program FilesSony EricssonMobile2Application LauncherApplication Launcher.exe [2007-06-13 528384]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-15 15360]
«IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe [2008-02-28 1828136]
«uTorrent»=C:Program FilesuTorrentuTorrent.exe [2009-11-18 289584]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«DisableRegistryTools»=1
«DisableTaskMgr»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableLUA»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«D:ДрайвераAcer Drivers!!!!!!!!!!!!!!!!!!LAN_Driver_Marvel_Ver.10.22.7.3SetupYukonWinC_5X6N.exe»=»D:ДрайвераAcer Drivers!!!!!!!!!!!!!!!!!!LAN_Driver_Marvel_Ver.10.22.7.3SetupYukonWinC_5X6N.exe:*:Enabled:ipsec»
«C:WINDOWSExplorer.EXE»=»C:WINDOWSExplorer.EXE:*:Enabled:ipsec»
«C:Program FilesWinamp RemotebinOrb.exe»=»C:Program FilesWinamp RemotebinOrb.exe:*:Enabled:Orb»
«C:Program FilesWinamp RemotebinOrbTray.exe»=»C:Program FilesWinamp RemotebinOrbTray.exe:*:Enabled:OrbTray»
«C:Program FilesWinamp RemotebinOrbStreamerClient.exe»=»C:Program FilesWinamp RemotebinOrbStreamerClient.exe:*:Enabled:Orb Stream Client»
«D:ДрайвераAcer DriversAUDIOAUDIOSETUP.EXE»=»D:ДрайвераAcer DriversAUDIOAUDIOSETUP.EXE:*:Enabled:ipsec»
«C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe»=»C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe:*:Enabled:ipsec»
«C:Program FilesCommon FilesNeroLibNeroCheck.exe»=»C:Program FilesCommon FilesNeroLibNeroCheck.exe:*:Enabled:ipsec»
«C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe»=»C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe:*:Enabled:ipsec»
«C:WINDOWSsystem32netsh.exe»=»C:WINDOWSsystem32netsh.exe:*:Enabled:ipsec»
«C:Program FilesWinampwinampa.exe»=»C:Program FilesWinampwinampa.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempemhx.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempemhx.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempatlfqd.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempatlfqd.exe:*:Enabled:ipsec»
«C:WINDOWSsystem32nwiz.exe»=»C:WINDOWSsystem32nwiz.exe:*:Enabled:ipsec»
«C:Program FilesTrojan Removersschk.exe»=»C:Program FilesTrojan Removersschk.exe:*:Enabled:ipsec»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
«C:DOCUME~1DAE6~1LOCALS~1Tempbwibfm.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempbwibfm.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempaberu.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempaberu.exe:*:Enabled:ipsec»
«C:WINDOWSsystem32userinit.exe»=»C:WINDOWSsystem32userinit.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinuisfud.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinuisfud.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinulnj.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinulnj.exe:*:Enabled:ipsec»
«C:Program FilesOperaOpera.exe»=»C:Program FilesOperaOpera.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinscifa.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinscifa.exe:*:Enabled:ipsec»
«C:Program FilesOpera 10.10 Betaopera.exe»=»C:Program FilesOpera 10.10 Betaopera.exe:*:Enabled:Opera Internet Browser»
«C:DOCUME~1DAE6~1LOCALS~1Tempwineexw.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwineexw.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinapcjkn.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinapcjkn.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Templbpl.exe»=»C:DOCUME~1DAE6~1LOCALS~1Templbpl.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempxprou.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempxprou.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempnxwcj.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempnxwcj.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinwfya.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinwfya.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinkhbp.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinkhbp.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinavqiq.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinavqiq.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempvxggem.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempvxggem.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinkmcxw.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinkmcxw.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempxplmj.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempxplmj.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinwjojmq.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinwjojmq.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempdhhjq.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempdhhjq.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Temptgfgp.exe»=»C:DOCUME~1DAE6~1LOCALS~1Temptgfgp.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempfuur.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempfuur.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinmkcol.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinmkcol.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinsxkc.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinsxkc.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Temprwni.exe»=»C:DOCUME~1DAE6~1LOCALS~1Temprwni.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinjovgpq.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinjovgpq.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempkshe.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempkshe.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwingjxlu.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwingjxlu.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinkupg.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinkupg.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinykxa.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinykxa.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinnyegrk.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinnyegrk.exe:*:Enabled:ipsec»
«c:nvidiawinxp181.20isnvudisp.exe»=»c:nvidiawinxp181.20isnvudisp.exe:*:Enabled:ipsec»
«c:nvidiawinxp181.20isPhysX_8.10.13_SystemSoftware.exe»=»c:nvidiawinxp181.20isPhysX_8.10.13_SystemSoftware.exe:*:Enabled:ipsec»
«C:WINDOWSsystem32rundll32.exe»=»C:WINDOWSsystem32RUNDLL32.exe:*:Enabled:ipsec»
«C:WINDOWSSOUNDMAN.EXE»=»C:WINDOWSSOUNDMAN.EXE:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinlqjx.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinlqjx.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempywkfid.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempywkfid.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwrns.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwrns.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempycku.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempycku.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinkwlcbh.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinkwlcbh.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempnyqu.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempnyqu.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempoweq.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempoweq.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempjfbud.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempjfbud.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempcbqjw.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempcbqjw.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinghju.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinghju.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempckbqbd.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempckbqbd.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempubmoqe.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempubmoqe.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwineaskld.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwineaskld.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwindwuhrg.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwindwuhrg.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinbksyqk.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinbksyqk.exe:*:Enabled:ipsec»
«C:Program FilesMalwarebytes’ Anti-Malwarembam.exe»=»C:Program FilesMalwarebytes’ Anti-Malwarembam.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinmikp.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinmikp.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwintpsjjt.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwintpsjjt.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinrekv.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinrekv.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinmnir.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinmnir.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempuwhyf.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempuwhyf.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwingqnw.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwingqnw.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinrskw.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinrskw.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinuhjqv.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinuhjqv.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinjoyonc.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinjoyonc.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempryvxd.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempryvxd.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempiobki.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempiobki.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempejlag.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempejlag.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempflyfjp.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempflyfjp.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempsfid.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempsfid.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempeixtr.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempeixtr.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinatxyug.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinatxyug.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempijvbg.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempijvbg.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Temprwyyw.exe»=»C:DOCUME~1DAE6~1LOCALS~1Temprwyyw.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempxfuqu.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempxfuqu.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempgeuj.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempgeuj.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempoadnh.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempoadnh.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwintunf.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwintunf.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Templcex.exe»=»C:DOCUME~1DAE6~1LOCALS~1Templcex.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempgbwhlt.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempgbwhlt.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempvgksbw.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempvgksbw.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinyoyt.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinyoyt.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinmubpxc.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinmubpxc.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempwinamnf.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempwinamnf.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Temprdwkbw.exe»=»C:DOCUME~1DAE6~1LOCALS~1Temprdwkbw.exe:*:Enabled:ipsec»
«C:DOCUME~1DAE6~1LOCALS~1Tempbsoo.exe»=»C:DOCUME~1DAE6~1LOCALS~1Tempbsoo.exe:*:Enabled:ipsec»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{80539b88-d4e9-11de-8ee2-001c2583d9ae}]
shellautoplAycommand — J:ysvl.pif
shellAutoRuncommand — J:ysvl.pif
shellExPlorEcommand — J:ysvl.pif
shellopencommand — J:ysvl.pif

======List of files/folders created in the last 1 months======

2009-11-20 00:02:39 —-HD—- C:WINDOWSPIF
2009-11-20 00:02:30 —-D—- C:Documents and SettingsтимонApplication DataApple Computer
2009-11-19 23:57:32 —-D—- C:Documents and SettingsтимонApplication DataTeleca
2009-11-19 23:49:56 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-11-19 23:48:50 —-D—- C:Documents and SettingsтимонApplication DataSony Ericsson
2009-11-19 23:48:36 —-D—- C:Program FilesCommon FilesSony Ericsson Shared
2009-11-19 23:48:34 —-D—- C:Program FilesCommon FilesTeleca Shared
2009-11-19 23:48:32 —-D—- C:Program FilesSony Ericsson
2009-11-19 23:46:08 —-D—- C:Documents and SettingsAll UsersApplication DataTeleca
2009-11-19 23:46:08 —-D—- C:Documents and SettingsAll UsersApplication DataSony Ericsson
2009-11-19 23:37:53 —-RSD—- C:WINDOWSassembly
2009-11-19 23:36:52 —-D—- C:WINDOWSMicrosoft.NET
2009-11-19 23:33:53 —-D—- C:Program FilesQuickTime
2009-11-19 23:33:21 —-D—- C:Program FilesApple Software Update
2009-11-19 23:32:55 —-D—- C:Documents and SettingsAll UsersApplication DataApple Computer
2009-11-19 18:21:48 —-D—- C:Documents and SettingsAll UsersApplication DataEgoset
2009-11-19 12:07:13 —-D—- C:Documents and SettingsAll UsersApplication DataArise
2009-11-19 11:31:52 —-D—- C:WINDOWSMinidump
2009-11-19 11:11:11 —-D—- C:skin
2009-11-19 11:11:11 —-D—- C:graphics
2009-11-19 11:04:29 —-D—- C:Documents and SettingsтимонApplication DataMalwarebytes
2009-11-19 11:04:25 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2009-11-19 11:04:25 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2009-11-19 10:44:18 —-D—- C:rsit
2009-11-19 10:44:18 —-D—- C:Program Filestrend micro
2009-11-19 10:12:20 —-D—- C:Program FilesCommon FilesDoctor Web
2009-11-19 10:12:19 —-D—- C:Program FilesDrWeb
2009-11-19 10:12:19 —-D—- C:Documents and SettingsAll UsersApplication DataDoctor Web
2009-11-19 09:58:36 —-D—- C:WINDOWSPrefetch
2009-11-19 09:53:31 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-11-19 09:50:12 —-A—- C:WINDOWSpnplog.txt
2009-11-19 09:44:41 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-11-19 09:44:41 —-A—- C:WINDOWSsystem32irclass.dll
2009-11-19 09:44:28 —-RA—- C:WINDOWSSET3A.tmp
2009-11-19 09:44:26 —-RA—- C:WINDOWSSET2E.tmp
2009-11-19 09:44:24 —-RA—- C:WINDOWSSET2B.tmp
2009-11-19 09:33:03 —-A—- C:WINDOWSUPGRADE.TXT
2009-11-19 09:33:00 —-D—- C:WINDOWSsetup.pss
2009-11-19 01:34:51 —-N—- C:WINDOWSsystem32spmsg.dll
2009-11-19 01:34:51 —-D—- C:WINDOWSsystem32PreInstall
2009-11-19 01:34:51 —-A—- C:WINDOWSsystem32spupdsvc.exe
2009-11-19 01:34:50 —-HD—- C:WINDOWS$hf_mig$
2009-11-19 01:33:24 —-D—- C:Program FilesEffective Studios
2009-11-19 01:32:45 —-D—- C:WINDOWSDownloaded Installations
2009-11-18 22:20:19 —-A—- C:WINDOWSsystem32h323log.txt
2009-11-18 22:14:23 —-A—- C:WINDOWSimsins.BAK
2009-11-18 22:14:20 —-SHD—- C:WINDOWSInstaller
2009-11-18 22:14:20 —-D—- C:Program FilesCommon FilesODBC
2009-11-18 22:14:20 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-11-18 22:14:20 —-A—- C:WINDOWSODBCINST.INI
2009-11-18 22:14:16 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-11-18 22:14:15 —-RD—- C:Program Files
2009-11-18 22:14:15 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-11-18 22:14:15 —-D—- C:Program FilesCommon Files
2009-11-18 22:14:00 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-11-18 22:13:59 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-11-18 22:13:56 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-11-18 22:13:55 —-A—- C:WINDOWSsystem32storprop.dll
2009-11-18 22:13:48 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-11-18 22:13:45 —-RA—- C:WINDOWSSET8.tmp
2009-11-18 22:13:43 —-RA—- C:WINDOWSSET4.tmp
2009-11-18 22:13:41 —-RA—- C:WINDOWSSET3.tmp
2009-11-18 22:13:37 —-D—- C:WINDOWSsystem32CatRoot2
2009-11-18 22:13:37 —-D—- C:WINDOWSsystem32CatRoot
2009-11-18 22:13:31 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-11-18 22:13:11 —-A—- C:WINDOWSsetuplog.txt
2009-11-18 22:13:07 —-SHD—- C:System Volume Information
2009-11-18 22:13:07 —-D—- C:Documents and Settings
2009-11-18 22:11:47 —-SH—- C:boot.ini
2009-11-18 22:04:50 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-11-18 22:04:50 —-RSD—- C:WINDOWSFonts
2009-11-18 22:04:50 —-RD—- C:WINDOWSWeb
2009-11-18 22:04:50 —-HD—- C:WINDOWSinf
2009-11-18 22:04:50 —-D—- C:WINDOWSWinSxS
2009-11-18 22:04:50 —-D—- C:WINDOWStwain_32
2009-11-18 22:04:50 —-D—- C:WINDOWSTemp
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32wins
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32wbem
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32usmt
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32spool
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32ShellExt
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32Setup
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32ru-ru
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32ru
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32ras
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32oobe
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32npp
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32mui
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32inetsrv
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32IME
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32icsxml
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32ias
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32export
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32drivers
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32dhcp
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32config
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem323com_dmi
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem323076
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem322052
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem321054
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem321049
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem321042
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem321041
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem321037
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem321033
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem321031
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem321028
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem321025
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem32
2009-11-18 22:04:50 —-D—- C:WINDOWSsystem
2009-11-18 22:04:50 —-D—- C:WINDOWSsecurity
2009-11-18 22:04:50 —-D—- C:WINDOWSResources
2009-11-18 22:04:50 —-D—- C:WINDOWSrepair
2009-11-18 22:04:50 —-D—- C:WINDOWSProvisioning
2009-11-18 22:04:50 —-D—- C:WINDOWSPeerNet
2009-11-18 22:04:50 —-D—- C:WINDOWSpchealth
2009-11-18 22:04:50 —-D—- C:WINDOWSNetwork Diagnostic
2009-11-18 22:04:50 —-D—- C:WINDOWSmui
2009-11-18 22:04:50 —-D—- C:WINDOWSmsapps
2009-11-18 22:04:50 —-D—- C:WINDOWSmsagent
2009-11-18 22:04:50 —-D—- C:WINDOWSMedia
2009-11-18 22:04:50 —-D—- C:WINDOWSL2Schemas
2009-11-18 22:04:50 —-D—- C:WINDOWSjava
2009-11-18 22:04:50 —-D—- C:WINDOWSime
2009-11-18 22:04:50 —-D—- C:WINDOWSHelp
2009-11-18 22:04:50 —-D—- C:WINDOWSehome
2009-11-18 22:04:50 —-D—- C:WINDOWSDriver Cache
2009-11-18 22:04:50 —-D—- C:WINDOWSDebug
2009-11-18 22:04:50 —-D—- C:WINDOWSCursors
2009-11-18 22:04:50 —-D—- C:WINDOWSConnection Wizard
2009-11-18 22:04:50 —-D—- C:WINDOWSConfig
2009-11-18 22:04:50 —-D—- C:WINDOWSAppPatch
2009-11-18 22:04:50 —-D—- C:WINDOWSaddins
2009-11-18 22:04:50 —-D—- C:WINDOWS
2009-11-18 21:35:14 —-D—- C:WINDOWSsystem32SoftwareDistribution
2009-11-18 21:02:15 —-D—- C:Program FilesOpera 10.10 Beta
2009-11-18 20:58:07 —-D—- C:Documents and SettingsAll UsersApplication DataSpybot — Search & Destroy
2009-11-18 20:34:37 —-A—- C:WINDOWSNeroDigital.ini
2009-11-18 20:27:06 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-11-18 20:06:42 —-D—- C:Documents and SettingsтимонApplication DataMra
2009-11-18 20:06:31 —-D—- C:Program FilesMail.Ru
2009-11-18 19:52:45 —-D—- C:Program FilesYandex
2009-11-18 19:52:45 —-D—- C:Documents and SettingsтимонApplication DataYandex
2009-11-18 19:52:45 —-D—- C:Documents and SettingsтимонApplication DataMozilla
2009-11-18 19:52:15 —-D—- C:Program FilesuTorrent
2009-11-18 19:48:52 —-D—- C:Documents and SettingsтимонApplication DatauTorrent
2009-11-18 19:46:46 —-D—- C:Documents and SettingsтимонApplication DataMacromedia
2009-11-18 19:46:46 —-D—- C:Documents and SettingsтимонApplication DataAdobe
2009-11-18 18:38:43 —-D—- C:WINDOWSsystem32Lang
2009-11-18 18:37:03 —-A—- C:WINDOWSsystem32ChCfg.exe
2009-11-18 18:36:45 —-D—- C:WINDOWSsystem32RTCOM
2009-11-18 18:36:43 —-A—- C:WINDOWSsystem32ksuser.dll
2009-11-18 18:36:38 —-A—- C:WINDOWSSOUNDMAN.EXE
2009-11-18 18:36:38 —-A—- C:WINDOWSSkyTel.exe
2009-11-18 18:36:38 —-A—- C:WINDOWSRtlUpd.exe
2009-11-18 18:36:38 —-A—- C:WINDOWSRTLCPL.exe
2009-11-18 18:36:36 —-HD—- C:Program FilesInstallShield Installation Information
2009-11-18 18:36:36 —-D—- C:Program FilesRealtek
2009-11-18 18:36:36 —-A—- C:WINDOWSRTHDCPL.exe
2009-11-18 18:36:36 —-A—- C:WINDOWSMicCal.exe
2009-11-18 18:36:36 —-A—- C:WINDOWSalcwzrd.exe
2009-11-18 18:36:36 —-A—- C:WINDOWSALCMTR.EXE
2009-11-18 18:36:32 —-A—- C:WINDOWSRtlExUpd.dll
2009-11-18 18:36:32 —-A—- C:WINDOWSHideWin.exe
2009-11-18 18:14:49 —-A—- C:WINDOWSsystem32ztvunrar36.dll
2009-11-18 18:14:49 —-A—- C:WINDOWSsystem32ztvunace26.dll
2009-11-18 18:14:49 —-A—- C:WINDOWSsystem32ztvcabinet.dll
2009-11-18 18:14:49 —-A—- C:WINDOWSsystem32UNRAR3.dll
2009-11-18 18:14:49 —-A—- C:WINDOWSsystem32unacev2.dll
2009-11-18 18:14:47 —-D—- C:Program FilesTrojan Remover
2009-11-18 18:14:47 —-D—- C:Documents and SettingsтимонApplication DataSimply Super Software
2009-11-18 18:14:47 —-D—- C:Documents and SettingsAll UsersApplication DataSimply Super Software
2009-11-18 17:46:11 —-D—- C:Program FilesNeroInstall.bak
2009-11-18 17:45:01 —-D—- C:Documents and SettingsтимонApplication DataNero
2009-11-18 17:44:29 —-A—- C:WINDOWSsystem32MsiExec.exe.log
2009-11-18 17:42:52 —-D—- C:Program FilesNero
2009-11-18 17:42:52 —-D—- C:Program FilesCommon FilesNero
2009-11-18 17:42:52 —-D—- C:Documents and SettingsAll UsersApplication DataNero
2009-11-18 17:41:02 —-D—- C:WINDOWSRegisteredPackages
2009-11-18 17:40:31 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2009-11-18 17:40:31 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2009-11-18 17:38:09 —-D—- C:Program FilesAskTBar
2009-11-18 17:38:00 —-N—- C:WINDOWSsystem32vxblock.dll
2009-11-18 17:38:00 —-N—- C:WINDOWSsystem32pxwave.dll
2009-11-18 17:38:00 —-N—- C:WINDOWSsystem32pxsfs.dll
2009-11-18 17:38:00 —-N—- C:WINDOWSsystem32pxmas.dll
2009-11-18 17:38:00 —-N—- C:WINDOWSsystem32pxinsa64.exe
2009-11-18 17:38:00 —-N—- C:WINDOWSsystem32pxhpinst.exe
2009-11-18 17:38:00 —-N—- C:WINDOWSsystem32pxdrv.dll
2009-11-18 17:38:00 —-N—- C:WINDOWSsystem32pxcpya64.exe
2009-11-18 17:38:00 —-N—- C:WINDOWSsystem32pxafs.dll
2009-11-18 17:38:00 —-N—- C:WINDOWSsystem32px.dll
2009-11-18 17:37:57 —-D—- C:Program FilesWinamp
2009-11-18 17:37:57 —-D—- C:Documents and SettingsтимонApplication DataWinamp
2009-11-18 17:02:51 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2009-11-18 16:56:52 —-D—- C:Documents and SettingsтимонApplication DataOpera
2009-11-18 16:56:43 —-D—- C:Program FilesOpera
2009-11-18 16:55:24 —-D—- C:Documents and SettingsтимонApplication DataWinRAR
2009-11-18 16:39:22 —-SHD—- C:RECYCLER
2009-11-18 16:37:56 —-A—- C:WINDOWSsystem32BASSMOD.dll
2009-11-18 16:37:44 —-D—- C:Program FilesWinRAR
2009-11-18 16:35:22 —-D—- C:WINDOWSsystem32AGEIA
2009-11-18 16:35:22 —-D—- C:Program FilesAGEIA Technologies
2009-11-18 16:35:16 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-11-18 16:34:44 —-D—- C:WINDOWSnview
2009-11-18 16:34:44 —-A—- C:WINDOWSsystem32nvudisp.exe
2009-11-18 16:34:30 —-A—- C:WINDOWSsystem32NVUNINST.EXE
2009-11-18 16:34:14 —-D—- C:NVIDIA
2009-11-18 16:33:47 —-D—- C:Program FilesMarvell
2009-11-18 16:33:34 —-D—- C:Program FilesCommon FilesInstallShield
2009-11-18 16:33:27 —-D—- C:Documents and SettingsтимонApplication DataTMP
2009-11-18 16:31:06 —-D—- C:Documents and SettingsтимонApplication DataIdentities
2009-11-18 16:31:05 —-HD—- C:Program FilesUninstall Information
2009-11-18 16:31:01 —-ASH—- C:Documents and SettingsтимонApplication Datadesktop.ini
2009-11-18 16:31:00 —-SD—- C:Documents and SettingsтимонApplication DataMicrosoft
2009-11-18 16:30:13 —-D—- C:WINDOWSSoftwareDistribution
2009-11-18 16:30:11 —-SD—- C:WINDOWSsystem32Microsoft
2009-11-18 16:30:11 —-A—- C:WINDOWSSchedLgU.Txt
2009-11-18 16:27:13 —-D—- C:WINDOWSsystem32xircom
2009-11-18 16:27:13 —-D—- C:Program Filesxerox
2009-11-18 16:27:13 —-D—- C:Program Filesmicrosoft frontpage
2009-11-18 16:27:00 —-A—- C:WINDOWScontrol.ini
2009-11-18 16:27:00 —-A—- C:AUTOEXEC.BAT
2009-11-18 16:26:53 —-A—- C:WINDOWSOEWABLog.txt
2009-11-18 16:26:50 —-A—- C:WINDOWSsystem32mapi32.dll
2009-11-18 16:26:08 —-SD—- C:WINDOWSDownloaded Program Files
2009-11-18 16:26:08 —-RD—- C:WINDOWSOffline Web Pages
2009-11-18 16:26:03 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-11-18 16:26:00 —-HD—- C:Program FilesWindowsUpdate
2009-11-18 16:25:57 —-D—- C:Program FilesOnline Services
2009-11-18 16:25:40 —-D—- C:WINDOWSsystem32DirectX
2009-11-18 16:25:33 —-A—- C:WINDOWSsystem32atrace.dll
2009-11-18 16:25:29 —-A—- C:WINDOWSsystem32desktop.ini
2009-11-18 16:25:29 —-A—- C:WINDOWSdesktop.ini
2009-11-18 16:25:21 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-11-18 16:25:19 —-D—- C:Program FilesCommon FilesServices
2009-11-18 16:25:19 —-A—- C:WINDOWSsystem32acctres.dll
2009-11-18 16:25:15 —-SD—- C:WINDOWSTasks
2009-11-18 16:25:15 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-11-18 16:25:14 —-D—- C:Program FilesCommon FilesMSSoap
2009-11-18 16:25:09 —-D—- C:WINDOWSsrchasst
2009-11-18 16:25:08 —-D—- C:WINDOWSsystem32Macromed
2009-11-18 16:25:05 —-A—- C:WINDOWSsystem32wuweb.dll
2009-11-18 16:25:05 —-A—- C:WINDOWSsystem32wucltui.dll
2009-11-18 16:25:05 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-11-18 16:25:05 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-11-18 16:25:04 —-A—- C:WINDOWSsystem32wups.dll
2009-11-18 16:25:04 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-11-18 16:25:04 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-11-18 16:25:04 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-11-18 16:25:04 —-A—- C:WINDOWSsystem32wuapi.dll
2009-11-18 16:25:03 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-11-18 16:25:03 —-A—- C:WINDOWSsystem32qmgr.dll
2009-11-18 16:25:03 —-A—- C:WINDOWSsystem32bitsprx4.dll
2009-11-18 16:25:03 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-11-18 16:25:03 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-11-18 16:24:58 —-D—- C:Program FilesMovie Maker
2009-11-18 16:24:36 —-A—- C:WINDOWSsystem32safrslv.dll
2009-11-18 16:24:36 —-A—- C:WINDOWSsystem32safrdm.dll
2009-11-18 16:24:36 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-11-18 16:24:36 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-11-18 16:24:31 —-D—- C:WINDOWSsystem32Restore
2009-11-18 16:24:31 —-A—- C:WINDOWSsystem32srrstr.dll
2009-11-18 16:24:31 —-A—- C:WINDOWSsystem32fltMc.exe
2009-11-18 16:24:31 —-A—- C:WINDOWSsystem32fltlib.dll
2009-11-18 16:24:30 —-A—- C:WINDOWSsystem32srsvc.dll
2009-11-18 16:24:30 —-A—- C:WINDOWSsystem32srclient.dll
2009-11-18 16:24:30 —-A—- C:WINDOWSsystem32ils.dll
2009-11-18 16:24:29 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-11-18 16:24:29 —-A—- C:WINDOWSsystem32msconf.dll
2009-11-18 16:24:29 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-11-18 16:24:29 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-11-18 16:24:29 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-11-18 16:24:25 —-D—- C:Program FilesNetMeeting
2009-11-18 16:24:25 —-A—- C:WINDOWSsystem32msoert2.dll
2009-11-18 16:24:25 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-11-18 16:24:24 —-A—- C:WINDOWSsystem32inetres.dll
2009-11-18 16:24:24 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-11-18 16:24:21 —-D—- C:Program FilesOutlook Express
2009-11-18 16:24:21 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-11-18 16:24:21 —-A—- C:WINDOWSsystem32mstinit.exe
2009-11-18 16:24:21 —-A—- C:WINDOWSsystem32mstask.dll
2009-11-18 16:24:20 —-A—- C:WINDOWSsystem32isign32.dll
2009-11-18 16:24:20 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-11-18 16:24:20 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-11-18 16:24:20 —-A—- C:WINDOWSsystem32icwdial.dll
2009-11-18 16:24:13 —-D—- C:Program FilesCommon FilesSystem
2009-11-18 16:24:12 —-D—- C:Program FilesInternet Explorer
2009-11-18 16:23:42 —-D—- C:Program FilesComPlus Applications
2009-11-18 16:23:41 —-A—- C:WINDOWSvbaddin.ini
2009-11-18 16:23:41 —-A—- C:WINDOWSvb.ini
2009-11-18 16:23:37 —-D—- C:WINDOWSRegistration
2009-11-18 16:23:32 —-D—- C:Program FilesWindows Media Player
2009-11-18 16:23:26 —-D—- C:Program FilesMessenger
2009-11-18 16:23:21 —-D—- C:Program FilesMSN Gaming Zone
2009-11-18 16:23:21 —-A—- C:WINDOWSsystem32write.exe
2009-11-18 16:23:10 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-11-18 16:23:10 —-A—- C:WINDOWSsystem32hticons.dll
2009-11-18 16:23:10 —-A—- C:WINDOWSsystem32avwav.dll
2009-11-18 16:23:10 —-A—- C:WINDOWSsystem32avmeter.dll
2009-11-18 16:23:09 —-A—- C:WINDOWSsystem32winchat.exe
2009-11-18 16:23:09 —-A—- C:WINDOWSsystem32avtapi.dll
2009-11-18 16:23:00 —-A—- C:WINDOWSsystem32getuname.dll
2009-11-18 16:23:00 —-A—- C:WINDOWSsystem32charmap.exe
2009-11-18 16:23:00 —-A—- C:WINDOWSsystem32calc.exe
2009-11-18 16:22:59 —-A—- C:WINDOWSsystem32winmine.exe
2009-11-18 16:22:59 —-A—- C:WINDOWSsystem32sol.exe
2009-11-18 16:22:59 —-A—- C:WINDOWSsystem32mshearts.exe
2009-11-18 16:22:59 —-A—- C:WINDOWSsystem32freecell.exe
2009-11-18 16:22:58 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-11-18 16:22:58 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-11-18 16:22:58 —-A—- C:WINDOWSsystem32tslabels.ini
2009-11-18 16:22:58 —-A—- C:WINDOWSsystem32tskill.exe
2009-11-18 16:22:58 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-11-18 16:22:58 —-A—- C:WINDOWSsystem32tscon.exe
2009-11-18 16:22:58 —-A—- C:WINDOWSsystem32shadow.exe
2009-11-18 16:22:58 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-11-18 16:22:58 —-A—- C:WINDOWSsystem32reset.exe
2009-11-18 16:22:57 —-A—- C:WINDOWSsystem32regini.exe
2009-11-18 16:22:57 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-11-18 16:22:57 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-11-18 16:22:57 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-11-18 16:22:57 —-A—- C:WINDOWSsystem32msg.exe
2009-11-18 16:22:57 —-A—- C:WINDOWSsystem32logoff.exe
2009-11-18 16:22:57 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-11-18 16:22:56 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-11-18 16:22:50 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-11-18 16:22:48 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-11-18 16:22:48 —-A—- C:WINDOWSsystem32mplay32.exe
2009-11-18 16:22:48 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-11-18 16:22:48 —-A—- C:WINDOWSsystem32accwiz.exe
2009-11-18 16:22:47 —-D—- C:Program FilesWindows NT
2009-11-18 16:22:47 —-A—- C:WINDOWSsystem32mspaint.exe
2009-11-18 16:22:47 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-11-18 16:22:46 —-A—- C:WINDOWSsystem32spider.exe
2009-11-18 16:22:45 —-A—- C:WINDOWSsystem32tsgqec.dll
2009-11-18 16:22:45 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-11-18 16:22:45 —-A—- C:WINDOWSsystem32rhttpaa.dll
2009-11-18 16:22:44 —-A—- C:WINDOWSsystem32mstscax.dll
2009-11-18 16:22:44 —-A—- C:WINDOWSsystem32aaclient.dll
2009-11-18 16:22:43 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-11-18 16:22:43 —-A—- C:WINDOWSsystem32remotepg.dll
2009-11-18 16:22:43 —-A—- C:WINDOWSsystem32rdshost.exe
2009-11-18 16:22:43 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-11-18 16:22:43 —-A—- C:WINDOWSsystem32rdchost.dll
2009-11-18 16:22:43 —-A—- C:WINDOWSsystem32mstsc.exe
2009-11-18 16:22:42 —-A—- C:WINDOWSsystem32termsrv.dll
2009-11-18 16:22:42 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-11-18 16:22:42 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-11-18 16:22:42 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-11-18 16:22:42 —-A—- C:WINDOWSsystem32qprocess.exe
2009-11-18 16:22:42 —-A—- C:WINDOWSsystem32icaapi.dll
2009-11-18 16:22:42 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-11-18 16:22:41 —-D—- C:WINDOWSsystem32MsDtc
2009-11-18 16:22:41 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-11-18 16:22:41 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-11-18 16:22:41 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-11-18 16:22:41 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-11-18 16:22:40 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-11-18 16:22:40 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-11-18 16:22:40 —-A—- C:WINDOWSsystem32msdtc.exe
2009-11-18 16:22:39 —-D—- C:WINDOWSsystem32Com
2009-11-18 16:22:39 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-11-18 16:22:39 —-A—- C:WINDOWSsystem32mtxex.dll
2009-11-18 16:22:39 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-11-18 16:22:39 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-11-18 16:22:39 —-A—- C:WINDOWSsystem32comrepl.dll
2009-11-18 16:22:39 —-A—- C:WINDOWSsystem32comaddin.dll
2009-11-18 16:22:39 —-A—- C:WINDOWSsystem32colbact.dll
2009-11-18 16:22:38 —-A—- C:WINDOWSsystem32stclient.dll
2009-11-18 16:22:38 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-11-18 16:22:38 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-11-18 16:22:38 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-11-18 16:22:38 —-A—- C:WINDOWSsystem32catsrv.dll
2009-11-18 16:22:37 —-A—- C:WINDOWSsystem32comuid.dll
2009-11-18 16:22:37 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-11-18 16:22:37 —-A—- C:WINDOWSsystem32comsnap.dll
2009-11-18 16:22:36 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-11-18 16:22:29 —-A—- C:WINDOWSsystem32servdeps.dll
2009-11-18 16:22:29 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-11-18 16:22:29 —-A—- C:WINDOWSsystem32licwmi.dll
2009-11-18 16:22:29 —-A—- C:WINDOWSsystem32cmprops.dll

======List of files/folders modified in the last 1 months======

2009-11-19 09:53:19 —-A—- C:WINDOWSwin.ini
2009-11-19 09:44:45 —-A—- C:WINDOWSsystem.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-15 14720]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2008-04-15 12032]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-15 60800]
R3 asc3360pr;asc3360pr; ??C:WINDOWSsystem32driversijnkpn.sys []
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-06-22 4432384]
R3 MBAMSwissArmy;MBAMSwissArmy; ??C:WINDOWSsystem32driversmbamswissarmy.sys []
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-15 61824]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2008-12-26 6301344]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-15 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-04-15 17152]
R3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-15 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:WINDOWSsystem32DRIVERSyk51x86.sys [2007-09-20 265856]
S2 SPIDER;SpIDer Guard File System Monitor; ??C:PROGRA~1DrWebspider.sys []
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:WINDOWSsystem32DRIVERSs816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:WINDOWSsystem32DRIVERSs816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:WINDOWSsystem32DRIVERSs816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); C:WINDOWSsystem32DRIVERSs816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); C:WINDOWSsystem32DRIVERSs816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:WINDOWSsystem32DRIVERSs816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); C:WINDOWSsystem32DRIVERSs816unic.sys [2007-06-19 97704]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 DrWebEngine;Dr.Web ® Scanning Engine (DrWebEngine); C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe [2008-10-17 869688]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:Program FilesNeroNero8Nero BackItUpNBService.exe [2008-02-18 877864]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2008-12-26 163908]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:WINDOWSsystem32IoctlSvc.exe [2006-12-19 81920]
R3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesNeroLibNMIndexingService.exe [2008-02-28 529704]
S2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DrWebspidernt.exe [2008-12-09 197896]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]

---

EOF

---

Помогите!!

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.

Примечание: перед использованием Combofix обязательно установите Recovery console. Как это сделать будет описано на странице, ссылку на которую я привёл выше.

[talik_m]

Все сделала результата высылаю!!

ComboFix 09-11-20.02 — тимон 21.11.2009 10:32.1.4 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.3327.2754 [GMT 6:00]
Running from: c:documents and settingsтимонРабочий столComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr0.dat
c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr1.dat
c:program filesMail.RuAgentMradllnewmrasearch.dll
c:windowsALCMTR.EXE
c:windowssystem32driverspciide.sys
c:windowssystem32ieuinit.inf

---

BITS: Possible infected sites

---

hxxp://soft.export.yandex.ru
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

---

Legacy_ASC3360PR

---

Service_asc3360pr

((((((((((((((((((((((((( Files Created from 2009-10-21 to 2009-11-21 )))))))))))))))))))))))))))))))
.

2009-11-20 15:01 . 2009-11-20 15:01

---

d

---

w- c:documents and settingsAll UsersApplication DataFreshGames
2009-11-20 14:59 . 2009-11-20 14:59

---

d

---

w- C:Games
2009-11-20 12:32 . 2009-11-20 12:34 5867704 —-a-w- c:documents and settingsтимонApplication DataOperaOperaprofilecache4temporary_downloadmagentsetup.exe
2009-11-20 11:47 . 2009-01-23 10:22 2929528 —-a-w- c:documents and settingsтимонApplication DataSimply Super SoftwareTrojan Removerlrg53.exe
2009-11-19 18:02 . 2009-11-19 18:02

---

d—h—w- c:windowsPIF
2009-11-19 18:02 . 2009-11-19 18:02

---

d

---

w- c:documents and settingsтимонApplication DataApple Computer
2009-11-19 17:57 . 2009-11-19 18:01

---

d

---

w- c:documents and settingsтимонApplication DataTeleca
2009-11-19 17:55 . 2009-11-19 17:55 2252 —-a-w- c:documents and settingsтимонApplication DataSimply Super SoftwareTrojan RemoverCLEANUP.BAT
2009-11-19 17:55 . 2009-01-23 10:22 2929528 —-a-w- c:documents and settingsтимонApplication DataSimply Super SoftwareTrojan Removerikv385.exe
2009-11-19 17:49 . 2009-11-19 17:57

---

dc—-w- c:windowssystem32DRVSTORE
2009-11-19 17:49 . 2009-11-19 17:49

---

d

---

w- c:documents and settingsтимонLocal SettingsApplication DataSony Ericsson
2009-11-19 17:48 . 2009-11-19 17:48

---

d

---

w- c:documents and settingsтимонApplication DataSony Ericsson
2009-11-19 17:48 . 2009-11-19 17:48

---

d

---

w- c:program filesCommon FilesSony Ericsson Shared
2009-11-19 17:48 . 2009-11-19 17:49

---

d

---

w- c:program filesCommon FilesTeleca Shared
2009-11-19 17:48 . 2009-11-19 17:48

---

d

---

w- c:program filesSony Ericsson
2009-11-19 17:46 . 2009-11-19 17:48

---

d

---

w- c:documents and settingsAll UsersApplication DataTeleca
2009-11-19 17:46 . 2009-11-19 17:48

---

d

---

w- c:documents and settingsAll UsersApplication DataSony Ericsson
2009-11-19 17:40 . 2009-11-19 17:40

---

d

---

w- c:documents and settingsтимонLocal SettingsApplication DataApple Computer
2009-11-19 17:33 . 2009-11-19 17:34

---

d

---

w- c:program filesQuickTime
2009-11-19 17:33 . 2009-11-19 17:33

---

d

---

w- c:program filesApple Software Update
2009-11-19 17:32 . 2009-11-19 17:33

---

d

---

w- c:documents and settingsAll UsersApplication DataApple Computer
2009-11-19 17:27 . 2007-06-19 07:51 21928 —-a-r- c:windowssystem32driverss816nd5.sys
2009-11-19 17:27 . 2007-06-19 07:51 97704 —-a-r- c:windowssystem32driverss816unic.sys
2009-11-19 17:27 . 2007-06-19 07:51 9768 —-a-r- c:windowssystem32driverss816cr.sys
2009-11-19 17:26 . 2007-06-19 07:51 99112 —-a-r- c:windowssystem32driverss816mgmt.sys
2009-11-19 17:26 . 2007-06-19 07:51 97320 —-a-r- c:windowssystem32driverss816obex.sys
2009-11-19 17:25 . 2007-06-19 07:51 107304 —-a-r- c:windowssystem32driverss816mdm.sys
2009-11-19 17:25 . 2007-06-19 07:51 13864 —-a-r- c:windowssystem32driverss816mdfl.sys
2009-11-19 17:25 . 2007-06-19 07:51 11176 —-a-r- c:windowssystem32driverss816cmnt.sys
2009-11-19 17:25 . 2007-06-19 07:51 11176 —-a-r- c:windowssystem32driverss816cm.sys
2009-11-19 17:25 . 2007-06-19 07:51 11176 —-a-r- c:windowssystem32driverss816whnt.sys
2009-11-19 17:25 . 2007-06-19 07:51 11176 —-a-r- c:windowssystem32driverss816wh.sys
2009-11-19 17:25 . 2007-06-19 07:51 81832 —-a-r- c:windowssystem32driverss816bus.sys
2009-11-19 12:21 . 2009-11-19 12:21

---

d

---

w- c:documents and settingsAll UsersApplication DataEgoset
2009-11-19 06:07 . 2009-11-19 06:07

---

d

---

w- c:documents and settingsAll UsersApplication DataArise
2009-11-19 05:11 . 2009-11-19 05:11

---

d

---

w- C:skin
2009-11-19 05:11 . 2009-11-19 05:11

---

d

---

w- C:graphics
2009-11-19 05:04 . 2009-11-19 05:04

---

d

---

w- c:documents and settingsтимонApplication DataMalwarebytes
2009-11-19 05:04 . 2009-09-10 08:54 38224 —-a-w- c:windowssystem32driversmbamswissarmy.sys
2009-11-19 05:04 . 2009-11-19 05:04

---

d

---

w- c:program filesMalwarebytes’ Anti-Malware
2009-11-19 05:04 . 2009-11-19 05:04

---

d

---

w- c:documents and settingsAll UsersApplication DataMalwarebytes
2009-11-19 05:04 . 2009-09-10 08:53 19160 —-a-w- c:windowssystem32driversmbam.sys
2009-11-19 04:44 . 2009-11-20 11:14

---

d

---

w- c:program filestrend micro
2009-11-19 04:44 . 2009-11-19 04:45

---

d

---

w- C:rsit
2009-11-19 04:15 . 2009-11-19 04:21

---

d

---

w- c:documents and settingsтимонDoctorWeb
2009-11-19 04:12 . 2008-12-01 11:10 98168 —-a-w- c:windowssystem32driversdwprot.sys
2009-11-19 04:12 . 2009-11-19 04:12

---

d

---

w- c:program filesCommon FilesDoctor Web
2009-11-19 04:12 . 2009-11-19 04:15

---

d

---

w- c:program filesDrWeb
2009-11-19 04:12 . 2009-11-19 04:12

---

d

---

w- c:documents and settingsAll UsersApplication DataDoctor Web
2009-11-19 03:55 . 2008-04-15 12:00 229439 -c—a-w- c:windowssystem32dllcachemultibox.dll
2009-11-19 03:54 . 2008-04-15 12:00 218112 -c—a-w- c:windowssystem32dllcachec_g18030.dll
2009-11-19 03:44 . 2008-04-15 12:00 24661 -c—a-w- c:windowssystem32dllcachespxcoins.dll
2009-11-19 03:44 . 2008-04-15 12:00 24661 —-a-w- c:windowssystem32spxcoins.dll
2009-11-19 03:44 . 2008-04-15 12:00 13312 -c—a-w- c:windowssystem32dllcacheirclass.dll
2009-11-19 03:44 . 2008-04-15 12:00 13312 —-a-w- c:windowssystem32irclass.dll
2009-11-18 19:34 . 2005-02-25 03:36 22752 —-a-w- c:windowssystem32spupdsvc.exe
2009-11-18 19:34 . 2009-11-19 03:13

---

d—h—w- c:windows$hf_mig$
2009-11-18 19:33 . 2009-11-18 19:33

---

d

---

w- c:program filesEffective Studios
2009-11-18 19:32 . 2009-11-18 19:32

---

d

---

w- c:windowsDownloaded Installations

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-21 04:36 . 2009-11-18 13:48

---

d

---

w- c:documents and settingsтимонApplication DatauTorrent
2009-11-21 04:07 . 2009-11-18 14:06

---

d

---

w- c:documents and settingsтимонApplication DataMra
2009-11-20 12:34 . 2009-11-18 14:06

---

d

---

w- c:program filesMail.Ru
2009-11-20 11:47 . 2009-11-18 14:27

---

d—a-w- c:documents and settingsAll UsersApplication DataTEMP
2009-11-19 17:40 . 2008-04-15 12:00 70134 —-a-w- c:windowssystem32perfc019.dat
2009-11-19 17:40 . 2008-04-15 12:00 432488 —-a-w- c:windowssystem32perfh019.dat
2009-11-19 04:50 . 2009-11-18 14:58

---

d

---

w- c:documents and settingsAll UsersApplication DataSpybot — Search & Destroy
2009-11-19 04:15 . 2009-11-18 11:04 12328 —-a-w- c:documents and settingsтимонLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-11-19 03:52 . 2009-11-18 10:23 23820 —-a-w- c:windowssystem32emptyregdb.dat
2009-11-18 15:02 . 2009-11-18 15:02

---

d

---

w- c:program filesOpera 10.10 Beta
2009-11-18 13:52 . 2009-11-18 13:52

---

d

---

w- c:documents and settingsтимонApplication DataYandex
2009-11-18 13:52 . 2009-11-18 13:52

---

d

---

w- c:program filesYandex
2009-11-18 13:52 . 2009-11-18 13:52

---

d

---

w- c:program filesuTorrent
2009-11-18 12:36 . 2009-11-18 12:36

---

d—h—w- c:program filesInstallShield Installation Information
2009-11-18 12:36 . 2009-11-18 12:36

---

d

---

w- c:program filesRealtek
2009-11-18 12:36 . 2009-11-18 12:36 315392 —-a-w- c:windowsHideWin.exe
2009-11-18 12:36 . 2009-11-18 10:33

---

d

---

w- c:program filesCommon FilesInstallShield
2009-11-18 12:16 . 2009-11-18 12:14

---

d

---

w- c:program filesTrojan Remover
2009-11-18 12:14 . 2009-11-18 12:14

---

d

---

w- c:documents and settingsтимонApplication DataSimply Super Software
2009-11-18 12:14 . 2009-11-18 12:14

---

d

---

w- c:documents and settingsAll UsersApplication DataSimply Super Software
2009-11-18 12:12 . 2009-11-18 11:37

---

d

---

w- c:documents and settingsтимонApplication DataWinamp
2009-11-18 12:09 . 2009-11-18 11:37

---

d

---

w- c:program filesWinamp
2009-11-18 11:46 . 2009-11-18 11:46

---

d

---

w- c:program filesNeroInstall.bak
2009-11-18 11:45 . 2009-11-18 11:45

---

d

---

w- c:documents and settingsтимонApplication DataNero
2009-11-18 11:43 . 2009-11-18 11:42

---

d

---

w- c:program filesCommon FilesNero
2009-11-18 11:42 . 2009-11-18 11:42

---

d

---

w- c:documents and settingsAll UsersApplication DataNero
2009-11-18 11:42 . 2009-11-18 11:42

---

d

---

w- c:program filesNero
2009-11-18 11:38 . 2009-11-18 11:38

---

d

---

w- c:program filesAskTBar
2009-11-18 11:02 . 2009-11-18 11:02

---

d

---

w- c:documents and settingsAll UsersApplication DataKaspersky Lab Setup Files
2009-11-18 11:02 . 2009-11-18 10:56

---

d

---

w- c:program filesOpera
2009-11-18 10:56 . 2009-11-18 10:56 131072 —-a-r- c:documents and settingsтимонApplication DataMicrosoftInstaller{6C84349A-70B1-4BA4-9776-9DE24CA9EEB6}ARPPRODUCTICON.exe
2009-11-18 10:39 . 2009-11-18 10:26 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2009-11-18 10:38 . 2009-11-18 10:38 664 —-a-w- c:windowssystem32d3d9caps.dat
2009-11-18 10:35 . 2009-11-18 10:35

---

d

---

w- c:program filesAGEIA Technologies
2009-11-18 10:35 . 2009-11-18 10:35

---

d

---

w- c:program filesCommon FilesWise Installation Wizard
2009-11-18 10:33 . 2009-11-18 10:33

---

d

---

w- c:program filesMarvell
2009-11-18 10:33 . 2009-11-18 10:33

---

d

---

w- c:documents and settingsтимонApplication DataTMP
2009-11-18 10:27 . 2009-11-18 10:27

---

d

---

w- c:program filesmicrosoft frontpage
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{9CB65206-89C4-402c-BA80-02D8C59F9B1D}»= «c:program filesAskTBarSrchAstt1.binA5SRCHAS.DLL» [2009-11-18 57344]

[HKEY_CLASSES_ROOTclsid{9cb65206-89c4-402c-ba80-02d8c59f9b1d}]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-07-24 5586208]

[HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar]

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{91397D20-1446-11D4-8AF4-0040CA1127B6}»= «c:program filesYandexYandexBarIEyndbar.dll» [2009-07-24 5586208]

[HKEY_CLASSES_ROOTclsid{91397d20-1446-11d4-8af4-0040ca1127b6}]
[HKEY_CLASSES_ROOTYandex.Toolbar.1]
[HKEY_CLASSES_ROOTTypeLib{91397D13-1446-11D4-8AF4-0040CA1127B6}]
[HKEY_CLASSES_ROOTYandex.Toolbar]

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=»c:program filesCommon FilesNeroLibNMIndexStoreSvr.exe» [2008-02-28 1828136]
«uTorrent»=»c:program filesuTorrentuTorrent.exe» [2009-11-18 289584]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2008-12-25 13680640]
«NeroFilterCheck»=»c:program filesCommon FilesNeroLibNeroCheck.exe» [2008-02-28 648488]
«NBKeyScan»=»c:program filesNeroNero8Nero BackItUpNBKeyScan.exe» [2008-02-18 2295080]
«WinampAgent»=»c:program filesWinampwinampa.exe» [2008-03-27 105984]
«TrojanScanner»=»c:program filesTrojan RemoverTrjscan.exe» [2009-01-01 1231752]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2008-12-25 86016]
«SpIDerAgent»=»c:program filesDrWebSpIDerAgent.exe» [2008-12-17 697584]
«SpIDerMail»=»c:program filesDrWebspiderml.exe» [2008-12-12 627952]
«SpIDerNT»=»c:progra~1DrWebspiderui.exe» [2008-12-09 197896]
«Malwarebytes Anti-Malware (reboot)»=»c:program filesMalwarebytes’ Anti-Malwarembam.exe» [2009-09-10 1381712]
«QuickTime Task»=»c:program filesQuickTimeqttask.exe» [2007-02-16 360448]
«Sony Ericsson PC Suite»=»c:program filesSony EricssonMobile2Application LauncherApplication Launcher.exe» [2007-06-13 528384]
«MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2009-11-20 7975608]
«nwiz»=»nwiz.exe» — c:windowssystem32nwiz.exe [2008-12-25 1727008]
«RTHDCPL»=»RTHDCPL.EXE» — c:windowsRTHDCPL.exe [2007-06-13 16377344]

[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-15 15360]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«EnableLUA»= 0 (0x0)

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«DisableTaskMgr»= 1 (0x1)
«DisableRegistryTools»= 1 (0x1)

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«d:\Драйвера\Acer Drivers\!!!!!!!!!!!!!!!!!!LAN_Driver_Marvel_Ver.10.22.7.3\SetupYukonWinC_5X6N.exe»=
«c:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe»=
«c:\Program Files\Common Files\Nero\Lib\NeroCheck.exe»=
«c:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe»=
«c:\WINDOWS\system32\netsh.exe»=
«c:\Program Files\Winamp\winampa.exe»=
«c:\WINDOWS\system32\nwiz.exe»=
«c:\Program Files\Trojan Remover\sschk.exe»=
«c:\Program Files\uTorrent\uTorrent.exe»=
«c:\Program Files\Opera\Opera.exe»=
«c:\Program Files\Opera 10.10 Beta\opera.exe»=
«c:\nvidia\winxp\181.20\is\nvudisp.exe»=
«c:\nvidia\winxp\181.20\is\PhysX_8.10.13_SystemSoftware.exe»=
«c:\WINDOWS\SOUNDMAN.EXE»=
«c:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe»=
«c:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe»=

R0 DwProt;DrWeb Protection;c:windowssystem32driversdwprot.sys [19.11.2009 10:12 98168]
R2 DrWebEngine;Dr.Web ® Scanning Engine (DrWebEngine);c:program filesCommon FilesDoctor WebScanning Enginedwengine.exe [17.10.2008 13:26 869688]
S2 SPIDER;SpIDer Guard File System Monitor;c:progra~1DrWebspider.sys [09.12.2008 13:28 268328]
S2 SPIDERNT;SpIDer Guard for Windows;c:progra~1DrWebspidernt.exe [09.12.2008 13:28 197896]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:windowssystem32driverss816bus.sys [19.11.2009 23:25 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:windowssystem32driverss816mdfl.sys [19.11.2009 23:25 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:windowssystem32driverss816mdm.sys [19.11.2009 23:25 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:windowssystem32driverss816mgmt.sys [19.11.2009 23:26 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:windowssystem32driverss816nd5.sys [19.11.2009 23:27 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:windowssystem32driverss816obex.sys [19.11.2009 23:26 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:windowssystem32driverss816unic.sys [19.11.2009 23:27 97704]

— Other Services/Drivers In Memory —

*NewlyCreated* — ASC3360PR
.
Contents of the ‘Scheduled Tasks’ folder

2009-11-20 c:windowsTasksAppleSoftwareUpdate.job
— c:program filesApple Software UpdateSoftwareUpdate.exe [2007-01-10 09:42]
.
.

---

Supplementary Scan

---

.
uStart Page = mail.ru
IE: Поиск@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll/282
IE: Словари@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll/283
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
LSP: c:program filesDrWebdrwebsp.dll
TCP: {34797C1B-ADED-4068-BFEB-E9BDD25452F5} = 212.94.96.124 212.94.96.70
.
— — — — ORPHANS REMOVED — — — —

AddRemove-WordChallengeExtreme — d:игры установочные файлыWordChallengeExtremeUninstall.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-21 10:37
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully
hidden files: 0

**************************************************************************
.

---

DLLs Loaded Under Running Processes

---

— — — — — — — > ‘lsass.exe'(856)
c:program filesDrWebdrwebsp.dll
.

---

Other Running Processes

---

.
c:program filesNeroNero8Nero BackItUpNBService.exe
c:windowssystem32RUNDLL32.EXE
c:windowssystem32nvsvc32.exe
c:windowssystem32IoctlSvc.exe
c:program filesCommon FilesNeroLibNMIndexingService.exe
c:windowssystem32wscntfy.exe
c:program filesCommon FilesTeleca SharedGeneric.exe
c:program filesSony EricssonMobile2Mobile Phone Monitorepmworker.exe
.
**************************************************************************
.
Completion time: 2009-11-21 10:39 — machine was rebooted
ComboFix-quarantined-files.txt 2009-11-21 04:39

Pre-Run: 2 312 781 824 байт свободно
Post-Run: 3 650 805 760 байт свободно

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS
[operating systems]
c:cmdconsBOOTSECT.DAT=»Microsoft Windows Recovery Console» /cmdcons
multi(0)disk(0)rdisk(0)partition(1)WINDOWS=»Microsoft Windows XP Professional RU» /noexecute=optin /fastdetect

— — End Of File — — D49344F0B2D6EEAEC1107DCDC633E88D

[Admin]

Откройте блокнот (Кликните Пуск, Выполнить, в строке ввода введите notepad и нажмите Enter) и вставьте в него следующий текст:

Registry::

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"DisableTaskMgr"= 0

"DisableRegistryTools"= 0

Запишите получившийся файл на ваш рабочий стол под именем CFScript
Далее перетащите получившийся файл на иконку Combofix, как показано на картинке ниже.

Сombofix запуститься и выполнит процедуры описанные в созданном нами файле.
По результатам работы Combofix будет создан новый лог, его и вставьте в свой следующий ответ.

[Автор]

Сообщения