- This topic has 3 ответа, 2 участника, and was last updated 16 years, 3 months назад by
.
-
Сообщения
-
Здравствуйте!
Нужна Ваша помощь. Занес откуда-то порно-плагин. В IE, Mozilla и в Opera появляется окно с предложением отправить платную SMS перейдя по ссылке (http://sex-bot.biz/plugin/plug_banner.png) Не получается никак вытравить. Штатный Avast ничего не обнаружил, пробовал «лечить» ComboFix-ом тот же результат.Logfile of random’s system information tool 1.06 (written by random/random)
Run by povorova at 2009-06-28 12:31:10
Microsoft Windows XP Professional Service Pack 3
System drive C: has 61 GB (80%) free of 76 GB
Total RAM: 997 MB (53% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:31:11, on 28.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32nslsvice.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesCommon FilesInterVideoDeviceServiceDevSvc.exe
C:Program FilesJavajre6binjqs.exe
C:Program Fileslotusnotesntmulti.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSRTHDCPL.EXE
C:WINDOWSsystem32igfxtray.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSsystem32igfxpers.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSsystem32igfxsrvc.exe
C:Program FilesJavajre6binjusched.exe
C:Program FilesABBYY Lingvo 10 First StepLvagent.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMicrosoft ActiveSyncWcescomm.exe
C:PROGRA~1MICROS~3rapimgr.exe
C:Program FilesiPodbiniPodService.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesOperaopera.exe
C:downloadRSIT.exe
C:Program Filestrend micropovorova.exeR1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 — HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 — HKLM..Run: [Persistence] C:WINDOWSsystem32igfxpers.exe
O4 — HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [Lingvo Launcher] «C:Program FilesABBYY Lingvo 10 First StepLvagent.exe» /STARTUP
O4 — HKLM..Run: [UVS11 Preload] E:Program FilesuvPL.exe
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [iTunesHelper] «C:Program FilesiTunesiTunesHelper.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [H/PC Connection Agent] «C:Program FilesMicrosoft ActiveSyncWcescomm.exe»
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Ускоренный запуск Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: Create Mobile Favorite — {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra button: (no name) — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra ‘Tools’ menuitem: Добавить в избранное мобильного устройства… — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MICROS~3INetRepl.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{3D87A28F-2881-4844-92FA-0503D474DCAF}: NameServer = 195.34.31.50 62.112.106.130
O17 — HKLMSystemCCSServicesTcpip..{549A433F-FB38-4018-8FD0-2CFB33A236AE}: NameServer = 192.168.1.1
O20 — AppInit_DLLs: C:WINDOWSsystem32SiteAccess.dll
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Capture Device Service — InterVideo Inc. — C:Program FilesCommon FilesInterVideoDeviceServiceDevSvc.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Сервис iPod (iPod Service) — Apple Inc. — C:Program FilesiPodbiniPodService.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: Средства общего входа Lotus Notes (Lotus Notes Single Logon) — IBM Corp — C:WINDOWSsystem32nslsvice.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Multi-user Cleanup Service — IBM Corp — C:Program Fileslotusnotesntmulti.exe
O23 — Service: NetOp Helper ver. 9.00 (2006161) (NetOp Host for NT Service) — Danware Data A/S — C:Program FilesDanware DataNetOp Remote ControlHOSTNHOSTSWC.EXE
O23 — Service: PCLEPCI — Pinnacle Systems GmbH — C:WINDOWSsystem32driverspclepci.sys
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Ulead Burning Helper (UleadBurningHelper) — Ulead Systems, Inc. — C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 7991 bytes======Scheduled tasks folder======
C:WINDOWStasksAppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-05-16 35840][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-05-16 73728][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2007-06-15 16132608]
«IgfxTray»=C:WINDOWSsystem32igfxtray.exe [2007-06-15 142104]
«HotKeysCmds»=C:WINDOWSsystem32hkcmd.exe [2007-06-15 162584]
«Persistence»=C:WINDOWSsystem32igfxpers.exe [2007-06-15 138008]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-02-06 81000]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-05-16 148888]
«Lingvo Launcher»=C:Program FilesABBYY Lingvo 10 First StepLvagent.exe [2005-02-16 118784]
«UVS11 Preload»=E:Program FilesuvPL.exe [2007-03-03 341488]
«QuickTime Task»=C:Program FilesQuickTimeQTTask.exe [2009-05-26 413696]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2009-05-30 292136][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
«H/PC Connection Agent»=C:Program FilesMicrosoft ActiveSyncWcescomm.exe [2006-11-13 1289000][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregIntelAudioStudio]
C:Program FilesIntel Audio StudioIntelAudioStudio.exe [2006-08-02 9134080][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSigmatelSysTrayApp]
sttray.exe []C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Ускоренный запуск Adobe Reader.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:WINDOWSsystem32SiteAccess.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:WINDOWSsystem32igfxdev.dll [2007-06-15 204800][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=323
«NoDriveAutoRun»=67108863
«NoDrives»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=
«NoDriveAutoRun»=
«NoDriveTypeAutoRun»=
«NoDrives»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesDanware DataNetOp Remote ControlHOSTNhstw32.exe»=»C:Program FilesDanware DataNetOp Remote ControlHOSTNhstw32.exe:*:Enabled:NetOp Host»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»
«C:Program FilesPinnacleStudio 11programsRM.exe»=»C:Program FilesPinnacleStudio 11programsRM.exe:*:Enabled:Render Manager»
«C:Program FilesPinnacleStudio 11programsStudio.exe»=»C:Program FilesPinnacleStudio 11programsStudio.exe:*:Enabled:Studio»
«C:Program FilesPinnacleStudio 11programsPMSRegisterFile.exe»=»C:Program FilesPinnacleStudio 11programsPMSRegisterFile.exe:*:Enabled:PMSRegisterFile»
«C:Program FilesPinnacleStudio 11programsumi.exe»=»C:Program FilesPinnacleStudio 11programsumi.exe:*:Enabled:umi»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesDanware DataNetOp Remote ControlHOSTNhstw32.exe»=»C:Program FilesDanware DataNetOp Remote ControlHOSTNhstw32.exe:*:Enabled:NetOp Host»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»======List of files/folders created in the last 1 months======
2009-06-28 10:56:34 —-D—- C:WINDOWStemp
2009-06-28 10:56:33 —-A—- C:ComboFix.txt
2009-06-28 10:48:16 —-A—- C:WINDOWSzip.exe
2009-06-28 10:48:16 —-A—- C:WINDOWSSWXCACLS.exe
2009-06-28 10:48:16 —-A—- C:WINDOWSSWSC.exe
2009-06-28 10:48:16 —-A—- C:WINDOWSSWREG.exe
2009-06-28 10:48:16 —-A—- C:WINDOWSsed.exe
2009-06-28 10:48:16 —-A—- C:WINDOWSPEV.exe
2009-06-28 10:48:16 —-A—- C:WINDOWSNIRCMD.exe
2009-06-28 10:48:16 —-A—- C:WINDOWSgrep.exe
2009-06-28 10:47:49 —-D—- C:Qoobox
2009-06-28 04:12:43 —-D—- C:rsit
2009-06-28 03:27:55 —-D—- C:WINDOWSERDNT
2009-06-28 01:54:10 —-A—- C:WINDOWSntbtlog.txt
2009-06-25 14:24:07 —-D—- C:F250
2009-06-25 01:00:31 —-D—- C:Program FilesTrend Micro
2009-06-24 22:43:15 —-A—- C:WINDOWSsystem32ieencode.dll
2009-06-23 13:00:37 —-HDC—- C:WINDOWS$NtUninstallKB969897$
2009-06-22 03:49:03 —-D—- C:Program FilesOpera
2009-06-21 23:13:55 —-D—- C:Program FilesSiteAccess
2009-06-20 20:36:16 —-D—- C:Documents and SettingspovorovaApplication DataSms Activator
2009-06-20 02:07:43 —-A—- C:ASLog.txt
2009-06-19 23:43:41 —-D—- C:Program FilesMicrosoft ActiveSync
2009-06-19 18:57:08 —-D—- C:Documents and SettingspovorovaApplication DataOpera
2009-06-16 10:50:12 —-A—- C:WINDOWSsystem32SiteAccess.dll
2009-06-10 08:23:13 —-HDC—- C:WINDOWS$NtUninstallKB961501$
2009-06-10 08:23:10 —-HDC—- C:WINDOWS$NtUninstallKB969898$
2009-06-10 08:22:17 —-HDC—- C:WINDOWS$NtUninstallKB970238$
2009-06-10 08:22:07 —-HDC—- C:WINDOWS$NtUninstallKB968537$
2009-06-08 02:11:24 —-D—- C:Documents and SettingspovorovaApplication DataBSplayer PRO
2009-06-08 02:07:07 —-D—- C:Documents and SettingsAll UsersApplication DataACD Systems
2009-06-08 02:07:05 —-D—- C:Program FilesACD Systems
2009-06-07 23:07:47 —-D—- C:Documents and SettingspovorovaApplication DataCorel
2009-06-07 23:00:10 —-RA—- C:WINDOWSsystem32msxml3a.dll
2009-06-07 23:00:10 —-RA—- C:WINDOWSsystem32DolbyHph.dll
2009-06-07 22:45:41 —-A—- C:WINDOWSNeroDigital.ini
2009-06-07 03:06:58 —-D—- C:Documents and SettingspovorovaApplication DataWinRAR
2009-06-05 23:11:45 —-N—- C:WINDOWSsystem32pcleDVdc.dll
2009-06-05 23:11:45 —-N—- C:WINDOWSsystem32pcleDVcd.dll
2009-06-05 23:11:45 —-N—- C:WINDOWSsystem32pcleADV.dll
2009-06-05 23:11:45 —-A—- C:WINDOWSsystem32SaFireU.dll
2009-06-05 23:11:45 —-A—- C:WINDOWSsystem32pcleUtil.dll
2009-06-05 23:11:45 —-A—- C:WINDOWSsystem32pcleSplice.dll
2009-06-05 23:11:45 —-A—- C:WINDOWSsystem32pcleIScl.dll
2009-06-05 23:11:45 —-A—- C:WINDOWSsystem32MP4FileLib.dll
2009-06-05 23:11:44 —-N—- C:WINDOWSsystem32CSCnvrtX.dll
2009-06-05 23:11:44 —-N—- C:WINDOWSsystem32ACnvrtX.dll
2009-06-05 23:11:44 —-A—- C:WINDOWSsystem32gbtoolsu.dll
2009-06-05 23:11:44 —-A—- C:WINDOWSsystem32futilu.dll
2009-06-05 23:11:44 —-A—- C:WINDOWSsystem32fileiou.dll
2009-06-05 23:11:44 —-A—- C:WINDOWSsystem32DVResampleru.dll
2009-06-05 23:11:44 —-A—- C:WINDOWSsystem32dvframes.dll
2009-06-05 23:11:44 —-A—- C:WINDOWSsystem32dsio.dll
2009-06-05 23:11:44 —-A—- C:WINDOWSsystem32dialogsu.dll
2009-06-05 23:11:44 —-A—- C:WINDOWSsystem32CSCSaFX.dll
2009-06-05 01:25:53 —-A—- C:WINDOWSsystem32vfwwdm32.dll
2009-06-03 03:55:03 —-A—- C:WINDOWSOpPrintServer.INI
2009-06-03 03:44:52 —-D—- C:Program FilesCanon
2009-06-03 03:39:31 —-A—- C:WINDOWSVideo Perspective Uninstaller.exe
2009-06-03 03:39:28 —-D—- C:Program FilesCommon FilesRiver Past
2009-06-03 03:32:40 —-D—- C:Documents and SettingspovorovaApplication DataDivX
2009-06-03 03:32:19 —-D—- C:Documents and SettingspovorovaApplication DataRiver Past G5
2009-06-03 03:32:19 —-D—- C:Documents and SettingsAll UsersApplication DataRiver Past G5
2009-06-03 03:31:57 —-A—- C:sysinfo.txt
2009-06-03 03:26:23 —-D—- C:Documents and SettingspovorovaApplication DataApple Computer
2009-06-03 03:26:15 —-A—- C:WINDOWSsystem32GEARAspi.dll
2009-06-03 03:26:02 —-D—- C:Program FilesiPod
2009-06-03 03:25:59 —-D—- C:Program FilesiTunes
2009-06-03 03:25:59 —-D—- C:Documents and SettingsAll UsersApplication Data{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-03 03:25:47 —-D—- C:Program FilesBonjour
2009-06-03 03:25:24 —-D—- C:Program FilesCommon FilesApple
2009-06-03 03:19:47 —-A—- C:WINDOWSsystem32xvid-uninstall.exe
2009-06-03 03:15:03 —-A—- C:WINDOWSsystem32vorbisfile.dll
2009-06-03 03:15:03 —-A—- C:WINDOWSsystem32vorbisenc.dll
2009-06-03 03:15:03 —-A—- C:WINDOWSsystem32vorbis.dll
2009-06-03 03:15:03 —-A—- C:WINDOWSsystem32ogg.dll
2009-06-03 03:15:01 —-A—- C:WINDOWSsystem32xvidvfw.dll
2009-06-03 03:15:01 —-A—- C:WINDOWSsystem32xvidcore.dll
2009-06-03 03:15:00 —-A—- C:WINDOWSsystem32qt-dx331.dll
2009-06-03 03:15:00 —-A—- C:WINDOWSsystem32libdivx.dll
2009-06-03 03:15:00 —-A—- C:WINDOWSsystem32dtu100.dll
2009-06-03 03:15:00 —-A—- C:WINDOWSsystem32dpl100.dll
2009-06-03 03:14:59 —-A—- C:WINDOWSsystem32divxsm.exe
2009-06-03 03:14:58 —-D—- C:Program FilesCodec
2009-06-03 03:14:58 —-A—- C:WINDOWSsystem32divx.dll
2009-06-03 03:03:33 —-D—- C:Documents and SettingspovorovaApplication DataMra
2009-06-03 02:53:54 —-D—- C:Program FilesQuickTime
2009-06-03 02:53:10 —-D—- C:Program FilesApple Software Update
2009-06-03 02:53:10 —-D—- C:Documents and SettingsAll UsersApplication DataApple
2009-06-03 02:33:45 —-D—- C:Documents and SettingsAll UsersApplication DataApple Computer
2009-06-03 02:30:46 —-A—- C:WINDOWSsystem32xactengine2_6.dll
2009-06-03 02:30:45 —-A—- C:WINDOWSsystem32xactengine2_5.dll
2009-06-03 02:30:45 —-A—- C:WINDOWSsystem32xactengine2_4.dll
2009-06-03 02:30:45 —-A—- C:WINDOWSsystem32x3daudio1_1.dll
2009-06-03 02:30:45 —-A—- C:WINDOWSsystem32d3dx9_32.dll
2009-06-03 02:30:44 —-A—- C:WINDOWSsystem32xinput1_3.dll
2009-06-03 02:30:44 —-A—- C:WINDOWSsystem32xinput1_2.dll
2009-06-03 02:30:44 —-A—- C:WINDOWSsystem32xactengine2_3.dll
2009-06-03 02:30:44 —-A—- C:WINDOWSsystem32d3dx9_31.dll
2009-06-03 02:30:43 —-A—- C:WINDOWSsystem32xinput1_1.dll
2009-06-03 02:30:43 —-A—- C:WINDOWSsystem32xactengine2_2.dll
2009-06-03 02:30:43 —-A—- C:WINDOWSsystem32xactengine2_1.dll
2009-06-03 02:30:38 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2009-06-03 02:30:37 —-A—- C:WINDOWSsystem32xactengine2_0.dll
2009-06-03 02:30:37 —-A—- C:WINDOWSsystem32x3daudio1_0.dll
2009-06-03 02:30:37 —-A—- C:WINDOWSsystem32d3dx9_29.dll
2009-06-03 02:30:36 —-A—- C:WINDOWSsystem32xinput9_1_0.dll
2009-06-03 02:30:36 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2009-06-03 02:30:36 —-A—- C:WINDOWSsystem32d3dx9_27.dll
2009-06-03 02:30:35 —-A—- C:WINDOWSsystem32d3dx9_26.dll
2009-06-03 02:30:35 —-A—- C:WINDOWSsystem32d3dx9_25.dll
2009-06-03 02:30:33 —-A—- C:WINDOWSsystem32d3dx9_24.dll
2009-06-03 02:25:55 —-D—- C:Documents and SettingspovorovaApplication DataACD Systems
2009-06-03 02:25:27 —-D—- C:Program FilesCommon FilesACD Systems
2009-06-03 02:22:29 —-D—- C:WINDOWSDownloaded Installations
2009-06-03 02:20:07 —-D—- C:Documents and SettingspovorovaApplication DataUlead Systems
2009-06-03 01:16:58 —-D—- C:Program FilesCommon FilesInterVideo
2009-06-03 01:16:53 —-D—- C:Documents and SettingsAll UsersApplication DataInterVideo
2009-06-03 01:16:52 —-A—- C:WINDOWSsystem32IVIresizeW7.dll
2009-06-03 01:16:52 —-A—- C:WINDOWSsystem32IVIresizePX.dll
2009-06-03 01:16:52 —-A—- C:WINDOWSsystem32IVIresizeP6.dll
2009-06-03 01:16:52 —-A—- C:WINDOWSsystem32IVIresizeM6.dll
2009-06-03 01:16:52 —-A—- C:WINDOWSsystem32IVIresizeA6.dll
2009-06-03 01:16:52 —-A—- C:WINDOWSsystem32IVIresize.dll
2009-06-03 01:16:31 —-D—- C:Program FilesWindows Media Components
2009-06-03 01:16:06 —-D—- C:Program FilesCommon FilesUlead Systems
2009-06-03 01:16:06 —-D—- C:Documents and SettingsAll UsersApplication DataUlead Systems
2009-06-03 01:13:10 —-D—- C:Documents and SettingspovorovaApplication DataNero
2009-06-03 00:46:18 —-A—- C:WINDOWSsystem32TwnLib4.dll
2009-06-03 00:46:18 —-A—- C:WINDOWSsystem32imagXRA7.dll
2009-06-03 00:46:18 —-A—- C:WINDOWSsystem32imagXR7.dll
2009-06-03 00:46:18 —-A—- C:WINDOWSsystem32imagXpr7.dll
2009-06-03 00:46:18 —-A—- C:WINDOWSsystem32imagX7.dll
2009-06-03 00:46:17 —-D—- C:Program FilesNero
2009-06-03 00:46:17 —-D—- C:Program FilesCommon FilesNero
2009-06-03 00:46:17 —-D—- C:Documents and SettingsAll UsersApplication DataNero
2009-06-03 00:03:05 —-A—- C:WINDOWSMovingPicture.ini
2009-06-02 23:59:36 —-D—- C:Program FilesproDAD
2009-06-02 23:47:23 —-D—- C:Documents and SettingspovorovaApplication DataproDAD
2009-06-02 23:46:56 —-D—- C:Program FilesAdorageI-SAL
2009-06-02 23:46:56 —-D—- C:Program FilesAdorageI-GfxDatas
2009-06-02 22:30:31 —-D—- C:Program FilesDIFX
2009-06-02 21:38:53 —-A—- C:WINDOWSsystem32pvmjpg30.dll
2009-06-02 21:38:50 —-A—- C:WINDOWSsystem32msxml4a.dll
2009-06-02 21:38:49 —-A—- C:WINDOWSsystem32GDIPLUS.DLL
2009-06-02 21:38:17 —-N—- C:WINDOWSsystem32RALMain.dll
2009-06-02 21:38:17 —-N—- C:WINDOWSsystem32MMAviAx.dll
2009-06-02 21:38:17 —-N—- C:WINDOWSsystem32MLPagAx.dll
2009-06-02 21:38:17 —-N—- C:WINDOWSsystem32DiskIO.dll
2009-06-02 21:38:17 —-N—- C:WINDOWSsystem32AVIPrAx.dll
2009-06-02 21:38:17 —-A—- C:WINDOWSsystem32cacheX.dll
2009-06-02 21:38:13 —-N—- C:WINDOWSsystem32Ltwvc13n.dll
2009-06-02 21:38:13 —-N—- C:WINDOWSsystem32Ltrio13n.dll
2009-06-02 21:38:13 —-N—- C:WINDOWSsystem32Ltr13n.dll
2009-06-02 21:38:13 —-N—- C:WINDOWSsystem32ltkrn13n.dll
2009-06-02 21:38:13 —-N—- C:WINDOWSsystem32ltfil13n.DLL
2009-06-02 21:38:13 —-N—- C:WINDOWSsystem32LTCLR13s.dll
2009-06-02 21:38:13 —-N—- C:WINDOWSsystem32LTCLR13n.dll
2009-06-02 21:38:13 —-N—- C:WINDOWSsystem32LMUIRes.dll
2009-06-02 21:38:13 —-N—- C:WINDOWSsystem32LMLRes.dll
2009-06-02 21:38:12 —-N—- C:WINDOWSsystem32lftga13s.dll
2009-06-02 21:38:12 —-N—- C:WINDOWSsystem32lftga13n.dll
2009-06-02 21:38:12 —-N—- C:WINDOWSsystem32lfpsd13s.dll
2009-06-02 21:38:12 —-N—- C:WINDOWSsystem32LFCMP13s.DLL
2009-06-02 21:38:12 —-N—- C:WINDOWSsystem32LFCMP13n.DLL
2009-06-02 21:38:12 —-N—- C:WINDOWSsystem32lfbmp13s.dll
2009-06-02 21:38:12 —-N—- C:WINDOWSsystem32lfbmp13n.dll
2009-06-02 21:34:30 —-RSD—- C:WINDOWSassembly
2009-06-02 21:34:30 —-D—- C:WINDOWSMicrosoft.NET
2009-06-02 21:34:29 —-D—- C:WINDOWSsystem32URTTemp
2009-06-02 21:34:03 —-A—- C:WINDOWSsystem32ATL70.DLL
2009-06-02 21:34:01 —-A—- C:WINDOWSsystem32mase32.dll
2009-06-02 21:34:01 —-A—- C:WINDOWSsystem32masd32.dll
2009-06-02 21:34:01 —-A—- C:WINDOWSsystem32mamc32.dll
2009-06-02 21:34:01 —-A—- C:WINDOWSsystem32macd32.dll
2009-06-02 21:34:01 —-A—- C:WINDOWSsystem32ma32.dll
2009-06-02 21:32:44 —-A—- C:WINDOWSRSETPATH.exe
2009-06-02 21:32:09 —-A—- C:WINDOWSsystem32MSVCR70.DLL
2009-06-02 21:32:09 —-A—- C:WINDOWSsystem32MSVCP70.DLL
2009-06-02 21:32:09 —-A—- C:WINDOWSsystem32MSVCI70.DLL
2009-06-02 21:32:09 —-A—- C:WINDOWSsystem32MFC71u.DLL
2009-06-02 21:32:09 —-A—- C:WINDOWSsystem32MFC71KOR.DLL
2009-06-02 21:32:09 —-A—- C:WINDOWSsystem32MFC71JPN.DLL
2009-06-02 21:32:09 —-A—- C:WINDOWSsystem32MFC71ITA.DLL
2009-06-02 21:32:09 —-A—- C:WINDOWSsystem32MFC71FRA.DLL
2009-06-02 21:32:09 —-A—- C:WINDOWSsystem32MFC71ESP.DLL
2009-06-02 21:32:09 —-A—- C:WINDOWSsystem32MFC71ENU.DLL
2009-06-02 21:32:09 —-A—- C:WINDOWSsystem32MFC71DEU.DLL
2009-06-02 21:32:09 —-A—- C:WINDOWSsystem32MFC71CHT.DLL
2009-06-02 21:32:08 —-A—- C:WINDOWSsystem32MFC71CHS.DLL
2009-06-02 21:32:08 —-A—- C:WINDOWSsystem32MFC70U.DLL
2009-06-02 21:32:07 —-A—- C:WINDOWSsystem32PCLEGetGuid.dll
2009-06-02 21:32:07 —-A—- C:WINDOWSsystem32MFC70.DLL
2009-06-02 21:31:12 —-D—- C:Documents and SettingsAll UsersApplication DataPinnacle Studio
2009-06-02 21:19:52 —-D—- C:Documents and SettingsAll UsersApplication DataPinnacle
2009-06-02 21:19:49 —-D—- C:Program FilesPinnacle
2009-06-02 21:19:29 —-D—- C:Documents and SettingspovorovaApplication DataInstallShield
2009-06-01 04:05:56 —-D—- C:Documents and SettingspovorovaApplication DataSamsung
2009-06-01 03:47:59 —-D—- C:Новая папка
2009-06-01 03:38:21 —-D—- C:WINDOWSsystem32NtmsData
2009-06-01 03:15:25 —-A—- C:WINDOWSsystem32framedyn.dll
2009-06-01 02:49:03 —-D—- C:WINDOWSsystem32Samsung_USB_Drivers
2009-06-01 02:48:51 —-D—- C:Program FilesSamsung
2009-05-31 22:35:44 —-D—- C:Program FilesABBYY Lingvo 10 First Step======List of files/folders modified in the last 1 months======
2009-06-28 11:26:35 —-D—- C:WINDOWSPrefetch
2009-06-28 11:08:45 —-D—- C:WINDOWSsystem32
2009-06-28 11:08:45 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-06-28 10:56:34 —-D—- C:WINDOWS
2009-06-28 10:54:21 —-D—- C:WINDOWSsystem32CatRoot2
2009-06-28 10:54:11 —-A—- C:WINDOWSsystem.ini
2009-06-28 10:51:12 —-D—- C:WINDOWSsystem32drivers
2009-06-28 10:51:12 —-D—- C:WINDOWSAppPatch
2009-06-28 10:50:57 —-D—- C:Program FilesCommon Files
2009-06-28 10:40:51 —-SHD—- C:System Volume Information
2009-06-28 10:40:51 —-D—- C:WINDOWSsystem32Restore
2009-06-28 10:39:38 —-A—- C:WINDOWSSchedLgU.Txt
2009-06-28 10:08:07 —-D—- C:download
2009-06-28 03:32:17 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-06-28 02:46:02 —-SHD—- C:WINDOWSInstaller
2009-06-28 02:42:23 —-SD—- C:WINDOWSDownloaded Program Files
2009-06-28 02:40:37 —-RD—- C:Program Files
2009-06-28 02:40:35 —-D—- C:Documents and SettingspovorovaApplication DataMozilla
2009-06-28 01:50:32 —-D—- C:Documents and Settings
2009-06-26 17:35:04 —-SHD—- C:WINDOWSCSC
2009-06-25 01:53:25 —-D—- C:Temp
2009-06-25 01:08:36 —-HD—- C:WINDOWSinf
2009-06-25 00:12:39 —-D—- C:WINDOWSsystem32ru-ru
2009-06-25 00:12:39 —-D—- C:WINDOWSHelp
2009-06-25 00:12:39 —-D—- C:Program FilesInternet Explorer
2009-06-25 00:09:36 —-D—- C:WINDOWSie8updates
2009-06-25 00:07:00 —-D—- C:WINDOWSWBEM
2009-06-25 00:07:00 —-D—- C:WINDOWSMedia
2009-06-25 00:06:59 —-SD—- C:WINDOWSTasks
2009-06-24 22:47:08 —-A—- C:WINDOWSimsins.BAK
2009-06-24 22:47:05 —-HD—- C:WINDOWS$hf_mig$
2009-06-24 22:47:05 —-D—- C:WINDOWSsystem32CatRoot
2009-06-22 01:42:34 —-D—- C:Program FilesYandex
2009-06-21 23:13:53 —-D—- C:Program FilesCommon FilesSystem
2009-06-20 01:35:40 —-SD—- C:Documents and SettingspovorovaApplication DataMicrosoft
2009-06-19 23:43:42 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-06-12 08:14:53 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-06-10 03:07:31 —-HD—- C:Program FilesInstallShield Installation Information
2009-06-07 23:47:51 —-D—- C:Program FilesWindows Media Player
2009-06-07 23:18:47 —-D—- C:Program FilesCommon FilesReal
2009-06-07 23:18:47 —-D—- C:Documents and SettingspovorovaApplication DataReal
2009-06-07 16:42:55 —-A—- C:WINDOWSwin.ini
2009-06-07 03:50:36 —-D—- C:Program FilesWindows Media Connect 2
2009-06-03 03:44:14 —-D—- C:Program FilesCommon FilesInstallShield
2009-06-03 03:26:15 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-06-03 03:01:21 —-D—- C:WINDOWSsystem32appmgmt
2009-06-03 02:56:47 —-D—- C:Program FilesWinRAR
2009-06-03 02:30:47 —-D—- C:WINDOWSsystem32DirectX
2009-06-03 01:16:58 —-D—- C:WINDOWSWinSxS
2009-06-03 01:16:27 —-RSD—- C:WINDOWSFonts
2009-06-02 21:36:26 —-D—- C:WINDOWSRegistration
2009-06-02 21:35:28 —-D—- C:WINDOWSsystem32mui
2009-06-02 21:34:01 —-A—- C:AUTOEXEC.BAT
2009-06-01 20:51:12 —-A—- C:WINDOWSsystem32MRT.exe======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2009-02-06 26944]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2009-02-06 114768]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2009-02-06 51376]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-14 40704]
R1 NHostNT1;NetOp Driver 1 ver. 9.00 (2006161); C:WINDOWSSystem32DriversNHOSTNU1.SYS [2006-06-10 91408]
R1 StarOpen;StarOpen; C:WINDOWSsystem32driversStarOpen.sys [2009-06-01 5632]
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2009-02-06 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2009-02-06 94032]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2009-02-06 23152]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:WINDOWSsystem32DRIVERSe1e5132.sys [2007-06-15 254872]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:WINDOWSsystem32DRIVERSGEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-13 144384]
R3 HECI;Intel(R) Management Engine Interface; C:WINDOWSsystem32DRIVERSHECI.sys [2007-03-13 44672]
R3 ialm;ialm; C:WINDOWSsystem32DRIVERSigxpmp32.sys [2007-06-15 5761760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-06-15 4402176]
R3 MarvinBus;Pinnacle Marvin Bus; C:WINDOWSsystem32DRIVERSMarvinBus.sys [2007-01-04 171520]
R3 NHOSTNU3;NetOp Driver 3 ver. 9.00 (2006161) (NHOSTNU3); C:WINDOWSSystem32DriversNHOSTNU3.SYS [2006-06-10 3216]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-14 61824]
R3 USB_RNDIS_51;ZTE USB Remote NDIS Device Driver; C:WINDOWSsystem32DRIVERSusb8023.sys [2008-04-14 12800]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-14 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
S1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-14 14720]
S3 61883;Устройство 61883; C:WINDOWSsystem32DRIVERS61883.sys [2008-04-14 48128]
S3 Avc;Устройство AVC; C:WINDOWSsystem32DRIVERSavc.sys [2008-04-14 38912]
S3 catchme;catchme; ??C:DOCUME~1povorovaLOCALS~1Tempcatchme.sys []
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-14 10368]
S3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
S3 MSDV;Microsoft DV Camera and VCR; C:WINDOWSsystem32DRIVERSmsdv.sys [2008-04-14 51200]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-14 10880]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:WINDOWSsystem32driverssfng32.sys [2005-12-02 41728]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-14 11136]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:WINDOWSsystem32DRIVERSss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:WINDOWSsystem32DRIVERSss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:WINDOWSsystem32DRIVERSss_mdm.sys [2007-05-02 109704]
S3 STHDA;SigmaTel High Definition Audio CODEC; C:WINDOWSsystem32driverssthda.sys [2006-07-27 1171464]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-14 15232]
S3 usb_rndisx;Адаптер USB RNDIS; C:WINDOWSsystem32DRIVERSusb8023x.sys [2008-04-14 12800]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-14 32128]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:WINDOWSsystem32DRIVERSwpdusb.sys []
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-05-29 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-02-06 18752]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-02-06 138680]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-12-12 238888]
R2 Capture Device Service;Capture Device Service; C:Program FilesCommon FilesInterVideoDeviceServiceDevSvc.exe [2007-03-06 198168]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-05-16 152984]
R2 Lotus Notes Single Logon;Средства общего входа Lotus Notes; C:WINDOWSsystem32nslsvice.exe [2004-01-09 20530]
R2 Multi-user Cleanup Service;Multi-user Cleanup Service; C:Program Fileslotusnotesntmulti.exe [2004-01-09 57393]
R2 NetOp Host for NT Service;NetOp Helper ver. 9.00 (2006161); C:Program FilesDanware DataNetOp Remote ControlHOSTNHOSTSWC.EXE [2006-06-10 1212688]
R2 UleadBurningHelper;Ulead Burning Helper; C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe [2007-03-03 67056]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-02-06 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-02-06 352920]
R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2009-05-30 541992]
S2 PCLEPCI;PCLEPCI; C:WINDOWSsystem32driverspclepci.sys [2005-02-09 14165]
S3 aspnet_state;Служба состояний ASP.NET; C:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2004-07-15 32768]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
info.txt logfile of random’s system information tool 1.06 2009-06-28 04:12:46======Uninstall list======
—>»C:Program FilesInstallShield Installation Information{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}setup.exe» —u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
—>MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ABBYY Lingvo 10 First Step (En-Ru-En)—>MsiExec.exe /I{4183F2C2-CD6B-4E77-9EFC-410FE491AC01}
ACDSee 9 Photo Manager—>MsiExec.exe /X{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238}
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 7.0.5 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A70500000002}
Apple Mobile Device Support—>MsiExec.exe /I{659B48CD-0608-4ED5-94C0-0B6C87114F10}
Apple Software Update—>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Auto Gordian Knot 2.40—>E:Program FilesAutoGKuninst.exe
avast! Antivirus—>C:Program FilesAlwil SoftwareAvast4aswRunDll.exe «C:Program FilesAlwil SoftwareAvast4Setupsetiface.dll»,RunSetup
AviSynth 2.5—>»E:Program FilesAviSynth 2.5Uninstall.exe»
Bonjour—>MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
BS.Player PRO—>»E:Program FilesBSplayerProuninstall.exe»
Canon Camera Support Core Library—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{91F1A0D6-23AD-49FE-8D4E-379485652214} /l1033
Canon Camera Window DS for ZoomBrowser EX—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}
Canon Camera Window DVC for ZoomBrowser EX—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{4C96958A-6562-4143-B820-FF4890D3B734}
Canon Camera Window for ZoomBrowser EX—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{C7281207-4AA4-425E-B57A-0E9EF8445635}
Canon MovieEdit Task for ZoomBrowser EX—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}
Canon PhotoRecord—>MsiExec.exe /X{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}
Canon RAW Image Task for ZoomBrowser EX—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{45EF4EE3-F591-4B74-A477-0CAE12934CE7}
Canon RemoteCapture Task for ZoomBrowser EX—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{28291BD5-92D2-4685-82DC-CCA925C53CCA}
Canon ZoomBrowser EX—>MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
Codec 8.1 build 12—>»C:Program FilesCodecUninstallunins000.exe»
FAR file manager—>C:Program FilesFarUninstall.exe
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
HijackThis 2.0.2—>»C:Program FilesTrend MicroHijackThisHijackThis.exe» /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)—>»C:WINDOWS$NtUninstallKB929399$spuninstspuninst.exe»
ICQ6.5—>»C:Program FilesInstallShield Installation Information{60DE4033-9503-48D1-A483-7846BD217CA9}setup.exe» -runfromtemp -l0x0009 -removeonly
Intel Audio Studio 2.0—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime10�1Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2205E3A5-DCDC-461D-8ED6-D6F2341D3B64}setup.exe» -l0x9
Intel(R) Graphics Media Accelerator Driver—>C:WINDOWSsystem32igxpun.exe -uninstall
Intel(R) Management Engine Interface—>C:WINDOWSsystem32heciudlg.exe -uninstall
Intel(R) PRO Network Connections 12.1.12.0—>MsiExec.exe /i{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} ARPREMOVE=1
InterVideo DeviceService—>MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
iTunes—>MsiExec.exe /I{CC5702D7-86E2-45A8-99D7-E8B976ADCC56}
Java(TM) 6 Update 13—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
LocalBDE—>C:WINDOWSuninst.exe -f»C:Program FilesuitLocalBDEDeIsL5.isu» -cC:PROGRA~1uitLocalBDE_ISREG32.DLL
Lotus Notes 6.5.1 ru—>MsiExec.exe /I{567F6ADC-DDC7-46FE-9317-C681974F1BB7}
Microsoft .NET Framework 1.1 Hotfix (KB928366)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WINDOWSMicrosoft.NETFrameworkv1.1.4322UpdatesM928366M928366Uninstall.msp»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft ActiveSync—>MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP—>»C:WINDOWS$NtUninstallMSCompPackV1$spuninstspuninst.exe»
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003—>MsiExec.exe /I{90510409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0—>»C:WINDOWS$NtUninstallWudf01000$spuninstspuninst.exe»
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
MSXML 4.0 SP2 (KB927978)—>MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK—>MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Navitel Navigator—>»C:Program FilesMicrosoft ActiveSyncNavitel Navigatoruninstall.exe»
Nero 8 Micro 8.3.2.1—>»C:Program FilesNerounins000.exe»
NetOp Host—>C:WINDOWSISUNINST.EXE -f»C:Program FilesDanware DataNetOp Remote ControlHOSTDeIsL1.isu» -c»C:Program FilesDanware DataNetOp Remote ControlHOSTUNINSTLL.DLL»
Opera 9.64—>MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
Pinnacle Bender 32-bit—>MsiExec.exe /X{92A63804-501A-44B2-8EC3-8B8DFA2E97B2}
Pinnacle Instant DVD Recorder—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime�9�1Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}setup.exe» -l0x19 UNINSTALL
proDAD Heroglyph 2.5—>»C:Program FilesproDADHeroglyph-2.5uninstall.exe» uninstall spcp PATHVERSION 2.5 MAINNAME Heroglyph
proDAD Vitascene 1.0—>»C:Program FilesproDADVitascene-1.0uninstall.exe» uninstall spcp PATHVERSION 1.0 MAINNAME Vitascene
QuickTime—>MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}Setup.exe» -l0x19 -removeonly
River Past Video Perspective—>C:WINDOWSVideo Perspective Uninstaller.exe
SAMSUNG CDMA Modem Driver Set—>C:WINDOWSsystem32Samsung_USB_Drivers3SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software—>C:WINDOWSsystem32Samsung_USB_Drivers6SSBCUninstall.exe
Samsung Mobile phone USB driver Software—>C:WINDOWSsystem32Samsung_USB_Drivers5SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software—>C:WINDOWSsystem32Samsung_USB_Drivers1SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software—>C:WINDOWSsystem32Samsung_USB_Drivers2SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer—>»C:Program FilesInstallShield Installation Information{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}setup.exe» -runfromtemp -l0x0019 -removeonly
Samsung PC Studio 3—>»C:Program FilesInstallShield Installation Information{C4A4722E-79F9-417C-BD72-8D359A090C97}setup.exe» -runfromtemp -l0x0019 -removeonly
Studio 11 Bonus DVD—>C:Program FilesInstallShield Installation Information{45A1BF92-700A-4408-B95E-79F462E3D67D}setup.exe -runfromtemp -l0x0019 UNINSTALL -removeonly
Studio 11—>C:Program FilesInstallShield Installation Information{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}Setup2.exe -runfromtemp -l0x0019 UNINSTALL -removeonly
Ulead VideoStudio 11—>C:Program FilesInstallShield Installation Information{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}setup.exe -runfromtemp -l0x0409
VobSub v2.23 (Remove Only)—>»E:Program FilesVobSubuninstall.exe»
Windows XP Service Pack 3—>»C:WINDOWS$NtServicePackUninstall$spuninstspuninst.exe»
Xilisoft Video Converter—>E:Program FilesVideo Converter 3Uninstall.exe
XviD MPEG4 Video Codec (remove only)—>»C:WINDOWSsystem32xvid-uninstall.exe»
Yahoo! Desktop Login—>MsiExec.exe /I{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Звуковое устройство SigmaTel Audio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime10�1Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}Setup.exe» -l0x19 -remove -removeonly
Исправление для Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Исправление для проигрывателя Windows Media 11 — (KB939683)—>»C:WINDOWS$NtUninstallKB939683$spuninstspuninst.exe»
Критическое обновление для проигрывателя Windows Media 11 — (KB959772)—>»C:WINDOWS$NtUninstallKB959772_WM11$spuninstspuninst.exe»
Обновление безопасности для Windows XP — (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB923789)—>C:WINDOWSsystem32MacroMedFlashgenuinst.exe C:WINDOWSsystem32MacroMedFlashKB923789.inf
Обновление безопасности для Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954211)—>»C:WINDOWS$NtUninstallKB954211$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954459)—>»C:WINDOWS$NtUninstallKB954459$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956391)—>»C:WINDOWS$NtUninstallKB956391$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956841)—>»C:WINDOWS$NtUninstallKB956841$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958215)—>»C:WINDOWS$NtUninstallKB958215$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958690)—>»C:WINDOWS$NtUninstallKB958690$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB959426)—>»C:WINDOWS$NtUninstallKB959426$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960225)—>»C:WINDOWS$NtUninstallKB960225$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960714)—>»C:WINDOWS$NtUninstallKB960714$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960715)—>»C:WINDOWS$NtUninstallKB960715$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961373)—>»C:WINDOWS$NtUninstallKB961373$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961501)—>»C:WINDOWS$NtUninstallKB961501$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB968537)—>»C:WINDOWS$NtUninstallKB968537$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB969897)—>»C:WINDOWS$NtUninstallKB969897$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB969898)—>»C:WINDOWS$NtUninstallKB969898$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB970238)—>»C:WINDOWS$NtUninstallKB970238$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 11 — (KB936782)—>»C:WINDOWS$NtUninstallKB936782_WMP11$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 11 — (KB954154)—>»C:WINDOWS$NtUninstallKB954154_WM11$spuninstspuninst.exe»
Обновление для Windows XP (KB951978)—>»C:WINDOWS$NtUninstallKB951978$spuninstspuninst.exe»
Обновление для Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
Обновление для Windows XP (KB967715)—>»C:WINDOWS$NtUninstallKB967715$spuninstspuninst.exe»
Пакет драйверов Windows — Pinnacle Systems (BENDER) Media (11/21/2005 2.0.19.0)—>rundll32.exe C:PROGRA~1DIFX4A46D8A01D3E2287DIFxAppA.dll, DIFxARPUninstallDriverPackage C:WINDOWSsystem32DRVSTOREPCLEBend_751CCE8DB684339E3B7C1F674E51E7966E991B50PCLEBend.inf
Пакет обеспечения совместимости для выпуска 2007 системы Microsoft Office—>MsiExec.exe /X{90120000-0020-0419-0000-0000000FF1CE}=====HijackThis Backups=====
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60341 [2009-06-27]
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yandex.ru/?clid=44290 [2009-06-27]
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341 [2009-06-27]
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60341 [2009-06-27]
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll [2009-06-27]
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки [2009-06-27]
O16 — DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) — http://sdlc-esd.sun.com/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?AuthParam=1242501619_b1135061ca75668ad38cb9dc0ba91ec1&GroupName=JSC&FilePath=/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab&File=jinstall-6u13-windows-i586-jc.cab&BHost=javadl.sun.com [2009-06-28]======Security center information======
AV: avast! antivirus 4.8.1335 [VPS 090627-0] (disabled)
======System event log======
Computer Name: HOME
Event Code: 59
Message: Resolve Partial Assembly завершилась не удачно для Microsoft.Windows.Common-Controls.
Соответствующее сообщение об ошибке: Недостаточно системных ресурсов для завершения операции.
.Record Number: 9060
Source Name: SideBySide
Time Written: 20090618002927.000000+240
Event Type: ошибка
User:Computer Name: HOME
Event Code: 59
Message: Generate Activation Context завершилась не удачно для C:WINDOWSsystem32wuaucpl.cpl.
Соответствующее сообщение об ошибке: Операция успешно завершена.
.Record Number: 9059
Source Name: SideBySide
Time Written: 20090618002427.000000+240
Event Type: ошибка
User:Computer Name: HOME
Event Code: 59
Message: Resolve Partial Assembly завершилась не удачно для Microsoft.Windows.Common-Controls.
Соответствующее сообщение об ошибке: Недостаточно системных ресурсов для завершения операции.
.Record Number: 9058
Source Name: SideBySide
Time Written: 20090618002427.000000+240
Event Type: ошибка
User:Computer Name: HOME
Event Code: 59
Message: Generate Activation Context завершилась не удачно для C:WINDOWSsystem32wuaucpl.cpl.manifest.
Соответствующее сообщение об ошибке: Операция успешно завершена.
.Record Number: 9057
Source Name: SideBySide
Time Written: 20090618002427.000000+240
Event Type: ошибка
User:Computer Name: HOME
Event Code: 59
Message: Resolve Partial Assembly завершилась не удачно для Microsoft.Windows.Common-Controls.
Соответствующее сообщение об ошибке: Недостаточно системных ресурсов для завершения операции.
.Record Number: 9056
Source Name: SideBySide
Time Written: 20090618002427.000000+240
Event Type: ошибка
User:=====Application event log=====
Computer Name: HOME
Event Code: 216
Message: The NetOp Helper Service has adjusted the permissions onto grant
an access needed by NetOp.Care has been taken to avoid granting unnecessary permissions.
This message is for information only, No user action is necessary.
Record Number: 2519
Source Name: NetOp Host for NT Service
Time Written: 20090601035209.000000+240
Event Type: аудит — успех
User:Computer Name: HOME
Event Code: 216
Message: The NetOp Helper Service has adjusted the permissions onto grant
an access needed by NetOp.Care has been taken to avoid granting unnecessary permissions.
This message is for information only, No user action is necessary.
Record Number: 2518
Source Name: NetOp Host for NT Service
Time Written: 20090601035209.000000+240
Event Type: аудит — успех
User:Computer Name: HOME
Event Code: 216
Message: The NetOp Helper Service has adjusted the permissions onto grant
an access needed by NetOp.Care has been taken to avoid granting unnecessary permissions.
This message is for information only, No user action is necessary.
Record Number: 2517
Source Name: NetOp Host for NT Service
Time Written: 20090601035209.000000+240
Event Type: аудит — успех
User:Computer Name: HOME
Event Code: 0
Message:
Record Number: 2516
Source Name: ICQ Service
Time Written: 20090601035208.000000+240
Event Type: информация
User:Computer Name: HOME
Event Code: 1904
Message:
Record Number: 2515
Source Name: HHCTRL
Time Written: 20090601034517.000000+240
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%systemroot%system32;%systemroot%;%systemroot%system32wbem;C:Program FilesIntelDMIX;C:Program FilesSamsungSamsung PC Studio 3;C:Program FilesCommon FilesUlead SystemsMPEG;C:Program FilesQuickTimeQTSystem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 13, GenuineIntel
«PROCESSOR_REVISION»=0f0d
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«CLASSPATH»=.;C:Program FilesJavajre6libextQTJava.zip
«QTJAVA»=C:Program FilesJavajre6libextQTJava.zipЗдравствуйте, добро пожаловать на Spyware-ru форум.
Раз вы уже запускали Combofix, то воспользуемся этой программой для лечения компьютера.
Откройте блокнот (Кликните Пуск, Выполнить, в строке ввода введите notepad и нажмите Enter) и вставьте в него следующий текст:Registry::
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
"AppInit_DLLS"=""
File::
C:WINDOWSsystem32SiteAccess.dllЗапишите получившийся файл на ваш рабочий стол под именем CFScript
Далее перетащите получившийся файл на иконку Combofix, как показано на картинке ниже.
Сombofix запуститься и выполнит процедуры описанные в созданном нами файле.
По результатам работы Combofix будет создан новый лог, его и вставьте в свой следующий ответ.Дбрый вечер! Огромный респект и спасибо, после проведения указааной Вами процедуры баннер исчез. Еще раз Спасибо!
- Для ответа в этой теме необходимо авторизоваться.
