- This topic has 9 ответов, 2 участника, and was last updated 16 years, 2 months назад by
.
-
Сообщения
-
При вкл.компа появляется окно с записью об ошибке запуска.Просит восстановить VDOTool.Комп. запускается,но работает хуже,чем раньше.Удаление программы ни к чему не приводит.Спасибо.
Здравствуйте, добро пожаловать на Spyware-ru форум.
Скачайте сканер RSIT кликнув по этой ссылке и сохраните файл на вашем рабочем столе.
* Дважды кликните по скачанному файлу.
* Если у вас есть файрвал (firewall) и он покажет, что программа RSIT пытается выйти в Интернет, то разрешите ей.
* Кликните по кнопке Continue.
* Когда программа закончит работу, будут показаны два лога (log.txt и info.txt).Вставьте оба RSIT лога в ваш ответ. Каждый лог в отдельное сообщение.
Ne vsegda rabotaiut russ.klavishi.Da i prosto proverit na virusu.Spasibo. Logfile of random’s system information tool 1.05 (written by random/random)
Run by Игорь at 2009-03-23 09:38:46
Microsoft Windows XP Professional Service Pack 3
System drive C: has 125 GB (82%) free of 153 GB
Total RAM: 1023 MB (49% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:39:13, on 23.03.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
C:WINDOWSsystem32nvsvc32.exe
C:PROGRA~1DrWebspidernt.exe
C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesDrWebSpIDerAgent.exe
C:PROGRA~1DrWebspiderui.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesMessengermsmsgs.exe
C:Program FilesParagon SoftwareMultiLex 6multilex.exe
C:Program FilesABITCommonBinWinCinemaMgr.exe
C:Program FilesOperaopera.exe
C:Documents and SettingsAll UsersДокументыRSIT.exe
C:Program Filestrend microИгорь.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru?clid=40547&yasoft=online
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 — BHO: RealPlayer Download and Record Plugin for Internet Explorer — {3049C3E9-B461-4BC5-8870-4C09146192CA} — C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll
O2 — BHO: IEVkbdBHO — {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009ievkbd.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: (no name) — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — (no file)
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeqttask.exe» -atboottime
O4 — HKLM..Run: [NevoDRM] «C:Program FilesИгры от NevoSoftNevoDRMNevoDRM.exe»
O4 — HKLM..Run: [TkBellExe] «C:Program FilesCommon FilesRealUpdate_OBrealsched.exe» -osboot
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [adstopper] C:Program FilesAdStoperAdStopperTrayApp.exe
O4 — HKLM..Run: [SpIDerAgent] «C:Program FilesDrWebSpIDerAgent.exe»
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWebspiderml.exe»
O4 — HKLM..Run: [SpIDerGate] «C:Program FilesDrWebspidergate.exe» -autorun
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DrWebspiderui.exe /agent
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [MaxAntiSpy] C:Program FilesMaxAntiSpyMaxAntiSpy.exe
O4 — HKCU..Run: [Oxford Dictionary] «oxford.exe» /tray
O4 — HKCU..Run: [MultiLex 6] «C:Program FilesParagon SoftwareMultiLex 6multilex.exe» /tray
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKCU..Run: [Uniblue RegistryBooster 2009] C:Program FilesUniblueRegistryBoosterRegistryBooster.exe /S
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: InterVideo WinCinema Manager.lnk = C:Program FilesABITCommonBinWinCinemaMgr.exe
O8 — Extra context menu item: Найти в интернете — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Найти в словарях — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/283
O9 — Extra button: Статистика защиты веб-трафика — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009SCIEPlgn.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Bonjour — {7F9DB11C-E358-4ca6-A83D-ACC663939424} — C:Program FilesBonjourExplorerPlugin.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe (file missing)
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe (file missing)
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O10 — Unknown file in Winsock LSP: c:windowssystem32nwprovau.dll
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 — DPF: {08D390AE-5101-4701-A89F-6C6DADCCC402} (MSN Photo Select Tool) — http://photos.msn.co.uk/resources/neutral/controls/MsnPPick.cab?10,0,910,0
O16 — DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) — http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1225671624062
O16 — DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) — http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll
O23 — Service: Kaspersky Anti-Virus (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Dr.Web Scanning Engine (DrWebEngine) (DrWebEngine) — Doctor Web, Ltd. — C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSSystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSSystem32mnmsrvc.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DrWebspidernt.exe
O23 — Service: StarWind iSCSI Service (StarWindService) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSSystem32wbemwmiapsrv.exe—
End of file — 9461 bytes======Scheduled tasks folder======
C:WINDOWStasksAppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx [2001-04-16 37808][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer — C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll [2008-11-10 304736][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009ievkbd.dll [2008-11-11 62728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-12-01 667336][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C}
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-12-01 667336][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-06-28 16248320]
«SkyTel»=C:WINDOWSSkyTel.EXE [2006-05-16 2879488]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2008-09-06 413696]
«NevoDRM»=C:Program FilesИгры от NevoSoftNevoDRMNevoDRM.exe [2008-07-29 41984]
«TkBellExe»=C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [2008-11-10 185872]
«»= []
«Oxford Dictionary»= []
«MultiLex 6″= []
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2008-12-01 4412920]
«adstopper»=C:Program FilesAdStoperAdStopperTrayApp.exe []
«SpIDerAgent»=C:Program FilesDrWebSpIDerAgent.exe [2009-02-16 423152]
«SpIDerMail»=C:Program FilesDrWebspiderml.exe [2009-02-25 640240]
«SpIDerGate»=C:Program FilesDrWebspidergate.exe [2009-01-29 1451248]
«SpIDerNT»=C:PROGRA~1DrWebspiderui.exe [2008-12-15 197896]
«AVP»=C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe [2009-03-13 206088]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2008-09-17 13574144]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2008-09-17 86016][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232]
«MaxAntiSpy»=C:Program FilesMaxAntiSpyMaxAntiSpy.exe []
«Oxford Dictionary»=oxford.exe /tray []
«»= []
«MultiLex 6″=C:Program FilesParagon SoftwareMultiLex 6multilex.exe [2007-07-17 610304]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe -AutoStart []
«Uniblue RegistryBooster 2009″=C:Program FilesUniblueRegistryBoosterRegistryBooster.exe /S []C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
InterVideo WinCinema Manager.lnk — C:Program FilesABITCommonBinWinCinemaMgr.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2008-11-11 218376][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
UPnPMonitor — {e57ce738-33e8-4c51-8354-bb4de9d215d1} — C:WINDOWSsystem32upnpui.dll [2008-04-14 239616][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«authentication packages»=msv1_0
nwprovau
«notification packages»=
:WINDOWSsyste[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkUploadMgr]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«DisableCMD»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoFolderOptions»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe»=»C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe:*:Enabled:Kaspersky Anti-Virus»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:WINDOWSexplorer.exe»=»C:WINDOWSexplorer.exe:*:Enabled:ENABLE»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ad1325cc-2639-11dd-9a53-001966444e39}]
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycledctfmon.exe
shellOpen(&0)command — E:Recycledctfmon.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ad1325cd-2639-11dd-9a53-001966444e39}]
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycledctfmon.exe
shellOpen(&0)command — F:Recycledctfmon.exe======List of files/folders created in the last 1 months======
2009-03-15 11:39:03 —-D—- C:WINDOWSnview
2009-03-15 11:39:02 —-A—- C:WINDOWSsystem32nvuninst.exe
2009-03-15 11:39:02 —-A—- C:WINDOWSsystem32nvudisp.exe
2009-03-15 00:00:44 —-HDC—- C:WINDOWS$NtUninstallKB923689$
2009-03-14 17:26:15 —-A—- C:WINDOWSmuveeapp.INI
2009-03-14 17:19:05 —-D—- C:Program Filesmuvee Technologies
2009-03-14 17:19:05 —-D—- C:Program FilesCommon Filesmuvee Technologies
2009-03-14 17:18:29 —-D—- C:WINDOWSRegisteredPackages
2009-03-14 17:17:59 —-D—- C:Documents and SettingsAll UsersApplication Datamuvee Technologies
2009-03-14 15:28:19 —-D—- C:rsit
2009-03-14 15:28:19 —-D—- C:Program Filestrend micro
2009-03-14 12:12:03 —-D—- C:Documents and SettingsИгорьApplication DataMalwarebytes
2009-03-14 12:11:57 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2009-03-14 12:11:56 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2009-03-13 20:44:04 —-D—- C:Program FilesCommon FilesDoctor Web
2009-03-13 20:43:58 —-D—- C:Documents and SettingsAll UsersApplication DataDoctor Web
2009-03-13 13:14:44 —-D—- C:Program FilesYandex
2009-03-13 12:38:32 —-D—- C:Documents and SettingsИгорьApplication DataMozilla
2009-03-13 12:25:48 —-D—- C:Program FilesOpera 10 Preview
2009-03-11 13:08:44 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-03-11 13:08:41 —-HDC—- C:WINDOWS$NtUninstallKB938464-v2$
2009-03-11 13:08:35 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-03-11 13:04:41 —-D—- C:Documents and SettingsИгорьApplication DataMra
2009-03-10 22:39:15 —-D—- C:Documents and SettingsИгорьApplication DataLavasoft
2009-03-10 21:31:21 —-A—- C:WINDOWSsystem32guard32(2)(2).dll
2009-03-10 20:54:14 —-D—- C:Documents and SettingsИгорьApplication DataMra(2)
2009-03-10 19:46:22 —-D—- C:Documents and SettingsИгорьApplication DataComodo
2009-03-10 19:46:21 —-D—- C:Program FilesCOMODO
2009-03-10 19:46:21 —-D—- C:Documents and SettingsAll UsersApplication Datacomodo
2009-03-10 16:31:36 —-D—- C:WINDOWSMinidump
2009-02-27 16:53:03 —-HDC—- C:WINDOWS$NtUninstallKB967715$======List of files/folders modified in the last 1 months======
2009-03-23 09:38:53 —-D—- C:WINDOWSPrefetch
2009-03-23 09:38:48 —-D—- C:WINDOWSTemp
2009-03-23 07:43:37 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-03-23 07:42:02 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-23 00:48:52 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-17 17:13:26 —-AC—- C:WINDOWSDFC.INI
2009-03-16 14:52:21 —-RD—- C:Program Files
2009-03-15 11:48:36 —-D—- C:WINDOWS
2009-03-15 11:40:17 —-HD—- C:WINDOWSinf
2009-03-15 11:39:40 —-SHD—- C:WINDOWSInstaller
2009-03-15 11:39:29 —-SHD—- C:Config.Msi
2009-03-15 11:39:25 —-D—- C:Program FilesOpera
2009-03-15 11:39:16 —-D—- C:WINDOWSsystem32
2009-03-15 11:39:16 —-D—- C:WINDOWSHelp
2009-03-15 11:38:56 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-15 11:38:46 —-D—- C:WINDOWSsystem32drivers
2009-03-15 00:06:19 —-D—- C:WINDOWSsystem32CatRoot
2009-03-15 00:04:33 —-HDC—- C:WINDOWS$NtUninstallKB941569$
2009-03-15 00:04:19 —-A—- C:WINDOWSimsins.BAK
2009-03-14 17:23:41 —-HD—- C:Program FilesInstallShield Installation Information
2009-03-14 17:19:28 —-RSD—- C:WINDOWSFonts
2009-03-14 17:19:21 —-ASH—- C:AUTOEXEC.BAT
2009-03-14 17:19:05 —-D—- C:Program FilesCommon Files
2009-03-14 17:14:01 —-D—- C:Program FilesVDOTool
2009-03-14 17:11:55 —-D—- C:WINDOWSsystem32DirectX
2009-03-14 13:28:28 —-D—- C:Program FilesDrWeb
2009-03-14 10:56:47 —-D—- C:Documents and SettingsИгорьApplication DataUniblue
2009-03-14 10:40:18 —-D—- C:Program FilesAdStoper
2009-03-14 10:29:25 —-D—- C:Documents and SettingsИгорьApplication DataYandex
2009-03-13 22:46:14 —-D—- C:Program FilesKaspersky Lab
2009-03-13 22:43:16 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2009-03-13 21:54:47 —-SD—- C:WINDOWSTasks
2009-03-13 20:34:21 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-03-13 13:17:46 —-D—- C:Program FilesMozilla Firefox
2009-03-13 12:25:58 —-D—- C:Documents and SettingsИгорьApplication DataOpera
2009-03-11 13:08:44 —-HD—- C:WINDOWS$hf_mig$
2009-03-11 13:08:42 —-D—- C:WINDOWSWinSxS
2009-03-11 13:05:05 —-D—- C:WINDOWSsystem32config
2009-03-11 13:04:55 —-D—- C:WINDOWSsystem32wbem
2009-03-11 13:04:55 —-D—- C:WINDOWSRegistration
2009-03-11 13:04:40 —-D—- C:Program FilesMail.Ru
2009-03-11 13:04:19 —-D—- C:Program FilesBonjour
2009-03-11 13:04:13 —-D—- C:WINDOWSsystem32RTCOM
2009-03-11 13:04:08 —-D—- C:Program FilesRealtek
2009-03-10 19:10:59 —-SD—- C:WINDOWSDownloaded Program Files
2009-02-27 16:54:30 —-D—- C:Program FilesMicrosoft Silverlight
2009-02-25 12:55:00 —-A—- C:WINDOWSsystem32MRT.exe
2009-02-24 23:18:23 —-D—- C:WINDOWSnetwork diagnostic======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSSystem32DRIVERSintelppm.sys [2008-04-14 40704]
R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2009-03-13 226832]
R1 Tcpip6;Драйвер протокола IPv6 (Microsoft); C:WINDOWSsystem32DRIVERStcpip6.sys [2008-06-20 225856]
R2 irda;ИК-протокол IrDA; C:WINDOWSSystem32DRIVERSirda.sys [2008-04-13 88192]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS-совместимый транспортный протокол; C:WINDOWSsystem32DRIVERSnwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:WINDOWSsystem32DRIVERSnwlnknb.sys [2001-10-20 63232]
R2 NwlnkSpx;Протокол NWLink SPX/SPXII; C:WINDOWSsystem32DRIVERSnwlnkspx.sys [2001-10-20 55936]
R2 SPIDER;SpIDer Guard File System Monitor; ??C:PROGRA~1DrWebspider.sys []
R3 Cap7134;Cap7134 Capture; C:WINDOWSsystem32DRIVERSCap7134.sys [2008-03-28 407072]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:WINDOWSSystem32DriversGEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-06-28 4304384]
R3 irsir;Драйвер для инфракрасного последовательного порта Microsoft; C:WINDOWSSystem32DRIVERSirsir.sys [2001-08-17 18688]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2008-04-30 24592]
R3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2008-09-17 6132576]
R3 NWRDR;NetWare Rdr; C:WINDOWSsystem32DRIVERSnwrdr.sys [2008-04-13 163584]
R3 PhTVTune;Cap7134 TVTuner; C:WINDOWSsystem32DRIVERSPhTVTune.sys [2008-03-28 57152]
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSSystem32DRIVERSrasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2001-10-20 5888]
R3 tunmp;Драйвер адаптера минипорта Microsoft Tun; C:WINDOWSsystem32DRIVERStunmp.sys [2008-04-13 12288]
R3 USB_RNDIS;D-Link DSL Bridge/Router; C:WINDOWSsystem32DRIVERSusb8023.sys [2008-04-13 12800]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSSystem32DRIVERSusbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSSystem32DRIVERSusbhub.sys [2008-04-13 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSSystem32DRIVERSusbuhci.sys [2008-04-13 20608]
S3 Bridge;MAC-мост; C:WINDOWSsystem32DRIVERSbridge.sys [2008-04-13 71552]
S3 BridgeMP;Минипорт MAC-моста; C:WINDOWSsystem32DRIVERSbridge.sys [2008-04-13 71552]
S3 Cardex;Cardex; ??C:WINDOWSsystem32driversTBPANEL.SYS []
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-13 10880]
S3 nm;Драйвер сетевого монитора; C:WINDOWSsystem32DRIVERSNMnt.sys [2008-04-13 40320]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtenicxp.sys [2007-04-14 94592]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-13 15232]
S3 TBPanel;TBPanel; C:WINDOWSsystem32driversTBPanel.sys [2007-03-16 12256]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-13 32128]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-13 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-13 19200]
S4 dwshd;dwshd; C:WINDOWSSystem32driversdwshd.sys []
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Служба поддержки IPv6; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R2 AVP;Kaspersky Anti-Virus; C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe [2009-03-13 206088]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-08-29 238888]
R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine); C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe [2009-01-21 886072]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSSystem32svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2008-09-17 163908]
R2 NWCWorkstation;Клиент для сетей NetWare; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R2 NwSapAgent;Агент SAP; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DrWebspidernt.exe [2008-12-15 197896]
R2 StarWindService;StarWind iSCSI Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe [2005-04-02 217600]
EOF
Ваш компьютер так же заражён autorun.inf трояном.
Прочитайте эту инструкцию Flash_Disinfector ещё одно оружие против autorun.inf троянов.* Отключите ваш антивирус.
* Скачайте и запустите Flash_Disinfector.
* По требованию программы вставьте ваш флэш диск или подключите другие внешние устройства хранения информации.Примечание: запускайте программу столько раз, сколько нужно чтобы очистить все ваши подключаемые диски.
Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите OTMoveIt3 и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.:Processes
explorer.exe
:services
dwshd
:reg
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
"Notification Packages"=hex(7):73,00,63,00,65,00,63,00,6c,00,69,00,00,00,00,00
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ad1325cc-2639-11dd-9a53-001966444e39}]
[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ad1325cd-2639-11dd-9a53-001966444e39}]
:files
C:WINDOWSSystem32driversdwshd.sys
F:Recycledctfmon.exe
E:Recycledctfmon.exe
:Commands
[emptytemp]
[start explorer]
[Reboot]Проверьте вставленный скрипт, если слева перед директивами появились пробелы, то удалите их, скрипт должен выглядеть так же как в сообщении. Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMoveItMovedFiles.Вставьте в ваше ответное сообщение содержимое этого лога. И ещё приложите свежий RSIT лог.
Здравствуйте!
Высылаю лог от OTMovelt3.Спасибо.
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
ServiceDriver dwshd not found.
ServiceDriver key dwshd deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa\»Notification Packages»|hex(7):73,00,63,00,65,00,63,00,6c,00,69,00,00,00,00,00 /E : value set successfully!
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ad1325cc-2639-11dd-9a53-001966444e39}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ad1325cd-2639-11dd-9a53-001966444e39}\ deleted successfully.
========== FILES ==========
File/Folder C:WINDOWSSystem32driversdwshd.sys not found.
File/Folder F:Recycledctfmon.exe not found.
File/Folder E:Recycledctfmon.exe not found.
========== COMMANDS ==========
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
FireFox cache emptied.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps009adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps009md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps009url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps009w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps009wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps001adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps001md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps001url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps001w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps001wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps000adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps000md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps000url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps000w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps000wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilecache4temporary_downloadOTMoveIt3 (1).exe scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilecache4temporary_downloadOTMoveIt3 (2).exe scheduled to be deleted on reboot.
Opera cache emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.9.0 log created on 03262009_105246
Files moved on Reboot…
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps009adoc.bx moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps009md.dat moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps009url.ax moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps009w.ax moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps009wb.vx moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps001adoc.bx moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps001md.dat moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps001url.ax moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps001w.ax moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps001wb.vx moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps000adoc.bx moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps000md.dat moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps000url.ax moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps000w.ax moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilevps000wb.vx moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilecache4temporary_downloadOTMoveIt3 (1).exe moved successfully.
C:Documents and SettingsИгорьLocal SettingsApplication DataOperaOperaProfilecache4temporary_downloadOTMoveIt3 (2).exe moved successfully.Logfile of random’s system information tool 1.05 (written by random/random)
Run by Игорь at 2009-03-26 11:26:34
Microsoft Windows XP Professional Service Pack 3
System drive C: has 126 GB (82%) free of 153 GB
Total RAM: 1023 MB (59% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:26:40, on 26.03.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSnotepad.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesDrWebSpIDerAgent.exe
C:PROGRA~1DrWebspidernt.exe
C:PROGRA~1DrWebspiderui.exe
C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesParagon SoftwareMultiLex 6multilex.exe
C:Program FilesOperaopera.exe
C:Documents and SettingsAll UsersДокументыRSIT.exe
C:Program Filestrend microИгорь.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru?clid=40547&yasoft=online
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 — BHO: RealPlayer Download and Record Plugin for Internet Explorer — {3049C3E9-B461-4BC5-8870-4C09146192CA} — C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll
O2 — BHO: IEVkbdBHO — {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009ievkbd.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: (no name) — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — (no file)
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeqttask.exe» -atboottime
O4 — HKLM..Run: [NevoDRM] «C:Program FilesИгры от NevoSoftNevoDRMNevoDRM.exe»
O4 — HKLM..Run: [TkBellExe] «C:Program FilesCommon FilesRealUpdate_OBrealsched.exe» -osboot
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [adstopper] C:Program FilesAdStoperAdStopperTrayApp.exe
O4 — HKLM..Run: [SpIDerAgent] «C:Program FilesDrWebSpIDerAgent.exe»
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWebspiderml.exe»
O4 — HKLM..Run: [SpIDerGate] «C:Program FilesDrWebspidergate.exe» -autorun
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DrWebspiderui.exe /agent
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe»
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [MaxAntiSpy] C:Program FilesMaxAntiSpyMaxAntiSpy.exe
O4 — HKCU..Run: [Oxford Dictionary] «oxford.exe» /tray
O4 — HKCU..Run: [MultiLex 6] «C:Program FilesParagon SoftwareMultiLex 6multilex.exe» /tray
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKCU..Run: [Uniblue RegistryBooster 2009] C:Program FilesUniblueRegistryBoosterRegistryBooster.exe /S
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: InterVideo WinCinema Manager.lnk = C:Program FilesABITCommonBinWinCinemaMgr.exe
O8 — Extra context menu item: Найти в интернете — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Найти в словарях — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/283
O9 — Extra button: Статистика защиты веб-трафика — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009SCIEPlgn.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Bonjour — {7F9DB11C-E358-4ca6-A83D-ACC663939424} — C:Program FilesBonjourExplorerPlugin.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe (file missing)
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe (file missing)
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O10 — Unknown file in Winsock LSP: c:windowssystem32nwprovau.dll
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 — DPF: {08D390AE-5101-4701-A89F-6C6DADCCC402} (MSN Photo Select Tool) — http://photos.msn.co.uk/resources/neutral/controls/MsnPPick.cab?10,0,910,0
O16 — DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) — http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1225671624062
O16 — DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) — http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll
O23 — Service: Kaspersky Anti-Virus (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Dr.Web Scanning Engine (DrWebEngine) (DrWebEngine) — Doctor Web, Ltd. — C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSSystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSSystem32mnmsrvc.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DrWebspidernt.exe
O23 — Service: StarWind iSCSI Service (StarWindService) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSSystem32wbemwmiapsrv.exe—
End of file — 9401 bytes======Scheduled tasks folder======
C:WINDOWStasksAppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx [2001-04-16 37808][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer — C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll [2008-11-10 304736][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009ievkbd.dll [2008-11-11 62728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-12-01 667336][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C}
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2008-12-01 667336][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-06-28 16248320]
«SkyTel»=C:WINDOWSSkyTel.EXE [2006-05-16 2879488]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2008-09-06 413696]
«NevoDRM»=C:Program FilesИгры от NevoSoftNevoDRMNevoDRM.exe [2008-07-29 41984]
«TkBellExe»=C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [2008-11-10 185872]
«»= []
«Oxford Dictionary»= []
«MultiLex 6″= []
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2008-12-01 4412920]
«adstopper»=C:Program FilesAdStoperAdStopperTrayApp.exe []
«SpIDerAgent»=C:Program FilesDrWebSpIDerAgent.exe [2009-02-16 423152]
«SpIDerMail»=C:Program FilesDrWebspiderml.exe [2009-02-25 640240]
«SpIDerGate»=C:Program FilesDrWebspidergate.exe [2009-01-29 1451248]
«SpIDerNT»=C:PROGRA~1DrWebspiderui.exe [2008-12-15 197896]
«AVP»=C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe [2009-03-13 206088]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2008-09-17 13574144]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2008-09-17 86016][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232]
«MaxAntiSpy»=C:Program FilesMaxAntiSpyMaxAntiSpy.exe []
«Oxford Dictionary»=oxford.exe /tray []
«»= []
«MultiLex 6″=C:Program FilesParagon SoftwareMultiLex 6multilex.exe [2007-07-17 610304]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe -AutoStart []
«Uniblue RegistryBooster 2009″=C:Program FilesUniblueRegistryBoosterRegistryBooster.exe /S []C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
InterVideo WinCinema Manager.lnk — C:Program FilesABITCommonBinWinCinemaMgr.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2008-11-11 218376][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
UPnPMonitor — {e57ce738-33e8-4c51-8354-bb4de9d215d1} — C:WINDOWSsystem32upnpui.dll [2008-04-14 239616][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«authentication packages»=msv1_0
nwprovau[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkUploadMgr]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«DisableCMD»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe»=»C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe:*:Enabled:Kaspersky Anti-Virus»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:WINDOWSexplorer.exe»=»C:WINDOWSexplorer.exe:*:Enabled:ENABLE»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»======List of files/folders created in the last 1 months======
2009-03-26 10:52:46 —-D—- C:_OTMoveIt
2009-03-26 10:23:48 —-RASHD—- C:autorun.inf
2009-03-15 11:39:03 —-D—- C:WINDOWSnview
2009-03-15 11:39:02 —-A—- C:WINDOWSsystem32nvuninst.exe
2009-03-15 11:39:02 —-A—- C:WINDOWSsystem32nvudisp.exe
2009-03-15 00:00:44 —-HDC—- C:WINDOWS$NtUninstallKB923689$
2009-03-14 17:26:15 —-A—- C:WINDOWSmuveeapp.INI
2009-03-14 17:19:05 —-D—- C:Program Filesmuvee Technologies
2009-03-14 17:19:05 —-D—- C:Program FilesCommon Filesmuvee Technologies
2009-03-14 17:18:29 —-D—- C:WINDOWSRegisteredPackages
2009-03-14 17:17:59 —-D—- C:Documents and SettingsAll UsersApplication Datamuvee Technologies
2009-03-14 15:28:19 —-D—- C:rsit
2009-03-14 15:28:19 —-D—- C:Program Filestrend micro
2009-03-14 12:12:03 —-D—- C:Documents and SettingsИгорьApplication DataMalwarebytes
2009-03-14 12:11:57 —-D—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2009-03-14 12:11:56 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2009-03-13 20:44:04 —-D—- C:Program FilesCommon FilesDoctor Web
2009-03-13 20:43:58 —-D—- C:Documents and SettingsAll UsersApplication DataDoctor Web
2009-03-13 13:14:44 —-D—- C:Program FilesYandex
2009-03-13 12:38:32 —-D—- C:Documents and SettingsИгорьApplication DataMozilla
2009-03-13 12:25:48 —-D—- C:Program FilesOpera 10 Preview
2009-03-11 13:08:44 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-03-11 13:08:41 —-HDC—- C:WINDOWS$NtUninstallKB938464-v2$
2009-03-11 13:08:35 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-03-11 13:04:41 —-D—- C:Documents and SettingsИгорьApplication DataMra
2009-03-10 22:39:15 —-D—- C:Documents and SettingsИгорьApplication DataLavasoft
2009-03-10 21:31:21 —-A—- C:WINDOWSsystem32guard32(2)(2).dll
2009-03-10 20:54:14 —-D—- C:Documents and SettingsИгорьApplication DataMra(2)
2009-03-10 19:46:22 —-D—- C:Documents and SettingsИгорьApplication DataComodo
2009-03-10 19:46:21 —-D—- C:Program FilesCOMODO
2009-03-10 19:46:21 —-D—- C:Documents and SettingsAll UsersApplication Datacomodo
2009-03-10 16:31:36 —-D—- C:WINDOWSMinidump
2009-02-27 16:53:03 —-HDC—- C:WINDOWS$NtUninstallKB967715$======List of files/folders modified in the last 1 months======
2009-03-26 11:22:56 —-D—- C:WINDOWSTemp
2009-03-26 10:58:12 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-03-26 10:57:36 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-26 10:56:09 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-26 10:51:41 —-D—- C:WINDOWSPrefetch
2009-03-24 13:55:12 —-AC—- C:WINDOWSDFC.INI
2009-03-23 18:03:04 —-D—- C:WINDOWSsystem32CatRoot
2009-03-16 14:52:21 —-RD—- C:Program Files
2009-03-15 11:48:36 —-D—- C:WINDOWS
2009-03-15 11:40:17 —-HD—- C:WINDOWSinf
2009-03-15 11:39:40 —-SHD—- C:WINDOWSInstaller
2009-03-15 11:39:29 —-SHD—- C:Config.Msi
2009-03-15 11:39:25 —-D—- C:Program FilesOpera
2009-03-15 11:39:16 —-D—- C:WINDOWSsystem32
2009-03-15 11:39:16 —-D—- C:WINDOWSHelp
2009-03-15 11:38:56 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-15 11:38:46 —-D—- C:WINDOWSsystem32drivers
2009-03-15 00:04:33 —-HDC—- C:WINDOWS$NtUninstallKB941569$
2009-03-15 00:04:19 —-A—- C:WINDOWSimsins.BAK
2009-03-14 17:23:41 —-HD—- C:Program FilesInstallShield Installation Information
2009-03-14 17:19:28 —-RSD—- C:WINDOWSFonts
2009-03-14 17:19:21 —-ASH—- C:AUTOEXEC.BAT
2009-03-14 17:19:05 —-D—- C:Program FilesCommon Files
2009-03-14 17:14:01 —-D—- C:Program FilesVDOTool
2009-03-14 17:11:55 —-D—- C:WINDOWSsystem32DirectX
2009-03-14 13:28:28 —-D—- C:Program FilesDrWeb
2009-03-14 10:56:47 —-D—- C:Documents and SettingsИгорьApplication DataUniblue
2009-03-14 10:40:18 —-D—- C:Program FilesAdStoper
2009-03-14 10:29:25 —-D—- C:Documents and SettingsИгорьApplication DataYandex
2009-03-13 22:46:14 —-D—- C:Program FilesKaspersky Lab
2009-03-13 22:43:16 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2009-03-13 21:54:47 —-SD—- C:WINDOWSTasks
2009-03-13 20:34:21 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-03-13 13:17:46 —-D—- C:Program FilesMozilla Firefox
2009-03-13 12:25:58 —-D—- C:Documents and SettingsИгорьApplication DataOpera
2009-03-11 13:08:44 —-HD—- C:WINDOWS$hf_mig$
2009-03-11 13:08:42 —-D—- C:WINDOWSWinSxS
2009-03-11 13:05:05 —-D—- C:WINDOWSsystem32config
2009-03-11 13:04:55 —-D—- C:WINDOWSsystem32wbem
2009-03-11 13:04:55 —-D—- C:WINDOWSRegistration
2009-03-11 13:04:40 —-D—- C:Program FilesMail.Ru
2009-03-11 13:04:19 —-D—- C:Program FilesBonjour
2009-03-11 13:04:13 —-D—- C:WINDOWSsystem32RTCOM
2009-03-11 13:04:08 —-D—- C:Program FilesRealtek
2009-03-10 19:10:59 —-SD—- C:WINDOWSDownloaded Program Files
2009-02-27 16:54:30 —-D—- C:Program FilesMicrosoft Silverlight======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSSystem32DRIVERSintelppm.sys [2008-04-14 40704]
R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2009-03-13 226832]
R1 Tcpip6;Драйвер протокола IPv6 (Microsoft); C:WINDOWSsystem32DRIVERStcpip6.sys [2008-06-20 225856]
R2 irda;ИК-протокол IrDA; C:WINDOWSSystem32DRIVERSirda.sys [2008-04-13 88192]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS-совместимый транспортный протокол; C:WINDOWSsystem32DRIVERSnwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:WINDOWSsystem32DRIVERSnwlnknb.sys [2001-10-20 63232]
R2 NwlnkSpx;Протокол NWLink SPX/SPXII; C:WINDOWSsystem32DRIVERSnwlnkspx.sys [2001-10-20 55936]
R2 SPIDER;SpIDer Guard File System Monitor; ??C:PROGRA~1DrWebspider.sys []
R3 Cap7134;Cap7134 Capture; C:WINDOWSsystem32DRIVERSCap7134.sys [2008-03-28 407072]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:WINDOWSSystem32DriversGEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-06-28 4304384]
R3 irsir;Драйвер для инфракрасного последовательного порта Microsoft; C:WINDOWSSystem32DRIVERSirsir.sys [2001-08-17 18688]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2008-04-30 24592]
R3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2008-09-17 6132576]
R3 NWRDR;NetWare Rdr; C:WINDOWSsystem32DRIVERSnwrdr.sys [2008-04-13 163584]
R3 PhTVTune;Cap7134 TVTuner; C:WINDOWSsystem32DRIVERSPhTVTune.sys [2008-03-28 57152]
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSSystem32DRIVERSrasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2001-10-20 5888]
R3 tunmp;Драйвер адаптера минипорта Microsoft Tun; C:WINDOWSsystem32DRIVERStunmp.sys [2008-04-13 12288]
R3 USB_RNDIS;D-Link DSL Bridge/Router; C:WINDOWSsystem32DRIVERSusb8023.sys [2008-04-13 12800]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSSystem32DRIVERSusbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSSystem32DRIVERSusbhub.sys [2008-04-13 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSSystem32DRIVERSusbuhci.sys [2008-04-13 20608]
S3 Bridge;MAC-мост; C:WINDOWSsystem32DRIVERSbridge.sys [2008-04-13 71552]
S3 BridgeMP;Минипорт MAC-моста; C:WINDOWSsystem32DRIVERSbridge.sys [2008-04-13 71552]
S3 Cardex;Cardex; ??C:WINDOWSsystem32driversTBPANEL.SYS []
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-13 10880]
S3 nm;Драйвер сетевого монитора; C:WINDOWSsystem32DRIVERSNMnt.sys [2008-04-13 40320]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtenicxp.sys [2007-04-14 94592]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-13 15232]
S3 TBPanel;TBPanel; C:WINDOWSsystem32driversTBPanel.sys [2007-03-16 12256]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-13 32128]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-13 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Служба поддержки IPv6; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R2 AVP;Kaspersky Anti-Virus; C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe [2009-03-13 206088]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-08-29 238888]
R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine); C:Program FilesCommon FilesDoctor WebScanning Enginedwengine.exe [2009-01-21 886072]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSSystem32svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2008-09-17 163908]
R2 NWCWorkstation;Клиент для сетей NetWare; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R2 NwSapAgent;Агент SAP; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DrWebspidernt.exe [2008-12-15 197896]
R2 StarWindService;StarWind iSCSI Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe [2005-04-02 217600]
EOF
Будте добры,проверьте,пожайлуста.Огромное спасибо.Здравствуйте!
Я совершил ошибку,за что дико извиняюсь.По незнанию хотел от одного имени(по разным темам)вылечить два компьютера( с одного адреса).Кроме неразберихи ничего не получилось.За что еще раз извините.Хотелось бы вылечить более слабый по мощности и по здоровью.Посему ранее присланные сообщения прошу считать недействительными.Высылаю логи.Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.comPlatform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.Backups directory opened successfully at C:Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!Completed script processing.
*******************
Finished! Terminate.
Все вместе не удалось.
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
ServiceDriver dwshd not found.
ServiceDriver dwshd not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa\»Notification Packages»|hex(7):73,00,63,00,65,00,63,00,6c,00,69,00,00,00,00,00 /E : value set successfully!
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ad1325cc-2639-11dd-9a53-001966444e39}\ not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ad1325cd-2639-11dd-9a53-001966444e39}\ not found.
========== FILES ==========
File/Folder C:WINDOWSSystem32driversdwshd.sys not found.
File/Folder F:Recycledctfmon.exe not found.
File/Folder E:Recycledctfmon.exe not found.
========== COMMANDS ==========
File delete failed. C:DOCUME~19335~1LOCALS~1Temp~DFA521.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1Temp~DFA536.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1Temp~DFA615.tmp scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1Temp~DFA629.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:WINDOWStempcch~97e0a7e8.htp scheduled to be deleted on reboot.
File delete failed. C:WINDOWStempcch~97e0cabd.htp scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Opera cache emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.9.0 log created on 03262009_232009
Files moved on Reboot…
File C:DOCUME~19335~1LOCALS~1Temp~DFA521.tmp not found!
File C:DOCUME~19335~1LOCALS~1Temp~DFA536.tmp not found!
File C:DOCUME~19335~1LOCALS~1Temp~DFA615.tmp not found!
File C:DOCUME~19335~1LOCALS~1Temp~DFA629.tmp not found!
File move failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be moved on reboot.
File C:WINDOWStempcch~97e0a7e8.htp not found!
File C:WINDOWStempcch~97e0cabd.htp not found!Logfile of random’s system information tool 1.05 (written by random/random)
Run by Администратор at 2009-03-26 23:42:39
Microsoft Windows XP Professional Service Pack 2
System drive C: has 2 GB (23%) free of 10 GB
Total RAM: 247 MB (6% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:43:01, on 26.03.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32TaskSwitch.exe
C:WINDOWSsystem32igfxtray.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesBillP StudiosWinPatrolWinPatrol.exe
C:Program FilesBillP StudiosWinPatrolwinpatrol.exe
C:Program FilesTrend MicroInternet Securitypccguide.exe
C:Program FilesTrend MicroInternet SecurityPCClient.exe
C:Program FilesTrend MicroInternet SecurityTMOAgent.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesTrend MicroInternet SecurityTmntsrv.exe
C:Program FilesTrend MicroInternet Securitytmproxy.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSnotepad.exe
C:Documents and SettingsАдминистраторРабочий столRSIT.exe
C:Program Filestrend microАдминистратор.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yandex.ru/?clid=44290
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=44290
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O4 — HKLM..Run: [CoolSwitch] C:WINDOWSsystem32TaskSwitch.exe
O4 — HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 — HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [WinPatrol] C:Program FilesBillP StudiosWinPatrolWinPatrol.exe
O4 — HKLM..Run: [WinPatrol Russian v.2] C:Program FilesBillP StudiosWinPatrolwinpatrol.exe
O4 — HKLM..Run: [pccguide.exe] «C:Program FilesTrend MicroInternet Securitypccguide.exe»
O4 — HKLM..Run: [PCClient.exe] «C:Program FilesTrend MicroInternet SecurityPCClient.exe»
O4 — HKLM..Run: [TM Outbreak Agent] «C:Program FilesTrend MicroInternet SecurityTMOAgent.exe» /run
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [YandexOnline] «C:Program FilesYandexOnlineonline.exe» -AutoStart
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: Добавить в Анти-Баннер — C:Program FilesKaspersky LabKaspersky Internet Security 2009ie_banner_deny.htm
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll
O23 — Service: Kaspersky Internet Security (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Trend NT Realtime Service (Tmntsrv) — Trend Micro Incorporated. — C:Program FilesTrend MicroInternet SecurityTmntsrv.exe
O23 — Service: Trend Micro Proxy Service (tmproxy) — Trend Micro Incorporated. — C:Program FilesTrend MicroInternet Securitytmproxy.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 5792 bytes======Scheduled tasks folder======
C:WINDOWStasksNorton Security Scan for Администратор.job
C:WINDOWStasksUser_Feed_Synchronization-{E8E45A9D-4200-4086-BE90-3D1BFA392BBC}.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll [2003-05-15 50376][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«CoolSwitch»=C:WINDOWSsystem32TaskSwitch.exe [2005-12-22 45632]
«IgfxTray»=C:WINDOWSsystem32igfxtray.exe [2005-05-19 155648]
«HotKeysCmds»=C:WINDOWSsystem32hkcmd.exe [2005-05-19 118784]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2005-05-19 67584]
«WinPatrol»=C:Program FilesBillP StudiosWinPatrolWinPatrol.exe [2007-08-06 292152]
«WinPatrol Russian v.2″=C:Program FilesBillP StudiosWinPatrolwinpatrol.exe [2007-08-06 292152]
«pccguide.exe»=C:Program FilesTrend MicroInternet Securitypccguide.exe [2009-03-22 966718]
«PCClient.exe»=C:Program FilesTrend MicroInternet SecurityPCClient.exe [2009-03-22 663618]
«TM Outbreak Agent»=C:Program FilesTrend MicroInternet SecurityTMOAgent.exe [2009-03-22 450627]
«AVP»=C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-03-24 206088][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-10-13 1694208]
«YandexOnline»=C:Program FilesYandexOnlineonline.exe -AutoStart [][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll,C:PROGRA~1KASPER~1KASPER~1mzvkbd3.dll,C:PROGRA~1KASPER~1KASPER~1adialhk.dll,C:PROGRA~1KASPER~1KASPER~1kloehk.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:WINDOWSsystem32igfxsrvc.dll [2005-05-19 344064][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2008-11-11 218376][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«InstallVisualStyle»=C:WINDOWSResourcesThemesRoyaleRoyale.msstyles
«InstallTheme»=C:WINDOWSResourcesThemesRoyale.theme[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMessengermsmsgs.exe»=»C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger»
«C:Program FilesKaspersky LabKaspersky AV for Yandex Onlineavp.exe»=»C:Program FilesKaspersky LabKaspersky AV for Yandex Onlineavp.exe:*:Enabled:Kaspersky Anti-Virus»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-03-26 23:20:09 —-D—- C:_OTMoveIt
2009-03-26 22:18:53 —-RASHD—- C:autorun.inf
2009-03-26 22:18:19 —-A—- C:WINDOWSsystem32ptpusb.dll
2009-03-26 22:18:15 —-A—- C:WINDOWSsystem32ptpusd.dll
2009-03-26 21:52:22 —-A—- C:avenger.txt
2009-03-24 10:37:53 —-D—- C:rsit
2009-03-24 10:02:29 —-D—- C:Avenger
2009-03-22 13:49:27 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-03-22 12:52:50 —-D—- C:WINDOWSCache
2009-03-22 12:51:21 —-D—- C:Program FilesMediaRing Dialer
2009-03-22 12:51:21 —-A—- C:WINDOWSsystem32sx5363s.dll
2009-03-22 12:51:21 —-A—- C:WINDOWSsystem32mrupvers.exe
2009-03-22 12:51:21 —-A—- C:WINDOWSsystem32MRSysIn.dll
2009-03-22 12:48:52 —-D—- C:WINDOWSProfiles
2009-03-22 12:48:46 —-D—- C:Documents and SettingsАдминистраторApplication DataInterTrust
2009-03-22 12:41:55 —-A—- C:WINDOWSsystem32nvumctl.exe
2009-03-22 12:41:41 —-A—- C:WINDOWSsystem32nvuide.exe
2009-03-22 12:41:07 —-A—- C:WINDOWSsystem32nvugart.exe
2009-03-22 12:32:27 —-D—- C:WINDOWSDrivers
2009-03-22 12:18:20 —-D—- C:Documents and SettingsАдминистраторApplication DataWinPatrol
2009-03-22 12:18:13 —-D—- C:Program FilesBillP Studios
2009-03-22 12:11:06 —-D—- C:Documents and SettingsAll UsersApplication DataDoctor Web
2009-03-20 21:04:11 —-D—- C:Documents and SettingsAll UsersApplication DataDoctor Web(2)
2009-03-20 16:21:11 —-D—- C:Program Filestrend micro
2009-03-20 12:22:23 —-D—- C:WINDOWSMinidump
2009-03-20 12:07:40 —-D—- C:Program FilesDrWeb
2009-03-20 11:53:51 —-D—- C:WINDOWSSxsCaPendDel
2009-03-20 11:14:15 —-D—- C:Documents and SettingsAll UsersApplication DataMegaVersion
2009-03-20 11:09:32 —-HD—- C:WINDOWSmsdownld.tmp
2009-03-20 09:38:58 —-D—- C:Program FilesKaspersky Lab
2009-03-20 09:33:52 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup Files
2009-03-20 08:39:27 —-RSD—- C:WINDOWSassembly
2009-03-20 08:36:15 —-D—- C:WINDOWSMicrosoft.NET
2009-03-20 07:32:19 —-HDC—- C:WINDOWSie8
2009-03-19 08:53:12 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-03-19 08:52:47 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-03-08 14:23:06 —-N—- C:WINDOWSsystem32msrating.dll.mui
2009-03-08 14:22:48 —-N—- C:WINDOWSsystem32mshta.exe.mui
2009-03-08 14:21:24 —-N—- C:WINDOWSsystem32ie4uinit.exe.mui
2009-03-08 14:21:04 —-N—- C:WINDOWSsystem32iedkcs32.dll.mui
2009-03-06 07:26:50 —-HDC—- C:WINDOWS$NtUninstallKB927779$
2009-03-06 07:26:33 —-HDC—- C:WINDOWS$NtUninstallKB927802$
2009-03-06 07:26:19 —-HDC—- C:WINDOWS$NtUninstallKB924270$
2009-03-06 07:26:02 —-HDC—- C:WINDOWS$NtUninstallKB930916$
2009-03-06 07:25:35 —-HDC—- C:WINDOWS$NtUninstallKB950749$
2009-03-06 07:25:12 —-HDC—- C:WINDOWS$NtUninstallKB908531$
2009-03-06 07:24:50 —-HDC—- C:WINDOWS$NtUninstallKB913580$
2009-03-06 07:24:29 —-HDC—- C:WINDOWS$NtUninstallKB935839$
2009-03-06 07:24:11 —-HDC—- C:WINDOWS$NtUninstallKB943055$
2009-03-06 07:23:56 —-HDC—- C:WINDOWS$NtUninstallKB920683$
2009-03-06 07:23:42 —-HDC—- C:WINDOWS$NtUninstallKB914389$
2009-03-06 07:23:23 —-HDC—- C:WINDOWS$NtUninstallKB944653$
2009-03-06 07:23:01 —-HDC—- C:WINDOWS$NtUninstallKB928843$
2009-03-06 04:18:22 —-D—- C:Program FilesParagon Software
2009-03-06 03:26:30 —-HDC—- C:WINDOWS$NtUninstallKB937894$
2009-03-06 03:25:32 —-HDC—- C:WINDOWS$NtUninstallKB928255$
2009-03-06 03:25:16 —-HDC—- C:WINDOWS$NtUninstallKB933729$
2009-03-06 03:24:59 —-HDC—- C:WINDOWS$NtUninstallKB920685$
2009-03-06 03:24:44 —-HDC—- C:WINDOWS$NtUninstallKB923980$
2009-03-06 03:24:29 —-HDC—- C:WINDOWS$NtUninstallKB911280$
2009-03-06 03:24:15 —-HDC—- C:WINDOWS$NtUninstallKB911562$
2009-03-06 03:23:59 —-HDC—- C:WINDOWS$NtUninstallKB938828$
2009-03-06 03:23:41 —-HDC—- C:WINDOWS$NtUninstallKB924667$
2009-03-06 03:23:19 —-HDC—- C:WINDOWS$NtUninstallKB931261$
2009-03-06 03:23:00 —-HDC—- C:WINDOWS$NtUninstallKB927891$
2009-03-06 03:22:44 —-HDC—- C:WINDOWS$NtUninstallKB936357$
2009-03-06 03:22:27 —-HDC—- C:WINDOWS$NtUninstallKB946026$
2009-03-06 03:22:15 —-HDC—- C:WINDOWS$NtUninstallKB925398_WMP64$
2009-03-06 03:21:44 —-HDC—- C:WINDOWS$NtUninstallKB925902$
2009-03-06 03:21:25 —-HDC—- C:WINDOWS$NtUninstallKB929123$
2009-03-06 03:21:09 —-HDC—- C:WINDOWS$NtUninstallKB920670$
2009-03-06 03:20:46 —-HDC—- C:WINDOWS$NtUninstallKB918439$
2009-03-06 03:20:26 —-HDC—- C:WINDOWS$NtUninstallKB926436$
2009-03-06 03:20:10 —-HDC—- C:WINDOWS$NtUninstallKB920872$
2009-03-06 03:19:48 —-HDC—- C:WINDOWS$NtUninstallKB930178$
2009-03-06 03:19:29 —-HDC—- C:WINDOWS$NtUninstallKB914388$
2009-03-06 03:19:07 —-HDC—- C:WINDOWS$NtUninstallKB932168$
2009-03-06 03:18:48 —-HDC—- C:WINDOWS$NtUninstallKB923191$
2009-03-06 03:18:30 —-HDC—- C:WINDOWS$NtUninstallKB922582$
2009-03-06 03:18:12 —-HDC—- C:WINDOWS$NtUninstallKB918118$
2009-03-06 03:17:56 —-HDC—- C:WINDOWS$NtUninstallKB926255$
2009-03-06 03:17:32 —-HDC—- C:WINDOWS$NtUninstallKB920213$
2009-03-06 03:16:53 —-HDC—- C:WINDOWS$NtUninstallKB935840$
2009-03-06 03:16:14 —-HDC—- C:WINDOWS$NtUninstallKB943485$
2009-03-06 03:14:58 —-HDC—- C:WINDOWS$NtUninstallKB945553$
2009-03-06 03:13:06 —-HDC—- C:WINDOWS$NtUninstallKB916595$
2009-03-06 02:30:47 —-D—- C:WINDOWSie8updates
2009-03-06 02:24:57 —-D—- C:WINDOWSsystem32en-US
2009-03-06 00:31:10 —-D—- C:Program FilesMozilla Firefox
2009-03-06 00:22:45 —-D—- C:Documents and SettingsАдминистраторApplication DataMozilla
2009-03-05 23:20:00 —-D—- C:multitran
2009-03-05 23:14:42 —-D—- C:Documents and SettingsАдминистраторApplication DataHelp
2009-03-05 23:09:50 —-D—- C:Program FilesMuller_dictionary
2009-03-04 16:59:39 —-D—- C:Documents and SettingsAll UsersApplication DataWindows Genuine Advantage
2009-03-04 16:53:37 —-DC—- C:WINDOWS$NtUninstallwmp11$
2009-03-04 16:49:16 —-DC—- C:WINDOWS$NtUninstallWMFDist11$
2009-03-04 16:47:18 —-DC—- C:WINDOWS$NtUninstallWudf01000$
2009-03-04 10:20:48 —-D—- C:Program FilesCommon FilesSymantec Shared(2)
2009-03-04 10:20:33 —-D—- C:Program FilesNorton Security Scan(2)
2009-03-03 23:58:53 —-HDC—- C:WINDOWS$NtUninstallKB954156_WM9L$
2009-03-03 23:58:32 —-HDC—- C:WINDOWS$NtUninstallKB960715$
2009-03-03 23:58:06 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2009-03-03 23:56:46 —-D—- C:WINDOWSie7updates
2009-03-03 21:36:15 —-D—- C:Program FilesFlash Movie Player
2009-03-03 19:21:39 —-D—- C:Program FilesProxomitron
2009-03-03 17:56:33 —-D—- C:WINDOWSsystem32Adobe
2009-03-02 19:22:31 —-D—- C:WINDOWSWBEM
2009-03-02 19:22:30 —-D—- C:WINDOWSsystem32ru-ru
2009-03-02 19:20:39 —-HDC—- C:WINDOWSie7
2009-03-02 19:20:16 —-HDC—- C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-03-02 19:19:53 —-HDC—- C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-03-02 19:19:11 —-HDC—- C:WINDOWS$NtUninstallKB915865$
2009-03-02 19:18:33 —-A—- C:WINDOWSsystem32xmllite.dll======List of files/folders modified in the last 1 months======
2009-03-26 23:40:02 —-D—- C:WINDOWSTemp
2009-03-26 23:37:21 —-D—- C:WINDOWSPrefetch
2009-03-26 23:23:26 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-26 22:18:24 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-26 22:18:20 —-D—- C:WINDOWSsystem32
2009-03-26 22:18:15 —-D—- C:WINDOWSsystem32drivers
2009-03-26 22:18:01 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-24 10:21:26 —-RD—- C:Program Files
2009-03-22 14:00:57 —-D—- C:WINDOWS
2009-03-22 13:52:04 —-SHD—- C:WINDOWSInstaller
2009-03-22 13:51:15 —-HD—- C:WINDOWSinf
2009-03-22 13:19:33 —-D—- C:Program FilesOpera
2009-03-22 12:55:39 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-03-22 12:55:22 —-D—- C:Program FilesAdobe
2009-03-22 12:48:47 —-D—- C:Documents and SettingsАдминистраторApplication DataAdobe
2009-03-22 12:48:46 —-D—- C:Program FilesCommon FilesAdobe
2009-03-22 12:45:00 —-D—- C:Новая папка
2009-03-22 12:37:16 —-D—- C:Program FilesCommon Files
2009-03-22 12:12:00 —-D—- C:WINDOWSsystem32config
2009-03-22 12:11:38 —-D—- C:WINDOWSsystem32wbem
2009-03-22 12:11:36 —-D—- C:WINDOWSRegistration
2009-03-22 11:59:43 —-D—- C:WINDOWSsystem32Macromed
2009-03-20 23:19:58 —-D—- C:Program FilesInternet Explorer
2009-03-20 21:15:05 —-SD—- C:WINDOWSTasks
2009-03-20 11:54:53 —-D—- C:Program FilesOpera 10 Preview
2009-03-20 11:53:51 —-D—- C:WINDOWSWinSxS
2009-03-20 11:40:42 —-D—- C:Program FilesYandex
2009-03-20 11:28:39 —-D—- C:WINDOWSsystem32CatRoot
2009-03-20 11:12:05 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-03-20 11:11:37 —-D—- C:WINDOWSsystem32mui
2009-03-20 11:11:27 —-D—- C:WINDOWSpchealth
2009-03-20 09:02:06 —-SD—- C:Documents and SettingsАдминистраторApplication DataMicrosoft
2009-03-20 08:46:27 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-03-20 07:39:52 —-D—- C:WINDOWSMedia
2009-03-20 07:39:52 —-D—- C:WINDOWSHelp
2009-03-20 07:38:30 —-A—- C:WINDOWSimsins.BAK
2009-03-20 07:37:53 —-HD—- C:WINDOWS$hf_mig$
2009-03-08 14:23:22 —-A—- C:WINDOWSsystem32ieframe.dll.mui
2009-03-08 14:21:22 —-A—- C:WINDOWSsystem32advpack.dll.mui
2009-03-08 14:09:26 —-A—- C:WINDOWSsystem32iedkcs32.dll
2009-03-08 04:41:16 —-A—- C:WINDOWSsystem32mshtml.dll
2009-03-08 04:39:48 —-A—- C:WINDOWSsystem32ieframe.dll
2009-03-08 04:34:58 —-A—- C:WINDOWSsystem32wininet.dll
2009-03-08 04:34:56 —-A—- C:WINDOWSsystem32urlmon.dll
2009-03-08 04:34:48 —-A—- C:WINDOWSsystem32WinFXDocObj.exe
2009-03-08 04:34:48 —-A—- C:WINDOWSsystem32webcheck.dll
2009-03-08 04:34:30 —-A—- C:WINDOWSsystem32licmgr10.dll
2009-03-08 04:34:28 —-A—- C:WINDOWSsystem32url.dll
2009-03-08 04:34:18 —-A—- C:WINDOWSsystem32occache.dll
2009-03-08 04:34:18 —-A—- C:WINDOWSsystem32msrating.dll
2009-03-08 04:33:40 —-A—- C:WINDOWSsystem32corpol.dll
2009-03-08 04:33:26 —-A—- C:WINDOWSsystem32jsproxy.dll
2009-03-08 04:33:16 —-A—- C:WINDOWSsystem32jscript.dll
2009-03-08 04:33:08 —-A—- C:WINDOWSsystem32ieaksie.dll
2009-03-08 04:33:06 —-A—- C:WINDOWSsystem32vbscript.dll
2009-03-08 04:33:02 —-A—- C:WINDOWSsystem32ieakeng.dll
2009-03-08 04:32:56 —-A—- C:WINDOWSsystem32admparse.dll
2009-03-08 04:32:54 —-A—- C:WINDOWSsystem32ie4uinit.exe
2009-03-08 04:32:52 —-A—- C:WINDOWSsystem32ieudinit.exe
2009-03-08 04:32:52 —-A—- C:WINDOWSsystem32ieakui.dll
2009-03-08 04:32:50 —-A—- C:WINDOWSsystem32iesetup.dll
2009-03-08 04:32:50 —-A—- C:WINDOWSsystem32iernonce.dll
2009-03-08 04:32:48 —-A—- C:WINDOWSsystem32advpack.dll
2009-03-08 04:32:46 —-A—- C:WINDOWSsystem32inseng.dll
2009-03-08 04:32:26 —-A—- C:WINDOWSsystem32msfeeds.dll
2009-03-08 04:32:22 —-A—- C:WINDOWSsystem32iertutil.dll
2009-03-08 04:32:04 —-A—- C:WINDOWSsystem32mstime.dll
2009-03-08 04:31:56 —-A—- C:WINDOWSsystem32iepeers.dll
2009-03-08 04:31:54 —-A—- C:WINDOWSsystem32msfeedssync.exe
2009-03-08 04:31:52 —-A—- C:WINDOWSsystem32msfeedsbs.dll
2009-03-08 04:31:52 —-A—- C:WINDOWSsystem32icardie.dll
2009-03-08 04:31:44 —-A—- C:WINDOWSsystem32dxtmsft.dll
2009-03-08 04:31:38 —-A—- C:WINDOWSsystem32imgutil.dll
2009-03-08 04:31:38 —-A—- C:WINDOWSsystem32dxtrans.dll
2009-03-08 04:31:36 —-A—- C:WINDOWSsystem32pngfilt.dll
2009-03-08 04:31:26 —-A—- C:WINDOWSsystem32mshtmled.dll
2009-03-08 04:31:18 —-A—- C:WINDOWSsystem32mshtmler.dll
2009-03-08 04:31:02 —-A—- C:WINDOWSsystem32mshta.exe
2009-03-08 04:22:46 —-A—- C:WINDOWSsystem32ieui.dll
2009-03-08 04:22:38 —-A—- C:WINDOWSsystem32msls31.dll
2009-03-08 04:11:12 —-A—- C:WINDOWSsystem32ieapfltr.dll
2009-03-06 04:19:06 —-RSD—- C:WINDOWSFonts
2009-03-06 03:28:58 —-D—- C:WINDOWSmsagent
2009-03-06 03:21:31 —-D—- C:Program FilesOutlook Express
2009-03-06 03:21:31 —-D—- C:Program FilesCommon FilesSystem
2009-03-05 22:46:23 —-D—- C:Documents and Settings
2009-03-05 00:53:34 —-D—- C:WINDOWSDebug
2009-03-04 17:11:51 —-D—- C:WINDOWSsystem32CatRoot_bak
2009-03-04 17:09:29 —-D—- C:Program FilesWindows Media Player
2009-03-04 17:09:21 —-D—- C:Program FilesWindows Media Connect 2
2009-03-04 17:08:23 —-D—- C:WINDOWSsystem32Restore
2009-03-04 17:05:07 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2009-03-24 226832]
R1 tmtdi;Trend Micro TDI Driver; C:WINDOWSSystem32Driverstmtdi.sys [2003-09-22 14976]
R2 tm_cfw;Common Firewall Driver; C:WINDOWSSystem32Driverstm_cfw.sys [2009-03-22 771712]
R2 Tmfilter;Tmfilter; C:WINDOWSsystem32driversTmXPFlt.sys [2009-03-22 205328]
R2 Tmpreflt;Tmpreflt; C:WINDOWSsystem32driversTmpreflt.sys [2009-03-22 36368]
R2 Vsapint;Vsapint; C:WINDOWSsystem32driversVsapint.sys [2009-03-22 1195384]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:WINDOWSsystem32driversALCXSENS.SYS [2005-05-19 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2005-05-19 626204]
R3 E100B;Intel(R) PRO Adapter Driver; C:WINDOWSsystem32DRIVERSe100b325.sys [2005-05-19 154112]
R3 ialm;ialm; C:WINDOWSsystem32DRIVERSialmnt5.sys [2005-05-19 730653]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:WINDOWSsystem32DRIVERSklfltdev.sys [2008-03-13 26640]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2006-02-17 27264]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AVP;Kaspersky Internet Security; C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-03-24 206088]
R2 Tmntsrv;Trend NT Realtime Service; C:Program FilesTrend MicroInternet SecurityTmntsrv.exe [2009-03-22 262214]
R2 tmproxy;Trend Micro Proxy Service; C:Program FilesTrend MicroInternet Securitytmproxy.exe [2009-03-22 204870]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 UMWdf;Компонент драйверов пользовательского режима Windows; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
S3 WMConnectCDS;Служба Windows Media Connect; C:Program FilesWindows Media Connect 2Wmccds.exe [2006-02-01 855552]
EOF
=Здравствуйте!
Я совершил ошибку,за что дико извиняюсь.По незнанию хотел от одного имени(по разным темам)вылечить два компьютера( с одного адреса).Кроме неразберихи ничего не получилось.За что еще раз извините.Хотелось бы вылечить более слабый по мощности и по здоровью.Посему ранее присланные сообщения прошу считать недействительными.Высылаю логи.С этим лучше не спешить, вылечили один, создали новую тему, вылечили другой 🙂
RSIT лог выглядит нормально.
Как работает это компьютер ?Здравствуйте!
Не могу понять.Временами комп.работает хорошо,но в основном-тормозит.Не открывает стр.,а если (не дай Бог)кликнуть несколько раз-подумает и потом откроет их все одна на другую.Друзья посоветовали увеличить память(она действ.мала 256 МВ.).Попробую,поможет или нет,я Вам отпишу.Этот комп.мне не так обязателен,но я новичок в этом деле и мне стало интересно-почему так?С благодарностью Lev4uk-59.Увеличить память — дело хорошее.
Судя по заголовку RSITMicrosoft Windows XP Professional Service Pack 2
System drive C: has 2 GB (23%) free of 10 GB
Total RAM: 247 MB (6% free)Памяти действительно маловато.
Кроме этого, судя по логу у вас установлены два антивируса. Один НЕОБХОДИМО удалить.
- Для ответа в этой теме необходимо авторизоваться.
