омпьютер уже несколько дней выключается сам

[MaxHagi]

Здравствуйте, помогите пожалуйста. У меня компьютер уже несколько дней выключается сам.Как только включаю игру, так сразу через 5 минут чёрный экран, и приходиться его перезагружать.Помогите пожалуйста!!Logfile of random’s system information tool 1.06 (written by random/random)
Run by Ирина at 2009-07-19 11:57:18
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 30 GB (26%) free of 119 GB
Total RAM: 2047 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:57:36, on 19.07.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:Windowssystem32taskeng.exe
C:WindowsExplorer.EXE
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesRealtekAudioHDARtHDVCpl.exe
C:Program FilesWinampwinampa.exe
C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe
C:Program FilesCyberLinkShared Filesbrs.exe
C:Program FilesCanonMyPrinterBJMYPRT.EXE
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesICQ6.5ICQ.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesOperaopera.exe
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:UsersИринаDesktopRSIT.exe
C:UsersИринаDesktopRSIT.exe
C:Program Filestrend microИрина.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = start.qip.ru
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMRSptnk2_1_0_4.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: (no name) — — (no file)
O1 — Hosts: ::1 localhost
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program filesmail.rusputnikMRSptnk2_1_0_4.dll
O2 — BHO: QIPBHO — {95289393-33EA-4F8D-B952-483415B9C955} — C:UsersИринаAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll
O3 — Toolbar: DAEMON Tools Toolbar — {32099AAC-C132-4136-9E9A-4E364A424E17} — C:Program FilesDAEMON Tools ToolbarDTToolbar.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMRSptnk2_1_0_4.dll
O3 — Toolbar: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll
O4 — HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 — HKLM..Run: [GrooveMonitor] «C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARtHDVCpl.exe
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesNeroLibNeroCheck.exe
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [RemoteControl8] «C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe»
O4 — HKLM..Run: [PDVD8LanguageShortcut] «C:Program FilesCyberLinkPowerDVD8LanguageLanguage.exe»
O4 — HKLM..Run: [BDRegion] C:Program FilesCyberlinkShared Filesbrs.exe
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [CanonSolutionMenu] C:Program FilesCanonSolutionMenuCNSLMAIN.exe /logon
O4 — HKLM..Run: [CanonMyPrinter] C:Program FilesCanonMyPrinterBJMyPrt.exe /logon
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 — HKCU..Run: [ICQ] «C:PROGRA~1ICQ6.5ICQ.exe» silent
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Добавить в Rambler-Закладки — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/zakladki.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O13 — Gopher Prefix:
O17 — HKLMSystemCCSServicesTcpip..{00DFF694-929E-4A5A-B093-6942ACCAD170}: NameServer = 62.213.0.12,62.213.2.1
O17 — HKLMSystemCS1ServicesTcpip..{00DFF694-929E-4A5A-B093-6942ACCAD170}: NameServer = 62.213.0.12,62.213.2.1
O17 — HKLMSystemCS2ServicesTcpip..{00DFF694-929E-4A5A-B093-6942ACCAD170}: NameServer = 62.213.0.12,62.213.2.1
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O23 — Service: @dfsrres.dll,-101 (DFSR) — Корпорация Майкрософт — C:Windowssystem32DFSR.exe
O23 — Service: ESET HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: ESET Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Nero BackItUp Scheduler 3 — Nero AG — C:Program FilesNeroNero8Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 — Service: NVIDIA Display Driver Service (nvsvc) — NVIDIA Corporation — C:Windowssystem32nvvsvc.exe
O23 — Service: @%systemroot%system32SearchIndexer.exe,-103 (WSearch) — Корпорация Майкрософт — C:Windowssystem32SearchIndexer.exe

—
End of file — 8072 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — c:program filesmail.rusputnikMRSptnk2_1_0_4.dll [2009-07-07 826032]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class — C:UsersИринаAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll [2009-01-20 131072]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} — DAEMON Tools Toolbar — C:Program FilesDAEMON Tools ToolbarDTToolbar.dll [2009-04-23 937416]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — c:program filesmail.rusputnikMRSptnk2_1_0_4.dll [2009-07-07 826032]
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll [2009-07-06 849392]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=C:Program FilesWindows DefenderMSASCui.exe [2008-01-21 1008184]
«GrooveMonitor»=C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2008-10-25 31072]
«NvCplDaemon»=C:Windowssystem32NvCpl.dll [2008-12-26 13736480]
«RtHDVCpl»=C:Program FilesRealtekAudioHDARtHDVCpl.exe [2009-05-06 7440928]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2009-04-10 37888]
«NeroFilterCheck»=C:Program FilesCommon FilesNeroLibNeroCheck.exe [2007-03-01 153136]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2009-02-27 35696]
«RemoteControl8″=C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe [2008-03-20 83240]
«PDVD8LanguageShortcut»=C:Program FilesCyberLinkPowerDVD8LanguageLanguage.exe [2007-12-14 50472]
«BDRegion»=C:Program FilesCyberlinkShared Filesbrs.exe [2008-06-27 91432]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-07-07 7975096]
«CanonSolutionMenu»=C:Program FilesCanonSolutionMenuCNSLMAIN.exe [2008-03-10 689488]
«CanonMyPrinter»=C:Program FilesCanonMyPrinterBJMyPrt.exe [2008-03-17 1848648]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2009-05-14 2029640]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-21 1233920]
«WindowsWelcomeCenter»=oobefldr.dll,ShowWelcomeCenter []
«ICQ»=C:PROGRA~1ICQ6.5ICQ.exe [2009-03-01 172792]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«EnableLUA»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=FFFFFFFF
«NoDriveTypeAutoRun»=36

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{082a5d7d-67f5-11de-831a-0018f30e1a96}]
shellAutoRuncommand — G:msrdrv.exe -flash

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{082a5d9e-67f5-11de-831a-0018f30e1a96}]
shellAutoRuncommand — F:msrdrv.exe -flash

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{082a5db4-67f5-11de-831a-0018f30e1a96}]
shellAutoRuncommand — F:msrdrv.exe -flash

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{23aab78e-64f0-11de-b996-806e6f6e6963}]
shellAutoRuncommand — E:AutoRun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{9913beab-6786-11de-9f53-0018f30e1a96}]
shellAutoRuncommand — F:msrdrv.exe -flash

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{9913beb1-6786-11de-9f53-0018f30e1a96}]
shellAutoRuncommand — G:msrdrv.exe -flash

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{cc7e9ccc-6578-11de-b561-0018f30e1a96}]
shellAutoRuncommand — F:msrdrv.exe -flash

======File associations======

.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*

======List of files/folders created in the last 1 months======

2009-07-19 11:54:39 —-D—- C:Program Filestrend micro
2009-07-19 11:54:37 —-D—- C:rsit
2009-07-19 11:44:48 —-D—- C:ProgramDataESET
2009-07-19 11:44:48 —-D—- C:Program FilesESET
2009-07-19 09:43:49 —-RASHD—- C:autorun.inf
2009-07-19 08:31:36 —-D—- C:Program FilesElectronic Arts
2009-07-19 08:25:00 —-D—- C:Windowssystem32appmgmt
2009-07-17 14:45:41 —-D—- C:Program FilesГоворилка
2009-07-17 14:45:31 —-D—- C:WindowsLhsp
2009-07-17 14:07:09 —-D—- C:UsersИринаAppDataRoamingQIP
2009-07-17 14:06:57 —-D—- C:Program FilesQIP Infium
2009-07-17 10:17:35 —-D—- C:Program FilesPresets
2009-07-17 10:17:34 —-D—- C:Program FilesPlug-Ins
2009-07-17 10:17:34 —-D—- C:Program FilesNVIDIA Corporation
2009-07-16 14:58:52 —-D—- C:ProgramDataKaspersky Lab
2009-07-16 14:56:53 —-D—- C:ProgramDataKaspersky Lab Setup Files
2009-07-16 12:35:10 —-D—- C:ProgramDataWindowsSearch
2009-07-16 12:11:06 —-A—- C:Windowsntbtlog.txt
2009-07-15 16:45:45 —-D—- C:WindowsMinidump
2009-07-14 12:06:25 —-D—- C:UsersИринаAppDataRoamingDAEMON Tools
2009-07-14 11:53:06 —-A—- C:Program Filesdaemon4123-lite.exe
2009-07-14 11:52:39 —-RA—- C:Windowssystem32tmp1E8B.tmp
2009-07-13 10:08:29 —-D—- C:Program Files1С
2009-07-10 15:04:43 —-D—- C:UsersИринаAppDataRoamingMalwarebytes
2009-07-10 15:04:38 —-D—- C:ProgramDataMalwarebytes
2009-07-10 15:04:37 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2009-07-07 09:46:17 —-A—- C:Windowssystem32BASSMOD.dll
2009-07-07 09:39:29 —-A—- C:Windowsautogk.ini
2009-07-07 09:37:36 —-D—- C:Program FilesXviD
2009-07-07 09:37:27 —-D—- C:Program FilesAviSynth 2.5
2009-07-07 09:37:08 —-D—- C:Program FilesGabest
2009-07-07 09:35:05 —-D—- C:Program FilesWinMPG Video Convert
2009-07-07 09:22:46 —-D—- C:UsersИринаAppDataRoamingBroad Intelligence
2009-07-07 09:22:31 —-D—- C:Program FilesMediaCoder PSP Edition
2009-07-07 09:12:21 —-D—- C:UsersИринаAppDataRoamingThinstall
2009-07-06 11:20:34 —-D—- C:Program FilesKalypso
2009-07-06 10:10:39 —-D—- C:Program FilesCheMaxRus
2009-07-06 09:25:19 —-A—- C:Windowssystem32XAudio2_1.dll
2009-07-06 09:25:19 —-A—- C:Windowssystem32XAPOFX1_0.dll
2009-07-06 09:25:19 —-A—- C:Windowssystem32xactengine3_1.dll
2009-07-06 09:25:19 —-A—- C:Windowssystem32X3DAudio1_4.dll
2009-07-06 09:25:19 —-A—- C:Windowssystem32D3DX9_38.dll
2009-07-06 09:25:19 —-A—- C:Windowssystem32d3dx10_38.dll
2009-07-06 09:25:19 —-A—- C:Windowssystem32D3DCompiler_38.dll
2009-07-06 09:25:18 —-A—- C:Windowssystem32XAudio2_0.dll
2009-07-06 09:25:18 —-A—- C:Windowssystem32xactengine3_0.dll
2009-07-06 09:25:18 —-A—- C:Windowssystem32X3DAudio1_3.dll
2009-07-06 09:25:18 —-A—- C:Windowssystem32d3dx10_37.dll
2009-07-06 09:25:18 —-A—- C:Windowssystem32D3DCompiler_37.dll
2009-07-06 09:25:17 —-A—- C:Windowssystem32xactengine2_10.dll
2009-07-06 09:25:17 —-A—- C:Windowssystem32D3DX9_37.dll
2009-07-06 09:25:17 —-A—- C:Windowssystem32d3dx10_36.dll
2009-07-06 09:25:17 —-A—- C:Windowssystem32D3DCompiler_36.dll
2009-07-06 09:25:16 —-A—- C:Windowssystem32d3dx9_36.dll
2009-07-06 09:25:15 —-A—- C:Windowssystem32X3DAudio1_2.dll
2009-07-06 09:20:44 —-D—- C:Windowssystem32AGEIA
2009-07-06 09:20:44 —-D—- C:Program FilesAGEIA Technologies
2009-07-06 09:20:34 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-07-06 09:19:00 —-RA—- C:Windowssystem32tmp9FF.tmp
2009-07-04 09:23:12 —-D—- C:Program FilesAlawar.ru
2009-07-03 22:34:17 —-D—- C:ProgramDataAlawarWrapper
2009-07-03 10:34:22 —-D—- C:ProgramDataApple Computer
2009-07-02 19:59:26 —-D—- C:WindowsDownloaded Installations
2009-07-02 19:52:23 —-D—- C:Program FilesDisc2Phone
2009-07-02 19:30:31 —-D—- C:Windowssystem32URTTEMP
2009-07-02 17:42:03 —-D—- C:UsersИринаAppDataRoamingGrym
2009-07-02 15:32:54 —-D—- C:Program FilesMad Scientist Productions
2009-07-02 12:32:17 —-D—- C:ProgramData2GIS
2009-07-02 12:32:17 —-D—- C:Program Files2gis
2009-07-02 12:02:36 —-D—- C:UsersИринаAppDataRoamingrambler.ru
2009-07-02 12:02:34 —-D—- C:UsersИринаAppDataRoamingMozilla
2009-07-02 12:02:34 —-D—- C:Program FilesRambler Assistant
2009-07-02 11:53:38 —-D—- C:UsersИринаAppDataRoamingICQ
2009-07-02 11:53:21 —-D—- C:Program FilesICQ6.5
2009-07-02 10:26:31 —-D—- C:Program FilesOpenAL
2009-07-02 10:26:23 —-A—- C:Windowssystem32OpenALwEAX.exe
2009-07-02 10:18:47 —-D—- C:UsersИринаAppDataRoamingInstallShield
2009-07-01 17:18:02 —-D—- C:WindowsFLV Player
2009-07-01 17:18:02 —-D—- C:Program FilesFLV Player
2009-07-01 17:17:53 —-A—- C:WindowsFLV Player Setup Log.txt
2009-07-01 17:15:03 —-D—- C:Program FilesQuickTime
2009-07-01 17:14:57 —-D—- C:Program FilesXilisoft
2009-07-01 13:51:16 —-A—- C:Windowssystem32xactengine2_9.dll
2009-07-01 13:51:16 —-A—- C:Windowssystem32d3dx9_35.dll
2009-07-01 13:51:16 —-A—- C:Windowssystem32d3dx10_35.dll
2009-07-01 13:51:16 —-A—- C:Windowssystem32D3DCompiler_35.dll
2009-07-01 13:51:15 —-A—- C:Windowssystem32xactengine2_8.dll
2009-07-01 13:51:15 —-A—- C:Windowssystem32d3dx10_34.dll
2009-07-01 13:51:15 —-A—- C:Windowssystem32D3DCompiler_34.dll
2009-07-01 13:51:14 —-A—- C:Windowssystem32xinput1_3.dll
2009-07-01 13:51:14 —-A—- C:Windowssystem32xactengine2_7.dll
2009-07-01 13:51:14 —-A—- C:Windowssystem32xactengine2_6.dll
2009-07-01 13:51:14 —-A—- C:Windowssystem32d3dx9_34.dll
2009-07-01 13:51:14 —-A—- C:Windowssystem32d3dx9_33.dll
2009-07-01 13:51:14 —-A—- C:Windowssystem32d3dx10_33.dll
2009-07-01 13:51:14 —-A—- C:Windowssystem32D3DCompiler_33.dll
2009-07-01 13:51:13 —-A—- C:Windowssystem32xactengine2_5.dll
2009-07-01 13:51:13 —-A—- C:Windowssystem32d3dx10.dll
2009-07-01 13:51:12 —-A—- C:Windowssystem32xactengine2_4.dll
2009-07-01 13:51:12 —-A—- C:Windowssystem32x3daudio1_1.dll
2009-07-01 13:51:10 —-A—- C:Windowssystem32xinput1_2.dll
2009-07-01 13:51:10 —-A—- C:Windowssystem32xactengine2_3.dll
2009-07-01 13:51:10 —-A—- C:Windowssystem32xactengine2_2.dll
2009-07-01 13:51:09 —-A—- C:Windowssystem32xinput1_1.dll
2009-07-01 13:51:09 —-A—- C:Windowssystem32xactengine2_1.dll
2009-07-01 13:51:04 —-A—- C:Windowssystem32xactengine2_0.dll
2009-07-01 13:51:04 —-A—- C:Windowssystem32x3daudio1_0.dll
2009-07-01 13:51:04 —-A—- C:Windowssystem32d3dx9_30.dll
2009-07-01 13:51:03 —-A—- C:Windowssystem32d3dx9_29.dll
2009-07-01 13:51:02 —-A—- C:Windowssystem32d3dx9_27.dll
2009-07-01 13:51:02 —-A—- C:Windowssystem32d3dx9_26.dll
2009-07-01 13:36:54 —-D—- C:Program FilesDirectX
2009-07-01 13:36:47 —-A—- C:Windowssystem32ATL80.dll
2009-07-01 13:36:47 —-A—- C:Windowssystem32atl71.dll
2009-07-01 13:36:44 —-A—- C:Windowssystem32d3dx9_32.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfcm80u.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfcm80.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfc80u.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfc80KOR.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfc80JPN.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfc80ITA.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfc80FRA.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfc80ESP.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfc80ENU.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfc80DEU.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfc80CHT.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfc80CHS.dll
2009-07-01 13:36:43 —-A—- C:Windowssystem32mfc80.dll
2009-07-01 13:36:38 —-A—- C:Windowssystem32vcomp.dll
2009-07-01 12:33:21 —-D—- C:Program Filesgoodlogin
2009-07-01 12:04:46 —-A—- C:Windowssystem32msvbvm50.dll
2009-07-01 12:04:45 —-A—- C:Windowssystem32msvcp80.dll
2009-07-01 12:04:45 —-A—- C:Windowssystem32msvcp71d.dll
2009-07-01 12:04:45 —-A—- C:Windowssystem32msvcp70d.dll
2009-07-01 12:04:45 —-A—- C:Windowssystem32Msvcp60d.dll
2009-07-01 12:04:45 —-A—- C:Windowssystem32msvcp50.dll
2009-07-01 12:04:45 —-A—- C:Windowssystem32msvci70d.dll
2009-07-01 12:04:44 —-A—- C:Windowssystem32msvcr70d.dll
2009-07-01 12:04:43 —-A—- C:Windowssystem32msxml4a.dll
2009-07-01 12:04:43 —-A—- C:Windowssystem32msvcr80.dll
2009-07-01 12:04:43 —-A—- C:Windowssystem32msvcr71d.dll
2009-07-01 12:04:42 —-A—- C:Windowssystem32Vb5db.dll
2009-07-01 12:04:42 —-A—- C:Windowssystem32OpenAL32.dll
2009-07-01 12:04:41 —-A—- C:Windowssystem32xmltok.dll
2009-07-01 12:04:41 —-A—- C:Windowssystem32xmlparse.dll
2009-07-01 12:04:41 —-A—- C:Windowssystem32xmlinst.exe
2009-07-01 12:04:41 —-A—- C:Windowssystem32wrap_oal.dll
2009-07-01 12:04:41 —-A—- C:Windowssystem32vp6install.exe
2009-07-01 12:04:41 —-A—- C:Windowssystem32MFC71u.dll
2009-07-01 12:04:41 —-A—- C:Windowssystem32mfc71.dll
2009-07-01 12:04:40 —-A—- C:Windowssystem32eax.dll
2009-07-01 12:04:38 —-A—- C:Windowssystem32d3dx9_25.dll
2009-07-01 12:04:38 —-A—- C:Windowssystem32d3dx9_24.dll
2009-07-01 12:04:38 —-A—- C:Windowssystem32Cc3250mt.dll
2009-07-01 12:04:38 —-A—- C:Windowssystem32Borlndmm.dll
2009-07-01 12:04:37 —-D—- C:Games
2009-07-01 12:04:37 —-A—- C:Windowssystem32msvcm80.dll
2009-07-01 11:49:59 —-D—- C:UsersИринаAppDataRoamingMacromedia
2009-06-30 20:36:00 —-D—- C:Program FilesMicrosoft WSE
2009-06-30 20:35:52 —-A—- C:Windowssystem32d3dx9_31.dll
2009-06-30 20:29:22 —-D—- C:Windowssystem32Macromed
2009-06-30 20:04:14 —-D—- C:Program FilesMemoriesOnTV4
2009-06-30 20:01:55 —-D—- C:UsersИринаAppDataRoamingOpera
2009-06-30 20:01:25 —-D—- C:Program FilesOpera
2009-06-30 20:01:04 —-D—- C:UsersИринаAppDataRoamingkantaris
2009-06-30 20:00:26 —-D—- C:Program FilesKantaris
2009-06-30 19:22:51 —-D—- C:Program FilesCommon FilesCANON
2009-06-30 19:19:03 —-HD—- C:ProgramDataCanonBJ
2009-06-30 19:18:22 —-HD—- C:Windowssystem32CanonIJ Uninstaller Information
2009-06-30 19:15:57 —-A—- C:Windowssystem32CNMLM9E.DLL
2009-06-30 19:15:33 —-HD—- C:Program FilesCanonBJ
2009-06-30 19:14:58 —-D—- C:Program FilesCanon
2009-06-30 18:55:32 —-D—- C:UsersИринаAppDataRoamingMra
2009-06-30 18:55:31 —-D—- C:Program FilesMail.Ru
2009-06-30 18:49:35 —-A—- C:Program FilesUNWISE.EXE
2009-06-30 03:01:41 —-D—- C:WindowsPanther
2009-06-30 03:01:28 —-RAS—- C:BOOTSECT.BAK
2009-06-30 03:01:27 —-SHD—- C:Boot
2009-06-30 02:55:35 —-D—- C:UsersИринаAppDataRoamingMedia Player Classic
2009-06-30 02:54:32 —-A—- C:WindowsNeroDigital.ini
2009-06-30 02:51:45 —-D—- C:UsersИринаAppDataRoamingAdobe
2009-06-30 02:50:25 —-D—- C:UsersИринаAppDataRoamingCyberLink
2009-06-30 02:50:15 —-D—- C:ProgramDataCyberLink
2009-06-30 02:50:10 —-D—- C:Program FilesCommon FilesCyberLink
2009-06-30 02:49:20 —-D—- C:Program FilesCyberLink
2009-06-30 02:49:02 —-A—- C:Windowssystem32msxml3a.dll
2009-06-30 02:48:14 —-D—- C:UsersИринаAppDataRoamingACD Systems
2009-06-30 02:48:00 —-D—- C:ProgramDataACD Systems
2009-06-30 02:47:57 —-D—- C:Program FilesCommon FilesACD Systems
2009-06-30 02:47:57 —-D—- C:Program FilesACD Systems
2009-06-30 02:31:53 —-A—- C:Windowssystem32mshtmler.dll
2009-06-30 02:31:53 —-A—- C:Windowssystem32mshtmled.dll
2009-06-30 02:31:53 —-A—- C:Windowssystem32ieui.dll
2009-06-30 02:31:53 —-A—- C:Windowssystem32icardie.dll
2009-06-30 02:31:53 —-A—- C:Windowssystem32admparse.dll
2009-06-30 02:31:52 —-A—- C:Windowssystem32msls31.dll
2009-06-30 02:31:52 —-A—- C:Windowssystem32jsproxy.dll
2009-06-30 02:31:52 —-A—- C:Windowssystem32imgutil.dll
2009-06-30 02:31:52 —-A—- C:Windowssystem32iernonce.dll
2009-06-30 02:31:52 —-A—- C:Windowssystem32ieakeng.dll
2009-06-30 02:31:52 —-A—- C:Windowssystem32dxtrans.dll
2009-06-30 02:31:52 —-A—- C:Windowssystem32dxtmsft.dll
2009-06-30 02:31:52 —-A—- C:Windowssystem32corpol.dll
2009-06-30 02:31:51 —-A—- C:Windowssystem32webcheck.dll
2009-06-30 02:31:51 —-A—- C:Windowssystem32occache.dll
2009-06-30 02:31:51 —-A—- C:Windowssystem32msrating.dll
2009-06-30 02:31:51 —-A—- C:Windowssystem32msfeedsbs.dll
2009-06-30 02:31:51 —-A—- C:Windowssystem32licmgr10.dll
2009-06-30 02:31:51 —-A—- C:Windowssystem32inseng.dll
2009-06-30 02:31:51 —-A—- C:Windowssystem32iesetup.dll
2009-06-30 02:31:51 —-A—- C:Windowssystem32iepeers.dll
2009-06-30 02:31:51 —-A—- C:Windowssystem32ieaksie.dll
2009-06-30 02:31:50 —-A—- C:Windowssystem32WinFXDocObj.exe
2009-06-30 02:31:50 —-A—- C:Windowssystem32wextract.exe
2009-06-30 02:31:50 —-A—- C:Windowssystem32pngfilt.dll
2009-06-30 02:31:50 —-A—- C:Windowssystem32mstime.dll
2009-06-30 02:31:50 —-A—- C:Windowssystem32msfeedssync.exe
2009-06-30 02:31:50 —-A—- C:Windowssystem32msfeeds.dll
2009-06-30 02:31:50 —-A—- C:Windowssystem32ieapfltr.dll
2009-06-30 02:31:50 —-A—- C:Windowssystem32ieakui.dll
2009-06-30 02:31:50 —-A—- C:Windowssystem32advpack.dll
2009-06-30 02:31:49 —-A—- C:Windowssystem32vbscript.dll
2009-06-30 02:31:49 —-A—- C:Windowssystem32url.dll
2009-06-30 02:31:49 —-A—- C:Windowssystem32jscript.dll
2009-06-30 02:31:49 —-A—- C:Windowssystem32iedkcs32.dll
2009-06-30 02:31:48 —-A—- C:Windowssystem32SetIEInstalledDate.exe
2009-06-30 02:31:48 —-A—- C:Windowssystem32SetDepNx.exe
2009-06-30 02:31:48 —-A—- C:Windowssystem32RegisterIEPKEYs.exe
2009-06-30 02:31:48 —-A—- C:Windowssystem32PDMSetup.exe
2009-06-30 02:31:48 —-A—- C:Windowssystem32mshta.exe
2009-06-30 02:31:48 —-A—- C:Windowssystem32iexpress.exe
2009-06-30 02:31:48 —-A—- C:Windowssystem32ieUnatt.exe
2009-06-30 02:31:48 —-A—- C:Windowssystem32iesysprep.dll
2009-06-30 02:31:48 —-A—- C:Windowssystem32iertutil.dll
2009-06-30 02:31:48 —-A—- C:Windowssystem32ie4uinit.exe
2009-06-30 02:31:47 —-A—- C:Windowssystem32wininet.dll
2009-06-30 02:31:47 —-A—- C:Windowssystem32urlmon.dll
2009-06-30 02:31:46 —-A—- C:Windowssystem32ieframe.dll
2009-06-30 02:31:45 —-A—- C:Windowssystem32mshtml.dll
2009-06-30 02:30:49 —-D—- C:ProgramDataAdobe
2009-06-30 02:30:45 —-D—- C:Program FilesCommon FilesAdobe
2009-06-30 02:30:44 —-D—- C:Program FilesAdobe
2009-06-30 02:29:26 —-D—- C:UsersИринаAppDataRoamingNero
2009-06-30 02:27:35 —-A—- C:Windowssystem32MsiExec.exe.log
2009-06-30 02:25:10 —-D—- C:Program FilesNero
2009-06-30 02:25:09 —-D—- C:ProgramDataNero
2009-06-30 02:25:09 —-D—- C:Program FilesCommon FilesNero
2009-06-30 02:23:26 —-A—- C:Windowssystem32d3dx9_28.dll
2009-06-30 02:16:29 —-D—- C:UsersИринаAppDataRoamingWinRAR
2009-06-30 02:11:18 —-D—- C:WindowsDebug
2009-06-30 02:11:18 —-D—- C:ProgramDataDAEMON Tools Lite
2009-06-30 02:11:16 —-D—- C:Program FilesDAEMON Tools Toolbar
2009-06-30 02:11:14 —-D—- C:UsersИринаAppDataRoamingDAEMON Tools Lite
2009-06-30 02:11:02 —-D—- C:Program FilesDaemon Tools Lite
2009-06-30 02:10:36 —-D—- C:Program Files7-Zip
2009-06-30 02:10:34 —-D—- C:Program FilesWinRAR
2009-06-30 02:10:29 —-D—- C:UsersИринаAppDataRoamingWinamp
2009-06-30 02:10:29 —-D—- C:Program FilesWinamp
2009-06-30 02:10:19 —-A—- C:Windowssystem32rmoc3260.dll
2009-06-30 02:10:19 —-A—- C:Windowssystem32pndx5032.dll
2009-06-30 02:10:19 —-A—- C:Windowssystem32pndx5016.dll
2009-06-30 02:10:19 —-A—- C:Windowssystem32pncrt.dll
2009-06-30 02:10:17 —-A—- C:Windowssystem32yv12vfw.dll
2009-06-30 02:10:17 —-A—- C:Windowssystem32xvidvfw.dll
2009-06-30 02:10:17 —-A—- C:Windowssystem32xvidcore.dll
2009-06-30 02:10:16 —-N—- C:Windowssystem32divx.dll
2009-06-30 02:10:16 —-A—- C:Windowssystem32qt-dx331.dll
2009-06-30 02:10:16 —-A—- C:Windowssystem32dpl100.dll
2009-06-30 02:10:15 —-A—- C:Windowssystem32pthreadGC2.dll
2009-06-30 02:10:15 —-A—- C:Windowssystem32ff_vfw.dll.manifest
2009-06-30 02:10:15 —-A—- C:Windowssystem32ff_vfw.dll
2009-06-30 02:10:14 —-N—- C:Windowssystem32msvcr71.dll
2009-06-30 02:10:14 —-D—- C:UsersИринаAppDataRoamingReal
2009-06-30 02:10:14 —-D—- C:ProgramDataReal
2009-06-30 02:10:14 —-D—- C:Program FilesK-Lite Codec Pack
2009-06-30 02:10:14 —-A—- C:Windowssystem32msvcp71.dll
2009-06-30 02:10:11 —-D—- C:Program FilesCCleaner
2009-06-30 02:06:03 —-D—- C:Program FilesWinDjView
2009-06-30 02:06:01 —-D—- C:Program FilesFoxit Reader
2009-06-30 02:05:59 —-A—- C:WindowsWPI_Log_2009.06.30_02.05.59.txt
2009-06-30 02:05:59 —-A—- C:rb_config.js
2009-06-30 02:05:59 —-A—- C:history.js
2009-06-30 02:05:35 —-D—- C:WindowsSoftwareDistribution
2009-06-30 02:04:01 —-D—- C:WindowsCSC
2009-06-30 02:02:40 —-D—- C:WindowsPrefetch
2009-06-30 02:02:29 —-SHD—- C:System Volume Information
2009-06-30 01:59:29 —-D—- C:Windowssystem32RTCOM
2009-06-30 01:59:03 —-A—- C:WindowsDIFxAPI.dll
2009-06-30 01:59:02 —-A—- C:Windowssystem32WavesLib.dll
2009-06-30 01:59:02 —-A—- C:Windowssystem32SRSWOW.dll
2009-06-30 01:59:02 —-A—- C:Windowssystem32SRSTSXT.dll
2009-06-30 01:59:01 —-A—- C:Windowssystem32SRSTSHD.dll
2009-06-30 01:59:01 —-A—- C:Windowssystem32SRSHP360.dll
2009-06-30 01:59:01 —-A—- C:Windowssystem32RtkPgExt.dll
2009-06-30 01:59:01 —-A—- C:Windowssystem32RtkCoInst.dll
2009-06-30 01:59:01 —-A—- C:Windowssystem32RtkApoApi.dll
2009-06-30 01:59:00 —-A—- C:Windowssystem32RtkAPO.dll
2009-06-30 01:59:00 —-A—- C:Windowssystem32RP3DHT32.dll
2009-06-30 01:59:00 —-A—- C:Windowssystem32RP3DAA32.dll
2009-06-30 01:59:00 —-A—- C:Windowssystem32MaxxAudioEQ.dll
2009-06-30 01:59:00 —-A—- C:Windowssystem32MaxxAudioAPO20.dll
2009-06-30 01:59:00 —-A—- C:Windowssystem32MaxxAudioAPO.dll
2009-06-30 01:58:59 —-D—- C:Program FilesRealtek
2009-06-30 01:58:59 —-A—- C:Windowssystem32FMAPO.dll
2009-06-30 01:58:59 —-A—- C:Windowssystem32AERTARen.dll
2009-06-30 01:58:59 —-A—- C:Windowssystem32AERTACap.dll
2009-06-30 01:58:57 —-HD—- C:Program FilesTemp
2009-06-30 01:58:57 —-A—- C:WindowsRtlExUpd.dll
2009-06-30 01:58:01 —-D—- C:ProgramDataNVIDIA
2009-06-30 01:56:20 —-A—- C:Windowssystem32nvshext.dll
2009-06-30 01:56:20 —-A—- C:Windowssystem32nvcpluir.dll
2009-06-30 01:56:20 —-A—- C:Windowssystem32nvcplui.exe
2009-06-30 01:55:58 —-A—- C:Windowssystem32nvudisp.exe
2009-06-30 01:55:30 —-A—- C:Windowssystem32NVUNINST.EXE
2009-06-30 01:53:19 —-D—- C:Windowssystem32Atheros_L2
2009-06-30 01:53:16 —-HD—- C:Program FilesInstallShield Installation Information
2009-06-30 01:53:00 —-D—- C:Program FilesCommon FilesInstallShield
2009-06-30 01:48:49 —-D—- C:Program FilesIntel
2009-06-30 01:48:49 —-A—- C:Windowssystem32CSVer.dll
2009-06-30 01:48:40 —-D—- C:Intel
2009-06-30 01:43:05 —-A—- C:Windowssystem32msonpmon.dll
2009-06-30 01:41:47 —-D—- C:Program FilesMicrosoft Works
2009-06-30 01:41:24 —-D—- C:Program FilesMicrosoft Visual Studio
2009-06-30 01:41:24 —-D—- C:Program FilesCommon FilesDESIGNER
2009-06-30 01:40:58 —-D—- C:WindowsPCHEALTH
2009-06-30 01:40:58 —-D—- C:Program FilesMicrosoft.NET
2009-06-30 01:39:19 —-D—- C:Program FilesMicrosoft Visual Studio 8
2009-06-30 01:38:39 —-D—- C:Program FilesMicrosoft Office
2009-06-30 01:38:38 —-D—- C:ProgramDataMicrosoft Help
2009-06-30 01:38:36 —-SHD—- C:WindowsInstaller
2009-06-30 01:38:24 —-RHD—- C:MSOCache
2009-06-30 01:18:11 —-D—- C:Program FilesTotal Commander
2009-06-30 01:13:33 —-D—- C:UsersИринаAppDataRoamingIdentities
2009-06-30 01:13:27 —-SD—- C:UsersИринаAppDataRoamingMicrosoft
2009-06-30 01:13:27 —-D—- C:UsersИринаAppDataRoamingMedia Center Programs
2009-06-30 01:11:48 —-SHD—- C:ProgramDataШаблоны
2009-06-30 01:11:48 —-SHD—- C:ProgramDataРабочий стол
2009-06-30 01:11:48 —-SHD—- C:ProgramDataИзбранное
2009-06-30 01:11:48 —-SHD—- C:ProgramDataДокументы
2009-06-30 01:11:48 —-SHD—- C:ProgramDataГлавное меню

======List of files/folders modified in the last 1 months======

2009-07-19 11:57:37 —-D—- C:WindowsTemp
2009-07-19 11:54:39 —-RD—- C:Program Files
2009-07-19 11:45:28 —-D—- C:Windowssystem32drivers
2009-07-19 11:44:48 —-HD—- C:ProgramData
2009-07-19 11:01:47 —-D—- C:Windows
2009-07-19 08:25:00 —-D—- C:WindowsSystem32
2009-07-19 08:24:52 —-D—- C:Windowssystem32catroot2
2009-07-17 14:45:34 —-RSD—- C:WindowsFonts
2009-07-17 14:45:32 —-D—- C:Windowsinf
2009-07-17 14:45:26 —-D—- C:WindowsSpeech
2009-07-17 14:15:27 —-A—- C:Windowssystem32PerfStringBackup.INI
2009-07-16 16:29:27 —-D—- C:Windowssystem32catroot
2009-07-16 13:24:02 —-D—- C:Windowssystem32Tasks
2009-07-16 12:15:44 —-D—- C:Windowssystem32WDI
2009-07-14 17:46:42 —-D—- C:WindowsLogs
2009-07-14 12:06:21 —-RD—- C:Users
2009-07-14 12:05:10 —-RSD—- C:Windowsassembly
2009-07-10 18:18:44 —-D—- C:Windowssystem32FxsTmp
2009-07-06 09:20:34 —-D—- C:Program FilesCommon Files
2009-07-06 09:18:58 —-D—- C:Windowswinsxs
2009-07-02 19:34:24 —-D—- C:WindowsRegistration
2009-07-02 19:34:12 —-D—- C:Program FilesInternet Explorer
2009-07-01 13:51:05 —-D—- C:WindowsMicrosoft.NET
2009-07-01 12:03:14 —-D—- C:Windowsrescache
2009-06-30 19:14:04 —-RSD—- C:WindowsMedia
2009-06-30 19:13:34 —-D—- C:Windowstwain_32
2009-06-30 18:36:48 —-SD—- C:ProgramDataMicrosoft
2009-06-30 02:49:05 —-D—- C:Program FilesCommon Filesmicrosoft shared
2009-06-30 02:37:35 —-D—- C:Windowssystem32ru-RU
2009-06-30 02:37:34 —-D—- C:Windowssystem32migration
2009-06-30 02:37:34 —-D—- C:Windowssystem32en-US
2009-06-30 02:37:34 —-D—- C:WindowsPolicyDefinitions
2009-06-30 02:25:07 —-D—- C:WindowsCursors
2009-06-30 02:06:49 —-D—- C:Program FilesCommon FilesSystem
2009-06-30 02:06:49 —-A—- C:Windowswin.ini
2009-06-30 01:56:16 —-D—- C:WindowsHelp
2009-06-30 01:41:39 —-D—- C:Program FilesMSBuild
2009-06-30 01:41:21 —-D—- C:WindowsShellNew
2009-06-30 01:38:15 —-D—- C:Windowssystem32restore
2009-06-30 01:35:05 —-D—- C:Windowssystem32oobe
2009-06-30 01:13:44 —-SHD—- C:$Recycle.Bin
2009-06-30 01:11:48 —-D—- C:Program FilesWindows NT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CSC;Offline Files Driver; C:Windowssystem32driverscsc.sys [2008-01-21 350720]
R1 ehdrv;ehdrv; C:Windowssystem32DRIVERSehdrv.sys [2009-05-14 107256]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; ??C:Program FilesCyberLinkPowerDVD800.fcl [2008-06-27 61424]
R2 atksgt;atksgt; C:Windowssystem32DRIVERSatksgt.sys [2009-07-14 278728]
R2 eamon;eamon; C:Windowssystem32DRIVERSeamon.sys [2009-05-14 114472]
R2 epfwwfpr;epfwwfpr; C:Windowssystem32DRIVERSepfwwfpr.sys [2009-05-14 93312]
R2 lirsgt;lirsgt; C:Windowssystem32DRIVERSlirsgt.sys [2009-07-14 25416]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:Windowssystem32DRIVERSl260x86.sys [2008-04-15 29184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHDA.sys [2009-05-04 2365792]
R3 MTsensor;ATK0110 ACPI UTILITY; C:Windowssystem32DRIVERSASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:Windowssystem32DRIVERSnvlddmkm.sys [2008-12-26 9535456]
R3 pfc;Padus ASPI Shell; C:Windowssystem32driverspfc.sys [2006-10-02 10368]
S3 CrystalSysInfo;CrystalSysInfo; ??C:Program FilesMediaCoder PSP EditionSysInfo.sys [2007-09-25 15152]
S3 drmkaud;Звуковой дешифратор DRM ядра системы; C:Windowssystem32driversdrmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Представитель служб потоков Microsoft; C:Windowssystem32driversMSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Посредник синхронизации потоков Microsoft; C:Windowssystem32driversMSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Представитель диспетчера качества потоков Microsoft; C:Windowssystem32driversMSPQM.sys [2008-01-21 5504]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys [2008-01-21 6016]
S3 usbscan;Драйвер USB-сканера; C:Windowssystem32DRIVERSusbscan.sys [2008-01-21 35328]
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%system32cscsvc.dll,-200; C:WindowsSystem32svchost.exe [2008-01-21 21504]
R2 ekrn;ESET Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2009-05-14 731840]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:Program FilesNeroNero8Nero BackItUpNBService.exe [2007-09-20 853288]
R2 nvsvc;NVIDIA Display Driver Service; C:Windowssystem32nvvsvc.exe [2008-12-26 211488]
S3 AppMgmt;@appmgmts.dll,-3250; C:Windowssystem32svchost.exe [2008-01-21 21504]
S3 aspnet_state;Служба состояний ASP.NET; C:WindowsMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-01-21 33800]
S3 EhttpSrv;ESET HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2009-05-14 20680]
S3 Fax;@%systemroot%system32fxsresm.dll,-118; C:Windowssystem32fxssvc.exe [2008-01-21 523776]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesNeroLibNMIndexingService.exe [2007-11-15 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%system32umrdp.dll,-1000; C:WindowsSystem32svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%system32wbengine.exe,-104; C:Windowssystem32wbengine.exe [2008-01-21 917504]

---

EOF

---

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Проверим ещё одной программой.
Скачайте программу Combofix. Закройте все открытые окна и запустите эту программу.
После выполнения будет создан лог файл, пожалуйста вставьте его в ваш ответ.

[MaxHagi]

ComboFix 09-07-19.04 — Ирина 20.07.2009 9:20.1.2 — NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1251.7.1049.18.2047.1364 [GMT 5:00]
Running from: c:usersИринаDesktopComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:program filesINSTALL.LOG
c:program filesMail.RuAgentMradllnewmrasearch.dll
D:Autorun.inf
D:install.exe

.
((((((((((((((((((((((((( Files Created from 2009-06-20 to 2009-07-20 )))))))))))))))))))))))))))))))
.

2009-07-19 07:10 . 2009-07-19 07:10

---

d

---

w- c:usersИринаAppDataLocalESET
2009-07-19 06:54 . 2009-07-19 06:57

---

d

---

w- c:program filestrend micro
2009-07-19 06:54 . 2009-07-19 06:57

---

d

---

w- C:rsit
2009-07-19 06:44 . 2009-07-19 06:44

---

d

---

w- c:program filesESET
2009-07-19 03:52 . 2009-07-19 04:34 35628544 —-a-w- c:usersИринаeav_nt32_rus.msi
2009-07-19 03:31 . 2009-07-19 03:31

---

d

---

w- c:program filesElectronic Arts
2009-07-17 09:45 . 2009-07-17 09:45

---

d

---

w- c:program filesГоворилка
2009-07-17 09:45 . 2009-07-18 12:23

---

d

---

w- c:windowsLhsp
2009-07-17 09:07 . 2009-07-17 09:07

---

d

---

w- c:usersИринаAppDataRoamingQIP
2009-07-17 09:07 . 2009-01-20 08:09 131072 —-a-w- c:usersИринаAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll
2009-07-17 09:06 . 2009-07-17 09:30

---

d

---

w- c:program filesQIP Infium
2009-07-17 05:33 . 2009-07-17 05:34 1213410 —-a-w- c:usersИрина1204724700_dds_converter_v21.zip
2009-07-17 05:17 . 2009-07-17 05:17

---

d

---

w- c:program filesPresets
2009-07-17 05:17 . 2009-07-17 05:17

---

d

---

w- c:program filesPlug-Ins
2009-07-17 05:17 . 2009-07-17 05:17

---

d

---

w- c:program filesNVIDIA Corporation
2009-07-17 05:02 . 2009-07-17 05:05 2485701 —-a-w- c:usersИринаsims3workshop.msi.zip
2009-07-16 09:58 . 2009-07-16 11:31

---

d

---

w- c:programdataKaspersky Lab
2009-07-16 09:56 . 2009-07-16 09:56

---

d

---

w- c:programdataKaspersky Lab Setup Files
2009-07-16 07:35 . 2009-07-16 07:35

---

d

---

w- c:programdataWindowsSearch
2009-07-14 07:06 . 2009-07-14 07:06

---

d

---

w- c:usersИринаAppDataRoamingDAEMON Tools
2009-07-14 07:06 . 2009-07-14 07:06

---

d

---

w- c:usersÈðèíà
2009-07-14 07:06 . 2009-07-14 07:06

---

d

---

w- c:users???°???­? 
2009-07-14 07:06 . 2009-07-14 07:06 278728 —-a-w- c:windowssystem32driversatksgt.sys
2009-07-14 07:06 . 2009-07-14 07:06 25416 —-a-w- c:windowssystem32driverslirsgt.sys
2009-07-14 06:53 . 2008-04-07 06:01 3702216 —-a-w- c:program filesdaemon4123-lite.exe
2009-07-13 05:08 . 2009-07-13 05:08

---

d

---

w- c:program files1С
2009-07-10 10:04 . 2009-07-10 10:04

---

d

---

w- c:usersИринаAppDataRoamingMalwarebytes
2009-07-10 10:04 . 2009-06-17 06:27 38160 —-a-w- c:windowssystem32driversmbamswissarmy.sys
2009-07-10 10:04 . 2009-07-10 10:04

---

d

---

w- c:programdataMalwarebytes
2009-07-10 10:04 . 2009-07-10 10:04

---

d

---

w- c:program filesMalwarebytes’ Anti-Malware
2009-07-10 10:04 . 2009-06-17 06:27 19096 —-a-w- c:windowssystem32driversmbam.sys
2009-07-10 09:41 . 2009-07-10 09:41

---

d

---

w- c:usersИринаAppDataLocalMigWiz
2009-07-07 04:37 . 2009-07-07 04:37

---

d

---

w- c:program filesXviD
2009-07-07 04:37 . 2009-07-07 04:37

---

d

---

w- c:program filesAviSynth 2.5
2009-07-07 04:37 . 2009-07-07 04:37

---

d

---

w- c:program filesGabest
2009-07-07 04:35 . 2009-07-07 04:35

---

d

---

w- c:program filesWinMPG Video Convert
2009-07-07 04:22 . 2009-07-07 04:22

---

d

---

w- c:usersИринаAppDataRoamingBroad Intelligence
2009-07-07 04:22 . 2009-07-07 04:22

---

d

---

w- c:program filesMediaCoder PSP Edition
2009-07-07 04:12 . 2009-07-07 04:12 7680 —-a-w- c:usersИринаAppDataRoamingThinstallMemoriesOnTV 440000034900002iMotv.exe
2009-07-07 04:12 . 2009-07-07 04:12

---

d

---

w- c:usersИринаAppDataRoamingThinstall
2009-07-07 04:12 . 2009-07-07 04:12

---

d

---

w- c:usersИринаAppDataLocalThinstall
2009-07-06 06:20 . 2009-07-06 06:20

---

d

---

w- c:program filesKalypso
2009-07-06 05:10 . 2009-07-06 05:21

---

d

---

w- c:program filesCheMaxRus
2009-07-06 04:29 . 2009-07-06 04:29

---

d

---

w- c:usersИринаAppDataLocalMy Games
2009-07-06 04:20 . 2009-07-06 04:20

---

d

---

w- c:program filesAGEIA Technologies
2009-07-06 04:20 . 2009-07-06 04:20

---

d

---

w- c:windowssystem32AGEIA
2009-07-06 04:20 . 2009-07-06 04:20

---

d

---

w- c:program filesCommon FilesWise Installation Wizard
2009-07-06 04:12 . 2009-07-06 04:12

---

d

---

w- c:usersИринаAppDataLocalApple Computer
2009-07-04 04:23 . 2009-07-04 04:23

---

d

---

w- c:program filesAlawar.ru
2009-07-03 17:34 . 2009-07-18 13:37

---

d

---

w- c:programdataAlawarWrapper
2009-07-03 05:34 . 2009-07-03 05:34

---

d

---

w- c:programdataApple Computer
2009-07-02 14:59 . 2009-07-02 14:59

---

d

---

w- c:windowsDownloaded Installations
2009-07-02 14:52 . 2009-07-02 14:52

---

d

---

w- c:program filesDisc2Phone
2009-07-02 14:34 . 2009-07-02 15:00

---

d

---

w- c:usersИринаAppDataLocalApplicationHistory
2009-07-02 14:34 . 2009-07-02 14:34 93 —-a-w- c:usersИринаAppDataLocalfusioncache.dat
2009-07-02 14:30 . 2009-07-02 14:30

---

d

---

w- c:windowssystem32URTTEMP
2009-07-02 12:42 . 2009-07-02 12:42

---

d

---

w- c:usersИринаAppDataRoamingGrym
2009-07-02 10:32 . 2009-07-18 13:19

---

d

---

w- c:program filesMad Scientist Productions
2009-07-02 07:32 . 2009-07-02 12:17

---

d

---

w- c:programdata2GIS
2009-07-02 07:32 . 2009-07-02 07:32

---

d

---

w- c:program files2gis
2009-07-02 07:02 . 2009-07-02 07:02

---

d

---

w- c:usersИринаAppDataRoamingrambler.ru
2009-07-02 07:02 . 2009-07-06 05:11

---

d

---

w- c:program filesRambler Assistant
2009-07-02 07:02 . 2009-07-02 07:02

---

d

---

w- c:usersИринаAppDataRoamingMozilla
2009-07-02 06:53 . 2009-07-02 07:14

---

d

---

w- c:usersИринаAppDataRoamingICQ
2009-07-02 06:53 . 2009-07-02 07:14

---

d

---

w- c:program filesICQ6.5
2009-07-02 05:26 . 2009-07-02 05:26

---

d

---

w- c:program filesOpenAL
2009-07-02 05:26 . 2006-08-30 14:11 749568 —-a-w- c:windowssystem32OpenALwEAX.exe
2009-07-02 05:18 . 2009-07-02 05:18

---

d

---

w- c:usersИринаAppDataRoamingInstallShield
2009-07-01 12:18 . 2009-07-01 12:18

---

d

---

w- c:windowsFLV Player
2009-07-01 12:18 . 2009-07-01 12:18

---

d

---

w- c:program filesFLV Player
2009-07-01 12:15 . 2009-07-01 12:15

---

d

---

w- c:program filesQuickTime
2009-07-01 12:14 . 2009-07-01 12:14

---

d

---

w- c:program filesXilisoft
2009-07-01 08:36 . 2009-07-16 08:23

---

d

---

w- c:program filesDirectX
2009-07-01 07:33 . 2009-07-01 07:33 10134 —-a-r- c:usersИринаAppDataRoamingMicrosoftInstaller{68E910DE-008D-40B1-BDBC-18AF3A8A380D}_A97D9A52106DCF1D306D12.exe
2009-07-01 07:33 . 2009-07-01 07:33 10134 —-a-r- c:usersИринаAppDataRoamingMicrosoftInstaller{68E910DE-008D-40B1-BDBC-18AF3A8A380D}_6D128718A608789CF13C63.exe
2009-07-01 07:33 . 2009-07-01 07:33

---

d

---

w- c:program filesgoodlogin
2009-07-01 06:49 . 2009-07-01 06:49

---

d

---

w- c:usersИринаAppDataRoamingMacromedia
2009-06-30 15:36 . 2009-06-30 15:36 10134 —-a-r- c:usersИринаAppDataRoamingMicrosoftInstaller{E3E71D07-CD27-46CB-8448-16D4FB29AA13}ARPPRODUCTICON.exe
2009-06-30 15:36 . 2009-06-30 15:36

---

d

---

w- c:program filesMicrosoft WSE
2009-06-30 15:35 . 2006-09-28 12:05 2414360 —-a-w- c:windowssystem32d3dx9_31.dll
2009-06-30 15:29 . 2009-06-30 15:29

---

d

---

w- c:windowssystem32Macromed
2009-06-30 15:04 . 2006-10-02 07:38 10368 —-a-w- c:windowssystem32driverspfc.sys
2009-06-30 15:04 . 2009-07-01 07:12

---

d

---

w- c:program filesMemoriesOnTV4
2009-06-30 15:01 . 2009-06-30 15:01

---

d

---

w- c:usersИринаAppDataRoamingOpera
2009-06-30 15:01 . 2009-06-30 15:01

---

d

---

w- c:usersИринаAppDataLocalOpera
2009-06-30 15:01 . 2009-06-30 15:01

---

d

---

w- c:program filesOpera
2009-06-30 15:01 . 2009-06-30 15:01

---

d

---

w- c:usersИринаAppDataRoamingkantaris
2009-06-30 15:00 . 2009-07-10 06:45

---

d

---

w- c:program filesKantaris
2009-06-30 14:23 . 2008-06-23 20:20 86528 —-a-w- c:programdataCanonBJIJPrinterCNMWindowsCanon MP540 series PrinterLanguageModules413CNMsr9E.dll
2009-06-30 14:22 . 2009-06-30 14:22

---

d

---

w- c:program filesCommon FilesCANON
2009-06-30 14:19 . 2009-07-19 11:30

---

d

---

r- c:usersИринаУстановка
2009-06-30 14:19 . 2009-06-30 14:19

---

d—h—w- c:programdataCanonBJ
2009-06-30 14:18 . 2009-06-30 14:18

---

d—h—w- c:windowssystem32CanonIJ Uninstaller Information
2009-06-30 14:15 . 2008-05-26 20:00 230912 —-a-w- c:windowssystem32CNMLM9E.DLL
2009-06-30 14:15 . 2009-06-30 14:15

---

d—h—w- c:program filesCanonBJ
2009-06-30 14:14 . 2009-06-30 14:24

---

d

---

w- c:program filesCanon
2009-06-30 13:55 . 2009-07-07 08:14

---

d

---

w- c:usersИринаAppDataRoamingMra
2009-06-30 13:55 . 2009-06-30 13:55

---

d

---

w- c:program filesMail.Ru
2009-06-30 13:49 . 1999-06-25 05:55 149504 —-a-w- c:program filesUNWISE.EXE
2009-06-29 22:01 . 2009-06-29 21:06

---

d

---

w- c:windowsPanther
2009-06-29 22:01 . 2009-06-29 22:01

---

d-sh—w- C:Boot
2009-06-29 21:55 . 2009-06-29 21:55

---

d

---

w- c:usersИринаAppDataRoamingMedia Player Classic
2009-06-29 21:51 . 2009-07-17 05:06

---

d

---

w- c:usersИринаAppDataRoamingAdobe
2009-06-29 21:51 . 2009-07-09 08:39

---

d

---

w- c:usersИринаAppDataLocalAdobe
2009-06-29 21:51 . 2009-06-29 21:51

---

d

---

w- c:usersPublicCyberLink
2009-06-29 21:50 . 2009-06-29 21:50

---

d

---

w- c:usersИринаAppDataRoamingCyberLink
2009-06-29 21:50 . 2009-07-07 09:09

---

d

---

w- c:programdataCyberLink
2009-06-29 21:50 . 2009-06-29 21:50

---

d

---

w- c:program filesCommon FilesCyberLink
2009-06-29 21:49 . 2009-06-29 21:50

---

d

---

w- c:program filesCyberLink
2009-06-29 21:49 . 2002-01-07 12:30 24576 —-a-w- c:windowssystem32msxml3a.dll
2009-06-29 21:48 . 2009-06-29 21:48

---

d

---

w- c:usersИринаAppDataLocalACD Systems
2009-06-29 21:48 . 2009-06-29 21:48

---

d

---

w- c:usersИринаAppDataRoamingACD Systems
2009-06-29 21:48 . 2009-06-29 21:48

---

d

---

w- c:programdataACD Systems
2009-06-29 21:47 . 2009-06-29 21:48

---

d

---

w- c:program filesCommon FilesACD Systems
2009-06-29 21:47 . 2009-06-29 21:47

---

d

---

w- c:program filesACD Systems
2009-06-29 21:32 . 2009-06-30 14:13

---

d

---

w- c:usersИринаAppDataLocalMicrosoft Games
2009-06-29 21:30 . 2009-06-30 13:50

---

d

---

w- c:program filesCommon FilesAdobe
2009-06-29 21:29 . 2009-06-29 21:29

---

d

---

w- c:usersИринаAppDataRoamingNero
2009-06-29 21:28 . 2009-06-29 21:28

---

d

---

w- c:usersИринаAppDataLocalAhead
2009-06-29 21:25 . 2009-06-29 21:25

---

d

---

w- c:program filesNero
2009-06-29 21:25 . 2009-06-29 21:26

---

d

---

w- c:program filesCommon FilesNero
2009-06-29 21:25 . 2009-06-29 21:25

---

d

---

w- c:programdataNero
2009-06-29 21:16 . 2009-06-29 21:16

---

d

---

w- c:usersИринаAppDataRoamingWinRAR
2009-06-29 21:11 . 2009-06-29 21:52

---

d

---

w- c:windowsDebug
2009-06-29 21:11 . 2009-06-29 21:11

---

d

---

w- c:programdataDAEMON Tools Lite

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-20 04:26 . 2009-06-29 20:13 2097152 —sha-w- c:usersИринаNTUSER.DAT
2009-07-20 03:51 . 2009-06-29 20:58 48175 —-a-w- c:programdatanvModes.dat
2009-07-19 04:34 . 2009-07-19 03:52 35628544 —-a-w- c:usersИринаeav_nt32_rus.msi
2009-07-19 02:51 . 2009-06-29 21:10

---

d

---

w- c:usersИринаAppDataRoamingWinamp
2009-07-17 10:06 . 2009-06-29 20:13 100256 —-a-w- c:usersИринаAppDataLocalGDIPFONTCACHEV1.DAT
2009-07-17 09:45 . 2009-07-17 09:45

---

d

---

w- c:program filesГоворилка
2009-07-17 09:15 . 2008-01-21 05:44 665318 —-a-w- c:windowssystem32perfh019.dat
2009-07-17 09:15 . 2008-01-21 05:44 131230 —-a-w- c:windowssystem32perfc019.dat
2009-07-17 09:07 . 2009-07-17 09:07

---

d

---

w- c:usersИринаAppDataRoamingQIP
2009-07-17 05:34 . 2009-07-17 05:33 1213410 —-a-w- c:usersИрина1204724700_dds_converter_v21.zip
2009-07-17 05:06 . 2009-06-29 21:51

---

d

---

w- c:usersИринаAppDataRoamingAdobe
2009-07-17 05:05 . 2009-07-17 05:02 2485701 —-a-w- c:usersИринаsims3workshop.msi.zip
2009-07-14 07:06 . 2009-07-14 07:06

---

d

---

w- c:usersИринаAppDataRoamingDAEMON Tools
2009-07-14 06:52 . 2009-07-01 07:04 115432 —-a-w- c:windowssystem32OpenAL32.dll
2009-07-14 06:52 . 2009-07-01 07:04 418480 —-a-w- c:windowssystem32wrap_oal.dll
2009-07-11 04:06 . 2009-06-29 20:13

---

d-s—w- c:usersИринаAppDataRoamingMicrosoft
2009-07-10 10:04 . 2009-07-10 10:04

---

d

---

w- c:usersИринаAppDataRoamingMalwarebytes
2009-07-07 08:14 . 2009-06-30 13:55

---

d

---

w- c:usersИринаAppDataRoamingMra
2009-07-07 04:22 . 2009-07-07 04:22

---

d

---

w- c:usersИринаAppDataRoamingBroad Intelligence
2009-07-07 04:12 . 2009-07-07 04:12 7680 —-a-w- c:usersИринаAppDataRoamingThinstallMemoriesOnTV 440000034900002iMotv.exe
2009-07-07 04:12 . 2009-07-07 04:12

---

d

---

w- c:usersИринаAppDataRoamingThinstall
2009-07-02 14:34 . 2009-07-02 14:34 93 —-a-w- c:usersИринаAppDataLocalfusioncache.dat
2009-07-02 12:42 . 2009-07-02 12:42

---

d

---

w- c:usersИринаAppDataRoamingGrym
2009-07-02 07:14 . 2009-07-02 06:53

---

d

---

w- c:usersИринаAppDataRoamingICQ
2009-07-02 07:02 . 2009-07-02 07:02

---

d

---

w- c:usersИринаAppDataRoamingrambler.ru
2009-07-02 07:02 . 2009-07-02 07:02

---

d

---

w- c:usersИринаAppDataRoamingMozilla
2009-07-02 05:18 . 2009-07-02 05:18

---

d

---

w- c:usersИринаAppDataRoamingInstallShield
2009-07-01 07:33 . 2009-07-01 07:33 10134 —-a-r- c:usersИринаAppDataRoamingMicrosoftInstaller{68E910DE-008D-40B1-BDBC-18AF3A8A380D}_A97D9A52106DCF1D306D12.exe
2009-07-01 07:33 . 2009-07-01 07:33 10134 —-a-r- c:usersИринаAppDataRoamingMicrosoftInstaller{68E910DE-008D-40B1-BDBC-18AF3A8A380D}_6D128718A608789CF13C63.exe
2009-07-01 06:49 . 2009-07-01 06:49

---

d

---

w- c:usersИринаAppDataRoamingMacromedia
2009-06-30 15:36 . 2009-06-30 15:36 10134 —-a-r- c:usersИринаAppDataRoamingMicrosoftInstaller{E3E71D07-CD27-46CB-8448-16D4FB29AA13}ARPPRODUCTICON.exe
2009-06-30 15:01 . 2009-06-30 15:01

---

d

---

w- c:usersИринаAppDataRoamingOpera
2009-06-30 15:01 . 2009-06-30 15:01

---

d

---

w- c:usersИринаAppDataRoamingkantaris
2009-06-29 21:55 . 2009-06-29 21:55

---

d

---

w- c:usersИринаAppDataRoamingMedia Player Classic
2009-06-29 21:50 . 2009-06-29 21:50

---

d

---

w- c:usersИринаAppDataRoamingCyberLink
2009-06-29 21:48 . 2009-06-29 21:10 353576

---

w- c:windowssystem32msvcr71.dll
2009-06-29 21:48 . 2009-06-29 21:48

---

d

---

w- c:usersИринаAppDataRoamingACD Systems
2009-06-29 21:39 . 2009-06-29 21:39 0 —ha-w- c:windowssystem32driversMsft_User_WpdFs_01_00_00.Wdf
2009-06-29 21:29 . 2009-06-29 21:29

---

d

---

w- c:usersИринаAppDataRoamingNero
2009-06-29 21:16 . 2009-06-29 21:16

---

d

---

w- c:usersИринаAppDataRoamingWinRAR
2009-06-29 21:11 . 2009-06-29 21:11

---

d

---

w- c:usersИринаAppDataRoamingDAEMON Tools Lite
2009-06-29 21:10 . 2009-06-29 21:10

---

d

---

w- c:program files7-Zip
2009-06-29 21:10 . 2009-06-29 21:10

---

d

---

w- c:program filesWinamp
2009-06-29 21:10 . 2009-06-29 21:10

---

d

---

w- c:program filesK-Lite Codec Pack
2009-06-29 21:10 . 2009-06-29 21:10

---

d

---

w- c:usersИринаAppDataRoamingReal
2009-06-29 21:10 . 2009-06-29 21:10

---

d

---

w- c:program filesCCleaner
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE~Browser Helper Objects{95289393-33EA-4F8D-B952-483415B9C955}]
2009-01-20 08:09 131072 —-a-w- c:usersИринаAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«Sidebar»=»c:program filesWindows Sidebarsidebar.exe» [2008-01-21 1233920]
«ICQ»=»c:progra~1ICQ6.5ICQ.exe» [2009-03-01 172792]
«WindowsWelcomeCenter»=»oobefldr.dll» — c:windowsSystem32oobefldr.dll [2008-01-21 2153472]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Windows Defender»=»c:program filesWindows DefenderMSASCui.exe» [2008-01-21 1008184]
«GrooveMonitor»=»c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe» [2008-10-25 31072]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2008-12-26 13736480]
«RtHDVCpl»=»c:program filesRealtekAudioHDARtHDVCpl.exe» [2009-05-06 7440928]
«WinampAgent»=»c:program filesWinampwinampa.exe» [2009-04-10 37888]
«NeroFilterCheck»=»c:program filesCommon FilesNeroLibNeroCheck.exe» [2007-03-01 153136]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 9.0ReaderReader_sl.exe» [2009-02-27 35696]
«RemoteControl8″=»c:program filesCyberLinkPowerDVD8PDVD8Serv.exe» [2008-03-20 83240]
«PDVD8LanguageShortcut»=»c:program filesCyberLinkPowerDVD8LanguageLanguage.exe» [2007-12-14 50472]
«BDRegion»=»c:program filesCyberlinkShared Filesbrs.exe» [2008-06-27 91432]
«MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2009-07-07 7975096]
«CanonSolutionMenu»=»c:program filesCanonSolutionMenuCNSLMAIN.exe» [2008-03-10 689488]
«CanonMyPrinter»=»c:program filesCanonMyPrinterBJMyPrt.exe» [2008-03-17 1848648]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2009-05-14 2029640]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«EnableLUA»= 0 (0x0)
«EnableUIADesktopToggle»= 0 (0x0)

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«aux»=wdmaud.drv

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinDefend]
@=»Service»

[HKLM~servicessharedaccessparametersfirewallpolicyFirewallRules]
«{CD4C9B58-A006-4809-91F4-E52098E94094}»= TCP:6004|c:program filesMicrosoft OfficeOffice12outlook.exe:Microsoft Office Outlook
«{803207A8-64EA-40DB-9C14-D7AC853F7D54}»= UDP:c:program filesMicrosoft OfficeOffice12GROOVE.EXE:Microsoft Office Groove
«{E1A0DD85-ABF1-4F8D-BAC7-E73A8094AC4D}»= TCP:c:program filesMicrosoft OfficeOffice12GROOVE.EXE:Microsoft Office Groove
«{52DC368A-32AC-452D-8CA4-75BB3DB21B72}»= UDP:c:program filesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
«{C435ADB7-00DE-4C88-8F88-A46A7F56D0E0}»= TCP:c:program filesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
«{37F45BB5-3229-4D26-870C-22F7E427FFCB}»= c:program filesCyberLinkPowerDVD8PowerDVD8.EXE:CyberLink PowerDVD 8.0
«TCP Query User{96B4678D-58B8-4DCC-9E03-8E13EF90388C}c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\russian\setup.exe»= UDP:c:programdatakaspersky lab setup fileskaspersky anti-virus 7.0.1.325russiansetup.exe:Программа установки Антивируса Касперского 7.0
«UDP Query User{2E240870-B1CA-476A-AB9F-1961F5BA97E1}c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\russian\setup.exe»= TCP:c:programdatakaspersky lab setup fileskaspersky anti-virus 7.0.1.325russiansetup.exe:Программа установки Антивируса Касперского 7.0

R1 ehdrv;ehdrv;c:windowsSystem32driversehdrv.sys [14.05.2009 15:47 107256]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:program filesCyberLinkPowerDVD800.fcl [27.06.2008 16:50 61424]
R2 ekrn;ESET Service;c:program filesESETESET NOD32 Antivirusekrn.exe [14.05.2009 15:47 731840]
R2 epfwwfpr;epfwwfpr;c:windowsSystem32driversepfwwfpr.sys [14.05.2009 15:49 93312]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:windowsSystem32driversl260x86.sys [30.06.2009 1:53 29184]
S0 OemBiosDevice;Royalty OEM Bios Extension;c:windowsSystem32driversroyal.sys [30.06.2009 1:26 240128]
S3 CrystalSysInfo;CrystalSysInfo;c:program filesMediaCoder PSP EditionSysInfo.sys [25.09.2007 19:59 15152]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
«c:windowsSystem32rundll32.exe» «c:windowsSystem32iedkcs32.dll»,BrandIEActiveSetup SIGNUP
.
.

---

Supplementary Scan

---

.
uStart Page = start.qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
uSearchURL,(Default) = hxxp://search.qip.ru/search?query=%s&from=IE
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Добавить в Rambler-Закладки — c:program filesRambler AssistantramblertoolbarU0.dll/zakladki.htm
IE: Найти с помощью Рамблера — c:program filesRambler AssistantramblertoolbarU0.dll/search.htm
IE: Перевести с помощью словарей Рамблера — c:program filesRambler AssistantramblertoolbarU0.dll/dic.htm
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
TCP: {00DFF694-929E-4A5A-B093-6942ACCAD170} = 62.213.0.12,62.213.2.1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-20 09:28
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-07-20 9:30
ComboFix-quarantined-files.txt 2009-07-20 04:30

Pre-Run: 33 759 379 456 байт свободно
Post-Run: 34 055 360 512 байт свободно

269

[MaxHagi]

ещё сегодня днём заметил что компьютер стал включаться только опсле нескольких раз нажатия перезагрузки!

[Admin]

Лог выглядит нормально.

Проверьте ещё ваш компьютер используя Kaspersky Online Scanner, для этого кликните по этой ссылке.
Результаты сканирования вставьте в ваш ответ.

[MaxHagi]

[attachment=0:2g91bmll]отч.txt[/attachment:2g91bmll]

[MaxHagi]

---

ОТЧЕТ О ПРОВЕРКЕ KASPERSKY ONLINE SCANNER 7.0
23 Июль 2009 г.
Операционная система: Microsoft Windows Vista Ultimate Edition, 32-bit Service Pack 1 (build 6001)
Версия Kaspersky Online Scanner: 7.0.26.13
Последнее обновление баз: Thursday, July 23, 2009 07:14:58
Количество записей в базах: 2517974

---

Параметры проверки:
проверять, используя следующие базы: расширенные
Проверять архивы: да
Проверять почтовые базы: да

Область проверки — Мой компьютер:
A:
C:
D:
E:

Статистика проверки:
Проверено объектов: 170241
Обнаружено угроз: 1
Обнаружено зараженных объектов: 1
Обнаружено подозрительных объектов: 0
Время проверки: 02:59:27

Имя файла / Имя угрозы / Количество угроз
C:UsersИринаУстановкаVKMusic.rar Зараженный: Trojan-Ransom.Win32.Taras.i 1

Выбранная область проверена.

[MaxHagi]

Мне теперь этот файл удалять?

[Admin]

Да, заражённый файл желательно удалить.

Как сейчас работает компьютер ?

[MaxHagi]

Всё также, компьютер включается, но не загружается, я так наверно минут 10 его включаю!

[Admin]

Всё также, компьютер включается, но не загружается, я так наверно минут 10 его включаю!

Вот здесь подробнее.
Вы нажимайте кнопку включения компьютера. И что происходит ?

[MaxHagi]

Нажимаю кнопку включения, появляется чёрный экран.. и всё. Заново приходиться нажимать и так раз 20-30. ТОлько потом включается и спрашивают как загрузить компьютер: безопасный режим , безопасный режим с драйверами и обычная загрузка

[Admin]

То есть при включении компьютера не появляется сообщение о его конфигурации (стандартные сообщения от BIOS`а компьютера) ?
Иными словами при включении, компьютер не включается, а включается спустя какое-то время ?

[MaxHagi]

Да после нескольких нажатий кнопки..Подскажите что делать?, а то я уже замучался тратить время на включениекомпьютера…

[Admin]

Похоже на проблему с блоком питания.

[Автор]

Сообщения