- This topic has 9 ответов, 2 участника, and was last updated 15 years, 8 months назад by
.
-
Сообщения
-
Включаю компьютер, ввожу пароль, что-бы войти в систему и появляется чёрное окно, там написано: «Online Antivirus — типа на вашем компьютере обнаружен вредоносный вирус, надо отправить смс на номер такой-то, в ответном смс вам придёт ключ и вы сможете удалить вирус!»
у меня 2 администратора, с 1 через диспетчер задач я могу отключить эту хр%нь, но рабочий стол не появляется, а со 2 не могу зайти в диспетчер пишет: «диспетчер задач отключён администратором»
что делать???
заранее благодарю, Антон.info.txt logfile of random’s system information tool 1.06 2010-02-21 15:57:43
======Uninstall list======
—>MsiExec /X{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
µTorrent—>»C:Program FilesuTorrentuTorrent.exe» /UNINSTALL
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0015-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0016-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0018-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0019-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001A-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001B-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0419-0000-0000000FF1CE} /uninstall {D7CE14BC-96D9-41C5-822D-F5B1C2C35AA2}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0422-0000-0000000FF1CE} /uninstall {DC154E48-5278-423A-80A1-B93247E38A1A}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0044-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-006E-0419-0000-0000000FF1CE} /uninstall {23653CA5-BFB5-4B52-B2DA-045D7ABEB874}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-00A1-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-00BA-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
32 Bit HP CIO Components Installer—>MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
7-Zip 4.42—>»C:Program Files7-ZipUninstall.exe»
Adobe Acrobat 8 Professional — English, Franзais, Deutsch—>msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe AIR—>c:Program FilesCommon FilesAdobe AIRVersions1.0ResourcesAdobe AIR Updater.exe -arp:uninstall
Adobe AIR—>MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 7.0.5 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A70500000002}
Aliens vs Predator Demo—>»E:Steamsteam.exe» steam://uninstall/34200
ATI — Software Uninstall Utility—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}setup.exe» -l0x336d
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Counter-Strike: Source—>»E:Steamsteam.exe» steam://uninstall/240
Dead Space™—>MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
DirectX10 GFR—>»C:Program FilesCommon Filesunins000.exe»
EA Download Manager UI—>msiexec /qb /x {9901E703-D169-7139-1EA3-11AA788D09E6}
EA Download Manager UI—>MsiExec.exe /I{9901E703-D169-7139-1EA3-11AA788D09E6}
EA Download Manager—>C:Program FilesElectronic ArtsEADMEADMUninstall.exe
HashTab 2.0.8—>C:WINDOWSsystem32ShellExthtdel32.bat
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)—>»C:WINDOWS$NtUninstallKB929399$spuninstspuninst.exe»
HP Customer Participation Program 10.0—>C:Program FilesHPDigital ImagingExtCapUninstallhpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 10.0—>C:Program FilesHPDigital ImagingDeviceManagementhpzscr01.exe -datfile hpqbud01.dat
HP Photosmart All-In-One Driver Software 10.0 Rel .2—>C:Program FilesHPDigital Imaging{20B30DC1-E423-4939-B51D-05C58B0F9BBB}setuphpzscr01.exe -datfile hposcr21.dat -onestop
HP Photosmart Essential 2.5—>C:Program FilesHPDigital ImagingPhotoSmartEssentialhpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing—>C:Program FilesHPDigital ImagingSmart Web Printinghpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0—>C:Program FilesHPDigital ImagingeSupporthpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update—>MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1}
Java(TM) 6 Update 6—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
K-Lite Codec Pack 5.5.1 (Full)—>»C:Program FilesK-Lite Codec Packunins000.exe»
LoviVkontakte 2.33.0.0—>»C:Program FilesLoviVkontakteunins000.exe»
Mail.Ru Агент 5.6 (сборка 3278, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
McAfee Security Scan—>»C:Program FilesMcAfee Security Scanuninstall.exe»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0install.exe
Microsoft .NET Framework 3.0—>C:WINDOWSMicrosoft.NETFrameworkv3.0Microsoft .NET Framework 3.0setup.exe
Microsoft .NET Framework 3.0—>MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Compression Client Pack 1.0 for Windows XP—>»C:WINDOWS$NtUninstallMSCompPackV1$spuninstspuninst.exe»
Microsoft Games for Windows — LIVE Redistributable—>MsiExec.exe /X{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWdf01007$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWudf01007$spuninstspuninst.exe»
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
MIRRORS EDGE v.1.0—>»E:MIRRORS EDGEunins000.exe»
Mozilla Firefox (3.5.8)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSVC80_x86_v2—>MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x86—>MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 6.0 Parser (KB925673)—>MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 9—>C:Program FilesCommon FilesNeroNero ProductInstaller 4SetupX.exe REMOVESERIALNUMBER=»9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A»
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver—>MsiExec.exe /X{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}
Nokia PC Suite—>C:Documents and SettingsAll UsersApplication DataInstallations{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}Nokia_PC_Suite_683_rel_14_1_rus_web.exe /LANG=»1049″
Nokia PC Suite—>MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
NVIDIA PhysX v8.10.17—>MsiExec.exe /X{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}
OCR Software by I.R.I.S. 10.0—>C:Program FilesHPDigital ImagingOCRhpzscr01.exe -datfile hpqbud11.dat
OpenAL—>»C:Program FilesOpenALoalinst.exe» /U
Path2Clipboard 1.0.7.67—>C:WINDOWSsystem32ShellExtP2Cdel.bat
PC Connectivity Solution—>MsiExec.exe /I{481C9A00-91AC-4065-870C-BD4E28186E5A}
Pirates, Vikings, and Knights II—>»E:Steamsteam.exe» steam://uninstall/17570
Rainbow Six — Vegas II—>»E:Rainbow Six — Vegas IIunins000.exe»
Realtek AC’97 Audio—>Alcrmv.exe -r -m
Shop for HP Supplies—>C:Program FilesHPDigital ImagingHPSSupplyhpzscr01.exe -datfile hpqbud16.dat
Smashball—>»E:Steamsteam.exe» steam://uninstall/17730
UltraISO Premium V8.6—>»C:Program FilesUltraISOunins000.exe»
Vista Drive Icon—>rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFVistaDrv.inf,Uninstall
VLC media player 1.0.3—>C:Program FilesVideoLANVLCuninstall.exe
WebMate—>C:Program FilesInstallShield Installation Information{13605214-8CA9-4B59-90A0-DEBB9A9F68E5}setup.exe -runfromtemp -l0x0019 -removeonly
Windows Communication Foundation—>MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Internet Explorer 7—>»C:WINDOWSie7spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»C:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
Windows Presentation Foundation—>MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation—>MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Your Uninstaller! Version 6.3—>»C:Program FilesYour Uninstallerunins000.exe»
Вин Дизель Wheelman—>C:Program FilesInstallShield Installation Information{52612909-C9A1-4D4E-BFED-820B14119234}setup.exe -runfromtemp -l0x0019 -removeonly
Обновление безопасности для Windows XP — (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Пакет драйверов Windows — Nokia Modem (11/03/2006 6.82.0.1)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567nokbtmdm.inf
Пакет драйверов Windows — Nokia pccsmcfd (08/22/2008 7.0.0.0)—>C:PROGRA~1DIFXB4723E9A0713E5B1dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294pccsmcfd.inf
Проигрыватель Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
Яндекс.Бар 4.3 для Internet Explorer—>MsiExec.exe /X{2B9C002D-F3C1-4F8A-B29A-7F9E9B473D4D}======Hosts File======
127.0.0.1 vkontakte.ru
127.0.0.1 http://www.vkontakte.ru
127.0.0.1 vk.com
127.0.0.1 http://www.vk.com======System event log======
Computer Name: MICROSOF-0D01A1
Event Code: 7035
Message: Служба «hpqcxs08» успешно отправила управляющий элемент «запустить».Record Number: 8128
Source Name: Service Control Manager
Time Written: 20100211162320.000000+180
Event Type: информация
User: NT AUTHORITYSYSTEMComputer Name: MICROSOF-0D01A1
Event Code: 7022
Message: Служба «Служба HP CUE DeviceDiscovery» зависла при запуске.Record Number: 8127
Source Name: Service Control Manager
Time Written: 20100211162320.000000+180
Event Type: ошибка
User:Computer Name: MICROSOF-0D01A1
Event Code: 51
Message: Обнаружена ошибка на устройстве DeviceHarddisk0D во время выполнения операции страничного обмена.Record Number: 8126
Source Name: Disk
Time Written: 20100211162142.000000+180
Event Type: предупреждение
User:Computer Name: MICROSOF-0D01A1
Event Code: 51
Message: Обнаружена ошибка на устройстве DeviceHarddisk0D во время выполнения операции страничного обмена.Record Number: 8125
Source Name: Disk
Time Written: 20100211162142.000000+180
Event Type: предупреждение
User:Computer Name: MICROSOF-0D01A1
Event Code: 51
Message: Обнаружена ошибка на устройстве DeviceHarddisk0D во время выполнения операции страничного обмена.Record Number: 8124
Source Name: Disk
Time Written: 20100211162142.000000+180
Event Type: предупреждение
User:=====Application event log=====
Computer Name: MICROSOF-0D01A1
Event Code: 11724
Message: Product: Nokia Connectivity Cable Driver — Removal completed successfully.Record Number: 1635
Source Name: MsiInstaller
Time Written: 20100211220910.000000+180
Event Type: информация
User: MICROSOF-0D01A1Sokol(Тоха)Computer Name: MICROSOF-0D01A1
Event Code: 11724
Message: Product: Nokia Flashing Cable Driver — Removal completed successfully.Record Number: 1634
Source Name: MsiInstaller
Time Written: 20100211220903.000000+180
Event Type: информация
User: MICROSOF-0D01A1Sokol(Тоха)Computer Name: MICROSOF-0D01A1
Event Code: 11724
Message: Продукт: Nokia Software Updater — Removal completed successfully.Record Number: 1633
Source Name: MsiInstaller
Time Written: 20100211220858.000000+180
Event Type: информация
User: MICROSOF-0D01A1Sokol(Тоха)Computer Name: MICROSOF-0D01A1
Event Code: 4097
Message: Приложение C:Documents and SettingsSokol(Тоха)Рабочий столNokia_PC_Suite_7_1_40_1_rus_web.exe вызвало ошибку
Ошибка в 11/02/2010 @ 22:07:33.625
Вызвано исключение c0000005 по адресу 0047E7C6 (Nokia_PC_Suite_7_1_40_1_rus_web)Record Number: 1632
Source Name: DrWatson
Time Written: 20100211220733.000000+180
Event Type: информация
User:Computer Name: MICROSOF-0D01A1
Event Code: 4097
Message: Приложение C:Documents and SettingsSokol(Тоха)Рабочий столNokia_PC_Suite_7_1_40_1_rus_web.exe вызвало ошибку
Ошибка в 11/02/2010 @ 22:07:26.687
Вызвано исключение c0000005 по адресу 0047E7C6 (Nokia_PC_Suite_7_1_40_1_rus_web)Record Number: 1631
Source Name: DrWatson
Time Written: 20100211220726.000000+180
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=C:Program FilesPC Connectivity Solution;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesATI TechnologiesATI.ACECore-Static
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
«PROCESSOR_REVISION»=2f02
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Sokol(Тоха) at 2010-02-21 15:57:41
Microsoft Windows XP Professional Service Pack 3
System drive C: has 24 GB (53%) free of 45 GB
Total RAM: 1023 MB (57% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:57:42, on 21.02.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesLoviVkontakteVkontakteService.exe
C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32EXPLORER.EXE
C:Program FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32taskmgr.exe
C:Documents and SettingsSokol(Тоха)Рабочий столRSIT.exe
C:Program Filestrend microSokol(Тоха).exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://xtreme.ws/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
F2 — REG:system.ini: Shell=%SystemRoot%system32user32.exe
F2 — REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE
O2 — BHO: HP Print Enhancer — {0347C33E-8762-4905-BF09-768834316C61} — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_printenhancer.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — c:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_06binssv.dll
O2 — BHO: Adobe PDF Conversion Toolbar Helper — {AE7CD045-E861-484f-8273-0445EE161910} — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
O2 — BHO: Brothersoft Toolbar — {e8de9422-3b2c-4243-bf6f-235da84d8ef8} — C:Program FilesBrothersofttbBrot.dll (file missing)
O2 — BHO: HP Smart BHO Class — {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
O3 — Toolbar: Adobe PDF — {47833539-D0C5-4125-9FA8-0819E2EAAC93} — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: Brothersoft Toolbar — {e8de9422-3b2c-4243-bf6f-235da84d8ef8} — C:Program FilesBrothersofttbBrot.dll (file missing)
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [StartCCC] «C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe» MSRun
O4 — HKLM..Run: [GrooveMonitor] «c:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [Acrobat Assistant 8.0] «C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe»
O4 — HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 — HKLM..Run: [hpqSRMon] C:Program FilesHPDigital ImagingbinhpqSRMon.exe
O4 — HKLM..Run: [BMISR] C:Program FilesKYEWebMateBM.exe
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [LoviVkontakte] C:Program FilesLoviVkontaktelovivkontakte.exe
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKLM..RunOnce: [*Restore] C:WINDOWSsystem32restorerstrui.exe -c
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe
O4 — HKCU..Run: [wsctf.exe] wsctf.exe
O4 — HKCU..Run: [EXPLORER.EXE] EXPLORER.EXE
O4 — HKCU..Run: [NokiaOviSuite2] C:Program FilesNokiaNokia Ovi SuiteNokiaOviSuite.exe -tray
O4 — HKLM..PoliciesExplorerRun: [explorer] main.vbe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Вырезка экрана и программа запуска для OneNote 2007.lnk = C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
O4 — Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 — Global Startup: Adobe Acrobat Synchronizer.lnk = C:Program FilesAdobeAcrobat 8.0AcrobatAdobeCollabSync.exe
O4 — Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imagingbinhpqtra08.exe
O4 — Global Startup: McAfee Security Scan.lnk = ?
O4 — Global Startup: Ускоренный запуск Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://c:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Append to existing PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert link target to Adobe PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: Convert link target to existing PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert selected links to Adobe PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 — Extra context menu item: Convert selected links to existing PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 — Extra context menu item: Convert selection to Adobe PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: Convert selection to existing PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert to Adobe PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — c:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — c:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: Расширенный выбор HP — {DDE87865-83C5-48c4-8357-2F5B1AA84522} — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — c:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O23 — Service: Application Driver Auto Removal Service (01) (appdrvrem01) — Protection Technology — C:WINDOWSSystem32appdrvrem01.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: LoviVkontake Service (LoviVkontakteService) — Zeyfman Genady — C:Program FilesLoviVkontakteVkontakteService.exe
O23 — Service: Nero BackItUp Scheduler 4.0 — Nero AG — C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 10165 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_printenhancer.dll [2007-11-06 322880][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — c:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_06binssv.dll [2008-03-25 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006-10-22 321120][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{e8de9422-3b2c-4243-bf6f-235da84d8ef8}]
Brothersoft Toolbar — C:Program FilesBrothersofttbBrot.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll [2007-11-06 542016][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} — Adobe PDF — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006-10-22 321120]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-12-22 8716040]
{e8de9422-3b2c-4243-bf6f-235da84d8ef8} — Brothersoft Toolbar — C:Program FilesBrothersofttbBrot.dll [][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-16 577536]
«StartCCC»=C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe [2008-01-21 61440]
«GrooveMonitor»=c:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2007-08-24 33648]
«Acrobat Assistant 8.0″=C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe [2006-10-22 620152]
«»= []
«HP Software Update»=C:Program FilesHPHP Software UpdateHPWuSchd2.exe [2007-10-14 49152]
«hpqSRMon»=C:Program FilesHPDigital ImagingbinhpqSRMon.exe [2007-08-22 80896]
«BMISR»=C:Program FilesKYEWebMateBM.exe [2007-12-14 229376]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-12-19 8746680]
«LoviVkontakte»=C:Program FilesLoviVkontaktelovivkontakte.exe [2009-12-26 739840]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2007-03-23 227328][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce]
«*Restore»=C:WINDOWSsystem32restorerstrui.exe [2008-04-25 444928][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun]
«explorer»=C:WINDOWSsystem32main.vbe [2009-12-30 6251][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-25 17408]
«VistaIcon»=C:Program FilesVistaDriveIconVistaDrv.exe [2008-03-23 132096]
«wsctf.exe»=wsctf.exe []
«EXPLORER.EXE»=C:WINDOWSsystem32EXPLORER.EXE [2006-10-25 36864]
«NokiaOviSuite2″=C:Program FilesNokiaNokia Ovi SuiteNokiaOviSuite.exe -tray []C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Adobe Acrobat Speed Launcher.lnk — C:WINDOWSInstaller{AC76BA86-1033-F400-7760-000000000003}_SC_Acrobat.exe
Adobe Acrobat Synchronizer.lnk — C:Program FilesAdobeAcrobat 8.0AcrobatAdobeCollabSync.exe
HP Digital Imaging Monitor.lnk — C:Program FilesHPDigital Imagingbinhpqtra08.exe
McAfee Security Scan.lnk — C:Program FilesMcAfee Security Scan1.0.150SSScheduler.exe
Ускоренный запуск Adobe Reader.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exeC:Documents and SettingsSokol(Тоха)Главное менюПрограммыАвтозагрузка
Вырезка экрана и программа запуска для OneNote 2007.lnk — C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2009-10-19 155648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2008-03-21 133632][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=c:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«SynchronousMachineGroupPolicy»=0
«SynchronousUserGroupPolicy»=0[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoThumbnailCache»=1
«NoSMConfigurePrograms»=1
«NoSMHelp»=1[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2C]
shellAutoRuncommand — WScript.exe .main.vbs
shellopencommand — WScript.exe .main.vbs======List of files/folders created in the last 1 months======
2010-02-21 15:57:41 —-D—- C:rsit
2010-02-21 15:27:29 —-D—- C:Program Filestrend micro
2010-02-20 23:00:18 —-A—- C:WINDOWSntbtlog.txt
2010-02-20 22:51:13 —-HD—- C:WINDOWSsystem32GroupPolicy
2010-02-20 22:11:09 —-D—- C:WINDOWSsystem32SoftwareDistribution
2010-02-20 22:11:09 —-A—- C:WINDOWSsystem32wuweb.dll
2010-02-20 22:11:09 —-A—- C:WINDOWSsystem32wups.dll
2010-02-20 22:11:09 —-A—- C:WINDOWSsystem32wucltui.dll
2010-02-20 22:11:08 —-A—- C:WINDOWSsystem32wuaueng.dll
2010-02-20 22:11:07 —-A—- C:WINDOWSsystem32wuauclt.exe
2010-02-20 22:11:07 —-A—- C:WINDOWSsystem32wuapi.dll
2010-02-20 22:11:07 —-A—- C:WINDOWSsystem32cdm.dll
2010-02-20 21:48:58 —-D—- C:WINDOWSpss
2010-02-20 17:00:12 —-A—- C:WINDOWSsystem32user32.exe
2010-02-20 17:00:00 —-D—- C:WINDOWSSun
2010-02-15 21:40:37 —-D—- C:Documents and SettingsAll UsersApplication DataElectronic Arts
2010-02-15 21:40:24 —-D—- C:Program FilesCommon FilesAdobe AIR
2010-02-15 21:36:02 —-D—- C:Program FilesElectronic Arts
2010-02-14 20:35:22 —-A—- C:WINDOWSsystem32appdrvrem01.exe
2010-02-11 23:08:54 —-D—- C:Program FilesCommon FilesPCSuite
2010-02-11 23:08:53 —-D—- C:Program FilesCommon FilesNokia
2010-02-11 23:08:41 —-D—- C:Program FilesNokia
2010-02-11 22:41:28 —-D—- C:Documents and SettingsSokol(Тоха)Application DataNokia Ovi Suite
2010-02-11 22:36:38 —-D—- C:Documents and SettingsSokol(Тоха)Application DataNokia
2010-02-11 22:35:54 —-HDC—- C:WINDOWS$NtUninstallWudf01007$
2010-02-11 22:34:34 —-D—- C:Documents and SettingsAll UsersApplication DataPC Suite
2010-02-11 22:34:33 —-D—- C:Documents and SettingsSokol(Тоха)Application DataPC Suite
2010-02-11 22:26:45 —-D—- C:Program FilesDIFX
2010-02-11 22:26:40 —-D—- C:Program FilesPC Connectivity Solution
2010-02-11 22:25:52 —-D—- C:Documents and SettingsAll UsersApplication DataOviInstallerCache
2010-02-11 22:08:58 —-D—- C:WINDOWSsystem32appmgmt
2010-02-06 14:07:06 —-D—- C:Documents and SettingsSokol(Тоха)Application DataHP
2010-02-03 01:58:10 —-D—- C:Program FilesLoviVkontakte
2010-01-24 14:30:37 —-D—- C:Program FilesYour Uninstaller======List of files/folders modified in the last 1 months======
2010-02-21 15:29:00 —-D—- C:WINDOWSPrefetch
2010-02-21 15:27:29 —-RD—- C:Program Files
2010-02-21 15:25:24 —-SH—- C:boot.ini
2010-02-21 15:25:24 —-A—- C:WINDOWSwin.ini
2010-02-21 15:25:24 —-A—- C:WINDOWSsystem.ini
2010-02-21 15:19:54 —-D—- C:WINDOWSTemp
2010-02-21 15:01:54 —-D—- C:Program FilesMozilla Firefox
2010-02-21 15:00:31 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2010-02-21 15:00:30 —-D—- C:Documents and SettingsSokol(Тоха)Application DataURSoft
2010-02-21 12:26:56 —-A—- C:WINDOWSSchedLgU.Txt
2010-02-20 23:19:40 —-D—- C:WINDOWS
2010-02-20 23:01:36 —-D—- C:WINDOWSsystem32CatRoot2
2010-02-20 23:00:13 —-D—- C:WINDOWSsystem32
2010-02-20 22:57:30 —-D—- C:WINDOWSsystem32NtmsData
2010-02-20 22:48:16 —-D—- C:WINDOWSRegistration
2010-02-20 22:16:41 —-D—- C:WINDOWSSoftwareDistribution
2010-02-20 22:16:39 —-D—- C:WINDOWSHelp
2010-02-20 22:16:35 —-HD—- C:WINDOWSinf
2010-02-20 22:06:07 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2010-02-20 21:57:16 —-D—- C:WINDOWSsystem32config
2010-02-20 21:57:02 —-D—- C:WINDOWSsystem32wbem
2010-02-20 21:56:49 —-D—- C:WINDOWSsystem32Restore
2010-02-20 21:54:30 —-SHD—- C:System Volume Information
2010-02-20 17:00:11 —-D—- C:WINDOWSDebug
2010-02-17 17:19:42 —-SHD—- C:WINDOWSInstaller
2010-02-17 17:19:21 —-HD—- C:Config.Msi
2010-02-17 17:19:18 —-D—- C:WINDOWSsystem32DirectX
2010-02-17 17:19:04 —-RSD—- C:WINDOWSassembly
2010-02-15 21:40:27 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2010-02-15 21:40:24 —-D—- C:Program FilesCommon Files
2010-02-15 21:40:01 —-HD—- C:Program FilesInstallShield Installation Information
2010-02-15 21:35:46 —-D—- C:Program FilesCommon FilesInstallShield
2010-02-15 18:11:08 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2010-02-15 18:10:47 —-D—- C:Program FilesAGEIA Technologies
2010-02-14 22:24:37 —-D—- C:WINDOWSsystem32drivers
2010-02-13 19:40:05 —-A—- C:WINDOWSNeroDigital.ini
2010-02-12 22:31:29 —-D—- C:Documents and SettingsSokol(Тоха)Application DataHPAppData
2010-02-11 23:08:10 —-DC—- C:WINDOWSsystem32DRVSTORE
2010-02-11 23:04:56 —-D—- C:Documents and SettingsAll UsersApplication DataInstallations
2010-02-11 22:37:32 —-D—- C:WINDOWSsystem32CatRoot
2010-02-11 22:36:03 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2010-02-11 22:26:27 —-D—- C:WINDOWSWinSxS
2010-02-11 21:57:39 —-SD—- C:Documents and SettingsSokol(Тоха)Application DataMicrosoft
2010-02-11 21:55:49 —-D—- C:Documents and SettingsSokol(Тоха)Application DataSkype
2010-02-06 14:02:26 —-D—- C:Documents and SettingsSokol(Тоха)Application DataMRA
2010-02-01 19:47:51 —-D—- C:Program FilesuTorrent======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 appdrv01;Application Driver (01); C:WINDOWSSystem32Driversappdrv01.sys [2010-02-14 3110512]
R1 ISODrive;ISO CD-ROM Device Driver; ??C:Program FilesUltraISOdriversISODrive.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2008-01-25 4127488]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-25 60800]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2009-10-19 4415488]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:WINDOWSsystem32driversAtiHdmi.sys [2009-08-19 100368]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-25 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2006-04-14 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2006-04-14 13056]
R3 usbaudio;Аудио драйвер USB (WDM); C:WINDOWSsystem32driversusbaudio.sys [2008-04-25 60032]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-15 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-04-15 17152]
R3 usbvideo;USB-видеоустройство (WDM); C:WINDOWSSystem32Driversusbvideo.sys [2008-04-25 121984]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-25 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2007-11-01 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2007-11-01 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2007-11-01 21568]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-25 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-25 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-25 10880]
S3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:WINDOWSsystem32DRIVERSpccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-25 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-25 15232]
S3 upperdev;upperdev; C:WINDOWSsystem32DRIVERSusbser_lowerflt.sys [2009-02-09 7808]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-25 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-25 15104]
S3 usbser;USB Modem Driver; C:WINDOWSsystem32driversusbser.sys [2008-04-25 26112]
S3 UsbserFilt;UsbserFilt; C:WINDOWSsystem32DRIVERSusbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-25 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:WINDOWSSystem32Driverswdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-25 19200]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2008-01-18 83328]
S4 atapi;atapi; C:WINDOWSsystem32driversatapi.sys [2008-04-15 96512]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2009-10-19 602112]
R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
R2 LoviVkontakteService;LoviVkontake Service; C:Program FilesLoviVkontakteVkontakteService.exe [2009-10-15 477184]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe [2008-09-30 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-04-15 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-04-15 14336]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
R3 hpqcxs08;hpqcxs08; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:WINDOWSSystem32appdrvrem01.exe [2010-02-14 316816]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2008-06-02 593920]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2009-12-19 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2006-10-30 741376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2010-01-26 652800]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2008-03-21 914944]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2006-10-30 122880]
EOF
Здравствуйте, добро пожаловать на Spyware-ru форум.
Запустите HijackThis, для этого кликните Пуск, Выполнить, введите
C:Program Filestrend microSokol(Тоха).exeи нажмите Enter.
Откроется главное меню программы HijackThis.
Кликните по кнопке Do a system scan only.
Далее отметьте галочкой (слева) следующие строки, если они присутствуют:F2 - REG:system.ini: Shell=%SystemRoot%system32user32.exe
F2 - REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE
O4 - HKCU..Run: [EXPLORER.EXE] EXPLORER.EXE
O4 - HKLM..PoliciesExplorerRun: [explorer] main.vbeЗакройте все запущенные программы (включая InternetExplorer) и окна Windows.
Кликните по кнопке Fix checked и подтвердите свои действия выбрав YES.
Перезагрузите компьютер.Жду от вас свежий RSIT лог.
спасибо, но я от онлайн антивируса уже справился, но не могу удалить троян засевший в папке C:WINDOWSFinish.exe и теперь долго где-то минуты 4 выключается комп!
вот новый результат RSIT
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Sokol(Тоха) at 2010-02-22 17:10:15
Microsoft Windows XP Professional Service Pack 3
System drive C: has 24 GB (53%) free of 45 GB
Total RAM: 1023 MB (56% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:10:18, on 22.02.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesLoviVkontakteVkontakteService.exe
C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSEXPLORER.EXE
C:WINDOWSsystem32user32.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesKYEWebMateBM.exe
C:Program FilesLoviVkontaktelovivkontakte.exe
C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesVistaDriveIconVistaDrv.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
C:Program FilesMcAfee Security Scan1.0.150SSScheduler.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe
C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe
C:Program FilesHPDigital ImagingbinhpqSTE08.exe
C:Program FilesHPDigital Imagingbinhpqbam08.exe
C:Program FilesHPDigital Imagingbinhpqgpc01.exe
C:Documents and SettingsSokol(Тоха)Рабочий столRSIT.exe
C:Program FilesTrend MicroHijackThisSokol(Тоха).exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://xtreme.ws/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = vkontakte.ru;www.vkontakte.ru;vk.com;www.vk.com
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
F2 — REG:system.ini: Shell=explorer.exe,user32.exe
F2 — REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE
O2 — BHO: HP Print Enhancer — {0347C33E-8762-4905-BF09-768834316C61} — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_printenhancer.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — c:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_06binssv.dll
O2 — BHO: Adobe PDF Conversion Toolbar Helper — {AE7CD045-E861-484f-8273-0445EE161910} — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
O2 — BHO: Brothersoft Toolbar — {e8de9422-3b2c-4243-bf6f-235da84d8ef8} — C:Program FilesBrothersofttbBrot.dll (file missing)
O2 — BHO: HP Smart BHO Class — {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
O3 — Toolbar: Adobe PDF — {47833539-D0C5-4125-9FA8-0819E2EAAC93} — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: Brothersoft Toolbar — {e8de9422-3b2c-4243-bf6f-235da84d8ef8} — C:Program FilesBrothersofttbBrot.dll (file missing)
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [StartCCC] «C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe» MSRun
O4 — HKLM..Run: [GrooveMonitor] «c:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [Acrobat Assistant 8.0] «C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe»
O4 — HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 — HKLM..Run: [hpqSRMon] C:Program FilesHPDigital ImagingbinhpqSRMon.exe
O4 — HKLM..Run: [BMISR] C:Program FilesKYEWebMateBM.exe
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [LoviVkontakte] C:Program FilesLoviVkontaktelovivkontakte.exe
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe
O4 — HKCU..Run: [wsctf.exe] wsctf.exe
O4 — HKCU..Run: [NokiaOviSuite2] C:Program FilesNokiaNokia Ovi SuiteNokiaOviSuite.exe -tray
O4 — HKLM..PoliciesExplorerRun: [explorer] main.vbe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Startup: Вырезка экрана и программа запуска для OneNote 2007.lnk = C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
O4 — Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 — Global Startup: Adobe Acrobat Synchronizer.lnk = C:Program FilesAdobeAcrobat 8.0AcrobatAdobeCollabSync.exe
O4 — Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imagingbinhpqtra08.exe
O4 — Global Startup: McAfee Security Scan.lnk = ?
O4 — Global Startup: Ускоренный запуск Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://c:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Append to existing PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert link target to Adobe PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: Convert link target to existing PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert selected links to Adobe PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 — Extra context menu item: Convert selected links to existing PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 — Extra context menu item: Convert selection to Adobe PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: Convert selection to existing PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert to Adobe PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — c:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — c:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: Расширенный выбор HP — {DDE87865-83C5-48c4-8357-2F5B1AA84522} — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — c:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O23 — Service: Application Driver Auto Removal Service (01) (appdrvrem01) — Protection Technology — C:WINDOWSSystem32appdrvrem01.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: LoviVkontake Service (LoviVkontakteService) — Zeyfman Genady — C:Program FilesLoviVkontakteVkontakteService.exe
O23 — Service: Nero BackItUp Scheduler 4.0 — Nero AG — C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 11161 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_printenhancer.dll [2007-11-06 322880][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — c:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_06binssv.dll [2008-03-25 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006-10-22 321120][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{e8de9422-3b2c-4243-bf6f-235da84d8ef8}]
Brothersoft Toolbar — C:Program FilesBrothersofttbBrot.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll [2007-11-06 542016][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} — Adobe PDF — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006-10-22 321120]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-12-22 8716040]
{e8de9422-3b2c-4243-bf6f-235da84d8ef8} — Brothersoft Toolbar — C:Program FilesBrothersofttbBrot.dll [][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-16 577536]
«StartCCC»=C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe [2008-01-21 61440]
«GrooveMonitor»=c:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2007-08-24 33648]
«Acrobat Assistant 8.0″=C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe [2006-10-22 620152]
«»= []
«HP Software Update»=C:Program FilesHPHP Software UpdateHPWuSchd2.exe [2007-10-14 49152]
«hpqSRMon»=C:Program FilesHPDigital ImagingbinhpqSRMon.exe [2007-08-22 80896]
«BMISR»=C:Program FilesKYEWebMateBM.exe [2007-12-14 229376]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-12-19 8746680]
«LoviVkontakte»=C:Program FilesLoviVkontaktelovivkontakte.exe [2009-12-26 739840]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2007-03-23 227328][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun]
«explorer»=main.vbe [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-25 17408]
«VistaIcon»=C:Program FilesVistaDriveIconVistaDrv.exe [2008-03-23 132096]
«wsctf.exe»=wsctf.exe []
«NokiaOviSuite2″=C:Program FilesNokiaNokia Ovi SuiteNokiaOviSuite.exe -tray []C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Adobe Acrobat Speed Launcher.lnk — C:WINDOWSInstaller{AC76BA86-1033-F400-7760-000000000003}_SC_Acrobat.exe
Adobe Acrobat Synchronizer.lnk — C:Program FilesAdobeAcrobat 8.0AcrobatAdobeCollabSync.exe
HP Digital Imaging Monitor.lnk — C:Program FilesHPDigital Imagingbinhpqtra08.exe
McAfee Security Scan.lnk — C:Program FilesMcAfee Security Scan1.0.150SSScheduler.exe
Ускоренный запуск Adobe Reader.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exeC:Documents and SettingsSokol(Тоха)Главное менюПрограммыАвтозагрузка
Вырезка экрана и программа запуска для OneNote 2007.lnk — C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2009-10-19 155648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2008-03-21 133632][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=c:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPEVSystemStart]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalprocexp90.Sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPEVSystemStart]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkprocexp90.Sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«DisableTaskMgr»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«SynchronousMachineGroupPolicy»=0
«SynchronousUserGroupPolicy»=0[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoThumbnailCache»=1
«NoSMConfigurePrograms»=1
«NoSMHelp»=1[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
«D:Program FilesSkypePhoneSkype.exe»=»D:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»
«E:SteamSteamAppscommonshattered_horizonclient_exeshattered_horizon.exe»=»E:SteamSteamAppscommonshattered_horizonclient_exeshattered_horizon.exe:*:Enabled:Shattered Horizon»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2C]
shellAutoRuncommand — WScript.exe .main.vbs
shellopencommand — WScript.exe .main.vbs[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{17cf44c4-eca9-11de-83f2-806d6172696f}]
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL md.exe
shellopencommand — E:md.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{17cf44c5-eca9-11de-83f2-806d6172696f}]
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL md.exe
shellopencommand — D:md.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{17cf44c6-eca9-11de-83f2-806d6172696f}]
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL md.exe
shellopencommand — F:md.exe======List of files/folders created in the last 1 months======
2010-02-22 17:10:15 —-D—- C:rsit
2010-02-22 16:50:14 —-D—- C:Program FilesTrend Micro
2010-02-21 22:38:49 —-D—- C:Program FilesESET
2010-02-20 23:00:18 —-A—- C:WINDOWSntbtlog.txt
2010-02-20 22:51:13 —-HD—- C:WINDOWSsystem32GroupPolicy
2010-02-20 22:11:09 —-D—- C:WINDOWSsystem32SoftwareDistribution
2010-02-20 22:11:09 —-A—- C:WINDOWSsystem32wuweb.dll
2010-02-20 22:11:09 —-A—- C:WINDOWSsystem32wups.dll
2010-02-20 22:11:09 —-A—- C:WINDOWSsystem32wucltui.dll
2010-02-20 22:11:08 —-A—- C:WINDOWSsystem32wuaueng.dll
2010-02-20 22:11:07 —-A—- C:WINDOWSsystem32wuauclt.exe
2010-02-20 22:11:07 —-A—- C:WINDOWSsystem32wuapi.dll
2010-02-20 22:11:07 —-A—- C:WINDOWSsystem32cdm.dll
2010-02-20 21:48:58 —-D—- C:WINDOWSpss
2010-02-20 17:00:12 —-A—- C:WINDOWSsystem32user32.exe
2010-02-20 17:00:00 —-D—- C:WINDOWSSun
2010-02-15 21:40:37 —-D—- C:Documents and SettingsAll UsersApplication DataElectronic Arts
2010-02-15 21:40:24 —-D—- C:Program FilesCommon FilesAdobe AIR
2010-02-15 21:36:02 —-D—- C:Program FilesElectronic Arts
2010-02-14 20:35:22 —-A—- C:WINDOWSsystem32appdrvrem01.exe
2010-02-11 23:08:54 —-D—- C:Program FilesCommon FilesPCSuite
2010-02-11 23:08:53 —-D—- C:Program FilesCommon FilesNokia
2010-02-11 23:08:41 —-D—- C:Program FilesNokia
2010-02-11 22:41:28 —-D—- C:Documents and SettingsSokol(Тоха)Application DataNokia Ovi Suite
2010-02-11 22:36:38 —-D—- C:Documents and SettingsSokol(Тоха)Application DataNokia
2010-02-11 22:35:54 —-HDC—- C:WINDOWS$NtUninstallWudf01007$
2010-02-11 22:34:34 —-D—- C:Documents and SettingsAll UsersApplication DataPC Suite
2010-02-11 22:34:33 —-D—- C:Documents and SettingsSokol(Тоха)Application DataPC Suite
2010-02-11 22:26:45 —-D—- C:Program FilesDIFX
2010-02-11 22:26:40 —-D—- C:Program FilesPC Connectivity Solution
2010-02-11 22:25:52 —-D—- C:Documents and SettingsAll UsersApplication DataOviInstallerCache
2010-02-11 22:08:58 —-D—- C:WINDOWSsystem32appmgmt
2010-02-06 14:07:06 —-D—- C:Documents and SettingsSokol(Тоха)Application DataHP
2010-02-03 01:58:10 —-D—- C:Program FilesLoviVkontakte
2010-01-24 14:30:37 —-D—- C:Program FilesYour Uninstaller======List of files/folders modified in the last 1 months======
2010-02-22 17:02:24 —-D—- C:Program FilesMozilla Firefox
2010-02-22 17:02:04 —-D—- C:WINDOWSTemp
2010-02-22 17:00:18 —-A—- C:WINDOWSSchedLgU.Txt
2010-02-22 16:50:14 —-RD—- C:Program Files
2010-02-22 12:50:46 —-D—- C:WINDOWSsystem32CatRoot2
2010-02-22 12:48:00 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2010-02-21 23:29:12 —-D—- C:WINDOWSPrefetch
2010-02-21 19:58:41 —-D—- C:WINDOWSsystem32
2010-02-21 17:15:12 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2010-02-21 17:10:39 —-D—- C:WINDOWSsystem32NtmsData
2010-02-21 17:05:15 —-D—- C:WINDOWSsystem32drivers
2010-02-21 16:59:34 —-D—- C:Documents and SettingsSokol(Тоха)Application DataHPAppData
2010-02-21 16:52:04 —-D—- C:WINDOWSDebug
2010-02-21 15:25:24 —-SH—- C:boot.ini
2010-02-21 15:25:24 —-A—- C:WINDOWSwin.ini
2010-02-21 15:25:24 —-A—- C:WINDOWSsystem.ini
2010-02-21 15:00:30 —-D—- C:Documents and SettingsSokol(Тоха)Application DataURSoft
2010-02-20 23:19:40 —-D—- C:WINDOWS
2010-02-20 22:48:16 —-D—- C:WINDOWSRegistration
2010-02-20 22:16:41 —-D—- C:WINDOWSSoftwareDistribution
2010-02-20 22:16:39 —-D—- C:WINDOWSHelp
2010-02-20 22:16:35 —-HD—- C:WINDOWSinf
2010-02-20 21:57:16 —-D—- C:WINDOWSsystem32config
2010-02-20 21:57:02 —-D—- C:WINDOWSsystem32wbem
2010-02-20 21:56:49 —-D—- C:WINDOWSsystem32Restore
2010-02-20 21:54:30 —-SHD—- C:System Volume Information
2010-02-17 17:19:42 —-SHD—- C:WINDOWSInstaller
2010-02-17 17:19:21 —-HD—- C:Config.Msi
2010-02-17 17:19:18 —-D—- C:WINDOWSsystem32DirectX
2010-02-17 17:19:04 —-RSD—- C:WINDOWSassembly
2010-02-15 21:40:27 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2010-02-15 21:40:24 —-D—- C:Program FilesCommon Files
2010-02-15 21:40:01 —-HD—- C:Program FilesInstallShield Installation Information
2010-02-15 21:35:46 —-D—- C:Program FilesCommon FilesInstallShield
2010-02-15 18:11:08 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2010-02-15 18:10:47 —-D—- C:Program FilesAGEIA Technologies
2010-02-13 19:40:05 —-A—- C:WINDOWSNeroDigital.ini
2010-02-11 23:08:10 —-DC—- C:WINDOWSsystem32DRVSTORE
2010-02-11 23:04:56 —-D—- C:Documents and SettingsAll UsersApplication DataInstallations
2010-02-11 22:37:32 —-D—- C:WINDOWSsystem32CatRoot
2010-02-11 22:36:03 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2010-02-11 22:26:27 —-D—- C:WINDOWSWinSxS
2010-02-11 21:57:39 —-SD—- C:Documents and SettingsSokol(Тоха)Application DataMicrosoft
2010-02-11 21:55:49 —-D—- C:Documents and SettingsSokol(Тоха)Application DataSkype
2010-02-06 14:02:26 —-D—- C:Documents and SettingsSokol(Тоха)Application DataMRA
2010-02-01 19:47:51 —-D—- C:Program FilesuTorrent======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 appdrv01;Application Driver (01); C:WINDOWSSystem32Driversappdrv01.sys [2010-02-14 3110512]
R1 ISODrive;ISO CD-ROM Device Driver; ??C:Program FilesUltraISOdriversISODrive.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2008-01-25 4127488]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-25 60800]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2009-10-19 4415488]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:WINDOWSsystem32driversAtiHdmi.sys [2009-08-19 100368]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-25 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2006-04-14 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2006-04-14 13056]
R3 usbaudio;Аудио драйвер USB (WDM); C:WINDOWSsystem32driversusbaudio.sys [2008-04-25 60032]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-15 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-04-15 17152]
R3 usbvideo;USB-видеоустройство (WDM); C:WINDOWSSystem32Driversusbvideo.sys [2008-04-25 121984]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-25 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2007-11-01 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2007-11-01 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2007-11-01 21568]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-25 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-25 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-25 10880]
S3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:WINDOWSsystem32DRIVERSpccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-25 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-25 15232]
S3 upperdev;upperdev; C:WINDOWSsystem32DRIVERSusbser_lowerflt.sys [2009-02-09 7808]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-25 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-25 15104]
S3 usbser;USB Modem Driver; C:WINDOWSsystem32driversusbser.sys [2008-04-25 26112]
S3 UsbserFilt;UsbserFilt; C:WINDOWSsystem32DRIVERSusbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-25 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:WINDOWSSystem32Driverswdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-25 19200]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2008-01-18 83328]
S4 atapi;atapi; C:WINDOWSsystem32driversatapi.sys [2008-04-15 96512]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2009-10-19 602112]
R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
R2 LoviVkontakteService;LoviVkontake Service; C:Program FilesLoviVkontakteVkontakteService.exe [2009-10-15 477184]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe [2008-09-30 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-04-15 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-04-15 14336]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2009-12-19 654848]
R3 hpqcxs08;hpqcxs08; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2010-01-26 652800]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:WINDOWSSystem32appdrvrem01.exe [2010-02-14 316816]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2008-06-02 593920]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2006-10-30 741376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2008-03-21 914944]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2006-10-30 122880]
EOF
info.txt logfile of random’s system information tool 1.06 2010-02-22 17:10:20
======Uninstall list======
—>MsiExec /X{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
µTorrent—>»C:Program FilesuTorrentuTorrent.exe» /UNINSTALL
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0015-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0016-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0018-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0019-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001A-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001B-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0419-0000-0000000FF1CE} /uninstall {D7CE14BC-96D9-41C5-822D-F5B1C2C35AA2}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0422-0000-0000000FF1CE} /uninstall {DC154E48-5278-423A-80A1-B93247E38A1A}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0044-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-006E-0419-0000-0000000FF1CE} /uninstall {23653CA5-BFB5-4B52-B2DA-045D7ABEB874}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-00A1-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-00BA-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
32 Bit HP CIO Components Installer—>MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
7-Zip 4.42—>»C:Program Files7-ZipUninstall.exe»
Adobe Acrobat 8 Professional — English, Franзais, Deutsch—>msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe AIR—>c:Program FilesCommon FilesAdobe AIRVersions1.0ResourcesAdobe AIR Updater.exe -arp:uninstall
Adobe AIR—>MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 7.0.5 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A70500000002}
Aliens vs Predator Demo—>»E:Steamsteam.exe» steam://uninstall/34200
ATI — Software Uninstall Utility—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}setup.exe» -l0x336d
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Counter-Strike: Source—>»E:Steamsteam.exe» steam://uninstall/240
Dead Space™—>MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
DirectX10 GFR—>»C:Program FilesCommon Filesunins000.exe»
EA Download Manager UI—>msiexec /qb /x {9901E703-D169-7139-1EA3-11AA788D09E6}
EA Download Manager UI—>MsiExec.exe /I{9901E703-D169-7139-1EA3-11AA788D09E6}
EA Download Manager—>C:Program FilesElectronic ArtsEADMEADMUninstall.exe
HashTab 2.0.8—>C:WINDOWSsystem32ShellExthtdel32.bat
HijackThis 2.0.2—>»C:Program FilesTrend MicroHijackThisHijackThis.exe» /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)—>»C:WINDOWS$NtUninstallKB929399$spuninstspuninst.exe»
HP Customer Participation Program 10.0—>C:Program FilesHPDigital ImagingExtCapUninstallhpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 10.0—>C:Program FilesHPDigital ImagingDeviceManagementhpzscr01.exe -datfile hpqbud01.dat
HP Photosmart All-In-One Driver Software 10.0 Rel .2—>C:Program FilesHPDigital Imaging{20B30DC1-E423-4939-B51D-05C58B0F9BBB}setuphpzscr01.exe -datfile hposcr21.dat -onestop
HP Photosmart Essential 2.5—>C:Program FilesHPDigital ImagingPhotoSmartEssentialhpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing—>C:Program FilesHPDigital ImagingSmart Web Printinghpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0—>C:Program FilesHPDigital ImagingeSupporthpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update—>MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1}
Java(TM) 6 Update 6—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
K-Lite Codec Pack 5.5.1 (Full)—>»C:Program FilesK-Lite Codec Packunins000.exe»
LoviVkontakte 2.33.0.0—>»C:Program FilesLoviVkontakteunins000.exe»
Mail.Ru Агент 5.6 (сборка 3278, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
McAfee Security Scan—>»C:Program FilesMcAfee Security Scanuninstall.exe»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0install.exe
Microsoft .NET Framework 3.0—>C:WINDOWSMicrosoft.NETFrameworkv3.0Microsoft .NET Framework 3.0setup.exe
Microsoft .NET Framework 3.0—>MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Compression Client Pack 1.0 for Windows XP—>»C:WINDOWS$NtUninstallMSCompPackV1$spuninstspuninst.exe»
Microsoft Games for Windows — LIVE Redistributable—>MsiExec.exe /X{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWdf01007$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWudf01007$spuninstspuninst.exe»
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
MIRRORS EDGE v.1.0—>»E:MIRRORS EDGEunins000.exe»
Mozilla Firefox (3.5.8)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSVC80_x86_v2—>MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x86—>MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 6.0 Parser (KB925673)—>MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 9—>C:Program FilesCommon FilesNeroNero ProductInstaller 4SetupX.exe REMOVESERIALNUMBER=»9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A»
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver—>MsiExec.exe /X{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}
Nokia PC Suite—>C:Documents and SettingsAll UsersApplication DataInstallations{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}Nokia_PC_Suite_683_rel_14_1_rus_web.exe /LANG=»1049″
Nokia PC Suite—>MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
NVIDIA PhysX v8.10.17—>MsiExec.exe /X{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}
OCR Software by I.R.I.S. 10.0—>C:Program FilesHPDigital ImagingOCRhpzscr01.exe -datfile hpqbud11.dat
OpenAL—>»C:Program FilesOpenALoalinst.exe» /U
Path2Clipboard 1.0.7.67—>C:WINDOWSsystem32ShellExtP2Cdel.bat
PC Connectivity Solution—>MsiExec.exe /I{481C9A00-91AC-4065-870C-BD4E28186E5A}
Pirates, Vikings, and Knights II—>»E:Steamsteam.exe» steam://uninstall/17570
Rainbow Six — Vegas II—>»E:Rainbow Six — Vegas IIunins000.exe»
Realtek AC’97 Audio—>Alcrmv.exe -r -m
Shattered Horizon—>»E:Steamsteam.exe» steam://uninstall/18110
Shop for HP Supplies—>C:Program FilesHPDigital ImagingHPSSupplyhpzscr01.exe -datfile hpqbud16.dat
Smashball—>»E:Steamsteam.exe» steam://uninstall/17730
UltraISO Premium V8.6—>»C:Program FilesUltraISOunins000.exe»
Vista Drive Icon—>rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFVistaDrv.inf,Uninstall
VLC media player 1.0.3—>C:Program FilesVideoLANVLCuninstall.exe
WebMate—>C:Program FilesInstallShield Installation Information{13605214-8CA9-4B59-90A0-DEBB9A9F68E5}setup.exe -runfromtemp -l0x0019 -removeonly
Windows Communication Foundation—>MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Internet Explorer 7—>»C:WINDOWSie7spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»C:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
Windows Presentation Foundation—>MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation—>MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Your Uninstaller! Version 6.3—>»C:Program FilesYour Uninstallerunins000.exe»
Вин Дизель Wheelman—>C:Program FilesInstallShield Installation Information{52612909-C9A1-4D4E-BFED-820B14119234}setup.exe -runfromtemp -l0x0019 -removeonly
Обновление безопасности для Windows XP — (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Пакет драйверов Windows — Nokia Modem (11/03/2006 6.82.0.1)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567nokbtmdm.inf
Пакет драйверов Windows — Nokia pccsmcfd (08/22/2008 7.0.0.0)—>C:PROGRA~1DIFXB4723E9A0713E5B1dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294pccsmcfd.inf
Проигрыватель Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
Яндекс.Бар 4.3 для Internet Explorer—>MsiExec.exe /X{2B9C002D-F3C1-4F8A-B29A-7F9E9B473D4D}=====HijackThis Backups=====
O4 — HKCU..Run: [EXPLORER.EXE] EXPLORER.EXE [2010-02-22]
======System event log======
Computer Name: MICROSOF-0D01A1
Event Code: 7035
Message: Служба «hpqcxs08» успешно отправила управляющий элемент «запустить».Record Number: 8631
Source Name: Service Control Manager
Time Written: 20100213143546.000000+180
Event Type: информация
User: NT AUTHORITYSYSTEMComputer Name: MICROSOF-0D01A1
Event Code: 7022
Message: Служба «Служба HP CUE DeviceDiscovery» зависла при запуске.Record Number: 8630
Source Name: Service Control Manager
Time Written: 20100213143546.000000+180
Event Type: ошибка
User:Computer Name: MICROSOF-0D01A1
Event Code: 51
Message: Обнаружена ошибка на устройстве DeviceHarddisk0D во время выполнения операции страничного обмена.Record Number: 8629
Source Name: Disk
Time Written: 20100213143410.000000+180
Event Type: предупреждение
User:Computer Name: MICROSOF-0D01A1
Event Code: 51
Message: Обнаружена ошибка на устройстве DeviceHarddisk0D во время выполнения операции страничного обмена.Record Number: 8628
Source Name: Disk
Time Written: 20100213143410.000000+180
Event Type: предупреждение
User:Computer Name: MICROSOF-0D01A1
Event Code: 51
Message: Обнаружена ошибка на устройстве DeviceHarddisk0D во время выполнения операции страничного обмена.Record Number: 8627
Source Name: Disk
Time Written: 20100213143410.000000+180
Event Type: предупреждение
User:=====Application event log=====
Computer Name: MICROSOF-0D01A1
Event Code: 11724
Message: Product: Nokia Connectivity Cable Driver — Removal completed successfully.Record Number: 1635
Source Name: MsiInstaller
Time Written: 20100211220910.000000+180
Event Type: информация
User: MICROSOF-0D01A1Sokol(Тоха)Computer Name: MICROSOF-0D01A1
Event Code: 11724
Message: Product: Nokia Flashing Cable Driver — Removal completed successfully.Record Number: 1634
Source Name: MsiInstaller
Time Written: 20100211220903.000000+180
Event Type: информация
User: MICROSOF-0D01A1Sokol(Тоха)Computer Name: MICROSOF-0D01A1
Event Code: 11724
Message: Продукт: Nokia Software Updater — Removal completed successfully.Record Number: 1633
Source Name: MsiInstaller
Time Written: 20100211220858.000000+180
Event Type: информация
User: MICROSOF-0D01A1Sokol(Тоха)Computer Name: MICROSOF-0D01A1
Event Code: 4097
Message: Приложение C:Documents and SettingsSokol(Тоха)Рабочий столNokia_PC_Suite_7_1_40_1_rus_web.exe вызвало ошибку
Ошибка в 11/02/2010 @ 22:07:33.625
Вызвано исключение c0000005 по адресу 0047E7C6 (Nokia_PC_Suite_7_1_40_1_rus_web)Record Number: 1632
Source Name: DrWatson
Time Written: 20100211220733.000000+180
Event Type: информация
User:Computer Name: MICROSOF-0D01A1
Event Code: 4097
Message: Приложение C:Documents and SettingsSokol(Тоха)Рабочий столNokia_PC_Suite_7_1_40_1_rus_web.exe вызвало ошибку
Ошибка в 11/02/2010 @ 22:07:26.687
Вызвано исключение c0000005 по адресу 0047E7C6 (Nokia_PC_Suite_7_1_40_1_rus_web)Record Number: 1631
Source Name: DrWatson
Time Written: 20100211220726.000000+180
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=C:Program FilesPC Connectivity Solution;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesATI TechnologiesATI.ACECore-Static
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
«PROCESSOR_REVISION»=2f02
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Судя по логам троян на месте. Выполните дословно инструкцию из моего предыдущего сообщения.
Доброго вечера!
Сделал так как вы сказали, удалил те 4 файла кроме одного его не было в списке (F2 — REG:system.ini: Shell=%SystemRoot%system32user32.exe), но всё равно компьютер очень долго выключается!Logfile of random’s system information tool 1.06 (written by random/random)
Run by Sokol at 2010-02-26 00:17:02
Microsoft Windows XP Professional Service Pack 3
System drive C: has 23 GB (51%) free of 45 GB
Total RAM: 1023 MB (27% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:17:06, on 26.02.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 2010avp.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesLoviVkontakteVkontakteService.exe
C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSOUNDMAN.EXE
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesKYEWebMateBM.exe
C:Program FilesLoviVkontaktelovivkontakte.exe
C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 2010avp.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesVistaDriveIconVistaDrv.exe
C:Program FilesuTorrentuTorrent.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
C:Program FilesMcAfee Security Scan1.0.150SSScheduler.exe
C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe
C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe
C:Program FilesHPDigital ImagingbinhpqSTE08.exe
C:Program FilesHPDigital Imagingbinhpqbam08.exe
C:Program FilesHPDigital Imagingbinhpqgpc01.exe
E:SteamSteam.exe
D:Program FilesSkypePhoneSkype.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 2010klwtblfs.exe
C:Documents and SettingsАдминистраторРабочий столRSIT.exe
C:Program FilesTrend MicroHijackThisSokol.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = :
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: Brothersoft Toolbar — {e8de9422-3b2c-4243-bf6f-235da84d8ef8} — C:Program FilesBrothersofttbBrot.dll (file missing)
O2 — BHO: HP Print Enhancer — {0347C33E-8762-4905-BF09-768834316C61} — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_printenhancer.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: IEVkbdBHO — {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2010ievkbd.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — c:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_06binssv.dll
O2 — BHO: Adobe PDF Conversion Toolbar Helper — {AE7CD045-E861-484f-8273-0445EE161910} — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
O2 — BHO: link filter bho — {E33CF602-D945-461A-83F0-819F76A199F8} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2010klwtbbho.dll
O2 — BHO: Brothersoft Toolbar — {e8de9422-3b2c-4243-bf6f-235da84d8ef8} — C:Program FilesBrothersofttbBrot.dll (file missing)
O2 — BHO: HP Smart BHO Class — {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
O3 — Toolbar: Adobe PDF — {47833539-D0C5-4125-9FA8-0819E2EAAC93} — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: Brothersoft Toolbar — {e8de9422-3b2c-4243-bf6f-235da84d8ef8} — C:Program FilesBrothersofttbBrot.dll (file missing)
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [StartCCC] «C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe» MSRun
O4 — HKLM..Run: [GrooveMonitor] «c:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [Acrobat Assistant 8.0] «C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe»
O4 — HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 — HKLM..Run: [hpqSRMon] C:Program FilesHPDigital ImagingbinhpqSRMon.exe
O4 — HKLM..Run: [BMISR] C:Program FilesKYEWebMateBM.exe
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [LoviVkontakte] C:Program FilesLoviVkontaktelovivkontakte.exe
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Anti-Virus 2010avp.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe
O4 — HKCU..Run: [uTorrent] «C:Program FilesuTorrentuTorrent.exe»
O4 — HKCU..Run: [wsctf.exe] wsctf.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 — Global Startup: Adobe Acrobat Synchronizer.lnk = C:Program FilesAdobeAcrobat 8.0AcrobatAdobeCollabSync.exe
O4 — Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imagingbinhpqtra08.exe
O4 — Global Startup: McAfee Security Scan.lnk = ?
O4 — Global Startup: Ускоренный запуск Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://c:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Append to existing PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert link target to Adobe PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: Convert link target to existing PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert selected links to Adobe PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 — Extra context menu item: Convert selected links to existing PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 — Extra context menu item: Convert selection to Adobe PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 — Extra context menu item: Convert selection to existing PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 — Extra context menu item: Convert to Adobe PDF — res://C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — c:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — c:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: &Виртуальная клавиатура — {4248FE82-7FCB-46AC-B270-339F08212110} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2010klwtbbho.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: Проверка ссы&лок — {CCF151D8-D089-449F-A5A4-D9909053F20F} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2010klwtbbho.dll
O9 — Extra button: Расширенный выбор HP — {DDE87865-83C5-48c4-8357-2F5B1AA84522} — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — c:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O23 — Service: Application Driver Auto Removal Service (01) (appdrvrem01) — Protection Technology — C:WINDOWSSystem32appdrvrem01.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Kaspersky Anti-Virus (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Anti-Virus 2010avp.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: LoviVkontake Service (LoviVkontakteService) — Zeyfman Genady — C:Program FilesLoviVkontakteVkontakteService.exe
O23 — Service: Nero BackItUp Scheduler 4.0 — Nero AG — C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 12083 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_printenhancer.dll [2007-11-06 322880][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class — C:Program FilesKaspersky LabKaspersky Anti-Virus 2010ievkbd.dll [2009-10-20 68112][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — c:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_06binssv.dll [2008-03-25 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006-10-22 321120][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class — C:Program FilesKaspersky LabKaspersky Anti-Virus 2010klwtbbho.dll [2009-10-20 268816][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{e8de9422-3b2c-4243-bf6f-235da84d8ef8}]
Brothersoft Toolbar — C:Program FilesBrothersofttbBrot.dll [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll [2007-11-06 542016][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} — Adobe PDF — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll [2006-10-22 321120]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-12-22 8716040]
{e8de9422-3b2c-4243-bf6f-235da84d8ef8} — Brothersoft Toolbar — C:Program FilesBrothersofttbBrot.dll [][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-16 577536]
«StartCCC»=C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe [2008-01-21 61440]
«GrooveMonitor»=c:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2007-08-24 33648]
«Acrobat Assistant 8.0″=C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe [2006-10-22 620152]
«»= []
«HP Software Update»=C:Program FilesHPHP Software UpdateHPWuSchd2.exe [2007-10-14 49152]
«hpqSRMon»=C:Program FilesHPDigital ImagingbinhpqSRMon.exe [2007-08-22 80896]
«BMISR»=C:Program FilesKYEWebMateBM.exe [2007-12-14 229376]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-12-19 8746680]
«LoviVkontakte»=C:Program FilesLoviVkontaktelovivkontakte.exe [2009-12-26 739840]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2007-03-23 227328]
«AVP»=C:Program FilesKaspersky LabKaspersky Anti-Virus 2010avp.exe [2009-10-20 340456][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-25 17408]
«VistaIcon»=C:Program FilesVistaDriveIconVistaDrv.exe [2008-03-23 132096]
«uTorrent»=C:Program FilesuTorrentuTorrent.exe [2010-02-01 319280]
«wsctf.exe»=wsctf.exe []C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Adobe Acrobat Speed Launcher.lnk — C:WINDOWSInstaller{AC76BA86-1033-F400-7760-000000000003}_SC_Acrobat.exe
Adobe Acrobat Synchronizer.lnk — C:Program FilesAdobeAcrobat 8.0AcrobatAdobeCollabSync.exe
HP Digital Imaging Monitor.lnk — C:Program FilesHPDigital Imagingbinhpqtra08.exe
McAfee Security Scan.lnk — C:Program FilesMcAfee Security Scan1.0.150SSScheduler.exe
Ускоренный запуск Adobe Reader.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2009-10-19 155648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2009-10-20 219664][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2008-03-21 133632][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=c:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPEVSystemStart]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalprocexp90.Sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPEVSystemStart]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkprocexp90.Sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«SynchronousMachineGroupPolicy»=0
«SynchronousUserGroupPolicy»=0[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoThumbnailCache»=1
«NoSMConfigurePrograms»=1
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
«E:SteamSteamAppscommonshattered_horizonclient_exeshattered_horizon.exe»=»E:SteamSteamAppscommonshattered_horizonclient_exeshattered_horizon.exe:*:Enabled:Shattered Horizon»
«D:Program FilesSkypePhoneSkype.exe»=»D:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{0aa3d252-f301-11de-a99c-0013d39cc3eb}]
shellAutoRuncommand — WScript.exe .main.vbs
shellopencommand — WScript.exe .main.vbs======List of files/folders created in the last 1 months======
2010-02-23 15:56:25 —-D—- C:Documents and SettingsАдминистраторApplication DataZombieDriver
2010-02-22 20:27:21 —-D—- C:Program FilesKaspersky Lab
2010-02-22 20:27:21 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2010-02-22 20:26:04 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2010-02-22 20:20:41 —-RASHD—- C:autorun.inf
2010-02-22 17:10:15 —-D—- C:rsit
2010-02-22 16:50:14 —-D—- C:Program FilesTrend Micro
2010-02-21 22:38:49 —-D—- C:Program FilesESET
2010-02-20 23:00:18 —-A—- C:WINDOWSntbtlog.txt
2010-02-20 22:51:13 —-HD—- C:WINDOWSsystem32GroupPolicy
2010-02-20 22:11:09 —-D—- C:WINDOWSsystem32SoftwareDistribution
2010-02-20 22:11:09 —-A—- C:WINDOWSsystem32wuweb.dll
2010-02-20 22:11:09 —-A—- C:WINDOWSsystem32wups.dll
2010-02-20 22:11:09 —-A—- C:WINDOWSsystem32wucltui.dll
2010-02-20 22:11:08 —-A—- C:WINDOWSsystem32wuaueng.dll
2010-02-20 22:11:07 —-A—- C:WINDOWSsystem32wuauclt.exe
2010-02-20 22:11:07 —-A—- C:WINDOWSsystem32wuapi.dll
2010-02-20 22:11:07 —-A—- C:WINDOWSsystem32cdm.dll
2010-02-20 21:48:58 —-D—- C:WINDOWSpss
2010-02-20 17:00:00 —-D—- C:WINDOWSSun
2010-02-20 17:00:00 —-D—- C:Documents and SettingsАдминистраторApplication DataSun
2010-02-15 21:40:37 —-D—- C:Documents and SettingsAll UsersApplication DataElectronic Arts
2010-02-15 21:40:24 —-D—- C:Program FilesCommon FilesAdobe AIR
2010-02-15 21:36:02 —-D—- C:Program FilesElectronic Arts
2010-02-14 20:35:22 —-A—- C:WINDOWSsystem32appdrvrem01.exe
2010-02-11 23:27:04 —-D—- C:Documents and SettingsАдминистраторApplication DataPC Suite
2010-02-11 23:08:54 —-D—- C:Program FilesCommon FilesPCSuite
2010-02-11 23:08:53 —-D—- C:Program FilesCommon FilesNokia
2010-02-11 23:08:41 —-D—- C:Program FilesNokia
2010-02-11 22:35:54 —-HDC—- C:WINDOWS$NtUninstallWudf01007$
2010-02-11 22:34:34 —-D—- C:Documents and SettingsAll UsersApplication DataPC Suite
2010-02-11 22:26:45 —-D—- C:Program FilesDIFX
2010-02-11 22:26:40 —-D—- C:Program FilesPC Connectivity Solution
2010-02-11 22:25:52 —-D—- C:Documents and SettingsAll UsersApplication DataOviInstallerCache
2010-02-11 22:08:58 —-D—- C:WINDOWSsystem32appmgmt
2010-02-04 19:35:24 —-D—- C:Documents and SettingsАдминистраторApplication DataXilisoft Corporation
2010-02-03 01:58:10 —-D—- C:Program FilesLoviVkontakte======List of files/folders modified in the last 1 months======
2010-02-26 00:17:05 —-D—- C:Documents and SettingsАдминистраторApplication DatauTorrent
2010-02-26 00:05:53 —-D—- C:Program FilesMozilla Firefox
2010-02-26 00:02:56 —-D—- C:Documents and SettingsАдминистраторApplication DataSkype
2010-02-26 00:01:21 —-D—- C:WINDOWSTemp
2010-02-25 23:34:28 —-D—- C:WINDOWSPrefetch
2010-02-25 23:30:40 —-D—- C:WINDOWSsystem32CatRoot2
2010-02-25 23:30:40 —-A—- C:WINDOWSSchedLgU.Txt
2010-02-25 14:29:05 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2010-02-24 20:47:07 —-D—- C:Documents and SettingsАдминистраторApplication DataHP
2010-02-24 20:47:07 —-D—- C:Documents and SettingsAll UsersApplication DataHP
2010-02-23 20:46:25 —-D—- C:WINDOWS
2010-02-23 20:44:40 —-HD—- C:Config.Msi
2010-02-23 15:56:20 —-SHD—- C:WINDOWSInstaller
2010-02-23 15:56:19 —-D—- C:WINDOWSWinSxS
2010-02-23 15:55:54 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2010-02-23 15:55:07 —-D—- C:Program FilesAGEIA Technologies
2010-02-23 15:55:02 —-D—- C:WINDOWSsystem32
2010-02-23 15:54:35 —-A—- C:WINDOWSsystem32wrap_oal.dll
2010-02-23 15:54:35 —-A—- C:WINDOWSsystem32OpenAL32.dll
2010-02-23 15:54:25 —-D—- C:WINDOWSsystem32DirectX
2010-02-23 15:54:24 —-HD—- C:WINDOWSinf
2010-02-23 15:53:47 —-RSD—- C:WINDOWSassembly
2010-02-22 20:30:07 —-SHD—- C:System Volume Information
2010-02-22 20:29:16 —-D—- C:WINDOWSsystem32CatRoot
2010-02-22 20:28:07 —-D—- C:WINDOWSsystem32drivers
2010-02-22 20:27:21 —-RD—- C:Program Files
2010-02-22 18:07:46 —-D—- C:WINDOWSsystem32config
2010-02-22 18:07:21 —-D—- C:Program FilesCommon Files
2010-02-21 17:15:12 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2010-02-21 17:10:39 —-D—- C:WINDOWSsystem32NtmsData
2010-02-21 16:52:04 —-D—- C:WINDOWSDebug
2010-02-21 15:25:24 —-SH—- C:boot.ini
2010-02-21 15:25:24 —-A—- C:WINDOWSwin.ini
2010-02-21 15:25:24 —-A—- C:WINDOWSsystem.ini
2010-02-20 22:48:16 —-D—- C:WINDOWSRegistration
2010-02-20 22:16:41 —-D—- C:WINDOWSSoftwareDistribution
2010-02-20 22:16:39 —-D—- C:WINDOWSHelp
2010-02-20 21:57:02 —-D—- C:WINDOWSsystem32wbem
2010-02-20 21:56:49 —-D—- C:WINDOWSsystem32Restore
2010-02-16 22:14:54 —-D—- C:Documents and SettingsАдминистраторApplication DataHPAppData
2010-02-15 21:40:27 —-D—- C:Documents and SettingsАдминистраторApplication DataAdobe
2010-02-15 21:40:27 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2010-02-15 21:40:01 —-HD—- C:Program FilesInstallShield Installation Information
2010-02-15 21:35:46 —-D—- C:Program FilesCommon FilesInstallShield
2010-02-13 19:40:05 —-A—- C:WINDOWSNeroDigital.ini
2010-02-11 23:08:10 —-DC—- C:WINDOWSsystem32DRVSTORE
2010-02-11 23:04:56 —-D—- C:Documents and SettingsAll UsersApplication DataInstallations
2010-02-11 22:36:03 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2010-02-08 17:37:59 —-D—- C:Documents and SettingsАдминистраторApplication Datavlc
2010-02-08 17:37:57 —-D—- C:Documents and SettingsАдминистраторApplication Datadvdcss
2010-02-04 19:23:09 —-SD—- C:Documents and SettingsАдминистраторApplication DataMicrosoft
2010-02-01 19:47:51 —-D—- C:Program FilesuTorrent======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 appdrv01;Application Driver (01); C:WINDOWSSystem32Driversappdrv01.sys [2010-02-14 3110512]
R1 ISODrive;ISO CD-ROM Device Driver; ??C:Program FilesUltraISOdriversISODrive.sys []
R1 kl1;Kl1; ??C:WINDOWSsystem32driverskl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2010-02-22 315408]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2008-01-25 4127488]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-25 60800]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2009-10-19 4415488]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:WINDOWSsystem32driversAtiHdmi.sys [2009-08-19 100368]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2009-09-14 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:WINDOWSsystem32DRIVERSklmouflt.sys [2009-10-02 19472]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-25 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2006-04-14 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2006-04-14 13056]
R3 usbaudio;Аудио драйвер USB (WDM); C:WINDOWSsystem32driversusbaudio.sys [2008-04-25 60032]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-15 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-04-15 17152]
R3 usbvideo;USB-видеоустройство (WDM); C:WINDOWSSystem32Driversusbvideo.sys [2008-04-25 121984]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-25 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2007-11-01 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2007-11-01 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2007-11-01 21568]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-25 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-25 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-25 10880]
S3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:WINDOWSsystem32DRIVERSpccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-25 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-25 15232]
S3 upperdev;upperdev; C:WINDOWSsystem32DRIVERSusbser_lowerflt.sys [2009-02-09 7808]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-25 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-25 15104]
S3 usbser;USB Modem Driver; C:WINDOWSsystem32driversusbser.sys [2008-04-25 26112]
S3 UsbserFilt;UsbserFilt; C:WINDOWSsystem32DRIVERSusbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-25 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:WINDOWSSystem32Driverswdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-25 19200]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2008-01-18 83328]
S4 atapi;atapi; C:WINDOWSsystem32driversatapi.sys [2008-04-15 96512]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2008-04-15 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2009-10-19 602112]
R2 AVP;Kaspersky Anti-Virus; C:Program FilesKaspersky LabKaspersky Anti-Virus 2010avp.exe [2009-10-20 340456]
R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
R2 LoviVkontakteService;LoviVkontake Service; C:Program FilesLoviVkontakteVkontakteService.exe [2009-10-15 477184]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe [2008-09-30 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-04-15 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSSystem32svchost.exe [2008-04-15 14336]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2009-12-19 654848]
R3 hpqcxs08;hpqcxs08; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2010-01-26 652800]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:WINDOWSSystem32appdrvrem01.exe [2010-02-14 316816]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2008-06-02 593920]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2006-10-30 741376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2008-03-21 914944]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2006-10-30 122880]
EOF
info.txt logfile of random’s system information tool 1.06 2010-02-22 17:10:20
======Uninstall list======
—>MsiExec /X{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
µTorrent—>»C:Program FilesuTorrentuTorrent.exe» /UNINSTALL
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0015-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0016-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0018-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0019-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001A-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001B-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0419-0000-0000000FF1CE} /uninstall {D7CE14BC-96D9-41C5-822D-F5B1C2C35AA2}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-001F-0422-0000-0000000FF1CE} /uninstall {DC154E48-5278-423A-80A1-B93247E38A1A}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-0044-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-006E-0419-0000-0000000FF1CE} /uninstall {23653CA5-BFB5-4B52-B2DA-045D7ABEB874}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-00A1-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
2007 Microsoft Office Suite Service Pack 1 (SP1)—>msiexec /package {90120000-00BA-0419-0000-0000000FF1CE} /uninstall {1AD50F4A-04F7-4944-BD47-4421532548F5}
32 Bit HP CIO Components Installer—>MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
7-Zip 4.42—>»C:Program Files7-ZipUninstall.exe»
Adobe Acrobat 8 Professional — English, Franзais, Deutsch—>msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe AIR—>c:Program FilesCommon FilesAdobe AIRVersions1.0ResourcesAdobe AIR Updater.exe -arp:uninstall
Adobe AIR—>MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 7.0.5 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A70500000002}
Aliens vs Predator Demo—>»E:Steamsteam.exe» steam://uninstall/34200
ATI — Software Uninstall Utility—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}setup.exe» -l0x336d
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Counter-Strike: Source—>»E:Steamsteam.exe» steam://uninstall/240
Dead Space™—>MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
DirectX10 GFR—>»C:Program FilesCommon Filesunins000.exe»
EA Download Manager UI—>msiexec /qb /x {9901E703-D169-7139-1EA3-11AA788D09E6}
EA Download Manager UI—>MsiExec.exe /I{9901E703-D169-7139-1EA3-11AA788D09E6}
EA Download Manager—>C:Program FilesElectronic ArtsEADMEADMUninstall.exe
HashTab 2.0.8—>C:WINDOWSsystem32ShellExthtdel32.bat
HijackThis 2.0.2—>»C:Program FilesTrend MicroHijackThisHijackThis.exe» /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)—>»C:WINDOWS$NtUninstallKB929399$spuninstspuninst.exe»
HP Customer Participation Program 10.0—>C:Program FilesHPDigital ImagingExtCapUninstallhpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 10.0—>C:Program FilesHPDigital ImagingDeviceManagementhpzscr01.exe -datfile hpqbud01.dat
HP Photosmart All-In-One Driver Software 10.0 Rel .2—>C:Program FilesHPDigital Imaging{20B30DC1-E423-4939-B51D-05C58B0F9BBB}setuphpzscr01.exe -datfile hposcr21.dat -onestop
HP Photosmart Essential 2.5—>C:Program FilesHPDigital ImagingPhotoSmartEssentialhpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing—>C:Program FilesHPDigital ImagingSmart Web Printinghpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0—>C:Program FilesHPDigital ImagingeSupporthpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update—>MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1}
Java(TM) 6 Update 6—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
K-Lite Codec Pack 5.5.1 (Full)—>»C:Program FilesK-Lite Codec Packunins000.exe»
LoviVkontakte 2.33.0.0—>»C:Program FilesLoviVkontakteunins000.exe»
Mail.Ru Агент 5.6 (сборка 3278, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
McAfee Security Scan—>»C:Program FilesMcAfee Security Scanuninstall.exe»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0install.exe
Microsoft .NET Framework 3.0—>C:WINDOWSMicrosoft.NETFrameworkv3.0Microsoft .NET Framework 3.0setup.exe
Microsoft .NET Framework 3.0—>MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Compression Client Pack 1.0 for Windows XP—>»C:WINDOWS$NtUninstallMSCompPackV1$spuninstspuninst.exe»
Microsoft Games for Windows — LIVE Redistributable—>MsiExec.exe /X{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWdf01007$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWudf01007$spuninstspuninst.exe»
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
MIRRORS EDGE v.1.0—>»E:MIRRORS EDGEunins000.exe»
Mozilla Firefox (3.5.8)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSVC80_x86_v2—>MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x86—>MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 6.0 Parser (KB925673)—>MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 9—>C:Program FilesCommon FilesNeroNero ProductInstaller 4SetupX.exe REMOVESERIALNUMBER=»9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A»
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver—>MsiExec.exe /X{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}
Nokia PC Suite—>C:Documents and SettingsAll UsersApplication DataInstallations{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}Nokia_PC_Suite_683_rel_14_1_rus_web.exe /LANG=»1049″
Nokia PC Suite—>MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
NVIDIA PhysX v8.10.17—>MsiExec.exe /X{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}
OCR Software by I.R.I.S. 10.0—>C:Program FilesHPDigital ImagingOCRhpzscr01.exe -datfile hpqbud11.dat
OpenAL—>»C:Program FilesOpenALoalinst.exe» /U
Path2Clipboard 1.0.7.67—>C:WINDOWSsystem32ShellExtP2Cdel.bat
PC Connectivity Solution—>MsiExec.exe /I{481C9A00-91AC-4065-870C-BD4E28186E5A}
Pirates, Vikings, and Knights II—>»E:Steamsteam.exe» steam://uninstall/17570
Rainbow Six — Vegas II—>»E:Rainbow Six — Vegas IIunins000.exe»
Realtek AC’97 Audio—>Alcrmv.exe -r -m
Shattered Horizon—>»E:Steamsteam.exe» steam://uninstall/18110
Shop for HP Supplies—>C:Program FilesHPDigital ImagingHPSSupplyhpzscr01.exe -datfile hpqbud16.dat
Smashball—>»E:Steamsteam.exe» steam://uninstall/17730
UltraISO Premium V8.6—>»C:Program FilesUltraISOunins000.exe»
Vista Drive Icon—>rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFVistaDrv.inf,Uninstall
VLC media player 1.0.3—>C:Program FilesVideoLANVLCuninstall.exe
WebMate—>C:Program FilesInstallShield Installation Information{13605214-8CA9-4B59-90A0-DEBB9A9F68E5}setup.exe -runfromtemp -l0x0019 -removeonly
Windows Communication Foundation—>MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Internet Explorer 7—>»C:WINDOWSie7spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»C:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
Windows Presentation Foundation—>MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation—>MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Your Uninstaller! Version 6.3—>»C:Program FilesYour Uninstallerunins000.exe»
Вин Дизель Wheelman—>C:Program FilesInstallShield Installation Information{52612909-C9A1-4D4E-BFED-820B14119234}setup.exe -runfromtemp -l0x0019 -removeonly
Обновление безопасности для Windows XP — (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Пакет драйверов Windows — Nokia Modem (11/03/2006 6.82.0.1)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567nokbtmdm.inf
Пакет драйверов Windows — Nokia pccsmcfd (08/22/2008 7.0.0.0)—>C:PROGRA~1DIFXB4723E9A0713E5B1dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294pccsmcfd.inf
Проигрыватель Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
Яндекс.Бар 4.3 для Internet Explorer—>MsiExec.exe /X{2B9C002D-F3C1-4F8A-B29A-7F9E9B473D4D}=====HijackThis Backups=====
O4 — HKCU..Run: [EXPLORER.EXE] EXPLORER.EXE [2010-02-22]
======System event log======
Computer Name: MICROSOF-0D01A1
Event Code: 7035
Message: Служба «hpqcxs08» успешно отправила управляющий элемент «запустить».Record Number: 8631
Source Name: Service Control Manager
Time Written: 20100213143546.000000+180
Event Type: информация
User: NT AUTHORITYSYSTEMComputer Name: MICROSOF-0D01A1
Event Code: 7022
Message: Служба «Служба HP CUE DeviceDiscovery» зависла при запуске.Record Number: 8630
Source Name: Service Control Manager
Time Written: 20100213143546.000000+180
Event Type: ошибка
User:Computer Name: MICROSOF-0D01A1
Event Code: 51
Message: Обнаружена ошибка на устройстве DeviceHarddisk0D во время выполнения операции страничного обмена.Record Number: 8629
Source Name: Disk
Time Written: 20100213143410.000000+180
Event Type: предупреждение
User:Computer Name: MICROSOF-0D01A1
Event Code: 51
Message: Обнаружена ошибка на устройстве DeviceHarddisk0D во время выполнения операции страничного обмена.Record Number: 8628
Source Name: Disk
Time Written: 20100213143410.000000+180
Event Type: предупреждение
User:Computer Name: MICROSOF-0D01A1
Event Code: 51
Message: Обнаружена ошибка на устройстве DeviceHarddisk0D во время выполнения операции страничного обмена.Record Number: 8627
Source Name: Disk
Time Written: 20100213143410.000000+180
Event Type: предупреждение
User:=====Application event log=====
Computer Name: MICROSOF-0D01A1
Event Code: 11724
Message: Product: Nokia Connectivity Cable Driver — Removal completed successfully.Record Number: 1635
Source Name: MsiInstaller
Time Written: 20100211220910.000000+180
Event Type: информация
User: MICROSOF-0D01A1Sokol(Тоха)Computer Name: MICROSOF-0D01A1
Event Code: 11724
Message: Product: Nokia Flashing Cable Driver — Removal completed successfully.Record Number: 1634
Source Name: MsiInstaller
Time Written: 20100211220903.000000+180
Event Type: информация
User: MICROSOF-0D01A1Sokol(Тоха)Computer Name: MICROSOF-0D01A1
Event Code: 11724
Message: Продукт: Nokia Software Updater — Removal completed successfully.Record Number: 1633
Source Name: MsiInstaller
Time Written: 20100211220858.000000+180
Event Type: информация
User: MICROSOF-0D01A1Sokol(Тоха)Computer Name: MICROSOF-0D01A1
Event Code: 4097
Message: Приложение C:Documents and SettingsSokol(Тоха)Рабочий столNokia_PC_Suite_7_1_40_1_rus_web.exe вызвало ошибку
Ошибка в 11/02/2010 @ 22:07:33.625
Вызвано исключение c0000005 по адресу 0047E7C6 (Nokia_PC_Suite_7_1_40_1_rus_web)Record Number: 1632
Source Name: DrWatson
Time Written: 20100211220733.000000+180
Event Type: информация
User:Computer Name: MICROSOF-0D01A1
Event Code: 4097
Message: Приложение C:Documents and SettingsSokol(Тоха)Рабочий столNokia_PC_Suite_7_1_40_1_rus_web.exe вызвало ошибку
Ошибка в 11/02/2010 @ 22:07:26.687
Вызвано исключение c0000005 по адресу 0047E7C6 (Nokia_PC_Suite_7_1_40_1_rus_web)Record Number: 1631
Source Name: DrWatson
Time Written: 20100211220726.000000+180
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=C:Program FilesPC Connectivity Solution;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesATI TechnologiesATI.ACECore-Static
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
«PROCESSOR_REVISION»=2f02
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
- Для ответа в этой теме необходимо авторизоваться.
