- This topic has 2 ответа, 2 участника, and was last updated 15 years, 6 months назад by
.
-
Сообщения
-
Примерно раз в 3 часа выскакивает реклама. (не в браузере)
Microsoft security essentials ничего не нашел.
info нельзя добавить в этот пост, т.к. превышен лимит знаков. файл info в следующем посте.Logfile of random’s system information tool 1.06 (written by random/random)
Run by Ase4ka at 2010-03-10 02:38:46
Microsoft Windows 7 Профессиональная Service Pack 3
System drive C: has 30 GB (60%) free of 51 GB
Total RAM: 3839 MB (61% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:38:48, on 10.03.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: NormalRunning processes:
C:Program Files (x86)RocketDockRocketDock.exe
C:Program Files (x86)Javajre6binjusched.exe
C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
C:Program FilesWIDCOMMBluetooth SoftwareBluetoothHeadsetProxy.exe
C:Program Files (x86)WebMoney Agentwmagent.exe
C:Program Files (x86)QIP Infiuminfium.exe
C:Program Files (x86)MAdModuleMAdService.exe
C:Program Files (x86)OSCAR EditorOscarEditor.exe
C:Program Files (x86)OSCAR EditorOscarDataToolsMyShowMessage.exe
G:la2 (офф)LineageII_PTSLineageII.exe
C:Program Files (x86)Operaopera.exe
C:UsersAse4kaDesktopRSIT.exe
C:Program Files (x86)trend microAse4ka.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = start.qip.ru
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: QIPBHO Class — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:UsersAse4kaAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll
R3 — URLSearchHook: (no name) — — (no file)
F2 — REG:system.ini: UserInit=userinit.exe
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~2DOWNLO~1dmiehlp.dll
O2 — BHO: QIPBHO — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:UsersAse4kaAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program Files (x86)Javajre6binjp2ssv.dll
O4 — HKLM..Run: [StartCCC] «C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe» MSRun
O4 — HKLM..Run: [ATKOSD2] C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
O4 — HKLM..Run: [ATKMEDIA] C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
O4 — HKLM..Run: [HControlUser] C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
O4 — HKLM..Run: [amd_dc_opt] C:Program Files (x86)AMDDual-Core Optimizeramd_dc_opt.exe
O4 — HKCU..Run: [uTorrent] «C:Program Files (x86)uTorrentuTorrent.exe»
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [RocketDock] «C:Program Files (x86)RocketDockRocketDock.exe»
O4 — HKCU..Run: [OscarEditor] «C:Program Files (x86)OSCAR EditorOscarEditor.exe» Minimum
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User ‘NETWORK SERVICE’)
O4 — Global Startup: BTTray.lnk = ?
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program Files (x86)Download Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program Files (x86)Download Masterdmie.htm
O8 — Extra context menu item: Передать на удаленную закачку DM — C:Program Files (x86)Download Masterremdown.htm
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program Files (x86)Download Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program Files (x86)Download Masterdmaster.exe
O13 — Gopher Prefix:
O16 — DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) — http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL
O22 — SharedTaskScheduler: Windows DreamScene — {E31004D1-A431-41B8-826F-E902F9D95C81} — (no file)
O23 — Service: @%SystemRoot%system32Alg.exe,-112 (ALG) — Unknown owner — C:WindowsSystem32alg.exe (file missing)
O23 — Service: AMD External Events Utility — Unknown owner — C:Windowssystem32atiesrxx.exe (file missing)
O23 — Service: ASLDR Service (ASLDRService) — ASUS — C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe
O23 — Service: ATKGFNEX Service (ATKGFNEXSrv) — ASUS — C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
O23 — Service: Bluetooth Service (btwdins) — Broadcom Corporation. — C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe
O23 — Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) — Unknown owner — C:WindowsSystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32fxsresm.dll,-118 (Fax) — Unknown owner — C:Windowssystem32fxssvc.exe (file missing)
O23 — Service: FLEXnet Licensing Service — Acresso Software Inc. — C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: FLEXnet Licensing Service 64 — Acresso Software Inc. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService64.exe
O23 — Service: @keyiso.dll,-100 (KeyIso) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @comres.dll,-2797 (MSDTC) — Unknown owner — C:WindowsSystem32msdtc.exe (file missing)
O23 — Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) — Unknown owner — C:Windowssystem32locator.exe (file missing)
O23 — Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) — Unknown owner — C:WindowsSystem32snmptrap.exe (file missing)
O23 — Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) — Unknown owner — C:WindowsSystem32spoolsv.exe (file missing)
O23 — Service: Защита программного обеспечения (sppsvc) — Unknown owner — C:Windowssystem32sppsvc.exe (file missing)
O23 — Service: StarWind AE Service (StarWindServiceAE) — StarWind Software — C:Program Files (x86)Alcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
O23 — Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) — Unknown owner — C:Windowssystem32UI0Detect.exe (file missing)
O23 — Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%SystemRoot%system32vds.exe,-100 (vds) — Unknown owner — C:WindowsSystem32vds.exe (file missing)
O23 — Service: @%systemroot%system32vssvc.exe,-102 (VSS) — Unknown owner — C:Windowssystem32vssvc.exe (file missing)
O23 — Service: @%SystemRoot%system32WatWatUX.exe,-601 (WatAdminSvc) — Unknown owner — C:Windowssystem32WatWatAdminSvc.exe (file missing)
O23 — Service: @%systemroot%system32wbengine.exe,-104 (wbengine) — Unknown owner — C:Windowssystem32wbengine.exe (file missing)
O23 — Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) — Unknown owner — C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 — Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) — Unknown owner — C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)—
End of file — 9054 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~2DOWNLO~1dmiehlp.dll [2009-04-16 158208][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class — C:UsersAse4kaAppDataRoamingMicrosoftInternet Explorerqipsearchbar.dll [2009-07-14 150768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program Files (x86)Javajre6binjp2ssv.dll [2010-02-10 41760][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«StartCCC»=C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe [2009-08-13 98304]
«ATKOSD2″=C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe [2010-01-13 7109248]
«ATKMEDIA»=C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe [2010-01-05 170624]
«HControlUser»=C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe [2009-06-19 105016]
«amd_dc_opt»=C:Program Files (x86)AMDDual-Core Optimizeramd_dc_opt.exe [2008-07-22 77824][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«uTorrent»=C:Program Files (x86)uTorrentuTorrent.exe [2010-03-04 318256]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2009-07-14 1475072]
«RocketDock»=C:Program Files (x86)RocketDockRocketDock.exe [2007-09-02 495616]
«OscarEditor»=C:Program Files (x86)OSCAR EditorOscarEditor.exe [2008-07-30 2865152]C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
BTTray.lnk — C:Program Files (x86)WIDCOMMBluetooth SoftwareBTTray.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionexplorerSharedTaskScheduler]
Windows DreamScene — {E31004D1-A431-41B8-826F-E902F9D95C81}[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
«SecurityProviders»=credssp.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalAppInfo]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalEFS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalKeyIso]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMsMpSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalNTDS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPower]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalProfSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalRpcEptMapper]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalsacsvr]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSWPRV]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalTabletInputService]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalTBS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalTrustedInstaller]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvmms]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvolmgr.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvolmgrx.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinDefend]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWudfPf]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWudfRd]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWudfSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkAppInfo]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkBFE]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkbowser]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkdfsc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkDot3Svc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkEaphost]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkEFS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkIKEEXT]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkKeyIso]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMPSDrv]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMPSSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkmrxsmb]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkmrxsmb10]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkmrxsmb20]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMsMpSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNativeWifiP]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkndiscap]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknetprofm]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNlaSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNsi]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknsiproxy.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkNTDS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPolicyAgent]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPower]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkProfSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdbss]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkrdpencdd.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkRpcEptMapper]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworksacsvr]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkSCardSvr]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkSWPRV]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTabletInputService]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTBS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkTrustedInstaller]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkVaultSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkVDS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvmms]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvolmgr.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkvolmgrx.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinDefend]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWlansvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfPf]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfRd]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfSvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWudfUsbccidDriver]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«ConsentPromptBehaviorAdmin»=0
«ConsentPromptBehaviorUser»=3
«EnableLUA»=0
«EnableUIADesktopToggle»=0
«PromptOnSecureDesktop»=0
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoActiveDesktop»=
«NoActiveDesktopChanges»=
«ForceActiveDesktopOn»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
======File associations======
.js — edit — C:WindowsSystem32Notepad.exe %1
.js — open — C:WindowsSystem32WScript.exe «%1» %*======List of files/folders created in the last 1 months======
2010-03-10 02:22:50 —-D—- C:rsit
2010-03-10 02:22:50 —-D—- C:Program Files (x86)trend micro
2010-03-10 02:14:53 —-D—- C:UsersAse4kaAppDataRoamingGrisoft
2010-03-10 02:14:45 —-D—- C:ProgramDataGrisoft
2010-03-10 02:10:37 —-A—- C:Windowssystem32XceedCry.dll
2010-03-10 02:10:37 —-A—- C:Windowssystem32XceedBkp.dll
2010-03-10 02:10:37 —-A—- C:Windowssystem32msstdfmt.dll
2010-03-10 02:10:36 —-A—- C:Windowssystem32VB6STKIT.DLL
2010-03-09 15:32:53 —-D—- C:OscarData
2010-03-09 15:32:27 —-D—- C:Program Files (x86)OSCAR Editor
2010-03-09 15:30:30 —-D—- C:Oscar
2010-03-08 01:26:23 —-D—- C:ProgramDataNOS
2010-03-08 01:26:23 —-D—- C:Program Files (x86)NOS
2010-03-07 15:48:46 —-D—- C:Program Files (x86)Yamicsoft
2010-03-07 05:47:18 —-A—- C:Windowssystem32XAudio2_6.dll
2010-03-07 05:47:18 —-A—- C:Windowssystem32XAPOFX1_4.dll
2010-03-07 05:47:18 —-A—- C:Windowssystem32xactengine3_6.dll
2010-03-07 05:47:17 —-A—- C:Windowssystem32XAudio2_5.dll
2010-03-07 05:47:17 —-A—- C:Windowssystem32X3DAudio1_7.dll
2010-03-07 05:47:16 —-A—- C:Windowssystem32xactengine3_5.dll
2010-03-07 05:47:15 —-A—- C:Windowssystem32D3DCompiler_42.dll
2010-03-07 05:47:14 —-A—- C:Windowssystem32d3dx11_42.dll
2010-03-07 05:47:14 —-A—- C:Windowssystem32d3dcsx_42.dll
2010-03-07 05:47:13 —-A—- C:Windowssystem32D3DX9_42.dll
2010-03-07 05:47:13 —-A—- C:Windowssystem32d3dx10_42.dll
2010-03-07 05:47:11 —-A—- C:Windowssystem32D3DX9_41.dll
2010-03-07 05:47:11 —-A—- C:Windowssystem32d3dx10_41.dll
2010-03-07 05:47:11 —-A—- C:Windowssystem32D3DCompiler_41.dll
2010-03-07 05:47:09 —-A—- C:Windowssystem32XAudio2_4.dll
2010-03-07 05:47:09 —-A—- C:Windowssystem32XAPOFX1_3.dll
2010-03-07 05:47:09 —-A—- C:Windowssystem32xactengine3_4.dll
2010-03-07 05:47:08 —-A—- C:Windowssystem32X3DAudio1_6.dll
2010-03-07 05:47:08 —-A—- C:Windowssystem32d3dx10_40.dll
2010-03-07 05:47:08 —-A—- C:Windowssystem32D3DCompiler_40.dll
2010-03-07 05:47:07 —-A—- C:Windowssystem32D3DX9_40.dll
2010-03-07 05:47:06 —-A—- C:Windowssystem32XAudio2_3.dll
2010-03-07 05:47:06 —-A—- C:Windowssystem32XAPOFX1_2.dll
2010-03-07 05:47:05 —-A—- C:Windowssystem32xactengine3_3.dll
2010-03-07 05:47:05 —-A—- C:Windowssystem32X3DAudio1_5.dll
2010-03-07 05:47:04 —-A—- C:Windowssystem32XAudio2_2.dll
2010-03-07 05:47:04 —-A—- C:Windowssystem32XAPOFX1_1.dll
2010-03-07 05:47:04 —-A—- C:Windowssystem32xactengine3_2.dll
2010-03-07 05:47:03 —-A—- C:Windowssystem32D3DX9_39.dll
2010-03-07 05:47:03 —-A—- C:Windowssystem32d3dx10_39.dll
2010-03-07 05:47:03 —-A—- C:Windowssystem32D3DCompiler_39.dll
2010-03-07 05:47:02 —-A—- C:Windowssystem32XAudio2_1.dll
2010-03-07 05:47:02 —-A—- C:Windowssystem32XAPOFX1_0.dll
2010-03-07 05:47:01 —-A—- C:Windowssystem32xactengine3_1.dll
2010-03-07 05:47:00 —-A—- C:Windowssystem32X3DAudio1_4.dll
2010-03-07 05:46:59 —-A—- C:Windowssystem32d3dx10_38.dll
2010-03-07 05:46:59 —-A—- C:Windowssystem32D3DCompiler_38.dll
2010-03-07 05:46:58 —-A—- C:Windowssystem32D3DX9_38.dll
2010-03-07 05:46:57 —-A—- C:Windowssystem32XAudio2_0.dll
2010-03-07 05:46:57 —-A—- C:Windowssystem32xactengine3_0.dll
2010-03-07 05:46:57 —-A—- C:Windowssystem32X3DAudio1_3.dll
2010-03-07 05:46:56 —-A—- C:Windowssystem32d3dx10_37.dll
2010-03-07 05:46:56 —-A—- C:Windowssystem32D3DCompiler_37.dll
2010-03-07 05:46:55 —-A—- C:Windowssystem32xactengine2_10.dll
2010-03-07 05:46:55 —-A—- C:Windowssystem32D3DX9_37.dll
2010-03-07 05:46:53 —-A—- C:Windowssystem32d3dx9_36.dll
2010-03-07 05:46:53 —-A—- C:Windowssystem32d3dx10_36.dll
2010-03-07 05:46:53 —-A—- C:Windowssystem32D3DCompiler_36.dll
2010-03-07 05:46:52 —-A—- C:Windowssystem32xactengine2_9.dll
2010-03-07 05:46:51 —-A—- C:Windowssystem32d3dx10_35.dll
2010-03-07 05:46:51 —-A—- C:Windowssystem32D3DCompiler_35.dll
2010-03-07 05:46:50 —-A—- C:Windowssystem32d3dx9_35.dll
2010-03-07 05:46:49 —-A—- C:Windowssystem32xactengine2_8.dll
2010-03-07 05:46:49 —-A—- C:Windowssystem32X3DAudio1_2.dll
2010-03-07 05:46:49 —-A—- C:Windowssystem32d3dx10_34.dll
2010-03-07 05:46:49 —-A—- C:Windowssystem32D3DCompiler_34.dll
2010-03-07 05:46:48 —-A—- C:Windowssystem32d3dx9_34.dll
2010-03-07 05:46:47 —-A—- C:Windowssystem32xinput1_3.dll
2010-03-07 05:46:47 —-A—- C:Windowssystem32xactengine2_7.dll
2010-03-07 05:46:46 —-A—- C:Windowssystem32d3dx9_33.dll
2010-03-07 05:46:46 —-A—- C:Windowssystem32d3dx10_33.dll
2010-03-07 05:46:46 —-A—- C:Windowssystem32D3DCompiler_33.dll
2010-03-07 05:46:45 —-A—- C:Windowssystem32xactengine2_6.dll
2010-03-07 05:46:44 —-A—- C:Windowssystem32xactengine2_5.dll
2010-03-07 05:46:44 —-A—- C:Windowssystem32d3dx10.dll
2010-03-07 05:46:43 —-A—- C:Windowssystem32d3dx9_32.dll
2010-03-07 05:46:42 —-A—- C:Windowssystem32xactengine2_4.dll
2010-03-07 05:46:42 —-A—- C:Windowssystem32x3daudio1_1.dll
2010-03-07 05:46:42 —-A—- C:Windowssystem32d3dx9_31.dll
2010-03-07 05:46:41 —-A—- C:Windowssystem32xinput1_2.dll
2010-03-07 05:46:41 —-A—- C:Windowssystem32xactengine2_3.dll
2010-03-07 05:46:40 —-A—- C:Windowssystem32xinput1_1.dll
2010-03-07 05:46:40 —-A—- C:Windowssystem32xactengine2_2.dll
2010-03-07 05:46:39 —-A—- C:Windowssystem32xactengine2_1.dll
2010-03-07 05:46:33 —-A—- C:Windowssystem32d3dx9_30.dll
2010-03-07 05:46:32 —-A—- C:Windowssystem32xactengine2_0.dll
2010-03-07 05:46:32 —-A—- C:Windowssystem32x3daudio1_0.dll
2010-03-07 05:46:31 —-A—- C:Windowssystem32d3dx9_29.dll
2010-03-07 05:46:30 —-A—- C:Windowssystem32d3dx9_28.dll
2010-03-07 05:46:30 —-A—- C:Windowssystem32d3dx9_27.dll
2010-03-07 05:46:29 —-A—- C:Windowssystem32d3dx9_26.dll
2010-03-07 05:46:28 —-A—- C:Windowssystem32d3dx9_25.dll
2010-03-07 05:46:28 —-A—- C:Windowssystem32d3dx9_24.dll
2010-03-07 05:44:30 —-D—- C:Program Files (x86)MAdModule
2010-03-06 23:11:48 —-D—- C:UsersAse4kaAppDataRoamingteamspeak2
2010-03-06 23:11:32 —-D—- C:Program Files (x86)Teamspeak2_RC2
2010-03-05 18:13:06 —-D—- C:webmany
2010-03-05 18:04:46 —-D—- C:UsersAse4kaAppDataRoamingWebMoney
2010-03-05 18:01:25 —-D—- C:Program Files (x86)WebMoney Agent
2010-03-05 18:01:22 —-AD—- C:ProgramDataTEMP
2010-03-05 18:00:51 —-D—- C:Program Files (x86)WebMoney
2010-03-01 22:10:22 —-D—- C:UsersAse4kaAppDataRoamingVentrilo
2010-03-01 22:08:54 —-A—- C:Windows{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
2010-03-01 22:08:31 —-D—- C:Program Files (x86)Common FilesWise Installation Wizard
2010-02-27 14:58:14 —-D—- C:Program Files (x86)ExcelExplorer
2010-02-27 02:35:35 —-A—- C:Windowssystem32CPFilters.dll
2010-02-27 02:35:33 —-A—- C:Windowssystem32psisdecd.dll
2010-02-27 02:35:20 —-A—- C:Windowssystem32wow32.dll
2010-02-27 02:35:20 —-A—- C:Windowssystem32user.exe
2010-02-27 02:35:20 —-A—- C:Windowssystem32setup16.exe
2010-02-27 02:35:20 —-A—- C:Windowssystem32ntvdm64.dll
2010-02-27 02:35:20 —-A—- C:Windowssystem32instnm.exe
2010-02-27 01:54:49 —-D—- C:UsersAse4kaAppDataRoamingPeerNetworking
2010-02-26 23:25:49 —-D—- C:UsersAse4kaAppDataRoamingWinAVI
2010-02-26 06:02:01 —-D—- C:Windowssystem32Wat
2010-02-26 05:50:50 —-A—- C:Windowssystem32tzres.dll
2010-02-26 05:50:45 —-A—- C:Windowssystem32jscript.dll
2010-02-26 03:34:58 —-A—- C:Windowssystem32AsIO.dll
2010-02-26 03:34:18 —-A—- C:WindowsLanguage_trs.ini
2010-02-26 01:11:47 —-D—- C:UsersAse4kaAppDataRoamingVocabilis
2010-02-25 09:00:55 —-A—- C:Windowssystem32WgaTray.exe
2010-02-25 09:00:55 —-A—- C:Windowssystem32WgaLogon.dll
2010-02-25 09:00:55 —-A—- C:Windowssystem32LegitCheckControl.dll
2010-02-24 23:19:02 —-D—- C:Program Files (x86)nnCron
2010-02-20 17:21:04 —-D—- C:FPC
2010-02-20 02:39:48 —-D—- C:Program Files (x86)EclipseCrossword
2010-02-20 00:18:04 —-D—- C:Program Files (x86)djvureader
2010-02-19 21:21:43 —-D—- C:UsersAse4kaAppDataRoamingMedia Player Classic
2010-02-18 20:12:16 —-A—- C:Windowssystem32rmoc3260.dll
2010-02-18 20:12:16 —-A—- C:Windowssystem32pndx5032.dll
2010-02-18 20:12:16 —-A—- C:Windowssystem32pndx5016.dll
2010-02-18 20:12:16 —-A—- C:Windowssystem32pncrt.dll
2010-02-18 20:12:11 —-A—- C:Windowssystem32unrar.dll
2010-02-18 20:12:10 —-A—- C:Windowsavisplitter.ini
2010-02-18 20:12:03 —-A—- C:Windowssystem32yv12vfw.dll
2010-02-18 20:12:03 —-A—- C:Windowssystem32xvidvfw.dll
2010-02-18 20:12:03 —-A—- C:Windowssystem32xvidcore.dll
2010-02-18 20:12:02 —-A—- C:Windowssystem32qt-dx331.dll
2010-02-18 20:12:02 —-A—- C:Windowssystem32dpl100.dll
2010-02-18 20:12:01 —-A—- C:Windowssystem32divx.dll
2010-02-18 20:11:58 —-A—- C:Windowssystem32ff_vfw.dll.manifest
2010-02-18 20:11:58 —-A—- C:Windowssystem32ff_vfw.dll
2010-02-18 20:11:56 —-A—- C:Windowssystem32msvcr71.dll
2010-02-18 20:11:56 —-A—- C:Windowssystem32msvcp71.dll
2010-02-18 20:11:46 —-D—- C:Program Files (x86)K-Lite Codec Pack
2010-02-18 20:03:27 —-D—- C:UsersAse4kaAppDataRoamingvlc
2010-02-18 20:02:43 —-D—- C:Program Files (x86)VideoLAN
2010-02-16 12:29:29 —-D—- C:ProgramDataFLEXnet
2010-02-16 12:18:28 —-D—- C:Windowssystem32spool
2010-02-16 12:17:36 —-D—- C:Program Files (x86)Adobe Media Player
2010-02-16 12:14:55 —-D—- C:Program Files (x86)Common FilesAdobe AIR
2010-02-16 12:12:20 —-D—- C:ProgramDataAdobe
2010-02-16 12:11:59 —-D—- C:Program Files (x86)Adobe
2010-02-16 12:11:25 —-D—- C:Program Files (x86)Common FilesMacrovision Shared
2010-02-16 12:03:57 —-D—- C:Program Files (x86)Common FilesAdobe
2010-02-16 11:52:46 —-D—- C:Program Files (x86)Alcohol Soft
2010-02-15 16:50:26 —-D—- C:UsersAse4kaAppDataRoamingFoxit
2010-02-15 16:50:26 —-D—- C:Program Files (x86)Foxit Software
2010-02-14 07:26:55 —-D—- C:Program Files (x86)AMD
2010-02-14 02:18:47 —-D—- C:Program Files (x86)QIP Infium
2010-02-13 23:45:01 —-D—- C:Program Files (x86)Common FilesWindows Live
2010-02-13 23:44:21 —-D—- C:Program Files (x86)Microsoft Silverlight
2010-02-13 22:40:44 —-D—- C:Program Files (x86)RadarSync
2010-02-13 22:31:54 —-D—- C:Windowssystem32es-MX
2010-02-13 22:31:54 —-D—- C:Windowssystem32es-AR
2010-02-13 21:57:06 —-D—- C:Program Files (x86)Common FilesInstallShield
2010-02-13 21:15:17 —-A—- C:Windowssystem32SynTPCOM.dll
2010-02-13 21:15:16 —-A—- C:Windowssystem32SynCtrl.dll
2010-02-13 21:15:16 —-A—- C:Windowssystem32SynCOM.dll
2010-02-13 21:13:42 —-D—- C:Program Files (x86)RegCleaner
2010-02-13 20:19:30 —-D—- C:UsersAse4kaAppDataRoamingSynaptics
2010-02-13 19:23:23 —-D—- C:Program Files (x86)Driver Magician
2010-02-13 18:54:53 —-A—- C:WindowsMyDrivers.ini
2010-02-13 18:50:42 —-D—- C:Program Files (x86)My Drivers
2010-02-13 18:19:49 —-D—- C:Program Files (x86)DriverExtractor 2.1
2010-02-13 17:43:50 —-D—- C:Program Files (x86)Microsoft Antimalware
2010-02-12 18:13:28 —-D—- C:Program Files (x86)everest
2010-02-11 03:59:33 —-D—- C:Program Files (x86)power off
2010-02-11 01:43:41 —-D—- C:UsersAse4kaAppDataRoamingskypePM
2010-02-11 01:33:44 —-D—- C:UsersAse4kaAppDataRoamingSkype
2010-02-11 01:33:35 —-D—- C:Program Files (x86)Common FilesSkype
2010-02-11 01:33:33 —-RD—- C:Program Files (x86)Skype
2010-02-11 01:33:30 —-D—- C:ProgramDataSkype======List of files/folders modified in the last 1 months======
2010-03-10 02:35:00 —-D—- C:WindowsTemp
2010-03-10 02:22:50 —-RD—- C:Program Files (x86)
2010-03-10 02:20:57 —-SHD—- C:System Volume Information
2010-03-10 02:14:45 —-HD—- C:ProgramData
2010-03-10 02:13:06 —-D—- C:WindowsSysWOW64
2010-03-10 00:38:13 —-D—- C:UsersAse4kaAppDataRoaminguTorrent
2010-03-09 15:32:49 —-HD—- C:Program Files (x86)InstallShield Installation Information
2010-03-09 15:32:41 —-SHD—- C:WindowsInstaller
2010-03-09 10:11:33 —-D—- C:UsersAse4kaAppDataRoamingDownload Master
2010-03-08 06:17:49 —-D—- C:Windowssystem32drivers
2010-03-08 01:26:27 —-D—- C:WindowsDownloaded Program Files
2010-03-08 01:00:02 —-D—- C:Windows
2010-03-07 16:08:37 —-RD—- C:Program Files
2010-03-07 16:08:28 —-D—- C:WindowsSystem32
2010-03-07 16:01:07 —-D—- C:Program Files (x86)Common Files
2010-03-07 15:50:30 —-A—- C:Windowssystem32BASSMOD.dll
2010-03-07 05:46:39 —-RSD—- C:Windowsassembly
2010-03-07 05:46:34 —-D—- C:WindowsMicrosoft.NET
2010-03-07 05:45:58 —-D—- C:WindowsLogs
2010-03-06 01:02:04 —-SD—- C:ProgramDataMicrosoft
2010-03-04 23:41:11 —-D—- C:Program Files (x86)Opera
2010-03-04 23:24:37 —-D—- C:Windowsinf
2010-03-04 22:17:07 —-D—- C:Program Files (x86)uTorrent
2010-03-03 06:12:35 —-D—- C:WindowsPrefetch
2010-03-03 06:12:05 —-SHD—- C:$Recycle.Bin
2010-03-03 06:11:51 —-RD—- C:Users
2010-02-27 19:31:34 —-D—- C:UsersAse4kaAppDataRoamingAdobe
2010-02-27 14:39:17 —-D—- C:Windowswinsxs
2010-02-27 14:38:06 —-D—- C:WindowsAppPatch
2010-02-27 02:36:24 —-D—- C:Windowsehome
2010-02-27 02:27:53 —-D—- C:WindowsTasks
2010-02-27 02:27:47 —-D—- C:Program Files (x86)RocketDock
2010-02-27 02:27:42 —-D—- C:Windowsregistration
2010-02-26 09:10:14 —-D—- C:Windowsrescache
2010-02-26 06:02:01 —-D—- C:Windowssystem32ru-RU
2010-02-26 06:02:01 —-D—- C:Windowssystem32en-US
2010-02-26 05:59:42 —-D—- C:Program Files (x86)CCleaner
2010-02-26 03:34:58 —-D—- C:Program Files (x86)ASUS
2010-02-26 01:11:38 —-RSD—- C:WindowsFonts
2010-02-22 00:21:07 —-D—- C:UsersAse4kaAppDataRoamingAIMP
2010-02-19 00:41:05 —-SD—- C:UsersAse4kaAppDataRoamingMicrosoft
2010-02-13 22:31:54 —-D—- C:Windowssystem32zh-TW
2010-02-13 22:31:54 —-D—- C:Windowssystem32zh-CN
2010-02-13 22:31:54 —-D—- C:Windowssystem32sv-SE
2010-02-13 22:31:54 —-D—- C:Windowssystem32pt-BR
2010-02-13 22:31:54 —-D—- C:Windowssystem32pl-PL
2010-02-13 22:31:54 —-D—- C:Windowssystem32nl-NL
2010-02-13 22:31:54 —-D—- C:Windowssystem32nb-NO
2010-02-13 22:31:54 —-D—- C:Windowssystem32ko-KR
2010-02-13 22:31:54 —-D—- C:Windowssystem32ja-JP
2010-02-13 22:31:54 —-D—- C:Windowssystem32it-IT
2010-02-13 22:31:54 —-D—- C:Windowssystem32fr-FR
2010-02-13 22:31:54 —-D—- C:Windowssystem32fi-FI
2010-02-13 22:31:54 —-D—- C:Windowssystem32es-ES
2010-02-13 22:31:54 —-D—- C:Windowssystem32de-DE
2010-02-13 22:31:54 —-D—- C:Windowssystem32da-DK
2010-02-13 21:31:40 —-D—- C:Windowssystem32wbem
2010-02-13 21:06:36 —-D—- C:Windowsdebug
2010-02-13 19:49:19 —-D—- C:WindowsLiveKernelReports
2010-02-13 17:56:48 —-D—- C:Program Files (x86)DrWeb
2010-02-13 00:05:12 —-D—- C:WindowsAppCompat======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:WindowsSysWow64driversAsIO.sys [2009-08-04 13440]
R1 AsUpIO;AsUpIO; C:WindowsSysWow64driversAsUpIO.sys [2009-07-06 13368]
R1 blbdrive;blbdrive; C:Windowssystem32DRIVERSblbdrive.sys []
R1 CSC;@%systemroot%system32cscsvc.dll,-202; C:Windowssystem32driverscsc.sys []
R1 DfsC;@%systemroot%system32driversdfsc.sys,-101; C:WindowsSystem32Driversdfsc.sys []
R1 discache;@%systemroot%system32driversdiscache.sys,-102; C:WindowsSystem32driversdiscache.sys []
R1 MpFilter;Microsoft Malware Protection Driver; C:Windowssystem32DRIVERSMpFilter.sys []
R1 nsiproxy;@%SystemRoot%system32driversnsiproxy.sys,-2; C:Windowssystem32driversnsiproxy.sys []
R1 RDPENCDD;@%systemroot%system32driversRDPENCDD.sys,-101; C:Windowssystem32driversrdpencdd.sys []
R1 RDPREFMP;@%systemroot%system32driversRdpRefMp.sys,-101; C:Windowssystem32driversrdprefmp.sys []
R1 tdx;@%SystemRoot%system32tcpipcfg.dll,-50004; C:Windowssystem32DRIVERStdx.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:Windowssystem32DRIVERSvwififlt.sys []
R1 Wanarpv6;@%systemroot%system32rascfg.dll,-32012; C:Windowssystem32DRIVERSwanarp.sys []
R1 WfpLwf;WFP Lightweight Filter; C:Windowssystem32DRIVERSwfplwf.sys []
R2 adfs;adfs; C:Windowssystem32driversadfs.sys [2008-08-14 74720]
R2 ASMMAP64;ASMMAP64; ??C:Program Files (x86)ASUSATK PackageATKGFNEXASMMAP64.sys [2009-07-02 15416]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:Windowssystem32DRIVERSlltdio.sys []
R2 luafv;@%systemroot%system32driversluafv.sys,-100; C:Windowssystem32driversluafv.sys []
R2 PEAUTH;PEAUTH; C:Windowssystem32driverspeauth.sys []
R2 rimmptsk;rimmptsk; C:Windowssystem32DRIVERSrimmpx64.sys []
R2 rimsptsk;rimsptsk; C:Windowssystem32DRIVERSrimspx64.sys []
R2 rismxdp;Ricoh xD-Picture Card Driver; C:Windowssystem32DRIVERSrixdpx64.sys []
R2 rspndr;Link-Layer Topology Discovery Responder; C:Windowssystem32DRIVERSrspndr.sys []
R2 tcpipreg;TCP/IP Registry Compatibility; C:WindowsSystem32driverstcpipreg.sys []
R3 1394ohci;1394 OHCI-совместимый хост-контроллер; C:Windowssystem32DRIVERS1394ohci.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:Windowssystem32DRIVERSagrsm64.sys []
R3 AmdPPM;Драйвер процессора AMD; C:Windowssystem32DRIVERSamdppm.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:Windowssystem32DRIVERSathrx.sys []
R3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys []
R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver; C:WindowsSystem32DriversATSwpWDF.sys []
R3 bowser;@%systemroot%system32browser.dll,-102; C:Windowssystem32DRIVERSbowser.sys []
R3 BthEnum;Служба перечислителя Bluetooth; C:Windowssystem32DRIVERSBthEnum.sys []
R3 BTHMODEM;Драйвер связи Bluetooth-модема; C:Windowssystem32DRIVERSbthmodem.sys []
R3 BthPan;Устройства Bluetooth (личной сети); C:Windowssystem32DRIVERSbthpan.sys []
R3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WindowsSystem32DriversBTHUSB.sys []
R3 btwaudio;Аудиоустройствоi Bluetooth; C:Windowssystem32driversbtwaudio.sys []
R3 btwavdt;Bluetooth AVDT Service; C:Windowssystem32driversbtwavdt.sys []
R3 btwl2cap;Bluetooth L2CAP Service; C:Windowssystem32DRIVERSbtwl2cap.sys []
R3 btwrchid;btwrchid; C:Windowssystem32DRIVERSbtwrchid.sys []
R3 CmBatt;Драйвер батареи с ACPI-управлением (Microsoft); C:Windowssystem32DRIVERSCmBatt.sys []
R3 CompositeBus;Драйвер перечислителя композитной шины; C:Windowssystem32DRIVERSCompositeBus.sys []
R3 DXGKrnl;LDDM Graphics Subsystem; C:WindowsSystem32driversdxgkrnl.sys []
R3 HdAudAddService;Драйвер функции UAA для службы High Definition Audio (Microsoft), версия 1.1; C:Windowssystem32driversHdAudio.sys []
R3 HDAudBus;Драйвер для шины UAA для High Definition Audio (Microsoft); C:Windowssystem32DRIVERSHDAudBus.sys []
R3 HidUsb;Драйвер класса HID Microsoft; C:Windowssystem32DRIVERShidusb.sys []
R3 kbdhid;Драйвер клавиатуры HID; C:Windowssystem32DRIVERSkbdhid.sys []
R3 ksthunk;Kernel Streaming Thunks; C:Windowssystem32driversksthunk.sys []
R3 monitor;Microsoft Monitor Class Function Driver Service; C:Windowssystem32DRIVERSmonitor.sys []
R3 mouhid;Драйвер мыши HID; C:Windowssystem32DRIVERSmouhid.sys []
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:Windowssystem32DRIVERSMpNWMon.sys []
R3 mpsdrv;@%SystemRoot%system32FirewallAPI.dll,-23092; C:WindowsSystem32driversmpsdrv.sys []
R3 mrxsmb10;@%systemroot%system32wkssvc.dll,-1004; C:Windowssystem32DRIVERSmrxsmb10.sys []
R3 mrxsmb20;@%systemroot%system32wkssvc.dll,-1006; C:Windowssystem32DRIVERSmrxsmb20.sys []
R3 MTsensor;ATK0100 ACPI UTILITY; C:Windowssystem32DRIVERSATK64AMD.sys []
R3 NativeWifiP;NativeWiFi Filter; C:Windowssystem32DRIVERSnwifi.sys []
R3 RasAgileVpn;WAN Miniport (IKEv2); C:Windowssystem32DRIVERSAgileVpn.sys []
R3 RasSstp;@%systemroot%system32sstpsvc.dll,-202; C:Windowssystem32DRIVERSrassstp.sys []
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:Windowssystem32DRIVERSrdpbus.sys []
R3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:Windowssystem32DRIVERSrfcomm.sys []
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys []
R3 srv2;@%systemroot%system32srvsvc.dll,-104; C:WindowsSystem32DRIVERSsrv2.sys []
R3 srvnet;srvnet; C:WindowsSystem32DRIVERSsrvnet.sys []
R3 SynTP;Synaptics TouchPad Driver; C:Windowssystem32DRIVERSSynTP.sys []
R3 tunnel;Драйвер адаптера минипорта для туннеля Microsoft; C:Windowssystem32DRIVERStunnel.sys []
R3 umbus;UMBus драйвер перечислителя; C:Windowssystem32DRIVERSumbus.sys []
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:Windowssystem32DRIVERSusbccgp.sys []
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:Windowssystem32DRIVERSusbehci.sys []
R3 usbhub;Стандартный драйвер USB-концентратора (Майкрософт); C:Windowssystem32DRIVERSusbhub.sys []
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:Windowssystem32DRIVERSusbohci.sys []
R3 usbvideo;USB-видеоустройство (WDM); C:WindowsSystem32Driversusbvideo.sys []
R3 vwifibus;Драйвер шины Virtual WiFi; C:Windowssystem32DRIVERSvwifibus.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:Windowssystem32DRIVERSvwifimp.sys []
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:Windowssystem32driversWudfPf.sys []
R4 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; ??C:Program Files (x86)GrisoftAVG Anti-Spyware 7.5guard64.sys []
S3 AcpiPmi;ACPI Power Meter Driver; C:Windowssystem32DRIVERSacpipmi.sys []
S3 adp94xx;adp94xx; C:Windowssystem32DRIVERSadp94xx.sys []
S3 adpahci;adpahci; C:Windowssystem32DRIVERSadpahci.sys []
S3 adpu320;adpu320; C:Windowssystem32DRIVERSadpu320.sys []
S3 ae71k6bn;ae71k6bn; C:Windowssystem32driversae71k6bn.sys []
S3 agp440;Intel AGP Bus Filter; C:Windowssystem32DRIVERSagp440.sys []
S3 amdide;amdide; C:Windowssystem32DRIVERSamdide.sys []
S3 AmdK8;AMD K8 Processor Driver; C:Windowssystem32DRIVERSamdk8.sys []
S3 amdsata;amdsata; C:Windowssystem32DRIVERSamdsata.sys []
S3 amdsbs;amdsbs; C:Windowssystem32DRIVERSamdsbs.sys []
S3 AppID;@%systemroot%system32appidsvc.dll,-102; C:Windowssystem32driversappid.sys []
S3 arc;arc; C:Windowssystem32DRIVERSarc.sys []
S3 arcsas;arcsas; C:Windowssystem32DRIVERSarcsas.sys []
S3 b06bdrv;Broadcom NetXtreme II VBD; C:Windowssystem32DRIVERSbxvbda.sys []
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet — NDIS 6.0; C:Windowssystem32DRIVERSb57nd60a.sys []
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:Windowssystem32DRIVERSBrFiltLo.sys []
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:Windowssystem32DRIVERSBrFiltUp.sys []
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:WindowsSystem32DriversBrserid.sys []
S3 BrSerWdm;Brother WDM Serial driver; C:WindowsSystem32DriversBrSerWdm.sys []
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:WindowsSystem32DriversBrUsbMdm.sys []
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:WindowsSystem32DriversBrUsbSer.sys []
S3 BTHPORT;Драйвер порта Bluetooth; C:WindowsSystem32DriversBTHport.sys []
S3 circlass;Consumer IR Devices; C:Windowssystem32DRIVERScirclass.sys []
S3 dump_wmimmc;dump_wmimmc; ??G:la2 (офф)LineageII_PTSsystemGameGuarddump_wmimmc.sys []
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:Windowssystem32DRIVERSevbda.sys []
S3 elxstor;elxstor; C:Windowssystem32DRIVERSelxstor.sys []
S3 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32DRIVERSerrdev.sys []
S3 exfat;exFAT File System Driver; C:Windowssystem32driversexfat.sys []
S3 Filetrace;@%SystemRoot%system32driversfiletrace.sys,-10001; C:Windowssystem32driversfiletrace.sys []
S3 FsDepends;@%SystemRoot%system32driversfsdepends.sys,-10001; C:WindowsSystem32driversFsDepends.sys []
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:Windowssystem32DRIVERSgagp30kx.sys []
S3 gwiopm;gwiopm; ??C:Program Files (x86)My Driversgwiopm.sys [1998-06-03 3904]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:Windowssystem32drivershcw85cir.sys []
S3 HidBatt;HID UPS Battery Driver; C:Windowssystem32DRIVERSHidBatt.sys []
S3 HidBth;Microsoft Bluetooth HID Miniport; C:Windowssystem32DRIVERShidbth.sys []
S3 HidIr;Microsoft Infrared HID Driver; C:Windowssystem32DRIVERShidir.sys []
S3 HpSAMD;HpSAMD; C:Windowssystem32DRIVERSHpSAMD.sys []
S3 iaStorV;iaStorV; C:Windowssystem32DRIVERSiaStorV.sys []
S3 iirsp;iirsp; C:Windowssystem32DRIVERSiirsp.sys []
S3 intelide;intelide; C:Windowssystem32DRIVERSintelide.sys []
S3 intelppm;Intel Processor Driver; C:Windowssystem32DRIVERSintelppm.sys []
S3 IPMIDRV;IPMIDRV; C:Windowssystem32DRIVERSIPMIDrv.sys []
S3 isapnp;isapnp; C:Windowssystem32DRIVERSisapnp.sys []
S3 iScsiPrt;iScsiPort Driver; C:Windowssystem32DRIVERSmsiscsi.sys []
S3 LSI_FC;LSI_FC; C:Windowssystem32DRIVERSlsi_fc.sys []
S3 LSI_SAS;LSI_SAS; C:Windowssystem32DRIVERSlsi_sas.sys []
S3 LSI_SAS2;LSI_SAS2; C:Windowssystem32DRIVERSlsi_sas2.sys []
S3 LSI_SCSI;LSI_SCSI; C:Windowssystem32DRIVERSlsi_scsi.sys []
S3 megasas;megasas; C:Windowssystem32DRIVERSmegasas.sys []
S3 MegaSR;MegaSR; C:Windowssystem32DRIVERSMegaSR.sys []
S3 mpio;mpio; C:Windowssystem32DRIVERSmpio.sys []
S3 msdsm;msdsm; C:Windowssystem32DRIVERSmsdsm.sys []
S3 mshidkmdf;@%SystemRoot%system32driversmshidkmdf.sys,-100; C:WindowsSystem32driversmshidkmdf.sys []
S3 MsRPC;MsRPC; C:Windowssystem32driversMsRPC.sys []
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:Windowssystem32driversMSTEE.sys []
S3 MTConfig;Microsoft Input Configuration Driver; C:Windowssystem32DRIVERSMTConfig.sys []
S3 NdisCap;NDIS Capture LightWeight Filter; C:Windowssystem32DRIVERSndiscap.sys []
S3 nfrd960;nfrd960; C:Windowssystem32DRIVERSnfrd960.sys []
S3 NPPTNT2;NPPTNT2; ??C:Windowssystem32npptNT2.sys [2005-01-03 4682]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:Windowssystem32DRIVERSnv_agp.sys []
S3 nvraid;nvraid; C:Windowssystem32DRIVERSnvraid.sys []
S3 nvstor;nvstor; C:Windowssystem32DRIVERSnvstor.sys []
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:Windowssystem32DRIVERSohci1394.sys []
S3 ql2300;ql2300; C:Windowssystem32DRIVERSql2300.sys []
S3 ql40xx;ql40xx; C:Windowssystem32DRIVERSql40xx.sys []
S3 QWAVEdrv;@%SystemRoot%system32driversqwavedrv.sys,-1; C:Windowssystem32driversqwavedrv.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:Windowssystem32DRIVERSRt64win7.sys []
S3 s3cap;s3cap; C:Windowssystem32DRIVERSvms3cap.sys []
S3 sbp2port;sbp2port; C:Windowssystem32DRIVERSsbp2port.sys []
S3 scfilter;@%SystemRoot%System32driversscfilter.sys,-11; C:WindowsSystem32DRIVERSscfilter.sys []
S3 sermouse;Serial Mouse Driver; C:Windowssystem32DRIVERSsermouse.sys []
S3 sffdisk;Драйвер класса SFF Storage; C:Windowssystem32DRIVERSsffdisk.sys []
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:Windowssystem32DRIVERSsffp_mmc.sys []
S3 sffp_sd;Драйвер протокола SFF Storage для SDBus; C:Windowssystem32DRIVERSsffp_sd.sys []
S3 SiSRaid2;SiSRaid2; C:Windowssystem32DRIVERSSiSRaid2.sys []
S3 SiSRaid4;SiSRaid4; C:Windowssystem32DRIVERSsisraid4.sys []
S3 Smb;@%SystemRoot%system32tcpipcfg.dll,-50005; C:Windowssystem32DRIVERSsmb.sys []
S3 stexstor;stexstor; C:Windowssystem32DRIVERSstexstor.sys []
S3 storvsc;storvsc; C:Windowssystem32DRIVERSstorvsc.sys []
S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:Windowssystem32DRIVERStcpip.sys []
S3 tssecsrv;@%SystemRoot%System32DRIVERStssecsrv.sys,-101; C:WindowsSystem32DRIVERStssecsrv.sys []
S3 uagp35;Microsoft AGPv3.5 Filter; C:Windowssystem32DRIVERSuagp35.sys []
S3 uliagpkx;Uli AGP Bus Filter; C:Windowssystem32DRIVERSuliagpkx.sys []
S3 UmPass;Microsoft UMPass Driver; C:Windowssystem32DRIVERSumpass.sys []
S3 usbcir;eHome Infrared Receiver (USBCIR); C:Windowssystem32DRIVERSusbcir.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:Windowssystem32DRIVERSusbprint.sys []
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:Windowssystem32DRIVERSUSBSTOR.SYS []
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:Windowssystem32DRIVERSusbuhci.sys []
S3 vga;vga; C:Windowssystem32DRIVERSvgapnp.sys []
S3 vhdmp;vhdmp; C:Windowssystem32DRIVERSvhdmp.sys []
S3 vmbus;@%SystemRoot%system32vmbusres.dll,-1000; C:Windowssystem32DRIVERSvmbus.sys []
S3 VMBusHID;VMBusHID; C:Windowssystem32DRIVERSVMBusHID.sys []
S3 vsmraid;vsmraid; C:Windowssystem32DRIVERSvsmraid.sys []
S3 WacomPen;Wacom Serial Pen HID Driver; C:Windowssystem32DRIVERSwacompen.sys []
S3 Wd;Wd; C:Windowssystem32DRIVERSwd.sys []
S3 WIMMount;WIMMount; C:Windowssystem32driverswimmount.sys [2009-07-14 19008]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32DRIVERSwmiacpi.sys []
S3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys []
S4 crcdisk;Crcdisk Filter Driver; C:Windowssystem32DRIVERScrcdisk.sys []
S4 ws2ifsl;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:Windowssystem32driversws2ifsl.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:Windowssystem32atiesrxx.exe []
R2 ASLDRService;ASLDR Service; C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe [2009-12-15 96896]
R2 AudioEndpointBuilder;@%SystemRoot%system32audiosrv.dll,-204; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R2 BFE;@%SystemRoot%system32bfe.dll,-1001; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 btwdins;Bluetooth Service; C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe [2008-05-27 796712]
R2 CscService;@%systemroot%system32cscsvc.dll,-200; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R2 DPS;@%systemroot%system32dps.dll,-500; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R2 FDResPub;@%systemroot%system32fdrespub.dll,-100; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 gpsvc;@gpapi.dll,-112; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 IKEEXT;@%SystemRoot%system32ikeext.dll,-501; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 iphlpsvc;@%SystemRoot%system32iphlpsvc.dll,-500; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R2 MMCSS;@%systemroot%system32mmcss.dll,-100; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 MpsSvc;@%SystemRoot%system32FirewallAPI.dll,-23090; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; C:Program FilesMicrosoft Security EssentialsMsMpEng.exe [2009-12-09 17416]
R2 NlaSvc;@%SystemRoot%System32nlasvc.dll,-1; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R2 nsi;@%SystemRoot%system32nsisvc.dll,-200; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 PcaSvc;@%SystemRoot%system32pcasvc.dll,-1; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 Power;@%SystemRoot%system32umpo.dll,-100; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 ProfSvc;@%systemroot%system32profsvc.dll,-300; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%system32RpcEpMap.dll,-1001; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 StarWindServiceAE;StarWind AE Service; C:Program Files (x86)Alcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2009-12-24 370688]
R2 SysMain;@%SystemRoot%system32sysmain.dll,-1000; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 UxSms;@%SystemRoot%system32dwm.exe,-2000; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R2 Wlansvc;@%SystemRoot%System32wlansvc.dll,-257; C:Windowssystem32svchost.exe [2009-07-14 20992]
R2 WMPNetworkSvc;@%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101; C:Program Files (x86)Windows Media Playerwmpnetwk.exe []
R2 WSearch;@%systemroot%system32SearchIndexer.exe,-103; C:Windowssystem32SearchIndexer.exe [2009-07-14 428032]
R2 wudfsvc;@%SystemRoot%system32wudfsvc.dll,-1000; C:Windowssystem32svchost.exe [2009-07-14 20992]
R3 AeLookupSvc;@%SystemRoot%system32aelupsvc.dll,-1; C:Windowssystem32svchost.exe [2009-07-14 20992]
R3 bthserv;@%SystemRoot%System32bthserv.dll,-101; C:Windowssystem32svchost.exe [2009-07-14 20992]
R3 fdPHost;@%systemroot%system32fdPHost.dll,-100; C:Windowssystem32svchost.exe [2009-07-14 20992]
R3 HomeGroupListener;@%SystemRoot%System32ListSvc.dll,-100; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R3 HomeGroupProvider;@%SystemRoot%System32provsvc.dll,-100; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R3 KeyIso;@keyiso.dll,-100; C:Windowssystem32lsass.exe []
R3 netprofm;@%SystemRoot%system32netprofm.dll,-202; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R3 p2pimsvc;@%SystemRoot%system32pnrpsvc.dll,-8004; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R3 p2psvc;@%SystemRoot%system32p2psvc.dll,-8006; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R3 PNRPsvc;@%SystemRoot%system32pnrpsvc.dll,-8000; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R3 VaultSvc;@%SystemRoot%system32vaultsvc.dll,-1003; C:Windowssystem32lsass.exe []
R3 wcncsvc;@%SystemRoot%system32wcncsvc.dll,-3; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R3 WdiServiceHost;@%systemroot%system32wdi.dll,-502; C:WindowsSystem32svchost.exe [2009-07-14 20992]
R3 WinHttpAutoProxySvc;@%SystemRoot%system32winhttp.dll,-100; C:Windowssystem32svchost.exe [2009-07-14 20992]
S2 sppsvc;Защита программного обеспечения; C:Windowssystem32sppsvc.exe []
S2 WbioSrvc;@%systemroot%system32wbiosrvc.dll,-100; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 AppIDSvc;@%systemroot%system32appidsvc.dll,-100; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 Appinfo;@%systemroot%system32appinfo.dll,-100; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 AxInstSV;@%SystemRoot%system32AxInstSV.dll,-103; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%system32bdesvc.dll,-100; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 CertPropSvc;@%SystemRoot%System32certprop.dll,-11; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2009-06-11 66384]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe [2009-06-10 89920]
S3 defragsvc;@%SystemRoot%system32defragsvc.dll,-101; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%system32efssvc.dll,-100; C:WindowsSystem32lsass.exe []
S3 ehRecvr;@%SystemRoot%ehomeehrecvr.exe,-101; C:WindowsehomeehRecvr.exe [2009-07-14 696832]
S3 ehSched;@%SystemRoot%ehomeehsched.exe,-101; C:Windowsehomeehsched.exe [2009-07-14 127488]
S3 Fax;@%systemroot%system32fxsresm.dll,-118; C:Windowssystem32fxssvc.exe []
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService64.exe [2010-02-16 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2010-02-16 655624]
S3 FontCache;@%systemroot%system32FntCache.dll,-100; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 FontCache3.0.0.0;@%SystemRoot%system32PresentationHost.exe,-3309; C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe [2009-06-10 42840]
S3 getPlusHelper;@C:Program Files (x86)NOSbingetPlus_Helper.dll,-101; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 idsvc;@%systemroot%Microsoft.NETFramework64v3.0Windows Communication FoundationServiceModelInstallRC.dll,-8193; C:WindowsMicrosoft.NETFramework64v3.0Windows Communication Foundationinfocard.exe [2009-06-10 856384]
S3 IPBusEnum;@%systemroot%system32IPBusEnum.dll,-102; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 KtmRm;@comres.dll,-2946; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 lltdsvc;@%SystemRoot%system32lltdres.dll,-1; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 MSiSCSI;@%SystemRoot%system32iscsidsc.dll,-5000; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%system32peerdistsvc.dll,-9000; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 PerfHost;@%systemroot%sysWow64perfhost.exe,-2; C:WindowsSysWow64perfhost.exe [2009-07-14 20992]
S3 pla;@%systemroot%system32pla.dll,-500; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 PNRPAutoReg;@%SystemRoot%system32pnrpauto.dll,-8002; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 QWAVE;@%SystemRoot%system32qwave.dll,-1; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 SCPolicySvc;@%SystemRoot%System32certprop.dll,-13; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 SDRSVC;@%SystemRoot%system32sdrsvc.dll,-107; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%System32sensrsvc.dll,-1000; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 SessionEnv;@%SystemRoot%System32SessEnv.dll,-1026; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 SNMPTRAP;@%SystemRoot%system32snmptrap.exe,-3; C:WindowsSystem32snmptrap.exe []
S3 sppuinotify;@%SystemRoot%system32sppuinotify.dll,-103; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 SstpSvc;@%SystemRoot%system32sstpsvc.dll,-200; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%System32StorSvc.dll,-100; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 TabletInputService;@%SystemRoot%system32TabSvc.dll,-100; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 TBS;@%SystemRoot%system32tbssvc.dll,-100; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 THREADORDER;@%systemroot%system32mmcss.dll,-102; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 TrustedInstaller;@%SystemRoot%servicingTrustedInstaller.exe,-100; C:WindowsservicingTrustedInstaller.exe [2009-07-14 194048]
S3 UI0Detect;@%SystemRoot%system32ui0detect.exe,-101; C:Windowssystem32UI0Detect.exe []
S3 UmRdpService;@%SystemRoot%system32umrdp.dll,-1000; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 usprserv;User Privilege Service; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 vds;@%SystemRoot%system32vds.exe,-100; C:WindowsSystem32vds.exe []
S3 WatAdminSvc;@%SystemRoot%system32WatWatUX.exe,-601; C:Windowssystem32WatWatAdminSvc.exe []
S3 wbengine;@%systemroot%system32wbengine.exe,-104; C:Windowssystem32wbengine.exe []
S3 WcsPlugInService;@%SystemRoot%system32WcsPlugInService.dll,-200; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 WdiSystemHost;@%systemroot%system32wdi.dll,-500; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 Wecsvc;@%SystemRoot%system32wecsvc.dll,-200; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 wercplsupport;@%SystemRoot%System32wercplsupport.dll,-101; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 WerSvc;@%SystemRoot%System32wersvc.dll,-100; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 WinDefend;@%ProgramFiles%Windows DefenderMsMpRes.dll,-103; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 WinRM;@%Systemroot%system32wsmsvc.dll,-101; C:WindowsSystem32svchost.exe [2009-07-14 20992]
S3 WPCSvc;@%SystemRoot%system32wpcsvc.dll,-100; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 WPDBusEnum;@%SystemRoot%system32wpdbusenum.dll,-100; C:Windowssystem32svchost.exe [2009-07-14 20992]
S3 WwanSvc;@%SystemRoot%System32wwansvc.dll,-257; C:Windowssystem32svchost.exe [2009-07-14 20992]
S4 Mcx2Svc;@%SystemRoot%ehomeehres.dll,-15501; C:Windowssystem32svchost.exe [2009-07-14 20992]
S4 NetTcpPortSharing;@%systemroot%Microsoft.NETFramework64v3.0Windows Communication FoundationServiceModelInstallRC.dll,-8201; C:WindowsMicrosoft.NETFramework64v3.0Windows Communication FoundationSMSvcHost.exe [2009-06-10 116560]
EOF
info.txt logfile of random’s system information tool 1.06 2010-03-10 02:24:11
======Uninstall list======
µTorrent—>»C:Program Files (x86)uTorrentuTorrent.exe» /UNINSTALL
Adobe AIR—>C:Program Files (x86)Common FilesAdobe AIRVersions1.0ResourcesAdobe AIR Updater.exe -arp:uninstall
Adobe AIR—>MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4—>MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4—>MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4—>MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color — Photoshop Specific CS4—>MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Recommended Settings CS4—>MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4—>MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4—>MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color Video Profiles CS CS4—>MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4—>MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4—>MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4—>MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Download Manager—>»C:Windowssystem32rundll32.exe» «C:Program Files (x86)NOSbingetPlus_Helper.dll»,Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Drive CS4—>MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe ExtendScript Toolkit CS4—>MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4—>MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 10 ActiveX—>C:WindowsSysWOW64MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WindowsSysWOW64MacromedFlashuninstall_plugin.exe
Adobe Fonts All—>MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4—>MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Player—>msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player—>MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Output Module—>MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4—>MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support—>MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4—>C:Program Files (x86)Common FilesAdobeInstallersfaf656ef605427ee2f42989c3ad31b8Setup.exe —uninstall=1
Adobe Photoshop CS4—>MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4—>MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Search for Help—>MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension—>MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup—>MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Type Support CS4—>MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4—>MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin—>MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4—>MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK—>MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB—>MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
AIMP2—>C:Program Files (x86)AIMP2Uninstall.exe
ATK Hotkey—>C:Program Files (x86)InstallShield Installation Information{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}setup.exe -runfromtemp -l0x0019 -removeonly
ATK Package—>MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
Catalyst Control Center — Branding—>MsiExec.exe /I{CF929EEB-CE39-4F06-B1BF-F51FC617A2B2}
CCleaner—>»C:Program Files (x86)CCleaneruninst.exe»
ColorPicker Gadget—>MsiExec.exe /I{4B68ED6A-3E4B-47D6-A58A-E4AE89FC73C1}
Connect—>MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Download Master version 5.6.1.1187—>»C:Program Files (x86)Download Masterunins000.exe»
Dual-Core Optimizer—>MsiExec.exe /X{9FD6F1A8-5550-46AF-8509-271DF0E768B5}
EclipseCrossword—>MsiExec.exe /I{C61177FD-37C4-4C5F-BE6C-E04A8AC399B6}
ExcelExplorer—>»C:Program Files (x86)ExcelExplorerunins000.exe»
Foxit Reader—>C:Program Files (x86)Foxit SoftwareFoxit ReaderUninstall.exe
HijackThis 2.0.2—>»C:Program Files (x86)trend microHijackThis.exe» /uninstall
Java(TM) 6 Update 17—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
K-Lite Mega Codec Pack 5.7.0—>»C:Program Files (x86)K-Lite Codec Packunins000.exe»
kuler—>MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Microsoft Silverlight—>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
My Drivers 3.31—>»C:Program Files (x86)My Driversunins000.exe»
Opera 10.10—>MsiExec.exe /X{21199F32-B676-4FE2-A443-EF7DB6B8FD4F}
OSCAR Editor—>C:Program Files (x86)InstallShield Installation Information{21FFDD40-F6B9-4609-B1C9-514E0A342BFA}setup.exe -runfromtemp -l0x0419
PASS Gadget—>MsiExec.exe /I{A868A7ED-6D28-4288-BE9C-BD6BC964510D}
PDF Settings CS4—>MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw—>MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
PremiumSoft Navicat 8.0 for MySQL—>»C:Program Files (x86)PremiumSoftNavicat 8.0 MySQLunins000.exe»
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{59F6A514-9813-47A3-948C-8A155460CC2A}setup.exe» -l0x19 anything
RocketDock 1.3.5—>»C:Program Files (x86)RocketDockunins000.exe»
Skype™ 4.1—>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Suite Shared Configuration CS4—>MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
TeamSpeak 2 RC2—>»C:Program Files (x86)Teamspeak2_RC2unins000.exe»
VertrigoServ (remove only)—>C:Program Files (x86)VertrigoServUninstall.exe
VLC media player 1.0.5—>C:Program Files (x86)VideoLANVLCuninstall.exe
WebMoney Agent—>C:Program Files (x86)WebMoney Agentuninst_wmagent.exe
WebMoney Keeper Classic 3.9.0.0—>»C:Program Files (x86)WebMoneyUninstall.exe» «C:Program Files (x86)WebMoneyinstall.log» -u
Windows 7 Manager—>MsiExec.exe /I{ACAF8758-8B7C-40C0-AF43-897B3BB7D009}======Hosts File======
127.0.0.1 localhost
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com
127.0.0.1 genuine.microsoft.com
127.0.0.1 wat.microsoft.com
127.0.0.1 mpa.microsoft.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com======Security center information======
AS: AVG Anti-Spyware (disabled) (outdated)
======System event log======
Computer Name: 37L4247E29-32
Event Code: 7036
Message: Служба «Cryptographic Services» перешла в состояние stopped.
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Сведения
User:Computer Name: 37L4247E29-32
Event Code: 7036
Message: Служба «Windows Modules Installer» перешла в состояние stopped.
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Сведения
User:Computer Name: 37L4247E29-32
Event Code: 7036
Message: Служба «Software Protection» перешла в состояние stopped.
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Сведения
User:Computer Name: 37L4247E29-32
Event Code: 7036
Message: Служба «Windows Event Log» перешла в состояние stopped.
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Сведения
User:Computer Name: 37L4247E29-32
Event Code: 7036
Message: Служба «Volume Shadow Copy» перешла в состояние stopped.
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Сведения
User:=====Application event log=====
Computer Name: 37L4247E29-32
Event Code: 1001
Message: Контейнер ошибки , тип 0
Имя события: PnPDriverNotFound
Ответ: Нет данных
Идентификатор CAB: 0Сигнатура проблемы:
P1: x64
P2: ACPIATK0100
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:Вложенные файлы:
C:WindowsTempDMI37B2.tmp.log.xmlЭти файлы можно найти здесь:
C:ProgramDataMicrosoftWindowsWERReportQueueNonCritical_x64_d4a99e8e3cb284c21dcc14fa73286c8c8f3f5f25_cab_04d2382fСимвол анализа:
Повторный поиск решения: 0
Идентификатор отчета: 0c8accdf-162a-11df-bd09-f4bb6aae29b4
Состояние отчета: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20100210095251.000000-000
Event Type: Сведения
User:Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20100210095149.000000-000
Event Type: Сведения
User:Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20100210095143.000000-000
Event Type: Сведения
User:Computer Name: 37L4247E29-32
Event Code: 1531
Message: Служба профилей пользователей успешно запущена.Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100210095137.700036-000
Event Type: Сведения
User: NT AUTHORITYсистемаComputer Name: 37L4247E29-32
Event Code: 4625
Message: Подсистема EventSystem подавляет повторяющиеся элементы журнала событий в течение 86400 сек. Таймаут подавления управляется значением REG_DWORD с именем SuppressDuplicateDuration в следующем разделе реестра: HKLMSoftwareMicrosoftEventSystemEventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20100210095138.000000-000
Event Type: Сведения
User:=====Security event log=====
Computer Name: 37L4247E29-32
Event Code: 4735
Message: Изменена локальная группа с включенной безопасностью.Субъект:
Идентификатор безопасности: S-1-5-18
Имя учетной записи: 37L4247E29-32$
Домен учетной записи: WORKGROUP
Идентификатор входа: 0x3e7Группа:
Идентификатор безопасности: S-1-5-32-551
Имя группы: Операторы архива
Домен группы: BuiltinИзмененные атрибуты:
Имя учетной записи SAM: —
Журнал SID: —Дополнительные сведения:
Привилегии: —
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100210095114.440424-000
Event Type: Аудит успеха
User:Computer Name: 37L4247E29-32
Event Code: 4731
Message: Создана локальная группа с включенной безопасностью.Субъект:
Идентификатор безопасности: S-1-5-18
Имя учетной записи: 37L4247E29-32$
Домен учетной записи: WORKGROUP
Идентификатор входа: 0x3e7Новая группа:
Идентификатор безопасности: S-1-5-32-551
Имя группы: Операторы архива
Домен группы: BuiltinАтрибуты:
Имя учетной записи SAM: Операторы архива
Журнал SID: —Дополнительные сведения:
Привилегии: —
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100210095114.424824-000
Event Type: Аудит успеха
User:Computer Name: 37L4247E29-32
Event Code: 4902
Message: Создана таблица политики аудита по пользователям.Число элементов: 0
Идентификатор политики: 0x325ae
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100210095114.003623-000
Event Type: Аудит успеха
User:Computer Name: 37L4247E29-32
Event Code: 4624
Message: Вход с учетной записью выполнен успешно.Субъект:
ИД безопасности: S-1-0-0
Имя учетной записи: —
Домен учетной записи: —
Код входа: 0x0Тип входа: 0
Новый вход:
ИД безопасности: S-1-5-18
Имя учетной записи: система
Домен учетной записи: NT AUTHORITY
Код входа: 0x3e7
GUID входа: {00000000-0000-0000-0000-000000000000}Сведения о процессе:
Идентификатор процесса: 0x4
Имя процесса:Сведения о сети:
Имя рабочей станции: —
Сетевой адрес источника: —
Порт источника: —Сведения о проверке подлинности:
Процесс входа: —
Пакет проверки подлинности: —
Промежуточные службы: —
Имя пакета (только NTLM): —
Длина ключа: 0Данное событие возникает при создании сеанса входа. Оно создается в системе, вход в которую выполнен.
Поля «Субъект» указывают на учетную запись локальной системы, запросившую вход. Обычно это служба, например, служба «Сервер», или локальный процесс, такой как Winlogon.exe или Services.exe.
В поле «Тип входа» указан тип выполненного входа. Самыми распространенными являются типы 2 (интерактивный) и 3 (сетевой).
Поля «Новый вход» указывают на учетную запись, для которой создан новый сеанс входа, то есть на учетную запись, с которой выполнен вход.
В полях, которые относятся к сети, указан источник запроса на удаленный вход. Имя рабочей станции доступно не всегда, и в некоторых случаях это поле может оставаться незаполненным.
Поля сведений о проверке подлинности содержат подробные данные о конкретном запросе на вход.
— GUID входа — это уникальный идентификатор, который позволяет сопоставить данное событие с событием KDC.
— В поле «Промежуточные службы» указано, какие промежуточные службы участвовали в данном запросе на вход.
— Поле «Имя пакета» указывает на подпротокол, использованный с протоколами NTLM.
— Поле «Длина ключа» содержит длину созданного ключа сеанса. Это поле может иметь значение «0», если ключ сеанса не запрашивался.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100210095111.180022-000
Event Type: Аудит успеха
User:Computer Name: 37L4247E29-32
Event Code: 4608
Message: Выполняется запуск Windows.Это событие записывается в журнал при запуске LSASS.EXE и инициализации подсистемы аудита.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100210095111.086422-000
Event Type: Аудит успеха
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;C:Program Files (x86)ATI TechnologiesATI.ACECore-Static
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
«PROCESSOR_ARCHITECTURE»=AMD64
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«USERNAME»=SYSTEM
«windir»=%SystemRoot%
«PSModulePath»=%SystemRoot%system32WindowsPowerShellv1.0Modules
«NUMBER_OF_PROCESSORS»=2
«PROCESSOR_LEVEL»=17
«PROCESSOR_IDENTIFIER»=AMD64 Family 17 Model 3 Stepping 1, AuthenticAMD
«PROCESSOR_REVISION»=0301
«ERRORLOGPATH»=C:Program FilesTrueSuiteLogging
«NLOG_GLOBAL_CONFIG_FILE»=C:Program FilesTrueSuiteTrueSuiteLog.config
EOF
Здравствуйте, добро пожаловать на Spyware-ru форум.
Выполним дополнительную проверку.
Cкачайте сканер DDS кликнув по этой ссылке и сохраните файл на вашем рабочем столе.
Дважды кликните по скачанному файлу.
Когда программа закончит работу, будут показаны два лога (DDS.txt и Attach.txt).Вставьте оба DDS лога в ваш ответ. Каждый лог в отдельное сообщение.
- Для ответа в этой теме необходимо авторизоваться.
