помогите убрать банеры!замучили уже!

[alekst5]

info.txt logfile of random’s system information tool 1.05 2009-02-11 14:02:15

======Uninstall list======

—>C:Program FilesBHPSJRE142PQJREIUU.exe -u
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
7-Zip 4.44 beta—>»C:Program Files7-ZipUninstall.exe»
Acrobat.com—>C:Program FilesCommon FilesAdobe AIRVersions1.0Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com—>MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe Acrobat 5.0—>C:WINDOWSISUNINST.EXE -f»C:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.isu» -c»C:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.dll»
Adobe AIR—>C:Program FilesCommon FilesAdobe AIRVersions1.0Adobe AIR Updater.exe -arp:uninstall
Adobe AIR—>MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 9—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe SVG Viewer 3.0—>C:Program FilesCommon FilesAdobeSVG Viewer 3.0UninstallWinstall.exe -u -fC:Program FilesCommon FilesAdobeSVG Viewer 3.0UninstallInstall.log
Advanced SystemCare 3—>»d:Program FilesIObitAdvanced SystemCare 3unins000.exe»
AIMP2—>C:Program FilesAIMP2Uninstall.exe
Avira AntiVir Personal — Free Antivirus—>C:Program FilesAviraAntiVir PersonalEdition ClassicSETUP.EXE /REMOVE
Aztec Ball—>D:GameHouseAztec BallUNWISE.EXE /U D:GameHouseAztec BallINSTALL.LOG
BDE 5.1—>C:WINDOWSIsUn0419.exe -f»C:Program FilesCommon FilesBorland SharedBDEUninst.isu»
Bosch Viewer—>E:BoschESITRO~1MCVIEWERUNWISE.EXE E:BoschESITRO~1MCVIEWERviewer_uninstall.log
Catalogo Cifam—>MsiExec.exe /I{EC94ADDA-CDA9-4D84-B68F-7B9CE09F4871}
Catalogo Pilenga—>C:WINDOWSIsUninst.exe -fd:Uninst.isu
CD-Katalog—>C:WINDOWSiun507.exe d:Hegyalja.rusCDKatairunin.ini
CDNEUP-1000—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{330254E7-2F30-450F-8E9F-2675C0BBFEA3}setup.exe»
Compact Catalogue Iveco—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1BFCA9A2-1D51-4750-8811-3DD4CD5580BC}Setup.exe»
CORTECO WELCAT—>d:WElcatUnInstall_17787.exe
Dialogys—>E:renaultDialogys_uninstuninstaller.exe
Download Master version 5.5.8.1151—>»C:Program FilesDownload Masterunins000.exe»
Ecrash—>D:E-crashunins000.exe
Electronic Parts Catalogue—>C:WINDOWSuninst.exe -fC:DeIsL1.isu
EPC30.04.07—>C:WINDOWSEPC30.04.07 Uninstaller.exe
ePER—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{BB224962-A37E-4E24-87E2-BD0F47B6A8F5}setup.exe» -l0x9
ESI[tronic]—>E:BoschESITRO~1Setup.exe -u
ETK (Local)—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EC17C160-E2F0-47CC-86D4-140AE22EC38E}setup.exe» -l0x19
EWA net—>e:EWA netinstallmanagersetup.exe /clean
Firebird 1.5.4—>»C:Program FilesFirebirdFirebird_1_5unins000.exe»
GME EPC 3 3.23.0—>»C:Program FilesBHPSGmgInstlrbinuninstaller.exe» -u -t -iGmg -lru -p»C:Program FilesBHPSGmg» -r»C:Program FilesBHPSGmgInstlr»
Goetze CD-ROM 2000—>D:ProgramGOECD2KUNWISE.EXE D:ProgramGOECD2KINSTALL.LOG
High Definition Audio Driver Package — KB888111—>C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
hp LaserJet 1010 Series—>MsiExec.exe /x {292C47B2-8DB7-47BF-896C-C3C5EE8108C4}
IC_Katalog—>D:IC_Kataloguninstall.exe
ICQ6.5—>»C:Program FilesInstallShield Installation Information{60DE4033-9503-48D1-A483-7846BD217CA9}setup.exe» -runfromtemp -l0x0009 -removeonly
J2SE Runtime Environment 5.0 Update 11—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
K-Lite Codec Pack 3.8.0 Full—>»C:Program FilesK-Lite Codec Packunins000.exe»
Mazda EPC 3.0.3—>»C:Program FilesBHPSMAPUInstlrbinuninstaller.exe» -u -t -iMAPU -len -p»C:Program FilesBHPSMAPU» -r»C:Program FilesBHPSMAPUInstlr»
MAZDA EPC2—>E:MAZEPCUNINST.EXE E:MAZEPCINSTALL.LOG
Microsoft .NET Framework (English) v1.0.3705—>C:WINDOWSMicrosoft.NETFrameworkInstall.exe /u /p Microsoft .NET Framework Full v1.0.3705 (1033)
Microsoft .NET Framework (English)—>MsiExec.exe /X{B43357AA-3A6D-4D94-B56E-43C44D09E548}
Microsoft ODBC .NET Data Provider—>MsiExec.exe /I{6868B3BD-0642-442C-A542-28716AA6DD2D}
Microsoft Office Excel Viewer 2003—>MsiExec.exe /I{90840409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word Viewer 2003—>MsiExec.exe /I{90850419-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.1)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero OEM—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
Nissan FAST For Windows—>E:NISSANUNINST.EXE E:NISSANFW32INST.LOG
NissenSelect Express 4.2—>»d:NissenSelect Expressunins000.exe»
NVIDIA Drivers—>C:WINDOWSsystem32nvunrm.exe UninstallGUI
OpenOffice.org 2.3—>MsiExec.exe /I{86427A67-D84F-4296-B0C4-B7DA46F4AFE1}
ProQuest Product Licenser—>»C:Program FilesBHPSlic\uninstall.exe» -lang 1033 -log «C:Program FilesBHPSlic\BHFLMLOG.log»
ProQuestPalmDependsMSI—>MsiExec.exe /X{4E9E953A-D5C1-4E84-A693-A70F4DE65A6F}
Punto Switcher 3.0—>C:Program FilesPunto Switcheruninstall.exe
QIP Infium 2.0.9024 RC4—>»d:Program FilesQIP Infiumunins000.exe»
QpCatalog 1.1—>d:QpUninstallQp.exe
Reg Organizer 4.22 beta 2—>»d:Program FilesReg Organizerunins000.exe»
SEINSA—>C:WINDOWSiun506.exe C:SEINSAirunin.ini
Sidat_srl—>MsiExec.exe /I{11F6D1DD-0EB1-4B91-9EA9-20B68592AC83}
SoundMAX—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime100Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F0A37341-D692-11D4-A984-009027EC0A9C}setup.exe» -l0x19 -removeonly
Spybot — Search & Destroy—>»d:Program FilesSpybot — Search & Destroyunins000.exe»
Spyware Doctor 6.0—>d:Program FilesSpyware Doctorunins000.exe /LOG
SUBARU-FAST 2—>E:SUBARU~1UNINSFAE.EXE E:SUBARU~1SUBARU.LOG
SzakalCD 6.1—>»c:szakalCDunins000.exe»
TECDOC CD 1.2009—>C:PROGRA~1COMMON~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{7C321891-78A2-44E8-9F44-4A667264ABC9} /l1049 /V»/Liove+ C:WINDOWSOfflineCatalogue_1_2009_TECDOC_CD.log»
Vernet—>d:Vernetuninstall.exe
WoodAuto—>C:WASPuninstall.exe
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Встраиваемый программный модуль изображений 2.13.0—>»C:Program FilesBHPSImgrplg2Instlrbinuninstaller.exe» -u -t -w -iImgrplg -lru -p»C:Program FilesBHPSImgrplg2″ -r»C:Program FilesBHPSImgrplg2Instlr»
Исправление для Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB923789)—>C:WINDOWSsystem32MacroMedFlashgenuinst.exe C:WINDOWSsystem32MacroMedFlashKB923789.inf
Обновление безопасности для Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB944338-v2)—>»C:WINDOWS$NtUninstallKB944338-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954211)—>»C:WINDOWS$NtUninstallKB954211$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956391)—>»C:WINDOWS$NtUninstallKB956391$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956841)—>»C:WINDOWS$NtUninstallKB956841$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958215)—>»C:WINDOWS$NtUninstallKB958215$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960714)—>»C:WINDOWS$NtUninstallKB960714$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление для Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Обновление для Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
Ценник (v3.5.0b)—>»d:Priceunins000.exe»

======Security center information======

AV: Avira AntiVir PersonalEdition

System event log

Computer Name: ALI-B872781B05B
Event Code: 7035
Message: Служба «Firebird Server — DefaultInstance» успешно отправила управляющий элемент «запустить».

Record Number: 237
Source Name: Service Control Manager
Time Written: 20090124114626.000000+120
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: ALI-B872781B05B
Event Code: 7036
Message: Служба «Служба COM записи компакт-дисков IMAPI» перешла в состояние Работает.

Record Number: 236
Source Name: Service Control Manager
Time Written: 20090124114626.000000+120
Event Type: информация
User:

Computer Name: ALI-B872781B05B
Event Code: 7035
Message: Служба «Служба COM записи компакт-дисков IMAPI» успешно отправила управляющий элемент «запустить».

Record Number: 235
Source Name: Service Control Manager
Time Written: 20090124114626.000000+120
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: ALI-B872781B05B
Event Code: 7036
Message: Служба «Совместимость быстрого переключения пользователей» перешла в состояние Работает.

Record Number: 234
Source Name: Service Control Manager
Time Written: 20090124114624.000000+120
Event Type: информация
User:

Computer Name: ALI-B872781B05B
Event Code: 7035
Message: Служба «Совместимость быстрого переключения пользователей» успешно отправила управляющий элемент «запустить».

Record Number: 233
Source Name: Service Control Manager
Time Written: 20090124114624.000000+120
Event Type: информация
User: NT AUTHORITYSYSTEM

Application event log

Computer Name: ALI-B872781B05B
Event Code: 4
Message: The EWA net Server service has started.

Record Number: 537
Source Name: EWA net Server
Time Written: 20090130080156.000000+120
Event Type: информация
User:

Computer Name: ALI-B872781B05B
Event Code: 4097
Message: Service started:

Record Number: 536
Source Name: EWA net DB WIS
Time Written: 20090130080156.000000+120
Event Type: информация
User:

Computer Name: ALI-B872781B05B
Event Code: 4097
Message: Service started:

Record Number: 535
Source Name: EWA net DB Core
Time Written: 20090130080156.000000+120
Event Type: информация
User:

Computer Name: ALI-B872781B05B
Event Code: 1517
Message: Реестр пользователя ALI-B872781B05BAli был сохранен в то время, как приложение или служба продолжали использовать его во время выхода из системы. Используемая реестром пользователя память не была освобождена. Реестр будет выгружен, когда он не будет использоваться.

Возможная причина — службы, выполняемые от имени пользователя. Попробуйте изменить настройку служб и задать их выполнение с учетными записями LocalService или NetworkService.

Record Number: 534
Source Name: Userenv
Time Written: 20090129172830.000000+120
Event Type: предупреждение
User: NT AUTHORITYSYSTEM

Computer Name: ALI-B872781B05B
Event Code: 1800
Message: Служба центра обеспечения безопасности Windows запущена.

Record Number: 533
Source Name: SecurityCenter
Time Written: 20090129070940.000000+120
Event Type: информация
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«FP_NO_HOST_CHECK»=NO
«NUMBER_OF_PROCESSORS»=2
«OS»=Windows_NT
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 67 Stepping 2, AuthenticAMD
«PROCESSOR_LEVEL»=15
«PROCESSOR_REVISION»=4302
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«windir»=%SystemRoot%
«EXTPROC_DLLS»=ANY
«QLinkSBU»=Automotive

---

EOF

---

[alekst5]

Logfile of random’s system information tool 1.05 (written by random/random)
Run by Ali at 2009-02-11 14:01:58
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 18 GB (44%) free of 42 GB
Total RAM: 1919 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:02:13, on 11.02.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAviraAntiVir PersonalEdition Classicsched.exe
C:Program FilesAviraAntiVir PersonalEdition Classicavguard.exe
e:EWA netdatabaseTransBase EWAtbmux32.exe
e:EWA netdatabaseTransBase EPCtbmux32.exe
e:EWA netdatabaseTransBase WIStbmux32.exe
e:EWA netserverbintomcat.exe
C:Program FilesFirebirdFirebird_1_5binfbguard.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesBHPSPmap1binMapperMonService.exe
C:Program FilesBHPSJRE142binjavaw.exe
C:PROGRA~1BHPSlicbinlmgrd.exe
C:WINDOWSsrvany.exe
C:HORWB05DSNextGenRRBANXGN.exe
C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe
C:PROGRA~1BHPSlicbinbhepcls.exe
e:BMWgroupETKLokaltransbasetbmux32.exe
D:TECDOC_CD1_2009dbtbmux32.exe
C:Program FilesBHPSGmgbinDBMonService.exe
C:Program FilesBHPSMAPUbinDBMonService.exe
C:Program FilesBHPSGmgbinTomcatMonService.exe
C:Program FilesBHPSJRE142binjava.exe
C:Program FilesBHPSGmgbintbmux32.exe
C:Program FilesBHPSMAPUbintbmux32.exe
C:WINDOWSExplorer.EXE
C:Program FilesFirebirdFirebird_1_5binfbserver.exe
e:EWA netdatabaseTransBase EPCtbkern32.exe
C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe
C:WINDOWSsystem32jwtch32.exe
C:WINDOWSsystem32otmspr.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesPunto Switcherpunto.exe
e:EWA netdatabaseTransBase EWAtbkern32.exe
C:Program FilesInternet Exploreriexplore.exe
D:Program FilesQIP Infiuminfium.exe
C:Program FilesBHPSGmgbintbkern32.exe
C:Program FilesBHPSGmgbintbkern32.exe
C:Program FilesBHPSGmgbintbkern32.exe
C:Program FilesBHPSGmgbintbkern32.exe
C:Program FilesBHPSGmgbintbkern32.exe
C:Program FilesBHPSGmgbintbkern32.exe
C:Program FilesBHPSGmgbintbkern32.exe
C:Program FilesBHPSGmgbintbkern32.exe
C:Program FilesBHPSGmgbintbkern32.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsAliМои документыantivirRSIT.exe
C:Program Filestrend microAli.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: Adobe PDF Link Helper — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Spybot-S&D IE Protection — {53707962-6F74-2D53-2644-206D7942484F} — d:PROGRA~1Spybot — Search & DestroySDHelper.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.5.0_11binssv.dll
O4 — HKLM..Run: [avgnt] «C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe» /min
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [Microsoft netswitch] C:WINDOWSsystem32jwtch32.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [nwiz] nwiz.exe /install
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O6 — HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.5.0_11binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.5.0_11binssv.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: (no name) — {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} — d:PROGRA~1Spybot — Search & DestroySDHelper.dll
O9 — Extra ‘Tools’ menuitem: Spybot — Search & Destroy Configuration — {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} — d:PROGRA~1Spybot — Search & DestroySDHelper.dll
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{3B6A54E2-227E-4BE3-BFDC-5A809610C40D}: NameServer = 192.168.1.1
O23 — Service: Avira AntiVir Personal — Free Antivirus Scheduler (AntiVirScheduler) — Avira GmbH — C:Program FilesAviraAntiVir PersonalEdition Classicsched.exe
O23 — Service: Avira AntiVir Personal — Free Antivirus Guard (AntiVirService) — Avira GmbH — C:Program FilesAviraAntiVir PersonalEdition Classicavguard.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: EWA net DB Core — Transaction Software, D 81737 Munich — e:EWA netdatabaseTransBase EWAtbmux32.exe
O23 — Service: EWA net DB EPC — Transaction Software, D 81737 Munich — e:EWA netdatabaseTransBase EPCtbmux32.exe
O23 — Service: EWA net DB WIS — Transaction Software, D 81737 Munich — e:EWA netdatabaseTransBase WIStbmux32.exe
O23 — Service: EWA net Server — Alexandria Software Consulting — e:EWA netserverbintomcat.exe
O23 — Service: Firebird Guardian — DefaultInstance (FirebirdGuardianDefaultInstance) — The Firebird Project — C:Program FilesFirebirdFirebird_1_5binfbguard.exe
O23 — Service: Firebird Server — DefaultInstance (FirebirdServerDefaultInstance) — The Firebird Project — C:Program FilesFirebirdFirebird_1_5binfbserver.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Pml Driver HPZ12 — HP — C:WINDOWSsystem32HPZipm12.exe
O23 — Service: pqeauto.database.dbmonitor.GMG — ProQuest Business Solutions — C:Program FilesBHPSGmgbinDBMonService.exe
O23 — Service: pqeauto.database.dbmonitor.MAPU — ProQuest Business Solutions — C:Program FilesBHPSMAPUbinDBMonService.exe
O23 — Service: pqeauto.energy.mappermonitor — ProQuest Business Solutions — C:Program FilesBHPSPmap1binMapperMonService.exe
O23 — Service: pqeauto.engine.tomcatmonitor.GMG — ProQuest Business Solutions — C:Program FilesBHPSGmgbinTomcatMonService.exe
O23 — Service: ProQuest Product License Manager — Macrovision Corporation — C:PROGRA~1BHPSlic\binlmgrd.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: RRBANXGN — Unknown owner — C:WINDOWSsrvany.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: PC Tools Auxiliary Service (sdAuxService) — PC Tools — d:Program FilesSpyware DoctorpctsAuxs.exe
O23 — Service: PC Tools Security Service (sdCoreService) — PC Tools — d:Program FilesSpyware DoctorpctsSvc.exe
O23 — Service: StarWind iSCSI Service (StarWindService) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe
O23 — Service: Transbase — Transaction Software, D 81737 Munich — e:BMWgroupETKLokaltransbasetbmux32.exe
O23 — Service: Transbase TECDOC CD 1_2009 Service — Transaction Software, D 81829 Munich — D:TECDOC_CD1_2009dbtbmux32.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 9104 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection — d:PROGRA~1Spybot — Search & DestroySDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.5.0_11binssv.dll [2006-12-15 440056]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«avgnt»=C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe [2008-06-12 266497]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2006-06-29 7626752]
«nwiz»=nwiz.exe /install []
«Microsoft netswitch»=C:WINDOWSsystem32jwtch32.exe [2009-02-06 24064]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-18 15360]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-16 735016]
«nwiz»=nwiz.exe /install []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSpybotSD TeaTimer]
d:Program FilesSpybot — Search & DestroyTeaTimer.exe [2008-09-16 1833296]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdauxservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsdcoreservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdauxservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksdcoreservice]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoResolveSearch»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«E:BMWgroupETKLokaljavaclientjre1.5.0_11binjava.exe»=»E:BMWgroupETKLokaljavaclientjre1.5.0_11binjava.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary»
«E:BMWgroupETKLokaljavaclientETK.exe»=»E:BMWgroupETKLokaljavaclientETK.exe:*:Enabled:ETK»
«E:ePERj2sdk1.4.1binjavaw.exe»=»E:ePERj2sdk1.4.1binjavaw.exe:*:Enabled:javaw»
«D:Program FilesuTorrentuTorrent.exe»=»D:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
«C:Program FilesHewlett-PackardToolbox2.0JavasoftJRE1.3.1binjavaw.exe»=»C:Program FilesHewlett-PackardToolbox2.0JavasoftJRE1.3.1binjavaw.exe:*:Enabled:javaw»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»
«C:WINDOWSsystem32otmspr.exe»=»C:WINDOWSsystem32otmspr.exe:*:Enabled:otmspr»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{eaf5cef2-f409-11dd-8ad3-001a920728df}]
shellAutoRuncommand — G:.SystemS-1-6-21-2434476501-1644491937-600003330-1213Autorun.exe
shellopencommand — G:.SystemS-1-6-21-2434476501-1644491937-600003330-1213Autorun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f06d6d76-ef5a-11dd-8ad1-001a920728df}]
shellAutoRuncommand — G:.SystemS-1-6-21-2434476501-1644491937-600003330-1213Autorun.exe
shellopencommand — G:.SystemS-1-6-21-2434476501-1644491937-600003330-1213Autorun.exe

======List of files/folders created in the last 1 months======

2009-02-11 14:01:58 —-D—- C:rsit
2009-02-11 14:01:58 —-D—- C:Program Filestrend micro
2009-02-11 13:25:04 —-A—- C:WINDOWSsystem32iconlib.dll
2009-02-11 13:24:42 —-A—- C:WINDOWSsystem32vnetlib.dll
2009-02-11 13:24:42 —-A—- C:WINDOWSsystem32ulib.dll
2009-02-11 13:24:42 —-A—- C:WINDOWSsystem32typelib.dll
2009-02-11 13:24:42 —-A—- C:WINDOWSsystem32samlib000.dll
2009-02-11 13:24:42 —-A—- C:WINDOWSsystem32samlib.dll
2009-02-11 13:24:42 —-A—- C:WINDOWSsystem32fltlib.dll
2009-02-11 13:24:42 —-A—- C:WINDOWSsystem32dbnetlib.dll
2009-02-11 13:24:42 —-A—- C:WINDOWSsystem32atmlib.dll
2009-02-11 13:24:41 —-RA—- C:WINDOWSsystem32V2iDiskLib.dll
2009-02-11 12:51:44 —-A—- C:WINDOWSntbtlog.txt
2009-02-11 12:44:22 —-D—- C:_OTMoveIt
2009-02-11 11:24:26 —-D—- C:WINDOWSpss
2009-02-11 11:04:58 —-D—- C:Documents and SettingsAll UsersApplication DataSpybot — Search & Destroy
2009-02-11 10:08:21 —-D—- C:RootkitNO
2009-02-11 08:29:41 —-D—- C:Documents and SettingsAliApplication DataPointstone
2009-02-10 08:12:20 —-A—- C:WINDOWSsystem32otmspr.exe
2009-02-10 08:12:20 —-A—- C:WINDOWSsystem32jwtch32.exe
2009-02-09 11:54:56 —-A—- C:WINDOWSiun506.exe
2009-02-08 02:46:00 —-D—- C:HORWA05DS
2009-02-06 07:26:35 —-D—- C:Program FilesPunto Switcher
2009-02-03 15:06:20 —-D—- C:Documents and SettingsAliApplication DataDisney Interactive Studios
2009-02-03 15:06:06 —-A—- C:WINDOWSsystem32D3DX9_40.dll
2009-02-03 15:06:06 —-A—- C:WINDOWSsystem32d3dx10_40.dll
2009-02-03 15:06:06 —-A—- C:WINDOWSsystem32D3DCompiler_40.dll
2009-02-03 15:06:05 —-A—- C:WINDOWSsystem32XAudio2_3.dll
2009-02-03 15:06:05 —-A—- C:WINDOWSsystem32XAPOFX1_2.dll
2009-02-03 15:06:05 —-A—- C:WINDOWSsystem32xactengine3_3.dll
2009-02-03 15:06:05 —-A—- C:WINDOWSsystem32X3DAudio1_5.dll
2009-02-03 15:06:04 —-A—- C:WINDOWSsystem32XAudio2_2.dll
2009-02-03 15:06:04 —-A—- C:WINDOWSsystem32XAPOFX1_1.dll
2009-02-03 15:06:04 —-A—- C:WINDOWSsystem32xactengine3_2.dll
2009-02-03 15:06:04 —-A—- C:WINDOWSsystem32D3DCompiler_39.dll
2009-02-03 15:06:03 —-A—- C:WINDOWSsystem32XAudio2_1.dll
2009-02-03 15:06:03 —-A—- C:WINDOWSsystem32XAPOFX1_0.dll
2009-02-03 15:06:03 —-A—- C:WINDOWSsystem32D3DX9_39.dll
2009-02-03 15:06:03 —-A—- C:WINDOWSsystem32d3dx10_39.dll
2009-02-03 15:06:02 —-A—- C:WINDOWSsystem32xactengine3_1.dll
2009-02-03 15:06:02 —-A—- C:WINDOWSsystem32X3DAudio1_4.dll
2009-02-03 15:06:02 —-A—- C:WINDOWSsystem32d3dx10_38.dll
2009-02-03 15:06:02 —-A—- C:WINDOWSsystem32D3DCompiler_38.dll
2009-02-03 15:06:01 —-A—- C:WINDOWSsystem32XAudio2_0.dll
2009-02-03 15:06:01 —-A—- C:WINDOWSsystem32xactengine3_0.dll
2009-02-03 15:06:01 —-A—- C:WINDOWSsystem32D3DX9_38.dll
2009-02-03 15:06:00 —-A—- C:WINDOWSsystem32X3DAudio1_3.dll
2009-02-03 15:06:00 —-A—- C:WINDOWSsystem32D3DX9_37.dll
2009-02-03 15:06:00 —-A—- C:WINDOWSsystem32d3dx10_37.dll
2009-02-03 15:06:00 —-A—- C:WINDOWSsystem32D3DCompiler_37.dll
2009-02-03 15:05:59 —-A—- C:WINDOWSsystem32xactengine2_10.dll
2009-02-03 15:05:59 —-A—- C:WINDOWSsystem32d3dx10_36.dll
2009-02-03 15:05:59 —-A—- C:WINDOWSsystem32D3DCompiler_36.dll
2009-02-03 15:05:58 —-A—- C:WINDOWSsystem32xactengine2_9.dll
2009-02-03 15:05:58 —-A—- C:WINDOWSsystem32d3dx9_36.dll
2009-02-03 15:05:57 —-A—- C:WINDOWSsystem32d3dx9_35.dll
2009-02-03 15:05:57 —-A—- C:WINDOWSsystem32d3dx10_35.dll
2009-02-03 15:05:57 —-A—- C:WINDOWSsystem32D3DCompiler_35.dll
2009-02-03 15:05:56 —-A—- C:WINDOWSsystem32xactengine2_8.dll
2009-02-03 15:05:56 —-A—- C:WINDOWSsystem32X3DAudio1_2.dll
2009-02-03 15:05:56 —-A—- C:WINDOWSsystem32d3dx9_34.dll
2009-02-03 15:05:56 —-A—- C:WINDOWSsystem32d3dx10_34.dll
2009-02-03 15:05:56 —-A—- C:WINDOWSsystem32D3DCompiler_34.dll
2009-02-03 15:05:55 —-A—- C:WINDOWSsystem32xinput1_3.dll
2009-02-03 15:05:55 —-A—- C:WINDOWSsystem32xactengine2_7.dll
2009-02-03 15:05:55 —-A—- C:WINDOWSsystem32d3dx10_33.dll
2009-02-03 15:05:54 —-A—- C:WINDOWSsystem32d3dx9_33.dll
2009-02-03 15:05:54 —-A—- C:WINDOWSsystem32D3DCompiler_33.dll
2009-02-03 15:05:53 —-A—- C:WINDOWSsystem32xactengine2_6.dll
2009-02-03 15:05:53 —-A—- C:WINDOWSsystem32xactengine2_5.dll
2009-02-03 15:05:53 —-A—- C:WINDOWSsystem32xactengine2_4.dll
2009-02-03 15:05:53 —-A—- C:WINDOWSsystem32x3daudio1_1.dll
2009-02-03 15:05:53 —-A—- C:WINDOWSsystem32d3dx9_32.dll
2009-02-03 15:05:52 —-A—- C:WINDOWSsystem32xinput1_2.dll
2009-02-03 15:05:52 —-A—- C:WINDOWSsystem32xinput1_1.dll
2009-02-03 15:05:52 —-A—- C:WINDOWSsystem32xactengine2_3.dll
2009-02-03 15:05:52 —-A—- C:WINDOWSsystem32xactengine2_2.dll
2009-02-03 15:05:52 —-A—- C:WINDOWSsystem32d3dx9_31.dll
2009-02-03 15:05:51 —-A—- C:WINDOWSsystem32xactengine2_1.dll
2009-02-03 15:05:50 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2009-02-03 15:05:49 —-A—- C:WINDOWSsystem32xactengine2_0.dll
2009-02-03 15:05:49 —-A—- C:WINDOWSsystem32x3daudio1_0.dll
2009-02-03 15:05:49 —-A—- C:WINDOWSsystem32d3dx9_29.dll
2009-02-03 15:05:49 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2009-02-03 15:05:48 —-A—- C:WINDOWSsystem32xinput9_1_0.dll
2009-02-03 15:05:48 —-A—- C:WINDOWSsystem32d3dx9_27.dll
2009-02-03 15:05:48 —-A—- C:WINDOWSsystem32d3dx9_26.dll
2009-02-03 15:05:48 —-A—- C:WINDOWSsystem32d3dx9_25.dll
2009-02-03 15:05:47 —-A—- C:WINDOWSsystem32d3dx9_24.dll
2009-02-03 14:53:55 —-D—- C:WINDOWSLogs
2009-02-03 10:15:43 —-D—- C:SEINSA
2009-02-03 10:15:39 —-D—- C:SEINSAF
2009-01-30 14:48:58 —-A—- C:WINDOWSNeroDigital.ini
2009-01-30 08:59:36 —-N—- C:WINDOWSsystem32TwnLib4.dll
2009-01-30 08:59:36 —-N—- C:WINDOWSsystem32ImagXRA7.dll
2009-01-30 08:59:36 —-N—- C:WINDOWSsystem32ImagXR7.dll
2009-01-30 08:59:36 —-N—- C:WINDOWSsystem32ImagXpr7.dll
2009-01-30 08:59:36 —-N—- C:WINDOWSsystem32ImagX7.dll
2009-01-30 08:59:36 —-A—- C:WINDOWSsystem32TwnLib20.dll
2009-01-30 08:59:35 —-D—- C:Program FilesCommon FilesAhead
2009-01-30 08:59:35 —-D—- C:Program FilesAhead
2009-01-30 08:59:35 —-A—- C:WINDOWSsystem32NeroCheck.exe
2009-01-30 08:58:52 —-D—- C:Program FilesYahoo!
2009-01-30 08:38:50 —-D—- C:Documents and SettingsAliApplication DataMedia Player Classic
2009-01-30 08:38:34 —-A—- C:WINDOWSsystem32unrar.dll
2009-01-30 08:38:32 —-A—- C:WINDOWSsystem32yv12vfw.dll
2009-01-30 08:38:32 —-A—- C:WINDOWSsystem32xvidvfw.dll
2009-01-30 08:38:32 —-A—- C:WINDOWSsystem32xvidcore.dll
2009-01-30 08:38:32 —-A—- C:WINDOWSsystem32qt-dx331.dll
2009-01-30 08:38:32 —-A—- C:WINDOWSsystem32dpl100.dll
2009-01-30 08:38:32 —-A—- C:WINDOWSsystem32divx.dll
2009-01-30 08:38:31 —-A—- C:WINDOWSsystem32ff_vfw.dll.manifest
2009-01-30 08:38:31 —-A—- C:WINDOWSsystem32ff_vfw.dll
2009-01-30 08:38:30 —-D—- C:Program FilesK-Lite Codec Pack
2009-01-28 13:29:54 —-D—- C:SZMMODEM
2009-01-28 13:25:00 —-D—- C:szakalCD
2009-01-28 10:39:12 —-D—- C:Documents and SettingsAliApplication DataPC Tools
2009-01-28 10:24:41 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-01-28 09:49:42 —-D—- C:Documents and SettingsAliApplication DataICQ
2009-01-28 09:49:23 —-D—- C:Program FilesICQ6.5
2009-01-28 09:42:41 —-D—- C:Program FilesQIP
2009-01-28 07:57:09 —-D—- C:Documents and SettingsAll UsersApplication DatanView_Profiles
2009-01-27 16:40:27 —-D—- C:Program FilesNVIDIA Corporation
2009-01-27 14:53:33 —-D—- C:Documents and SettingsAliApplication DataIObit
2009-01-27 14:53:32 —-D—- C:Program FilesIObit
2009-01-27 14:12:20 —-D—- C:Documents and SettingsAliApplication DataOpenOffice.org2
2009-01-27 11:59:25 —-D—- C:WINDOWSSun
2009-01-27 11:40:04 —-D—- C:Documents and SettingsAliApplication DataChemTable Software
2009-01-26 16:51:05 —-A—- C:WINDOWSNCUNINST.EXE
2009-01-26 16:46:08 —-D—- C:Program FilesCommon FilesSWF Studio
2009-01-26 16:39:12 —-D—- C:Program FilesHewlett-Packard
2009-01-26 16:38:09 —-A—- C:WINDOWSsystem32hptrace.ini
2009-01-26 16:37:39 —-A—- C:WINDOWShplj1010.ini
2009-01-26 14:27:20 —-D—- C:Program FilesCommon FilesAdobe AIR
2009-01-26 14:27:18 —-D—- C:Documents and SettingsAliApplication DataMacromedia
2009-01-26 14:26:49 —-D—- C:WINDOWSSxsCaPendDel
2009-01-26 13:49:50 —-D—- C:Documents and SettingsAliApplication DataAIMP
2009-01-26 13:49:45 —-D—- C:Program FilesAIMP2
2009-01-26 13:45:44 —-D—- C:Documents and SettingsAliApplication DatauTorrent
2009-01-26 13:45:37 —-D—- C:Program FilesWinRAR
2009-01-26 13:38:31 —-D—- C:Program FilesOpenOffice.org 2.3
2009-01-26 13:21:11 —-D—- C:Documents and SettingsAliApplication DataMiranda
2009-01-26 13:17:58 —-D—- C:Program FilesAvira
2009-01-26 13:17:58 —-D—- C:Documents and SettingsAll UsersApplication DataAvira
2009-01-26 13:09:24 —-A—- C:WINDOWSModemLog_Последовательный кабель для связи компьютеров.txt
2009-01-26 12:50:00 —-D—- C:Documents and SettingsAliApplication DataYandex
2009-01-26 12:49:54 —-D—- C:Documents and SettingsAliApplication DataMozilla
2009-01-26 12:49:50 —-D—- C:Program FilesMozilla Firefox
2009-01-26 12:43:58 —-D—- C:Documents and SettingsAliApplication DataQIP
2009-01-26 12:43:49 —-D—- C:Program FilesQIP Infium
2009-01-26 12:41:53 —-D—- C:Downloads
2009-01-26 12:41:47 —-D—- C:Documents and SettingsAliApplication DataDownload Master
2009-01-26 12:41:37 —-D—- C:Program FilesDownload Master
2009-01-26 10:25:52 —-D—- C:Program FilesMSXML 4.0
2009-01-25 21:58:05 —-D—- C:WASP
2009-01-25 21:55:16 —-A—- C:WINDOWSsystem32vfp8rrus.dll
2009-01-25 21:55:16 —-A—- C:WINDOWSsystem32vfp8rfra.dll
2009-01-25 21:55:16 —-A—- C:WINDOWSsystem32vfp8resn.dll
2009-01-25 21:55:16 —-A—- C:WINDOWSsystem32vfp8rdeu.dll
2009-01-25 21:55:15 —-A—- C:WINDOWSsystem32XiCr50.dll
2009-01-25 21:55:15 —-A—- C:WINDOWSsystem32vfp8t.dll
2009-01-25 21:55:15 —-A—- C:WINDOWSsystem32vfp8rkor.dll
2009-01-25 21:55:15 —-A—- C:WINDOWSsystem32vfp8renu.dll
2009-01-25 21:55:15 —-A—- C:WINDOWSsystem32vfp8rcsy.dll
2009-01-25 21:55:15 —-A—- C:WINDOWSsystem32vfp8r.dll
2009-01-25 21:55:15 —-A—- C:WINDOWSsystem32vfp8kor.dll
2009-01-25 21:55:15 —-A—- C:WINDOWSsystem32vfp8enu.dll
2009-01-25 21:55:15 —-A—- C:WINDOWSsystem32vfp8cht.dll
2009-01-25 21:55:15 —-A—- C:WINDOWSsystem32vfp8chs.dll
2009-01-25 21:55:15 —-A—- C:WINDOWSsystem32gdiplus.dll
2009-01-25 21:54:16 —-D—- C:Documents and SettingsAll UsersApplication DataInstallShield
2009-01-25 21:50:44 —-A—- C:WINDOWSsystem32textexpt.dll
2009-01-25 21:50:44 —-A—- C:WINDOWSsystem32rtfexpt.dll
2009-01-25 21:50:44 —-A—- C:WINDOWSsystem32pdfexpt.dll
2009-01-25 21:50:44 —-A—- C:WINDOWSsystem32actrpt.dll
2009-01-25 21:50:43 —-A—- C:WINDOWSsystem32ssprn32.dll
2009-01-25 21:48:47 —-A—- C:WINDOWSsystem32VFP6RUN.EXE
2009-01-25 21:48:47 —-A—- C:WINDOWSsystem32VFP6RENU.DLL
2009-01-25 21:48:47 —-A—- C:WINDOWSsystem32VFP6R.DLL
2009-01-25 21:38:32 —-D—- C:Documents and SettingsAll UsersApplication DataIC_Katalog
2009-01-25 21:38:23 —-D—- C:Program FilesCommon FilesInter Cars
2009-01-25 21:33:35 —-A—- C:WINDOWSpostinstall.exe
2009-01-25 21:32:31 —-A—- C:WINDOWSODBC.INI
2009-01-25 21:32:23 —-A—- C:WINDOWSiun507.exe
2009-01-25 21:32:19 —-D—- C:Program FilesCommon Filesdesigner
2009-01-25 21:21:39 —-N—- C:WINDOWSsystem32VB6STKIT.DLL
2009-01-25 21:21:39 —-N—- C:WINDOWSsystem32u2frtf.dll
2009-01-25 21:21:39 —-N—- C:WINDOWSsystem32u2fcr.dll
2009-01-25 21:21:39 —-N—- C:WINDOWSsystem32u2dmapi.dll
2009-01-25 21:21:39 —-N—- C:WINDOWSsystem32u2ddisk.dll
2009-01-25 21:21:39 —-N—- C:WINDOWSsystem32tdbgpp.dll
2009-01-25 21:21:39 —-N—- C:WINDOWSsystem32sviewhlp.dll
2009-01-25 21:21:39 —-N—- C:WINDOWSsystem32sscsdk32.dll
2009-01-25 21:21:39 —-N—- C:WINDOWSsystem32p2irdao.dll
2009-01-25 21:21:39 —-N—- C:WINDOWSsystem32p2ctdao.dll
2009-01-25 21:21:39 —-N—- C:WINDOWSsystem32p2bdao.dll
2009-01-25 21:21:38 —-N—- C:WINDOWSsystem32IMPLODE.DLL
2009-01-25 21:21:38 —-N—- C:WINDOWSsystem32DIBENG.DLL
2009-01-25 21:21:38 —-N—- C:WINDOWSsystem32crxlat32.dll
2009-01-25 21:21:38 —-N—- C:WINDOWSsystem32crpaig32.dll
2009-01-25 21:21:38 —-N—- C:WINDOWSsystem32craxdrt.dll
2009-01-25 19:10:37 —-D—- C:Documents and SettingsAll UsersApplication DataMacrovision
2009-01-25 19:10:22 —-D—- C:Program FilesMicrosoft.Net
2009-01-25 19:09:38 —-RSD—- C:WINDOWSassembly
2009-01-25 19:09:38 —-D—- C:WINDOWSsystem32URTTemp
2009-01-25 19:09:38 —-D—- C:WINDOWSMicrosoft.NET
2009-01-25 14:14:26 —-A—- C:WINDOWSsystem32wmpns.dll
2009-01-25 13:47:20 —-A—- C:WINDOWSsystem32msstkprp.dll
2009-01-25 13:47:20 —-A—- C:WINDOWSsystem32GAPI.DLL
2009-01-25 13:47:19 —-A—- C:WINDOWSSFEINST.INI
2009-01-24 17:29:45 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2009-01-24 17:29:42 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2009-01-24 17:29:39 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2009-01-24 17:29:36 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-01-24 17:29:32 —-HDC—- C:WINDOWS$NtUninstallKB955839$
2009-01-24 17:29:29 —-HDC—- C:WINDOWS$NtUninstallKB956391$
2009-01-24 17:29:22 —-HDC—- C:WINDOWS$NtUninstallKB958215$
2009-01-24 17:29:18 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-01-24 17:29:14 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2009-01-24 17:29:11 —-HDC—- C:WINDOWS$NtUninstallKB954211$
2009-01-24 17:29:05 —-HDC—- C:WINDOWS$NtUninstallKB956841$
2009-01-24 17:29:00 —-HDC—- C:WINDOWS$NtUninstallKB960714$
2009-01-24 17:28:56 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-01-24 17:28:54 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2009-01-24 17:28:51 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-01-24 17:28:48 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-01-24 17:28:45 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2009-01-24 17:28:41 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2009-01-24 17:28:37 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-01-24 17:28:35 —-HDC—- C:WINDOWS$NtUninstallKB938464$
2009-01-24 17:28:32 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-01-24 17:28:28 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-01-24 17:28:25 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-01-24 17:28:21 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-01-24 17:28:13 —-HDC—- C:WINDOWS$NtUninstallKB944338-v2$
2009-01-24 17:19:43 —-D—- C:WINDOWSsystem32CatRoot_bak
2009-01-24 17:09:13 —-D—- C:WINDOWSsystem32PreInstall
2009-01-24 17:09:12 —-N—- C:WINDOWSsystem32spmsg.dll
2009-01-24 17:09:11 —-HDC—- C:WINDOWS$NtUninstallKB898461$
2009-01-24 17:09:11 —-HD—- C:WINDOWS$hf_mig$
2009-01-24 16:57:05 —-D—- C:HORWB05DS
2009-01-24 16:57:05 —-A—- C:WINDOWSsrvany.exe
2009-01-24 16:57:05 —-A—- C:WINDOWSnextgen.ini
2009-01-24 16:57:05 —-A—- C:WINDOWSinstsrv.exe
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32vbar2232.DLL
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32ssmedt32.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32msrd2x32.DLL
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32msjter32.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32MSJT3032.DLL
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Msjint32.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Msaddndr.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Mfcans32.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Lttwn10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Ltkrn10w.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Ltkrn10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Ltimg10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Ltfil10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Ltefx10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Ltdis10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Ltann10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Lfwmf10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Lftif10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Lfpcx10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Lflmb10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Lffax10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Lfcmp10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Lfbmp10n.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Dwsdes32.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32Dataview.dll
2009-01-24 16:56:47 —-A—- C:WINDOWSsystem32DAO3032.DLL
2009-01-24 16:56:45 —-A—- C:WINDOWSsystem32Odbctl32.dll
2009-01-24 16:56:44 —-AC—- C:WINDOWSRegsvr32.exe

[alekst5]

2009-01-24 16:56:44 —-A—- C:WINDOWSsystem32qpro32.dll
2009-01-24 16:56:44 —-A—- C:WINDOWSsystem32HNMSG32N.DLL
2009-01-24 16:56:44 —-A—- C:WINDOWSsystem32Gswdll32.dll
2009-01-24 16:56:44 —-A—- C:WINDOWSsystem32Gsw.exe
2009-01-24 16:56:44 —-A—- C:WINDOWSsystem32faxdll32.dll
2009-01-24 16:56:44 —-A—- C:WINDOWSsystem32DWSPYVB6.DLL
2009-01-24 16:56:44 —-A—- C:WINDOWSsystem32DWSPY36.DLL
2009-01-24 16:56:44 —-A—- C:WINDOWSsystem32DWSPY32.DLL
2009-01-24 16:56:44 —-A—- C:WINDOWSRegsvr16.exe
2009-01-24 16:43:57 —-D—- C:Documents and SettingsAliApplication DataSun
2009-01-24 16:27:17 —-A—- C:WINDOWSsystem32javaws.exe
2009-01-24 16:27:17 —-A—- C:WINDOWSsystem32javaw.exe
2009-01-24 16:27:17 —-A—- C:WINDOWSsystem32java.exe
2009-01-24 16:16:34 —-D—- C:WINDOWSsystem32logs
2009-01-24 16:15:20 —-N—- C:WINDOWSsystem32font.ini
2009-01-24 16:15:19 —-N—- C:WINDOWSsystem32hpnls.dll
2009-01-24 16:15:19 —-N—- C:WINDOWSsystem32HPLog.dll
2009-01-24 16:11:26 —-D—- C:WINDOWSProfiles
2009-01-24 16:11:26 —-D—- C:Documents and SettingsAliApplication DataInterTrust
2009-01-24 16:11:19 —-A—- C:WINDOWSIsUninst.exe
2009-01-24 15:47:27 —-D—- C:WINDOWSsystem32SoftwareDistribution
2009-01-24 15:18:50 —-D—- C:Documents and SettingsAliApplication DataHelp
2009-01-24 15:03:32 —-D—- C:Program FilesCommon FilesSpielberg DMS
2009-01-24 15:03:32 —-A—- C:WINDOWSsystem32ldf251.dll
2009-01-24 15:03:32 —-A—- C:WINDOWSsystem32dslang32.dll
2009-01-24 15:03:28 —-A—- C:WINDOWSsystem32acgm.dll
2009-01-24 15:03:24 —-A—- C:WINDOWSsystem32snbdpl1.dll
2009-01-24 15:03:24 —-A—- C:WINDOWSsystem32snbd9dm.dll
2009-01-24 15:03:24 —-A—- C:WINDOWSsystem32snbd8w98.dll
2009-01-24 15:03:24 —-A—- C:WINDOWSsystem32snbd10dm.dll
2009-01-24 15:03:24 —-A—- C:WINDOWSsystem32igsnrn22.dll
2009-01-24 15:03:24 —-A—- C:WINDOWSsystem32igsnpb22.dll
2009-01-24 15:03:24 —-A—- C:WINDOWSsystem32igsnol22.dll
2009-01-24 15:03:24 —-A—- C:WINDOWSsystem32Igsncx22.dll
2009-01-24 15:03:24 —-A—- C:WINDOWSsystem32igsncm22.dll
2009-01-24 14:48:03 —-A—- C:WINDOWSCCatalog.ini
2009-01-24 14:40:13 —-A—- C:WINDOWSsystem32GEAR32PD.DLL
2009-01-24 14:40:11 —-A—- C:WINDOWSsystem32msvcr70.dll
2009-01-24 14:33:19 —-A—- C:WINDOWSEPC30.04.07 Uninstaller.exe
2009-01-24 14:31:13 —-D—- C:Program FilesJava
2009-01-24 14:31:13 —-D—- C:Program FilesEPC30.04.07
2009-01-24 14:31:13 —-D—- C:Program FilesCommon FilesJava
2009-01-24 14:31:13 —-D—- C:Program FilesCommon FilesBHPS
2009-01-24 14:31:13 —-D—- C:Program FilesBHPS
2009-01-24 14:31:13 —-D—- C:bhdata
2009-01-24 14:28:02 —-A—- C:WINDOWSNFINST.INI
2009-01-24 14:27:58 —-A—- C:WINDOWSsystem32Ot60as.dll
2009-01-24 14:27:58 —-A—- C:WINDOWSsystem32Osc60as.dll
2009-01-24 14:27:58 —-A—- C:WINDOWSsystem32Og70as.dll
2009-01-24 14:27:58 —-A—- C:WINDOWSsystem32Oe60as.dll
2009-01-24 14:27:57 —-D—- C:WINDOWSCRYSTAL
2009-01-24 14:27:57 —-A—- C:WINDOWSsystem32P2BBND.DLL
2009-01-24 14:27:57 —-A—- C:WINDOWSsystem32CTDAO.DLL
2009-01-24 14:27:57 —-A—- C:WINDOWSsystem32CO2C40EN.DLL
2009-01-24 13:54:12 —-A—- C:WINDOWSMAZEPC.INI
2009-01-24 13:50:00 —-D—- C:Documents and SettingsAliApplication DataAdobe
2009-01-24 13:49:04 —-D—- C:WINDOWSsystem32Adobe
2009-01-24 13:48:47 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-01-24 13:48:44 —-D—- C:Program FilesCommon FilesAdobe
2009-01-24 13:48:44 —-D—- C:Program FilesAdobe
2009-01-24 13:18:28 —-D—- C:WINDOWSsystem32c
2009-01-24 13:07:36 —-HD—- C:WINDOWSmsdownld.tmp
2009-01-24 12:45:17 —-A—- C:WINDOWSuninst.exe
2009-01-24 12:40:15 —-D—- C:WINDOWSTemp~~e5.0001.dir.0001
2009-01-24 12:40:09 —-D—- C:WINDOWSTemp~~e5.0001.dir.0000
2009-01-24 12:04:21 —-A—- C:WINDOWSsystem32h323log.txt
2009-01-24 11:58:10 —-A—- C:WINDOWSsystem32usbui.dll
2009-01-24 11:57:15 —-A—- C:WINDOWSimsins.BAK
2009-01-24 11:57:14 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-24 11:57:13 —-SHD—- C:WINDOWSInstaller
2009-01-24 11:57:13 —-D—- C:Program FilesCommon FilesODBC
2009-01-24 11:57:13 —-A—- C:WINDOWSODBCINST.INI
2009-01-24 11:57:10 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-01-24 11:57:09 —-RD—- C:Program Files
2009-01-24 11:57:09 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-01-24 11:57:09 —-D—- C:Program FilesCommon Files
2009-01-24 11:57:06 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-01-24 11:57:06 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-01-24 11:57:06 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-01-24 11:57:03 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-01-24 11:57:03 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-01-24 11:57:03 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-01-24 11:57:03 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-01-24 11:57:03 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-01-24 11:57:03 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-01-24 11:57:03 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-01-24 11:57:02 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-01-24 11:57:02 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-01-24 11:57:02 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-01-24 11:57:01 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-01-24 11:57:01 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-01-24 11:56:59 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-01-24 11:56:55 —-A—- C:WINDOWSsystem32kbdycc.dll
2009-01-24 11:56:55 —-A—- C:WINDOWSsystem32kbduzb.dll
2009-01-24 11:56:55 —-A—- C:WINDOWSsystem32kbdur.dll
2009-01-24 11:56:55 —-A—- C:WINDOWSsystem32kbdtat.dll
2009-01-24 11:56:55 —-A—- C:WINDOWSsystem32kbdmon.dll
2009-01-24 11:56:55 —-A—- C:WINDOWSsystem32kbdkyr.dll
2009-01-24 11:56:55 —-A—- C:WINDOWSsystem32kbdkaz.dll
2009-01-24 11:56:55 —-A—- C:WINDOWSsystem32kbdbu.dll
2009-01-24 11:56:55 —-A—- C:WINDOWSsystem32kbdaze.dll
2009-01-24 11:56:54 —-A—- C:WINDOWSsystem32kbdblr.dll
2009-01-24 11:56:54 —-A—- C:WINDOWSsystem32irclass.dll
2009-01-24 11:56:53 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-01-24 11:56:53 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-01-24 11:56:53 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-01-24 11:56:53 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-01-24 11:56:50 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-01-24 11:56:50 —-A—- C:WINDOWSTASKMAN.EXE
2009-01-24 11:56:50 —-A—- C:WINDOWSsystem32batt.dll
2009-01-24 11:56:49 —-A—- C:WINDOWSNOTEPAD.EXE
2009-01-24 11:56:48 —-A—- C:WINDOWSsystem32storprop.dll
2009-01-24 11:56:42 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-01-24 11:56:38 —-RA—- C:WINDOWSSET8.tmp
2009-01-24 11:56:36 —-RA—- C:WINDOWSSET4.tmp
2009-01-24 11:56:34 —-RA—- C:WINDOWSSET3.tmp
2009-01-24 11:56:30 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-24 11:56:30 —-D—- C:WINDOWSsystem32CatRoot
2009-01-24 11:56:25 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-01-24 11:56:03 —-A—- C:WINDOWSsetuplog.txt
2009-01-24 11:56:01 —-D—- C:Documents and Settings
2009-01-24 11:55:13 —-SH—- C:boot.ini
2009-01-24 11:53:03 —-SHD—- C:System Volume Information
2009-01-24 11:49:20 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-01-24 11:49:20 —-RSD—- C:WINDOWSFonts
2009-01-24 11:49:20 —-RD—- C:WINDOWSWeb
2009-01-24 11:49:20 —-HD—- C:WINDOWSinf
2009-01-24 11:49:20 —-D—- C:WINDOWSWinSxS
2009-01-24 11:49:20 —-D—- C:WINDOWStwain_32
2009-01-24 11:49:20 —-D—- C:WINDOWSTemp
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32wins
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32wbem
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32usmt
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32spool
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32ShellExt
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32Setup
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32ras
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32oobe
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32npp
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32mui
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32inetsrv
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32IME
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32icsxml
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32ias
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32export
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32drivers
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32dhcp
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32config
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem323com_dmi
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem323076
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem322052
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem321054
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem321049
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem321042
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem321041
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem321037
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem321033
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem321031
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem321028
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem321025
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem32
2009-01-24 11:49:20 —-D—- C:WINDOWSsystem
2009-01-24 11:49:20 —-D—- C:WINDOWSsecurity
2009-01-24 11:49:20 —-D—- C:WINDOWSResources
2009-01-24 11:49:20 —-D—- C:WINDOWSrepair
2009-01-24 11:49:20 —-D—- C:WINDOWSProvisioning
2009-01-24 11:49:20 —-D—- C:WINDOWSPeerNet
2009-01-24 11:49:20 —-D—- C:WINDOWSpchealth
2009-01-24 11:49:20 —-D—- C:WINDOWSmui
2009-01-24 11:49:20 —-D—- C:WINDOWSmsapps
2009-01-24 11:49:20 —-D—- C:WINDOWSmsagent
2009-01-24 11:49:20 —-D—- C:WINDOWSMedia
2009-01-24 11:49:20 —-D—- C:WINDOWSjava
2009-01-24 11:49:20 —-D—- C:WINDOWSime
2009-01-24 11:49:20 —-D—- C:WINDOWSHelp
2009-01-24 11:49:20 —-D—- C:WINDOWSDriver Cache
2009-01-24 11:49:20 —-D—- C:WINDOWSDebug
2009-01-24 11:49:20 —-D—- C:WINDOWSCursors
2009-01-24 11:49:20 —-D—- C:WINDOWSConnection Wizard
2009-01-24 11:49:20 —-D—- C:WINDOWSConfig
2009-01-24 11:49:20 —-D—- C:WINDOWSAppPatch
2009-01-24 11:49:20 —-D—- C:WINDOWSaddins
2009-01-24 11:49:20 —-D—- C:WINDOWS
2009-01-24 11:48:25 —-D—- C:Documents and SettingsAliApplication DataFileMaker
2009-01-24 11:44:38 —-D—- C:Program FilesMicrosoft Office
2009-01-24 11:43:57 —-A—- C:WINDOWSsystem32GDS32.DLL
2009-01-24 11:43:56 —-D—- C:Program FilesFirebird
2009-01-24 11:42:31 —-D—- C:Program Files7-Zip
2009-01-24 11:37:58 —-D—- C:Program FilesOpenOffice.org 2.0.3
2009-01-24 11:33:17 —-SHD—- C:RECYCLER
2009-01-24 11:31:55 —-D—- C:Program FilesAlcohol Soft
2009-01-24 11:30:25 —-D—- C:Program FilesCommon FilesBorland Shared
2009-01-24 11:30:15 —-A—- C:WINDOWSIsUn0419.exe
2009-01-24 11:03:15 —-D—- C:Temp
2009-01-24 10:54:52 —-A—- C:WINDOWSsystem32wpa.bak
2009-01-24 10:47:30 —-RA—- C:WINDOWSsystem32PostProc.dll
2009-01-24 10:47:30 —-RA—- C:WINDOWSsystem32a3d.dll
2009-01-24 10:47:25 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-01-24 10:47:21 —-N—- C:WINDOWSsystem32wdmioctl.dll
2009-01-24 10:47:20 —-N—- C:WINDOWSsystem32SMMedia.dll
2009-01-24 10:47:18 —-N—- C:WINDOWSsystem32DSndUp.exe
2009-01-24 10:47:18 —-N—- C:WINDOWSsystem32CleanUp.exe
2009-01-24 10:47:18 —-D—- C:Program FilesAnalog Devices
2009-01-24 10:47:16 —-HD—- C:Program FilesInstallShield Installation Information
2009-01-24 10:46:31 —-A—- C:WINDOWSsystem32ksuser.dll
2009-01-24 10:46:24 —-A—- C:WINDOWSsystem32spupdsvc.exe
2009-01-24 10:46:23 —-HDC—- C:WINDOWS$NtUninstallKB888111WXPSP2$
2009-01-24 10:45:46 —-D—- C:Program FilesCommon FilesInstallShield
2009-01-24 10:45:13 —-A—- C:WINDOWSAS_Debug.txt
2009-01-24 10:36:45 —-RA—- C:WINDOWSsystem32fdco1ins.dll
2009-01-24 10:36:45 —-RA—- C:WINDOWSsystem32fdco1.dll
2009-01-24 10:36:32 —-D—- C:WINDOWSNV3801880.TMP
2009-01-24 10:36:32 —-A—- C:WINDOWSsystem32nvunrm.exe
2009-01-24 10:36:31 —-RA—- C:WINDOWSsystem32nvconrm.dll
2009-01-24 10:36:31 —-RA—- C:WINDOWSsystem32bdco1ins.dll
2009-01-24 10:36:31 —-RA—- C:WINDOWSsystem32bdco1.dll
2009-01-24 10:34:21 —-RA—- C:WINDOWSsystem32nvudisp.exe
2009-01-24 10:34:21 —-D—- C:WINDOWSnview
2009-01-24 10:32:46 —-A—- C:WINDOWSAscd_tmp.ini
2009-01-24 10:14:36 —-D—- C:Documents and SettingsAliApplication DataIdentities
2009-01-24 10:14:35 —-HD—- C:Program FilesUninstall Information
2009-01-24 10:14:30 —-ASH—- C:Documents and SettingsAliApplication Datadesktop.ini
2009-01-24 10:14:29 —-SD—- C:Documents and SettingsAliApplication DataMicrosoft
2009-01-24 10:13:16 —-D—- C:WINDOWSSoftwareDistribution
2009-01-24 10:13:14 —-SD—- C:WINDOWSsystem32Microsoft
2009-01-24 10:13:14 —-D—- C:WINDOWSPrefetch
2009-01-24 10:13:14 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-24 10:10:35 —-D—- C:WINDOWSsystem32xircom
2009-01-24 10:10:35 —-D—- C:Program Filesxerox
2009-01-24 10:10:35 —-D—- C:Program Filesmicrosoft frontpage
2009-01-24 10:10:26 —-A—- C:WINDOWScontrol.ini
2009-01-24 10:10:26 —-A—- C:AUTOEXEC.BAT
2009-01-24 10:10:18 —-A—- C:WINDOWSOEWABLog.txt
2009-01-24 10:10:14 —-A—- C:WINDOWSsystem32mapi32.dll
2009-01-24 10:09:36 —-SD—- C:WINDOWSDownloaded Program Files
2009-01-24 10:09:36 —-RD—- C:WINDOWSOffline Web Pages
2009-01-24 10:09:36 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-01-24 10:09:31 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-01-24 10:09:28 —-HD—- C:Program FilesWindowsUpdate
2009-01-24 10:09:25 —-D—- C:Program FilesOnline Services
2009-01-24 10:09:08 —-D—- C:WINDOWSsystem32DirectX
2009-01-24 10:08:45 —-A—- C:WINDOWSsystem32atrace.dll
2009-01-24 10:08:42 —-A—- C:WINDOWSsystem32desktop.ini
2009-01-24 10:08:42 —-A—- C:WINDOWSdesktop.ini
2009-01-24 10:08:34 —-A—- C:WINDOWSsystem32nmevtmsg.dll
2009-01-24 10:08:33 —-A—- C:WINDOWSsystem32acctres.dll
2009-01-24 10:08:32 —-D—- C:Program FilesCommon FilesServices
2009-01-24 10:08:29 —-SD—- C:WINDOWSTasks
2009-01-24 10:08:29 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-01-24 10:08:28 —-D—- C:Program FilesCommon FilesMSSoap
2009-01-24 10:08:24 —-D—- C:WINDOWSsrchasst
2009-01-24 10:08:23 —-D—- C:WINDOWSsystem32Macromed
2009-01-24 10:08:19 —-A—- C:WINDOWSsystem32wuweb.dll
2009-01-24 10:08:19 —-A—- C:WINDOWSsystem32wups.dll
2009-01-24 10:08:19 —-A—- C:WINDOWSsystem32wucltui.dll
2009-01-24 10:08:19 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-01-24 10:08:19 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-01-24 10:08:19 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-01-24 10:08:19 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-01-24 10:08:19 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-01-24 10:08:18 —-A—- C:WINDOWSsystem32wuapi.dll
2009-01-24 10:08:18 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-01-24 10:08:18 —-A—- C:WINDOWSsystem32qmgr.dll
2009-01-24 10:08:18 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-01-24 10:08:18 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-01-24 10:08:14 —-D—- C:Program FilesMovie Maker
2009-01-24 10:08:10 —-A—- C:WINDOWSsystem32safrslv.dll
2009-01-24 10:08:09 —-A—- C:WINDOWSsystem32safrdm.dll
2009-01-24 10:08:09 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-01-24 10:08:09 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-01-24 10:08:06 —-A—- C:WINDOWSsystem32fltMc.exe
2009-01-24 10:08:06 —-A—- C:WINDOWSsystem32fltlibjjhj.dll
2009-01-24 10:08:06 —-A—- C:WINDOWSsystem32fltlib001.dll
2009-01-24 10:08:05 —-D—- C:WINDOWSsystem32Restore
2009-01-24 10:08:05 —-A—- C:WINDOWSsystem32srsvc.dll
2009-01-24 10:08:05 —-A—- C:WINDOWSsystem32srrstr.dll
2009-01-24 10:08:05 —-A—- C:WINDOWSsystem32srclient.dll
2009-01-24 10:08:04 —-A—- C:WINDOWSsystem32nmmkcert.dll
2009-01-24 10:08:04 —-A—- C:WINDOWSsystem32msconf.dll
2009-01-24 10:08:04 —-A—- C:WINDOWSsystem32mnmsrvc.exe
2009-01-24 10:08:04 —-A—- C:WINDOWSsystem32mnmdd.dll
2009-01-24 10:08:04 —-A—- C:WINDOWSsystem32isrdbg32.dll
2009-01-24 10:08:04 —-A—- C:WINDOWSsystem32ils.dll
2009-01-24 10:08:00 —-D—- C:Program FilesNetMeeting
2009-01-24 10:08:00 —-A—- C:WINDOWSsystem32msoert2.dll
2009-01-24 10:08:00 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-01-24 10:07:59 —-A—- C:WINDOWSsystem32inetres.dll
2009-01-24 10:07:59 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-01-24 10:07:57 —-D—- C:Program FilesOutlook Express
2009-01-24 10:07:57 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-01-24 10:07:57 —-A—- C:WINDOWSsystem32mstinit.exe
2009-01-24 10:07:57 —-A—- C:WINDOWSsystem32mstask.dll
2009-01-24 10:07:56 —-A—- C:WINDOWSsystem32isign32.dll
2009-01-24 10:07:56 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-01-24 10:07:56 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-01-24 10:07:56 —-A—- C:WINDOWSsystem32icwdial.dll
2009-01-24 10:07:49 —-D—- C:Program FilesCommon FilesSystem
2009-01-24 10:07:48 —-D—- C:Program FilesInternet Explorer
2009-01-24 10:07:37 —-D—- C:Program FilesComPlus Applications
2009-01-24 10:07:35 —-A—- C:WINDOWSvbaddin.ini
2009-01-24 10:07:35 —-A—- C:WINDOWSvb.ini
2009-01-24 10:07:31 —-D—- C:WINDOWSRegistration
2009-01-24 10:07:05 —-D—- C:Program FilesWindows Media Player
2009-01-24 10:07:01 —-D—- C:Program FilesMessenger
2009-01-24 10:06:57 —-D—- C:Program FilesMSN Gaming Zone
2009-01-24 10:06:57 —-A—- C:WINDOWSsystem32write.exe
2009-01-24 10:06:46 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-01-24 10:06:46 —-A—- C:WINDOWSsystem32hticons.dll
2009-01-24 10:06:46 —-A—- C:WINDOWSsystem32avwav.dll
2009-01-24 10:06:46 —-A—- C:WINDOWSsystem32avtapi.dll
2009-01-24 10:06:46 —-A—- C:WINDOWSsystem32avmeter.dll
2009-01-24 10:06:45 —-A—- C:WINDOWSsystem32winchat.exe
2009-01-24 10:06:37 —-A—- C:WINDOWSsystem32getuname.dll
2009-01-24 10:06:36 —-A—- C:WINDOWSsystem32sol.exe
2009-01-24 10:06:36 —-A—- C:WINDOWSsystem32charmap.exe
2009-01-24 10:06:36 —-A—- C:WINDOWSsystem32calc.exe
2009-01-24 10:06:35 —-A—- C:WINDOWSsystem32winmine.exe
2009-01-24 10:06:35 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-01-24 10:06:35 —-A—- C:WINDOWSsystem32tskill.exe
2009-01-24 10:06:35 —-A—- C:WINDOWSsystem32reset.exe
2009-01-24 10:06:35 —-A—- C:WINDOWSsystem32mshearts.exe
2009-01-24 10:06:35 —-A—- C:WINDOWSsystem32freecell.exe
2009-01-24 10:06:34 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-01-24 10:06:34 —-A—- C:WINDOWSsystem32tslabels.ini
2009-01-24 10:06:34 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-01-24 10:06:34 —-A—- C:WINDOWSsystem32tscon.exe
2009-01-24 10:06:34 —-A—- C:WINDOWSsystem32shadow.exe
2009-01-24 10:06:34 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-01-24 10:06:34 —-A—- C:WINDOWSsystem32regini.exe
2009-01-24 10:06:34 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-01-24 10:06:34 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-01-24 10:06:34 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-01-24 10:06:34 —-A—- C:WINDOWSsystem32msg.exe
2009-01-24 10:06:33 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-01-24 10:06:33 —-A—- C:WINDOWSsystem32logoff.exe
2009-01-24 10:06:33 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-01-24 10:06:32 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-01-24 10:06:32 —-A—- C:WINDOWSsystem32mtxex.dll
2009-01-24 10:06:32 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-01-24 10:06:32 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-01-24 10:06:32 —-A—- C:WINDOWSsystem32comrepl.dll
2009-01-24 10:06:32 —-A—- C:WINDOWSsystem32comaddin.dll
2009-01-24 10:06:31 —-A—- C:WINDOWSsystem32stclient.dll
2009-01-24 10:06:31 —-A—- C:WINDOWSsystem32comsnap.dll
2009-01-24 10:06:26 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-01-24 10:06:25 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-01-24 10:06:25 —-A—- C:WINDOWSsystem32accwiz.exe
2009-01-24 10:06:24 —-D—- C:Program FilesWindows NT
2009-01-24 10:06:24 —-A—- C:WINDOWSsystem32mplay32.exe
2009-01-24 10:06:24 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-01-24 10:06:23 —-A—- C:WINDOWSsystem32spider.exe
2009-01-24 10:06:23 —-A—- C:WINDOWSsystem32mspaint.exe
2009-01-24 10:06:23 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-01-24 10:06:22 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-01-24 10:06:22 —-A—- C:WINDOWSsystem32remotepg.dll
2009-01-24 10:06:22 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-01-24 10:06:22 —-A—- C:WINDOWSsystem32mstscax.dll
2009-01-24 10:06:22 —-A—- C:WINDOWSsystem32mstsc.exe
2009-01-24 10:06:21 —-A—- C:WINDOWSsystem32tscupgrd.exe
2009-01-24 10:06:21 —-A—- C:WINDOWSsystem32termsrv.dll
2009-01-24 10:06:21 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-01-24 10:06:21 —-A—- C:WINDOWSsystem32rdshost.exe
2009-01-24 10:06:21 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-01-24 10:06:21 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-01-24 10:06:21 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-01-24 10:06:21 —-A—- C:WINDOWSsystem32rdchost.dll
2009-01-24 10:06:20 —-D—- C:WINDOWSsystem32MsDtc
2009-01-24 10:06:20 —-A—- C:WINDOWSsystem32qprocess.exe
2009-01-24 10:06:20 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-01-24 10:06:20 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-01-24 10:06:20 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-01-24 10:06:20 —-A—- C:WINDOWSsystem32icaapi.dll
2009-01-24 10:06:20 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-01-24 10:06:19 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-01-24 10:06:19 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-01-24 10:06:19 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-01-24 10:06:19 —-A—- C:WINDOWSsystem32msdtc.exe
2009-01-24 10:06:18 —-D—- C:WINDOWSsystem32Com
2009-01-24 10:06:18 —-A—- C:WINDOWSsystem32colbact.dll
2009-01-24 10:06:18 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-01-24 10:06:18 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-01-24 10:06:17 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-01-24 10:06:17 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-01-24 10:06:17 —-A—- C:WINDOWSsystem32catsrv.dll
2009-01-24 10:06:16 —-A—- C:WINDOWSsystem32comuid.dll
2009-01-24 10:06:16 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-01-24 10:06:11 —-A—- C:WINDOWSsystem32servdeps.dll
2009-01-24 10:06:10 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-01-24 10:06:10 —-A—- C:WINDOWSsystem32licwmi.dll
2009-01-24 10:06:10 —-A—- C:WINDOWSsystem32cmprops.dll

======List of files/folders modified in the last 1 months======

2009-02-11 13:52:08 —-A—- C:WINDOWSwin.ini
2009-02-11 13:52:08 —-A—- C:WINDOWSsystem.ini
2009-02-05 15:07:58 —-D—- C:WINDOWSMCADMIN
2009-02-02 11:25:14 —-D—- C:Documents and SettingsAll UsersApplication DataMCADMIN
2009-01-25 21:31:35 —-A—- C:WINDOWSFmocd.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; ??C:Program FilesAviraAntiVir PersonalEdition Classicavgio.sys []
R1 avipbb;avipbb; C:WINDOWSsystem32DRIVERSavipbb.sys [2009-01-26 75072]
R1 ssmdrv;ssmdrv; C:WINDOWSsystem32DRIVERSssmdrv.sys [2007-03-01 28352]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:WINDOWSsystem32driversADIHdAud.sys [2005-10-05 141312]
R3 AEAudioService;AEAudio Service; C:WINDOWSsystem32driversAEAudio.sys [2005-03-04 127872]
R3 avgntflt;avgntflt; ??C:Program FilesAviraAntiVir PersonalEdition Classicavgntflt.sys []
R3 FStarForce;FStarForce; C:WINDOWSsystem32DRIVERSFStarForce.sys [2009-01-01 8192]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2004-10-27 138240]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2006-06-29 3929184]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2006-06-29 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2006-06-29 20480]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2004-08-18 5888]
R3 SenFiltService;SenFilt Service; C:WINDOWSsystem32driversSenfilt.sys [2005-10-10 393088]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-18 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-18 57600]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-18 17024]
S3 awakjqzv;awakjqzv; C:WINDOWSsystem32driversawakjqzv.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:WINDOWSsystem32driversHdAudio.sys [2004-10-27 145920]
S3 IKFileSec;File Security Driver; C:WINDOWSsystem32driversikfilesec.sys [2008-08-25 40840]
S3 IKSysFlt;System Filter Driver; C:WINDOWSsystem32driversiksysflt.sys [2008-08-25 66952]
S3 IKSysSec;System Security Driver; C:WINDOWSsystem32driversiksyssec.sys [2008-08-25 81288]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal — Free Antivirus Scheduler; C:Program FilesAviraAntiVir PersonalEdition Classicsched.exe [2009-01-26 68865]
R2 AntiVirService;Avira AntiVir Personal — Free Antivirus Guard; C:Program FilesAviraAntiVir PersonalEdition Classicavguard.exe [2009-01-26 151297]
R2 EWA net DB Core;EWA net DB Core; e:EWA netdatabaseTransBase EWAtbmux32.exe [2003-11-05 176128]
R2 EWA net DB EPC;EWA net DB EPC; e:EWA netdatabaseTransBase EPCtbmux32.exe [2006-07-27 380928]
R2 EWA net DB WIS;EWA net DB WIS; e:EWA netdatabaseTransBase WIStbmux32.exe [2003-11-05 176128]
R2 EWA net Server;EWA net Server; e:EWA netserverbintomcat.exe [2003-07-31 65536]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian — DefaultInstance; C:Program FilesFirebirdFirebird_1_5binfbguard.exe [2007-01-31 65536]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2006-06-29 155715]
R2 pqeauto.database.dbmonitor.GMG;pqeauto.database.dbmonitor.GMG; C:Program FilesBHPSGmgbinDBMonService.exe [2007-04-08 73728]
R2 pqeauto.database.dbmonitor.MAPU;pqeauto.database.dbmonitor.MAPU; C:Program FilesBHPSMAPUbinDBMonService.exe [2009-01-25 73728]
R2 pqeauto.energy.mappermonitor;pqeauto.energy.mappermonitor; C:Program FilesBHPSPmap1binMap [2009-01-25 620]
R2 pqeauto.engine.tomcatmonitor.GMG;pqeauto.engine.tomcatmonitor.GMG; C:Program FilesBHPSGmgbinTomcatMonService.exe [2007-04-08 69632]
R2 ProQuest Product License Manager;ProQuest Product License Manager; C:PROGRA~1BHPSlic\binlmgrd.exe [2009-01-25 630272]
R2 RRBANXGN;RRBANXGN; C:WINDOWSsrvany.exe [2008-09-27 13312]
R2 StarWindService;StarWind iSCSI Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe [2005-04-02 217600]
R2 Transbase TECDOC CD 1_2009 Service;Transbase TECDOC CD 1_2009 Service; D:TECDOC_CD1_2009dbtbmux32.exe [2008-11-19 356352]
R2 Transbase;Transbase; e:BMWgroupETKLokaltransbasetbmux32.exe [2004-08-05 385024]
R3 FirebirdServerDefaultInstance;Firebird Server — DefaultInstance; C:Program FilesFirebirdFirebird_1_5binfbserver.exe [2007-01-31 1527893]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSsystem32HPZipm12.exe [2002-08-01 65536]
S3 sdAuxService;PC Tools Auxiliary Service; d:Program FilesSpyware DoctorpctsAuxs.exe [2008-06-13 356920]
S3 sdCoreService;PC Tools Security Service; d:Program FilesSpyware DoctorpctsSvc.exe [2009-01-28 1079176]

---

EOF

---

[alekst5]

админы!спасайте!нету сил уже терпеть!

[alekst5]

help 🙁 🙁 🙁 🙁 🙁 🙁 🙁 🙁 🙁
лезут отсюда
http://ad.media-servers.net/iframe3?AAAAAMdrBABlZxsAuPkIAAIBKAAAAP8AAAAFCwICAAP2mwUAFQYCAAvdDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxAsI.AAAAcLECwj8AAABwsQLSPwAAAHCxAtI.OY7jCCmt4D85juMIKa3gPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALerEHBHA3AUrytb7y-OvFlNVIzDY5QQ4VgHtpQAAAAA=,,
http://ad.z5x.net/click,AAAAAP1YBgBrxw4A4fwGAAIAEAAAAP8AAAAFCwICAAN53wgADpcMANJCCgAAAAAAAAAAAAAAAAAAAAAAAAAAAK3Zk0kAAAAA,,,

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Извините за задержку с ответом.
Судя по логам, ваш компьютер заражён autorun.inf трояном.
Прочитайте эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов.

* Отключите ваш антивирус.
* Скачайте и запустите Flash_Disinfector.
* По требованию программы вставить ваш флэш диск или подключить другие внешние устройства хранения информации.

Примечание: запускайте программу столько раз, сколько нужно чтобы очистить все ваши подключаемые диски.

Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите программу и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.

:Processes

explorer.exe



:reg

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]

"Microsoft netswitch"=-



[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{eaf5cef2-f409-11dd-8ad3-001a920728df}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f06d6d76-ef5a-11dd-8ad1-001a920728df}]



[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

"C:WINDOWSsystem32otmspr.exe"=-



:files

C:WINDOWSsystem32otmspr.exe

C:WINDOWSsystem32jwtch32.exe

G:.SystemS-1-6-21-2434476501-1644491937-600003330-1213



:Commands

[emptytemp]

[start explorer]

[Reboot]

После того как вставили текст скрипта, проверьте что слева от директив нет пробелов, если есть, то удалите их. Приведите текст в окне программы к такому же виду как в моём сообщении.
Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMoveItMovedFiles.
Вставьте в ваше ответное сообщение содержимое этого лога.
Так же приложите свежий RSIT лог.

[Автор]

Сообщения