вылазит лента с фото

[anatoliy]

Доброй ночи!Помогите пожалуйста избавиться от ленты с порно фотками!Случайно нашел ваш форум.Сделал все как написано.Жду помощи.Спасибо!

info.txt logfile of random’s system information tool 1.06 2009-03-24 02:57:27

======Uninstall list======

—>MsiExec /X{74224F8D-4A17-4816-9EDB-7BB854DE532C}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ABBYY FineReader 4.0 Sprint—>C:WINDOWSbitdeins.exe C:PROGRA~1ABBYYF~1.0SPbitdeins.ini
Adobe ActiveShare 1.1—>C:WINDOWSIsUninst.exe -f»C:Program FilesAdobeActiveShareUninst.isu»
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Reader 9 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A90000000001}
AMD Processor Driver—>C:Program FilesInstallShield Installation Information{C151CE54-E7EA-4804-854B-F515368B0798}setup.exe -runfromtemp -l0x0019 -removeonly
ATI — Утилита деинсталляции—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>MsiExec.exe /I{86EC42B5-346E-4BAB-948D-58E021EA4BD1}
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{083F79E4-6FE9-46FB-A6C6-4F8862742947}setup.exe»
Classic PhoneTools—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E3436EE2-D5CB-4249-840B-3A0140CC34C3}setup.exe» -l0x9 ControlPanel
Copier 2.0—>C:WINDOWSIsUninst.exe -f»C:Program FilesCopier 2.0Uninst.isu»
Exact Audio Copy 0.95b3—>C:Program FilesExact Audio Copyuninst.exe
FAR file manager—>C:Program FilesFarUninstall.exe
GPRS Explorer—>C:Program FilesBeelineGPRS Exploreruninstall.exe
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Windows XP (KB915865)—>»C:WINDOWS$NtUninstallKB915865$spuninstspuninst.exe»
K-Lite Mega Codec Pack 4.5.3—>»C:Program FilesK-Lite Codec Packunins000.exe»
Microsoft .NET Framework 1.1 Hotfix (KB928366)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WINDOWSMicrosoft.NETFrameworkv1.1.4322UpdatesM928366M928366Uninstall.msp»
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable — x86 9.0.21022—>MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mortal Combat—>C:GamesMortCombUNWISE.EXE C:GamesMortCombINSTALL.LOG
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NVIDIA Drivers—>C:WINDOWSsystem32nvuninst.exe UninstallGUI
NVIDIA PhysX v8.04.25—>MsiExec.exe /X{74224F8D-4A17-4816-9EDB-7BB854DE532C}
OpenAL—>»C:Program FilesOpenALoalinst.exe» /U
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}Setup.exe» -l0x19 -removeonly
ScanButton 2.4—>C:WINDOWSIsUninst.exe -f»C:Program FilesScanButton 2.4Uninst.isu»
TEKKEN-3—>C:GamesTEKKEN-3UNWISE.EXE C:GamesTEKKEN-3INSTALL.LOG
The Battle for Middle-earth ™ II: Sauron’s Downfall—>»C:Program FilesThe Battle for Middle-earth ™ II — Sauron’s Downfallunins000.exe»
Total Commander 6.03—>»C:Program FilesTotal commanderuninstall.exe»
UPSMON Plus for Windows—>C:WINDOWSGPInstall.exe «/UNINST=C:Program FilesUPSMONUnInst02.log» «/APPNAME=UPSMON Plus for Windows»
VIA Диспетчер устройств платформы—>C:PROGRA~1COMMON~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Winamp—>»C:Program FilesWinampUninstWA.exe»
Антивирус Касперского 2009—>MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Антивирус Касперского 2009—>MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Исправление для Windows XP (KB914440)—>»C:WINDOWS$NtUninstallKB914440$spuninstspuninst.exe»
Исправление для Windows XP (KB935448)—>»C:WINDOWS$NtUninstallKB935448$spuninstspuninst.exe»
Исправление для Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB938464-v2)—>»C:WINDOWS$NtUninstallKB938464-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB944338-v2)—>»C:WINDOWS$NtUninstallKB944338-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950760)—>»C:WINDOWS$NtUninstallKB950760$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956841)—>»C:WINDOWS$NtUninstallKB956841$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958215)—>»C:WINDOWS$NtUninstallKB958215$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958690)—>»C:WINDOWS$NtUninstallKB958690$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960225)—>»C:WINDOWS$NtUninstallKB960225$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960714)—>»C:WINDOWS$NtUninstallKB960714$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960715)—>»C:WINDOWS$NtUninstallKB960715$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление для Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Обновление для Windows XP (KB904942)—>»C:WINDOWS$NtUninstallKB904942$spuninstspuninst.exe»
Обновление для Windows XP (KB932823-v3)—>»C:WINDOWS$NtUninstallKB932823-v3$spuninstspuninst.exe»
Обновление для Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
Обновление для Windows XP (KB967715)—>»C:WINDOWS$NtUninstallKB967715$spuninstspuninst.exe»
Пакет драйверов Windows — Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)—>C:PROGRA~1DIFX7B44739871F4D539FA473F57A832EA4B6A59EF06DPInst.exe /d /u C:WINDOWSsystem32DRVSTOREamdk8_5F4DE5B38BD0C6463F94F7534C8C84D5EACE412Damdk8.inf
Я.Онлайн 0.9.8—>»C:Program FilesYandexOnlineunins000.exe»
Яндекс.Бар для Internet Explorer 4.1.0—>»C:Program FilesYandexYandexBarIEunins000.exe»

======Security center information======

AV: Антивирус Касперского

======System event log======

Computer Name: MACHINENAME
Event Code: 10
Message: Это устройство не поддерживает воспроизведение оцифрованного звука.

Record Number: 5
Source Name: redbook
Time Written: 20090213192323.000000+120
Event Type: информация
User:

Computer Name: MACHINENAME
Event Code: 12
Message: Устройство ‘PIONEER DVD-RW DVR-112D’ (IDECdRomPIONEER_DVD-RW__DVR-112D________________1.21____47_044463550303335385731204c202020202020) было отключено из системы без предварительной подготовки.

Record Number: 4
Source Name: PlugPlayManager
Time Written: 20090213191909.000000+120
Event Type: ошибка
User:

Computer Name: MACHINENAME
Event Code: 2
Message: При проверке, что DeviceSerial0 является последовательным портом, обнаружена и будет использоваться прямая очередь.

Record Number: 3
Source Name: Serial
Time Written: 20090213191712.000000+120
Event Type: информация
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Запущена служба журнала событий.

Record Number: 2
Source Name: EventLog
Time Written: 20090213191657.000000+120
Event Type: информация
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20090213191657.000000+120
Event Type: информация
User:

=====Application event log=====

Computer Name: SON
Event Code: 1000
Message: Счетчики производительности для службы MSDTC (MSDTC) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.

Record Number: 5
Source Name: LoadPerf
Time Written: 20090213172600.000000+120
Event Type: информация
User:

Computer Name: SON
Event Code: 1000
Message: Счетчики производительности для службы TermService (Службы терминалов) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.

Record Number: 4
Source Name: LoadPerf
Time Written: 20090213172554.000000+120
Event Type: информация
User:

Computer Name: SON
Event Code: 1000
Message: Счетчики производительности для службы RemoteAccess (Маршрутизация и удаленный доступ) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.

Record Number: 3
Source Name: LoadPerf
Time Written: 20090213172428.000000+120
Event Type: информация
User:

Computer Name: SON
Event Code: 1000
Message: Счетчики производительности для службы PSched (PSched) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.

Record Number: 2
Source Name: LoadPerf
Time Written: 20090213172406.000000+120
Event Type: информация
User:

Computer Name: SON
Event Code: 1000
Message: Счетчики производительности для службы RSVP (QoS RSVP) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.

Record Number: 1
Source Name: LoadPerf
Time Written: 20090213172352.000000+120
Event Type: информация
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=16
«PROCESSOR_IDENTIFIER»=x86 Family 16 Model 2 Stepping 3, AuthenticAMD
«PROCESSOR_REVISION»=0203
«NUMBER_OF_PROCESSORS»=4
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

Logfile of random’s system information tool 1.06 (written by random/random)
Run by User at 2009-03-24 02:37:23
Microsoft Windows XP Professional Service Pack 2
System drive C: has 40 GB (26%) free of 153 GB
Total RAM: 3071 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:57:25, on 24.03.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesUPSMONUPSMON.exe
C:Program FilesClassic PhoneToolsCapFax.EXE
C:Program FilesVIAVIAudioiHDADeckHDeck.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
C:Program FilesWinampwinampa.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesBeelineGPRS Explorergprsexpl.exe
C:Program FilesCommon FilesYandexYupdateyupdate.exe
C:Program FilesScanButton 2.4ScanButton.exe
C:Program FilesATI TechnologiesATI.ACECLI.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesUPSMONUPSMON_Service.Exe
C:Program FilesBeelineGPRS Explorerameisvc.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesUPSMONUPSInt2.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSsystem32NOTEPAD.EXE
C:Program FilesInternet Exploreriexplore.exe
C:DOCUME~1UserLOCALS~1TempRar$EX00.859gmer.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsUserМои документыRSIT.exe
C:Program Filestrend microUser.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: IEVkbdBHO — {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009ievkbd.dll
O2 — BHO: yevlibP — {7092E05F-9F60-47D0-A48F-9AB160020EE8} — C:Documents and SettingsAll Users.WINDOWSApplication Datayevlib.dll
O2 — BHO: fidlibP — {899F95AF-4232-4CE0-80CD-93CA263FA7E5} — C:Documents and SettingsAll Users.WINDOWSApplication Datafidlib.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [ATICCC] «C:Program FilesATI TechnologiesATI.ACEcli.exe» runtime
O4 — HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 — HKLM..Run: [UPSMON] C:Program FilesUPSMONUPSMON.exe
O4 — HKLM..Run: [CapFax] C:Program FilesClassic PhoneToolsCapFax.EXE
O4 — HKLM..Run: [HDAudDeck] C:Program FilesVIAVIAudioiHDADeckHDeck.exe 1
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe»
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKCU..Run: [Download Master] C:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [Beeline GPRS Explorer] «C:Program FilesBeelineGPRS Explorergprsexpl.exe» -autorun
O4 — HKCU..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe»
O4 — Global Startup: ScanButton 2.4.lnk = C:Program FilesScanButton 2.4ScanButton.exe
O4 — Global Startup: Панель задач ATI CATALYST.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: Cтатистика защиты веб-трафика — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009SCIEPlgn.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O16 — DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) — http://go.microsoft.com/fwlink/?linkid=39204
O17 — HKLMSystemCCSServicesTcpip..{2E1CA6AA-EF62-44B4-B58E-C765CC45A016}: NameServer = 195.190.103.99 195.190.103.100
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll
O23 — Service: GPRS Explorer mobile equipment installation service (ameisvc) — Gemfor s.r.o. — C:Program FilesBeelineGPRS Explorerameisvc.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Kaspersky Anti-Virus (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: UPSMONService — Unknown owner — C:Program FilesUPSMONUPSMON_Service.Exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 6928 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009ievkbd.dll [2009-03-11 62728]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7092E05F-9F60-47D0-A48F-9AB160020EE8}]
Compressed Media Feeder — C:Documents and SettingsAll Users.WINDOWSApplication Datayevlib.dll [2009-03-23 566784]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{899F95AF-4232-4CE0-80CD-93CA263FA7E5}]
ALAC Media Provider — C:Documents and SettingsAll Users.WINDOWSApplication Datafidlib.dll [2009-03-23 568832]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-03-19 3697440]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SkyTel»=C:WINDOWSSkyTel.EXE [2006-05-16 2879488]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-10-30 16269312]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2008-06-12 34672]
«ATICCC»=C:Program FilesATI TechnologiesATI.ACEcli.exe [2005-08-06 61440]
«BluetoothAuthenticationAgent»=bthprops.cpl,,BluetoothAuthenticationAgent []
«UPSMON»=C:Program FilesUPSMONUPSMON.exe [2005-03-30 429568]
«CapFax»=C:Program FilesClassic PhoneToolsCapFax.EXE [2001-12-10 20739]
«HDAudDeck»=C:Program FilesVIAVIAudioiHDADeckHDeck.exe [2008-08-15 30003200]
«AVP»=C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe [2009-03-11 201992]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2008-08-04 36352]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Download Master»=C:Program FilesDownload Masterdmaster.exe [2003-05-28 556544]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]
«Beeline GPRS Explorer»=C:Program FilesBeelineGPRS Explorergprsexpl.exe [2008-12-12 1089136]
«Yupdate!»=C:Program FilesCommon FilesYandexYupdateyupdate.exe [2007-09-10 448000]

C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
ScanButton 2.4.lnk — C:Program FilesScanButton 2.4ScanButton.exe
Панель задач ATI CATALYST.lnk — C:Program FilesATI TechnologiesATI.ACECLI.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll»

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2005-08-04 46080]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2008-04-25 206088]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesWarhammer 40.000 Dawn of War — SoulstormSoulstorm.exe»=»C:Program FilesWarhammer 40.000 Dawn of War — SoulstormSoulstorm.exe:*:Enabled:Soulstorm»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

======List of files/folders created in the last 1 months======

2009-03-24 02:37:23 —-D—- C:rsit
2009-03-24 02:37:23 —-D—- C:Program Filestrend micro
2009-03-24 01:27:18 —-HDC—- C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-03-24 01:26:59 —-HDC—- C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-03-24 01:26:36 —-HDC—- C:WINDOWS$NtUninstallKB915865$
2009-03-24 01:26:34 —-N—- C:WINDOWSsystem32xmllite.dll
2009-03-24 01:25:22 —-D—- C:WINDOWSnetwork diagnostic
2009-03-24 01:25:20 —-HDC—- C:WINDOWS$NtUninstallKB914440$
2009-03-24 01:25:09 —-HDC—- C:WINDOWS$NtUninstallKB904942$
2009-03-24 01:11:06 —-D—- C:Documents and SettingsUserApplication DataHelp
2009-03-23 23:48:32 —-A—- C:Documents and SettingsAll Users.WINDOWSApplication Datayevlib.dll
2009-03-23 23:48:32 —-A—- C:Documents and SettingsAll Users.WINDOWSApplication Datafidlib.dll
2009-03-23 22:18:13 —-N—- C:WINDOWSsystem32vxblock.dll
2009-03-23 22:18:13 —-N—- C:WINDOWSsystem32pxwave.dll
2009-03-23 22:18:13 —-N—- C:WINDOWSsystem32pxsfs.dll
2009-03-23 22:18:13 —-N—- C:WINDOWSsystem32pxmas.dll
2009-03-23 22:18:13 —-N—- C:WINDOWSsystem32pxinsa64.exe
2009-03-23 22:18:13 —-N—- C:WINDOWSsystem32pxhpinst.exe
2009-03-23 22:18:13 —-N—- C:WINDOWSsystem32pxdrv.dll
2009-03-23 22:18:13 —-N—- C:WINDOWSsystem32pxcpya64.exe
2009-03-23 22:18:13 —-N—- C:WINDOWSsystem32pxafs.dll
2009-03-23 22:18:13 —-N—- C:WINDOWSsystem32px.dll
2009-03-23 21:38:30 —-D—- C:Documents and SettingsUserApplication DataYandex
2009-03-21 17:35:19 —-D—- C:Documents and SettingsUserApplication DataActivision
2009-03-21 17:35:19 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataActivision
2009-03-21 16:53:16 —-D—- C:Documents and SettingsUserApplication DataSega
2009-03-21 01:12:21 —-D—- C:WINDOWSsystem32CatRoot_bak
2009-03-21 00:47:24 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataWindows Genuine Advantage
2009-03-21 00:39:59 —-A—- C:WINDOWSsystem32MRT.exe
2009-03-21 00:39:49 —-HDC—- C:WINDOWS$NtUninstallKB932823-v3$
2009-03-20 20:19:40 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-03-20 10:15:27 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2009-03-20 10:15:20 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2009-03-20 10:15:16 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2009-03-20 10:14:58 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-03-20 10:14:54 —-HDC—- C:WINDOWS$NtUninstallKB935448$
2009-03-20 10:14:45 —-HDC—- C:WINDOWS$NtUninstallKB955839$
2009-03-20 10:14:30 —-HDC—- C:WINDOWS$NtUninstallKB958215$
2009-03-20 10:14:23 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-03-20 10:14:16 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2009-03-20 10:14:12 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-03-20 10:14:03 —-HDC—- C:WINDOWS$NtUninstallKB956841$
2009-03-20 10:13:42 —-HDC—- C:WINDOWS$NtUninstallKB960714$
2009-03-20 10:13:39 —-HDC—- C:WINDOWS$NtUninstallKB938464-v2$
2009-03-20 10:13:32 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2009-03-20 10:13:28 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-03-20 10:13:22 —-HDC—- C:WINDOWS$NtUninstallKB960715$
2009-03-20 10:13:18 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-03-20 10:13:11 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2009-03-20 10:13:05 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2009-03-20 10:12:59 —-HDC—- C:WINDOWS$NtUninstallKB950760$
2009-03-20 10:12:55 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2009-03-20 10:12:48 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-03-20 10:12:42 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-03-20 10:11:42 —-SHD—- C:Config.Msi
2009-03-20 10:11:15 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-03-20 10:11:11 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-03-20 10:11:04 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-03-20 10:11:00 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-03-20 10:10:55 —-D—- C:Program FilesMSXML 4.0
2009-03-20 10:10:26 —-HDC—- C:WINDOWS$NtUninstallKB944338-v2$
2009-03-19 21:11:25 —-N—- C:WINDOWSsystem32spmsg.dll
2009-03-19 21:11:25 —-D—- C:WINDOWSsystem32PreInstall
2009-03-19 21:11:24 —-HDC—- C:WINDOWS$NtUninstallKB898461$
2009-03-19 21:11:24 —-HD—- C:WINDOWS$hf_mig$
2009-03-19 20:36:57 —-D—- C:WINDOWSsystem32SoftwareDistribution
2009-03-19 17:51:04 —-D—- C:Program FilesBeeline
2009-03-18 20:12:23 —-D—- C:Documents and SettingsUserApplication DataTMNT
2009-03-16 22:32:06 —-D—- C:Documents and SettingsUserApplication DataMedia Player Classic
2009-03-16 22:01:14 —-D—- C:Documents and SettingsUserApplication DataMacromedia
2009-03-16 22:01:14 —-D—- C:Documents and SettingsUserApplication DataAdobe
2009-03-15 13:08:54 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataTrymedia
2009-03-15 12:22:55 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataAge of Empires 3
2009-03-13 21:09:29 —-RA—- C:WINDOWSsystem32fdco1.dll
2009-03-13 21:09:27 —-A—- C:WINDOWSsystem32nvunrm.exe
2009-03-13 21:09:25 —-RA—- C:WINDOWSsystem32nvconrm.dll
2009-03-13 21:09:25 —-RA—- C:WINDOWSsystem32bdco1.dll
2009-03-13 17:24:51 —-A—- C:WINDOWSsystem32xmlinst.exe
2009-03-13 17:24:51 —-A—- C:WINDOWSsystem32wrap_oal.dll
2009-03-13 17:24:51 —-A—- C:WINDOWSsystem32vp6install.exe
2009-03-13 17:24:50 —-A—- C:WINDOWSsystem32Vb5db.dll
2009-03-13 17:24:50 —-A—- C:WINDOWSsystem32OpenAL32.dll
2009-03-13 17:24:50 —-A—- C:WINDOWSsystem32msxml4r.dll
2009-03-13 17:24:50 —-A—- C:WINDOWSsystem32msxml4a.dll
2009-03-13 17:24:50 —-A—- C:WINDOWSsystem32msxml3a.dll
2009-03-13 17:24:50 —-A—- C:WINDOWSsystem32msvcr80.dll
2009-03-13 17:24:49 —-A—- C:WINDOWSsystem32msvcr71d.dll
2009-03-13 17:24:49 —-A—- C:WINDOWSsystem32msvcr70d.dll
2009-03-13 17:24:49 —-A—- C:WINDOWSsystem32Msvcr70.dll
2009-03-13 17:24:49 —-A—- C:WINDOWSsystem32msvcp80.dll
2009-03-13 17:24:49 —-A—- C:WINDOWSsystem32msvcp71d.dll
2009-03-13 17:24:49 —-A—- C:WINDOWSsystem32msvcp70d.dll
2009-03-13 17:24:49 —-A—- C:WINDOWSsystem32Msvcp70.dll
2009-03-13 17:24:49 —-A—- C:WINDOWSsystem32Msvcp60d.dll
2009-03-13 17:24:49 —-A—- C:WINDOWSsystem32msvcm80.dll
2009-03-13 17:24:49 —-A—- C:WINDOWSsystem32msvci70d.dll
2009-03-13 17:24:49 —-A—- C:WINDOWSsystem32msvci70.dll
2009-03-13 17:24:48 —-A—- C:WINDOWSsystem32mfcm80u.dll
2009-03-13 17:24:48 —-A—- C:WINDOWSsystem32mfcm80.dll
2009-03-13 17:24:48 —-A—- C:WINDOWSsystem32mfc80u.dll
2009-03-13 17:24:48 —-A—- C:WINDOWSsystem32mfc80.dll
2009-03-13 17:24:47 —-A—- C:WINDOWSsystem32xmltok.dll
2009-03-13 17:24:47 —-A—- C:WINDOWSsystem32xmlparse.dll
2009-03-13 17:24:47 —-A—- C:WINDOWSsystem32mfc70u.dll
2009-03-13 17:24:47 —-A—- C:WINDOWSsystem32mfc70.dll
2009-03-13 17:24:47 —-A—- C:WINDOWSsystem32eax.dll
2009-03-13 17:24:47 —-A—- C:WINDOWSsystem32Cc3250mt.dll
2009-03-13 17:24:47 —-A—- C:WINDOWSsystem32Borlndmm.dll
2009-03-13 17:22:54 —-A—- C:WINDOWSsystem32XAudio2_1.dll
2009-03-13 17:22:54 —-A—- C:WINDOWSsystem32XAPOFX1_0.dll
2009-03-13 17:22:53 —-A—- C:WINDOWSsystem32xactengine3_1.dll
2009-03-13 17:22:53 —-A—- C:WINDOWSsystem32X3DAudio1_4.dll
2009-03-13 17:22:53 —-A—- C:WINDOWSsystem32D3DX9_38.dll
2009-03-13 17:22:53 —-A—- C:WINDOWSsystem32d3dx10_38.dll
2009-03-13 17:22:53 —-A—- C:WINDOWSsystem32D3DCompiler_38.dll
2009-03-13 17:22:52 —-A—- C:WINDOWSsystem32XAudio2_0.dll
2009-03-13 17:22:52 —-A—- C:WINDOWSsystem32xactengine3_0.dll
2009-03-13 17:22:51 —-A—- C:WINDOWSsystem32X3DAudio1_3.dll
2009-03-13 17:22:51 —-A—- C:WINDOWSsystem32D3DX9_37.dll
2009-03-13 17:22:51 —-A—- C:WINDOWSsystem32d3dx10_37.dll
2009-03-13 17:22:51 —-A—- C:WINDOWSsystem32D3DCompiler_37.dll
2009-03-13 17:22:50 —-A—- C:WINDOWSsystem32xactengine2_10.dll
2009-03-13 17:22:50 —-A—- C:WINDOWSsystem32d3dx10_36.dll
2009-03-13 17:22:50 —-A—- C:WINDOWSsystem32D3DCompiler_36.dll
2009-03-13 17:22:49 —-A—- C:WINDOWSsystem32xactengine2_9.dll
2009-03-13 17:22:49 —-A—- C:WINDOWSsystem32d3dx9_36.dll
2009-03-13 17:22:48 —-A—- C:WINDOWSsystem32xactengine2_8.dll
2009-03-13 17:22:48 —-A—- C:WINDOWSsystem32X3DAudio1_2.dll
2009-03-13 17:22:48 —-A—- C:WINDOWSsystem32d3dx9_35.dll
2009-03-13 17:22:48 —-A—- C:WINDOWSsystem32d3dx10_35.dll
2009-03-13 17:22:48 —-A—- C:WINDOWSsystem32D3DCompiler_35.dll
2009-03-13 17:22:47 —-A—- C:WINDOWSsystem32d3dx9_34.dll
2009-03-13 17:22:47 —-A—- C:WINDOWSsystem32d3dx10_34.dll
2009-03-13 17:22:47 —-A—- C:WINDOWSsystem32D3DCompiler_34.dll
2009-03-13 17:22:46 —-A—- C:WINDOWSsystem32xactengine2_7.dll
2009-03-13 17:22:45 —-A—- C:WINDOWSsystem32d3dx10_33.dll
2009-03-13 17:22:45 —-A—- C:WINDOWSsystem32D3DCompiler_33.dll
2009-03-13 17:22:44 —-A—- C:WINDOWSsystem32xactengine2_6.dll
2009-03-13 17:22:44 —-A—- C:WINDOWSsystem32d3dx9_33.dll
2009-03-13 17:22:43 —-A—- C:WINDOWSsystem32xactengine2_5.dll
2009-03-13 17:22:43 —-A—- C:WINDOWSsystem32d3dx9_32.dll
2009-03-13 17:21:44 —-D—- C:Mortal Kombat Project 4.8.1
2009-03-13 16:47:49 —-A—- C:WINDOWSsystem32hidserv.dll
2009-03-11 10:02:19 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataKaspersky Lab
2009-03-11 10:01:39 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataKaspersky Lab Setup Files
2009-03-11 09:59:00 —-RA—- C:WINDOWSsystem32nvcohda.dll
2009-03-11 09:59:00 —-A—- C:WINDOWSsystem32nvuhda.exe
2009-03-11 09:46:20 —-D—- C:Program FilesVIA
2009-03-11 09:46:19 —-N—- C:WINDOWSsystem32difxapi.dll

======List of files/folders modified in the last 1 months======

2009-03-24 02:57:24 —-D—- C:WINDOWSTemp
2009-03-24 02:37:23 —-RD—- C:Program Files
2009-03-24 02:07:29 —-D—- C:Downloads
2009-03-24 01:33:56 —-D—- C:WINDOWSsystem32
2009-03-24 01:33:56 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-03-24 01:29:42 —-D—- C:WINDOWS
2009-03-24 01:29:18 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-24 01:27:43 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-24 01:27:20 —-HD—- C:WINDOWSinf
2009-03-24 01:27:01 —-A—- C:WINDOWSimsins.BAK
2009-03-24 01:25:22 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-24 01:11:06 —-D—- C:WINDOWSHelp
2009-03-24 01:08:31 —-SHD—- C:WINDOWSInstaller
2009-03-24 00:53:12 —-D—- C:WINDOWSsystem32CatRoot
2009-03-23 22:37:15 —-D—- C:Program FilesWinamp
2009-03-23 22:18:14 —-D—- C:WINDOWSsystem32drivers
2009-03-23 22:16:40 —-A—- C:WINDOWSwinamp.ini
2009-03-23 21:39:41 —-D—- C:Program FilesYandex
2009-03-23 21:38:30 —-SD—- C:WINDOWSDownloaded Program Files
2009-03-23 20:39:21 —-D—- C:Program FilesWarhammer 40.000 Dawn of War — Soulstorm
2009-03-21 22:39:36 —-SD—- C:Documents and SettingsUserApplication DataMicrosoft
2009-03-21 16:51:38 —-A—- C:memory.txt
2009-03-21 01:12:21 —-D—- C:WINDOWSDebug
2009-03-20 17:53:40 —-D—- C:WINDOWSPrefetch
2009-03-20 10:15:18 —-D—- C:Program FilesMessenger
2009-03-20 10:14:35 —-D—- C:Program FilesInternet Explorer
2009-03-20 10:13:40 —-D—- C:WINDOWSWinSxS
2009-03-20 10:12:31 —-D—- C:WINDOWSRegistration
2009-03-20 09:33:27 —-D—- C:Documents and SettingsUserApplication DataReal
2009-03-19 21:11:38 —-D—- C:WINDOWSsecurity
2009-03-19 20:37:02 —-D—- C:WINDOWSSoftwareDistribution
2009-03-15 18:38:47 —-D—- C:WINDOWSUbisoft
2009-03-13 21:01:37 —-A—- C:WINDOWSAscd_tmp.ini
2009-03-13 17:43:34 —-D—- C:Games
2009-03-13 17:28:59 —-D—- C:WINDOWSsystem32DirectX
2009-03-13 17:26:10 —-D—- C:Program Filesdirectx
2009-03-13 17:25:59 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-03-13 17:25:58 —-D—- C:Program FilesAGEIA Technologies
2009-03-13 17:25:29 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-03-13 17:22:20 —-D—- C:WINDOWSLogs
2009-03-11 10:02:19 —-D—- C:Program FilesKaspersky Lab
2009-03-11 09:45:00 —-RSH—- C:boot.ini
2009-03-11 09:45:00 —-D—- C:Program FilesAMD

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Драйвер AMD HwPState процессора; C:WINDOWSsystem32DRIVERSAmdPPM.sys [2007-04-16 33792]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-17 14848]
R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2009-03-11 213520]
R1 WmiAcpi;Интерфейс управления для ACPI Microsoft Windows; C:WINDOWSsystem32DRIVERSwmiacpi.sys [2004-08-04 8832]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2003-07-07 12032]
R2 irda;ИК-протокол IrDA; C:WINDOWSsystem32DRIVERSirda.sys [2004-08-04 87424]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2005-08-04 1273344]
R3 HCF_MSFT;HCF_MSFT; C:WINDOWSsystem32DRIVERSHCF_MSFT.sys [2001-10-19 907968]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 monfilt;monfilt; C:WINDOWSsystem32driversmonfilt.sys [2008-02-14 1389056]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-12 5810]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2008-01-29 54016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:WINDOWSsystem32driversnvhda32.sys [2008-01-11 31392]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2008-01-29 22016]
R3 nvsmu;nvsmu; C:WINDOWSsystem32DRIVERSnvsmu.sys [2007-10-12 13312]
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2001-08-17 19584]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-03 17024]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:WINDOWSsystem32driversviahduaa.sys [2008-07-25 845184]
S1 AmdK8;Драйвер AMD процессора; C:WINDOWSsystem32DRIVERSAmdK8.sys [2006-07-01 43520]
S1 FileDisk;FileDisk; C:WINDOWSsystem32driversFileDisk.sys [2002-11-29 10460]
S3 aujasnkj;aujasnkj; ??C:DOCUME~1UserLOCALS~1Tempaujasnkj.sys []
S3 BthEnum;Драйвер блока запроса Bluetooth; C:WINDOWSsystem32DRIVERSBthEnum.sys [2004-08-03 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:WINDOWSsystem32DRIVERSbthpan.sys [2004-08-03 100992]
S3 BTHPORT;Драйвер порта Bluetooth; C:WINDOWSSystem32DriversBTHport.sys [2008-06-14 272512]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WINDOWSSystem32DriversBTHUSB.sys [2004-08-03 18944]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-11-03 4394496]
S3 irsir;Драйвер для инфракрасного последовательного порта Microsoft; C:WINDOWSsystem32DRIVERSirsir.sys [2001-08-17 18688]
S3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2008-03-25 24592]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:WINDOWSsystem32DRIVERSrfcomm.sys [2004-08-03 59648]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ameisvc;GPRS Explorer mobile equipment installation service; C:Program FilesBeelineGPRS Explorerameisvc.exe [2008-12-12 58608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2005-08-04 380928]
R2 AVP;Kaspersky Anti-Virus; C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe [2009-03-11 201992]
R2 BthServ;Bluetooth Support Service; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-19 322120]
R2 UPSMONService;UPSMONService; C:Program FilesUPSMONUPSMON_Service.Exe [2005-03-22 368128]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2005-08-05 516096]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2004-07-15 32768]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]

---

EOF

---

Здравствуйте!Знакомые подсказали и у меня получилось отключить эту фигню.Но думаю хвосты остались.
А делал вот что:
1.Explorer: сервис — свойства обозревателя- программы — надстройки- Включении отключение надстроек;
2.В открывающемся меню: Отображать- Надстройки, загруженные в Internet Explorer
3.Ниже в окошке много названий, ещё ниже
окошка
включить
отключить-> выбираем и кликаем справа внизу ок.
Он гад маскируется под разними названиями.У меня был ALAC Media Provider файл fidlib.dll и Compressed Media Feeder файл yevlib.dll
У кого как какой AcroIEHelper.dll. у кого Streaming Media Feeder файл hsglib.dll.или
Compressed Video Helper файл tcglib.dll
HQ Media Codec файл azjlib.dll
Стало полегче,но хотелось бы подчистить хвосты.

---

---

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Стало полегче,но хотелось бы подчистить хвосты.

Пришлите тогда свежий RSIT лог.

[anatoliy]

Добрый вечер!

Logfile of random’s system information tool 1.06 (written by random/random)
Run by User at 2009-03-29 20:30:58
Microsoft Windows XP Professional Service Pack 2
System drive C: has 40 GB (26%) free of 153 GB
Total RAM: 3071 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:31:00, on 29.03.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesUPSMONUPSMON.exe
C:Program FilesClassic PhoneToolsCapFax.EXE
C:Program FilesVIAVIAudioiHDADeckHDeck.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
C:Program FilesWinampwinampa.exe
C:Program FilesAGAVA SpamProtexxsfproxy.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesCommon FilesYandexYupdateyupdate.exe
C:Program FilesAGAVA AntiSpyah.exe
C:PROGRA~1YELLOW~1IEREGI~1IERR.exe
C:Program FilesAnVir Task ManagerAnVir.exe
C:Program FilesScanButton 2.4ScanButton.exe
C:Program FilesATI TechnologiesATI.ACECLI.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesUPSMONUPSMON_Service.Exe
C:WINDOWSsystem32svchost.exe
C:Program FilesUPSMONUPSInt2.exe
C:Program FilesCommon FilesTarget Marketing AgencyTMAgentaupdate.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesCommon FilesTarget Marketing AgencyTMAgenttmasrv.exe
C:Documents and SettingsUserРабочий столRSIT.exe
C:Program Filestrend microUser.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = %WINDIR%system32blank.htm
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: TMAgent IE Adapter — {35A6E2B1-27A9-47D2-913C-559E1EF1D034} — C:Program FilesCommon FilesTarget Marketing AgencyTMAgenttmagent.dll
O2 — BHO: IEVkbdBHO — {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009ievkbd.dll
O2 — BHO: yevlibP — {7092E05F-9F60-47D0-A48F-9AB160020EE8} — C:Documents and SettingsAll Users.WINDOWSApplication Datayevlib.dll
O2 — BHO: fidlibP — {899F95AF-4232-4CE0-80CD-93CA263FA7E5} — C:Documents and SettingsAll Users.WINDOWSApplication Datafidlib.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [ATICCC] «C:Program FilesATI TechnologiesATI.ACEcli.exe» runtime
O4 — HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 — HKLM..Run: [UPSMON] C:Program FilesUPSMONUPSMON.exe
O4 — HKLM..Run: [CapFax] C:Program FilesClassic PhoneToolsCapFax.EXE
O4 — HKLM..Run: [HDAudDeck] C:Program FilesVIAVIAudioiHDADeckHDeck.exe 1
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe»
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [AGAVA SpamProtexx] «C:Program FilesAGAVA SpamProtexxsfproxy.exe»
O4 — HKCU..Run: [Download Master] C:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [Beeline GPRS Explorer] «C:Program FilesBeelineGPRS Explorergprsexpl.exe» -autorun
O4 — HKCU..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe»
O4 — HKCU..Run: [AGAVA AntiSpy] «C:Program FilesAGAVA AntiSpyah.exe» -background -scanner
O4 — HKCU..Run: [IERR] C:PROGRA~1YELLOW~1IEREGI~1IERR.exe
O4 — HKCU..Run: [AnVir Task Manager] «C:Program FilesAnVir Task ManagerAnVir.exe» Minimized
O4 — Global Startup: ScanButton 2.4.lnk = C:Program FilesScanButton 2.4ScanButton.exe
O4 — Global Startup: Панель задач ATI CATALYST.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: Cтатистика защиты веб-трафика — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009SCIEPlgn.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O10 — Unknown file in Winsock LSP: c:windowssystem32lsprdir.dll
O10 — Unknown file in Winsock LSP: c:windowssystem32lsprdir.dll
O10 — Unknown file in Winsock LSP: c:windowssystem32lsprdir.dll
O16 — DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) — http://go.microsoft.com/fwlink/?linkid=39204
O17 — HKLMSystemCCSServicesTcpip..{2E1CA6AA-EF62-44B4-B58E-C765CC45A016}: NameServer = 195.190.103.99 195.190.103.100
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll
O23 — Service: GPRS Explorer mobile equipment installation service (ameisvc) — Unknown owner — C:Program FilesBeelineGPRS Explorerameisvc.exe (file missing)
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Kaspersky Anti-Virus (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: UPSMONService — Unknown owner — C:Program FilesUPSMONUPSMON_Service.Exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 7709 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{35A6E2B1-27A9-47D2-913C-559E1EF1D034}]
TMAgent IE Adapter — C:Program FilesCommon FilesTarget Marketing AgencyTMAgenttmagent.dll [2009-03-25 1149952]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009ievkbd.dll [2009-03-11 62728]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7092E05F-9F60-47D0-A48F-9AB160020EE8}]
Compressed Media Feeder — C:Documents and SettingsAll Users.WINDOWSApplication Datayevlib.dll [2009-03-24 566784]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{899F95AF-4232-4CE0-80CD-93CA263FA7E5}]
ALAC Media Provider — C:Documents and SettingsAll Users.WINDOWSApplication Datafidlib.dll [2009-03-24 568832]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-03-19 3697440]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SkyTel»=C:WINDOWSSkyTel.EXE [2006-05-16 2879488]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-10-30 16269312]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2008-06-12 34672]
«ATICCC»=C:Program FilesATI TechnologiesATI.ACEcli.exe [2005-08-06 61440]
«BluetoothAuthenticationAgent»=bthprops.cpl,,BluetoothAuthenticationAgent []
«UPSMON»=C:Program FilesUPSMONUPSMON.exe [2005-03-30 429568]
«CapFax»=C:Program FilesClassic PhoneToolsCapFax.EXE [2001-12-10 20739]
«HDAudDeck»=C:Program FilesVIAVIAudioiHDADeckHDeck.exe [2008-08-15 30003200]
«AVP»=C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe [2009-03-11 201992]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2008-08-04 36352]
«AGAVA SpamProtexx»=C:Program FilesAGAVA SpamProtexxsfproxy.exe [2009-03-25 612352]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Download Master»=C:Program FilesDownload Masterdmaster.exe [2003-05-28 556544]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]
«Beeline GPRS Explorer»=C:Program FilesBeelineGPRS Explorergprsexpl.exe -autorun []
«Yupdate!»=C:Program FilesCommon FilesYandexYupdateyupdate.exe [2007-09-10 448000]
«AGAVA AntiSpy»=C:Program FilesAGAVA AntiSpyah.exe [2007-09-18 278528]
«IERR»=C:PROGRA~1YELLOW~1IEREGI~1IERR.exe [2006-06-17 78336]
«AnVir Task Manager»=C:Program FilesAnVir Task ManagerAnVir.exe [2009-03-26 2665696]

C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
ScanButton 2.4.lnk — C:Program FilesScanButton 2.4ScanButton.exe
Панель задач ATI CATALYST.lnk — C:Program FilesATI TechnologiesATI.ACECLI.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll»

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2005-08-04 46080]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2008-04-25 206088]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesWarhammer 40.000 Dawn of War — SoulstormSoulstorm.exe»=»C:Program FilesWarhammer 40.000 Dawn of War — SoulstormSoulstorm.exe:*:Enabled:Soulstorm»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesAGAVA SpamProtexxsfproxy.exe»=»C:Program FilesAGAVA SpamProtexxsfproxy.exe:*:Enabled:AGAVA AntispamServant main module»
«C:Program FilesElectronic ArtsБитва за Средиземье IIgame.dat»=»C:Program FilesElectronic ArtsБитва за Средиземье IIgame.dat:*:Enabled:Битва за Средиземье II»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

======List of files/folders created in the last 1 months======

2009-03-27 18:46:21 —-D—- C:Documents and SettingsUserApplication DataБитва за Средиземье — Мои файлы
2009-03-26 00:25:34 —-D—- C:Documents and SettingsUserApplication DataMozilla
2009-03-26 00:25:29 —-D—- C:Program FilesAnVir Task Manager
2009-03-25 23:55:49 —-D—- C:Program FilesYellow Leaf Software
2009-03-25 23:45:55 —-D—- C:Documents and SettingsUserApplication DataLavasoft
2009-03-25 23:45:51 —-D—- C:Program FilesLavasoft
2009-03-25 23:04:37 —-D—- C:Documents and SettingsUserApplication DataAGAVA AntispamServant
2009-03-25 23:03:34 —-D—- C:Documents and SettingsUserApplication DataAGAVA AntiSpy
2009-03-25 23:02:58 —-D—- C:Program FilesAGAVA SpamProtexx
2009-03-25 22:56:15 —-D—- C:Program FilesCommon FilesTarget Marketing Agency
2009-03-25 22:56:12 —-D—- C:Program FilesAGAVA AntiSpy
2009-03-25 10:47:26 —-A—- C:WINDOWSsystem32lsprdir.dll
2009-03-24 03:37:23 —-D—- C:rsit
2009-03-24 03:37:23 —-D—- C:Program Filestrend micro
2009-03-24 02:27:18 —-HDC—- C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-03-24 02:26:59 —-HDC—- C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-03-24 02:26:36 —-HDC—- C:WINDOWS$NtUninstallKB915865$
2009-03-24 02:26:34 —-N—- C:WINDOWSsystem32xmllite.dll
2009-03-24 02:25:22 —-D—- C:WINDOWSnetwork diagnostic
2009-03-24 02:25:20 —-HDC—- C:WINDOWS$NtUninstallKB914440$
2009-03-24 02:25:09 —-HDC—- C:WINDOWS$NtUninstallKB904942$
2009-03-24 02:11:06 —-D—- C:Documents and SettingsUserApplication DataHelp
2009-03-24 00:48:32 —-A—- C:Documents and SettingsAll Users.WINDOWSApplication Datayevlib.dll
2009-03-24 00:48:32 —-A—- C:Documents and SettingsAll Users.WINDOWSApplication Datafidlib.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32vxblock.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxwave.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxsfs.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxmas.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxinsa64.exe
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxhpinst.exe
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxdrv.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxcpya64.exe
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxafs.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32px.dll
2009-03-23 22:38:30 —-D—- C:Documents and SettingsUserApplication DataYandex
2009-03-21 18:35:19 —-D—- C:Documents and SettingsUserApplication DataActivision
2009-03-21 18:35:19 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataActivision
2009-03-21 17:53:16 —-D—- C:Documents and SettingsUserApplication DataSega
2009-03-21 02:12:21 —-D—- C:WINDOWSsystem32CatRoot_bak
2009-03-21 01:47:24 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataWindows Genuine Advantage
2009-03-21 01:39:59 —-A—- C:WINDOWSsystem32MRT.exe
2009-03-21 01:39:49 —-HDC—- C:WINDOWS$NtUninstallKB932823-v3$
2009-03-20 21:19:40 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-03-20 11:15:27 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2009-03-20 11:15:20 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2009-03-20 11:15:16 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2009-03-20 11:14:58 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-03-20 11:14:54 —-HDC—- C:WINDOWS$NtUninstallKB935448$
2009-03-20 11:14:45 —-HDC—- C:WINDOWS$NtUninstallKB955839$
2009-03-20 11:14:30 —-HDC—- C:WINDOWS$NtUninstallKB958215$
2009-03-20 11:14:23 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-03-20 11:14:16 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2009-03-20 11:14:12 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-03-20 11:14:03 —-HDC—- C:WINDOWS$NtUninstallKB956841$
2009-03-20 11:13:42 —-HDC—- C:WINDOWS$NtUninstallKB960714$
2009-03-20 11:13:39 —-HDC—- C:WINDOWS$NtUninstallKB938464-v2$
2009-03-20 11:13:32 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2009-03-20 11:13:28 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-03-20 11:13:22 —-HDC—- C:WINDOWS$NtUninstallKB960715$
2009-03-20 11:13:18 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-03-20 11:13:11 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2009-03-20 11:13:05 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2009-03-20 11:12:59 —-HDC—- C:WINDOWS$NtUninstallKB950760$
2009-03-20 11:12:55 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2009-03-20 11:12:48 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-03-20 11:12:42 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-03-20 11:11:15 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-03-20 11:11:11 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-03-20 11:11:04 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-03-20 11:11:00 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-03-20 11:10:55 —-D—- C:Program FilesMSXML 4.0
2009-03-20 11:10:26 —-HDC—- C:WINDOWS$NtUninstallKB944338-v2$
2009-03-19 22:11:25 —-N—- C:WINDOWSsystem32spmsg.dll
2009-03-19 22:11:25 —-D—- C:WINDOWSsystem32PreInstall
2009-03-19 22:11:24 —-HDC—- C:WINDOWS$NtUninstallKB898461$
2009-03-19 22:11:24 —-HD—- C:WINDOWS$hf_mig$
2009-03-19 21:36:57 —-D—- C:WINDOWSsystem32SoftwareDistribution
2009-03-18 21:12:23 —-D—- C:Documents and SettingsUserApplication DataTMNT
2009-03-16 23:32:06 —-D—- C:Documents and SettingsUserApplication DataMedia Player Classic
2009-03-16 23:01:14 —-D—- C:Documents and SettingsUserApplication DataMacromedia
2009-03-16 23:01:14 —-D—- C:Documents and SettingsUserApplication DataAdobe
2009-03-15 14:08:54 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataTrymedia
2009-03-15 13:22:55 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataAge of Empires 3
2009-03-13 22:09:29 —-RA—- C:WINDOWSsystem32fdco1.dll
2009-03-13 22:09:27 —-A—- C:WINDOWSsystem32nvunrm.exe
2009-03-13 22:09:25 —-RA—- C:WINDOWSsystem32nvconrm.dll
2009-03-13 22:09:25 —-RA—- C:WINDOWSsystem32bdco1.dll
2009-03-13 18:24:51 —-A—- C:WINDOWSsystem32xmlinst.exe
2009-03-13 18:24:51 —-A—- C:WINDOWSsystem32wrap_oal.dll
2009-03-13 18:24:51 —-A—- C:WINDOWSsystem32vp6install.exe
2009-03-13 18:24:50 —-A—- C:WINDOWSsystem32Vb5db.dll
2009-03-13 18:24:50 —-A—- C:WINDOWSsystem32OpenAL32.dll
2009-03-13 18:24:50 —-A—- C:WINDOWSsystem32msxml4r.dll
2009-03-13 18:24:50 —-A—- C:WINDOWSsystem32msxml4a.dll
2009-03-13 18:24:50 —-A—- C:WINDOWSsystem32msxml3a.dll
2009-03-13 18:24:50 —-A—- C:WINDOWSsystem32msvcr80.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvcr71d.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvcr70d.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32Msvcr70.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvcp80.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvcp71d.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvcp70d.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32Msvcp70.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32Msvcp60d.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvcm80.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvci70d.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvci70.dll
2009-03-13 18:24:48 —-A—- C:WINDOWSsystem32mfcm80u.dll
2009-03-13 18:24:48 —-A—- C:WINDOWSsystem32mfcm80.dll
2009-03-13 18:24:48 —-A—- C:WINDOWSsystem32mfc80u.dll
2009-03-13 18:24:48 —-A—- C:WINDOWSsystem32mfc80.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32xmltok.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32xmlparse.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32mfc70u.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32mfc70.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32eax.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32Cc3250mt.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32Borlndmm.dll
2009-03-13 18:22:54 —-A—- C:WINDOWSsystem32XAudio2_1.dll
2009-03-13 18:22:54 —-A—- C:WINDOWSsystem32XAPOFX1_0.dll
2009-03-13 18:22:53 —-A—- C:WINDOWSsystem32xactengine3_1.dll
2009-03-13 18:22:53 —-A—- C:WINDOWSsystem32X3DAudio1_4.dll
2009-03-13 18:22:53 —-A—- C:WINDOWSsystem32D3DX9_38.dll
2009-03-13 18:22:53 —-A—- C:WINDOWSsystem32d3dx10_38.dll
2009-03-13 18:22:53 —-A—- C:WINDOWSsystem32D3DCompiler_38.dll
2009-03-13 18:22:52 —-A—- C:WINDOWSsystem32XAudio2_0.dll
2009-03-13 18:22:52 —-A—- C:WINDOWSsystem32xactengine3_0.dll
2009-03-13 18:22:51 —-A—- C:WINDOWSsystem32X3DAudio1_3.dll
2009-03-13 18:22:51 —-A—- C:WINDOWSsystem32D3DX9_37.dll
2009-03-13 18:22:51 —-A—- C:WINDOWSsystem32d3dx10_37.dll
2009-03-13 18:22:51 —-A—- C:WINDOWSsystem32D3DCompiler_37.dll
2009-03-13 18:22:50 —-A—- C:WINDOWSsystem32xactengine2_10.dll
2009-03-13 18:22:50 —-A—- C:WINDOWSsystem32d3dx10_36.dll
2009-03-13 18:22:50 —-A—- C:WINDOWSsystem32D3DCompiler_36.dll
2009-03-13 18:22:49 —-A—- C:WINDOWSsystem32xactengine2_9.dll
2009-03-13 18:22:49 —-A—- C:WINDOWSsystem32d3dx9_36.dll
2009-03-13 18:22:48 —-A—- C:WINDOWSsystem32xactengine2_8.dll
2009-03-13 18:22:48 —-A—- C:WINDOWSsystem32X3DAudio1_2.dll
2009-03-13 18:22:48 —-A—- C:WINDOWSsystem32d3dx9_35.dll
2009-03-13 18:22:48 —-A—- C:WINDOWSsystem32d3dx10_35.dll
2009-03-13 18:22:48 —-A—- C:WINDOWSsystem32D3DCompiler_35.dll
2009-03-13 18:22:47 —-A—- C:WINDOWSsystem32d3dx9_34.dll
2009-03-13 18:22:47 —-A—- C:WINDOWSsystem32d3dx10_34.dll
2009-03-13 18:22:47 —-A—- C:WINDOWSsystem32D3DCompiler_34.dll
2009-03-13 18:22:46 —-A—- C:WINDOWSsystem32xactengine2_7.dll
2009-03-13 18:22:45 —-A—- C:WINDOWSsystem32d3dx10_33.dll
2009-03-13 18:22:45 —-A—- C:WINDOWSsystem32D3DCompiler_33.dll
2009-03-13 18:22:44 —-A—- C:WINDOWSsystem32xactengine2_6.dll
2009-03-13 18:22:44 —-A—- C:WINDOWSsystem32d3dx9_33.dll
2009-03-13 18:22:43 —-A—- C:WINDOWSsystem32xactengine2_5.dll
2009-03-13 18:22:43 —-A—- C:WINDOWSsystem32d3dx9_32.dll
2009-03-13 18:21:44 —-D—- C:Mortal Kombat Project 4.8.1
2009-03-13 17:47:49 —-A—- C:WINDOWSsystem32hidserv.dll
2009-03-11 11:02:19 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataKaspersky Lab
2009-03-11 11:01:39 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataKaspersky Lab Setup Files
2009-03-11 10:59:00 —-RA—- C:WINDOWSsystem32nvcohda.dll
2009-03-11 10:59:00 —-A—- C:WINDOWSsystem32nvuhda.exe
2009-03-11 10:46:20 —-D—- C:Program FilesVIA
2009-03-11 10:46:19 —-N—- C:WINDOWSsystem32difxapi.dll

======List of files/folders modified in the last 1 months======

2009-03-29 20:31:00 —-D—- C:WINDOWSTemp
2009-03-29 20:02:08 —-D—- C:WINDOWSsystem32CatRoot2
2009-03-29 19:41:02 —-D—- C:WINDOWSsystem32
2009-03-29 19:41:02 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-03-29 19:36:34 —-D—- C:WINDOWS
2009-03-29 16:46:49 —-A—- C:memory.txt
2009-03-28 22:13:49 —-A—- C:WINDOWSSchedLgU.Txt
2009-03-26 22:42:00 —-D—- C:WINDOWSPrefetch
2009-03-26 22:41:46 —-D—- C:WINDOWSsystem32DirectX
2009-03-26 18:41:28 —-HD—- C:WINDOWSinf
2009-03-26 00:25:29 —-RD—- C:Program Files
2009-03-26 00:03:22 —-D—- C:WINDOWSHelp
2009-03-25 23:45:52 —-SD—- C:Documents and SettingsAll Users.WINDOWSApplication DataMicrosoft
2009-03-25 23:17:43 —-D—- C:WINDOWSsystem32CatRoot
2009-03-25 22:56:15 —-D—- C:Program FilesCommon Files
2009-03-25 20:22:38 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-03-25 20:22:19 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-03-25 20:22:15 —-D—- C:WINDOWSRegisteredPackages
2009-03-25 20:21:57 —-SHD—- C:WINDOWSInstaller
2009-03-25 20:21:40 —-D—- C:Program FilesTwo Worlds
2009-03-24 22:23:25 —-D—- C:Program FilesWarhammer 40.000 Dawn of War — Soulstorm
2009-03-24 19:29:48 —-D—- C:Program FilesAWS
2009-03-24 03:07:29 —-D—- C:Downloads
2009-03-24 02:27:01 —-A—- C:WINDOWSimsins.BAK
2009-03-23 23:37:15 —-D—- C:Program FilesWinamp
2009-03-23 23:18:14 —-D—- C:WINDOWSsystem32drivers
2009-03-23 23:16:40 —-A—- C:WINDOWSwinamp.ini
2009-03-23 22:39:41 —-D—- C:Program FilesYandex
2009-03-23 22:38:30 —-SD—- C:WINDOWSDownloaded Program Files
2009-03-21 23:39:36 —-SD—- C:Documents and SettingsUserApplication DataMicrosoft
2009-03-21 02:12:21 —-D—- C:WINDOWSDebug
2009-03-20 11:15:18 —-D—- C:Program FilesMessenger
2009-03-20 11:14:35 —-D—- C:Program FilesInternet Explorer
2009-03-20 11:13:40 —-D—- C:WINDOWSWinSxS
2009-03-20 11:12:31 —-D—- C:WINDOWSRegistration
2009-03-20 10:33:27 —-D—- C:Documents and SettingsUserApplication DataReal
2009-03-19 22:11:38 —-D—- C:WINDOWSsecurity
2009-03-19 21:37:02 —-D—- C:WINDOWSSoftwareDistribution
2009-03-15 19:38:47 —-D—- C:WINDOWSUbisoft
2009-03-13 22:01:37 —-A—- C:WINDOWSAscd_tmp.ini
2009-03-13 18:43:34 —-D—- C:Games
2009-03-13 18:26:10 —-D—- C:Program Filesdirectx
2009-03-13 18:25:59 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-03-13 18:25:58 —-D—- C:Program FilesAGEIA Technologies
2009-03-13 18:22:20 —-D—- C:WINDOWSLogs
2009-03-11 11:02:19 —-D—- C:Program FilesKaspersky Lab
2009-03-11 10:45:00 —-RSH—- C:boot.ini
2009-03-11 10:45:00 —-D—- C:Program FilesAMD

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Драйвер AMD HwPState процессора; C:WINDOWSsystem32DRIVERSAmdPPM.sys [2007-04-16 33792]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-17 14848]
R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2009-03-11 213520]
R1 WmiAcpi;Интерфейс управления для ACPI Microsoft Windows; C:WINDOWSsystem32DRIVERSwmiacpi.sys [2004-08-04 8832]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2003-07-07 12032]
R2 irda;ИК-протокол IrDA; C:WINDOWSsystem32DRIVERSirda.sys [2004-08-04 87424]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2005-08-04 1273344]
R3 HCF_MSFT;HCF_MSFT; C:WINDOWSsystem32DRIVERSHCF_MSFT.sys [2001-10-19 907968]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 monfilt;monfilt; C:WINDOWSsystem32driversmonfilt.sys [2008-02-14 1389056]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-12 5810]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2008-01-29 54016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:WINDOWSsystem32driversnvhda32.sys [2008-01-11 31392]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2008-01-29 22016]
R3 nvsmu;nvsmu; C:WINDOWSsystem32DRIVERSnvsmu.sys [2007-10-12 13312]
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2001-08-18 19584]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-04 31616]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-03 17024]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:WINDOWSsystem32driversviahduaa.sys [2008-07-25 845184]
S1 AmdK8;Драйвер AMD процессора; C:WINDOWSsystem32DRIVERSAmdK8.sys [2006-07-02 43520]
S1 FileDisk;FileDisk; C:WINDOWSsystem32driversFileDisk.sys [2002-11-29 10460]
S3 BthEnum;Драйвер блока запроса Bluetooth; C:WINDOWSsystem32DRIVERSBthEnum.sys [2004-08-04 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:WINDOWSsystem32DRIVERSbthpan.sys [2004-08-03 100992]
S3 BTHPORT;Драйвер порта Bluetooth; C:WINDOWSSystem32DriversBTHport.sys [2008-06-14 272512]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WINDOWSSystem32DriversBTHUSB.sys [2004-08-04 18944]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-11-03 4394496]
S3 irsir;Драйвер для инфракрасного последовательного порта Microsoft; C:WINDOWSsystem32DRIVERSirsir.sys [2001-08-18 18688]
S3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2008-03-25 24592]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:WINDOWSsystem32DRIVERSrfcomm.sys [2004-08-04 59648]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-04 26496]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2005-08-04 380928]
R2 AVP;Kaspersky Anti-Virus; C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe [2009-03-11 201992]
R2 BthServ;Bluetooth Support Service; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 UPSMONService;UPSMONService; C:Program FilesUPSMONUPSMON_Service.Exe [2005-03-22 368128]
S2 ameisvc;GPRS Explorer mobile equipment installation service; C:Program FilesBeelineGPRS Explorerameisvc.exe []
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2005-08-05 516096]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2004-07-15 32768]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]

---

EOF

---

[Admin]

Скачайте OTMoveIt3 by OldTimer кликнув по этой ссылке.
Запустите OTMoveIt3 и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.

:Processes

explorer.exe



:reg

[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7092E05F-9F60-47D0-A48F-9AB160020EE8}]

[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{899F95AF-4232-4CE0-80CD-93CA263FA7E5}]



:files

C:Documents and SettingsAll Users.WINDOWSApplication Datayevlib.dll

C:Documents and SettingsAll Users.WINDOWSApplication Datafidlib.dll



:Commands

[emptytemp]

[start explorer]

[Reboot]

Проверьте вставленный скрипт, если слева перед директивами появились пробелы, то удалите их, скрипт должен выглядеть так же как в сообщении. Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMoveItMovedFiles.

Вставьте в ваше ответное сообщение содержимое этого лога. И ещё приложите свежий RSIT лог.

[anatoliy]

Здравствуйте!Спасибо большое за помощь.Теперь всё в порядке?

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7092E05F-9F60-47D0-A48F-9AB160020EE8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{899F95AF-4232-4CE0-80CD-93CA263FA7E5}\ deleted successfully.
========== FILES ==========
C:Documents and SettingsAll Users.WINDOWSApplication Datayevlib.dll unregistered successfully.
C:Documents and SettingsAll Users.WINDOWSApplication Datayevlib.dll moved successfully.
C:Documents and SettingsAll Users.WINDOWSApplication Datafidlib.dll unregistered successfully.
C:Documents and SettingsAll Users.WINDOWSApplication Datafidlib.dll moved successfully.
========== COMMANDS ==========
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpburnlib.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpdsp_sps.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_aacplus.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_flac.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_flake.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_lame.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_vorbis.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_wav.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_wma.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpgen_crasher.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpgen_dropbox.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpgen_ff.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpgen_hotkeys.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpgen_ml.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpgen_tray.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_cdda.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_dshow.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_flac.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_flv.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_linein.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_midi.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_mod.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_mp3.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_mp4.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_nsv.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_swf.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_vorbis.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_wave.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_wm.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_autotag.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_bookmarks.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_dash.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_disc.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_history.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_impex.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_local.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_nowplaying.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_online.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_orb.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_playlists.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_plg.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_pmp.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_rg.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_transcode.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_wire.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpout_disk.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpout_ds.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpout_wave.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpplaylist.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmppmp_activesync.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmppmp_ipod.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmppmp_njb.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmppmp_p4s.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmppmp_usb.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmptagz.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpvis_avs.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpvis_milk2.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpvis_nsfs.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpwinamp.lng scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempPerflib_Perfdata_228.dat scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempPerflib_Perfdata_2ac.dat scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempPerflib_Perfdata_7cc.dat scheduled to be deleted on reboot.
File delete failed. C:DOCUME~1UserLOCALS~1TempSma8.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Internet Explorer cache folder emptied.
File delete failed. C:Documents and SettingsUserLocal SettingsTemporary Internet FilesContent.IE5BNN2WDDposting[1].php scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsUserLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
User’s Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:WINDOWStempcch~2b8ab24e3.htp scheduled to be deleted on reboot.
File delete failed. C:WINDOWStempcch~2b8ab2891.htp scheduled to be deleted on reboot.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer — Version 1.0.10.0 log created on 04012009_235102

Files moved on Reboot…
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpburnlib.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpdsp_sps.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_aacplus.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_flac.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_flake.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_lame.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_vorbis.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_wav.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpenc_wma.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpgen_crasher.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpgen_dropbox.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpgen_ff.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpgen_hotkeys.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpgen_ml.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpgen_tray.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_cdda.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_dshow.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_flac.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_flv.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_linein.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_midi.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_mod.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_mp3.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_mp4.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_nsv.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_swf.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_vorbis.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_wave.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpin_wm.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_autotag.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_bookmarks.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_dash.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_disc.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_history.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_impex.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_local.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_nowplaying.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_online.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_orb.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_playlists.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_plg.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_pmp.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_rg.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_transcode.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpml_wire.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpout_disk.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpout_ds.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpout_wave.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpplaylist.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmppmp_activesync.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmppmp_ipod.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmppmp_njb.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmppmp_p4s.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmppmp_usb.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmptagz.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpvis_avs.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpvis_milk2.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpvis_nsfs.lng moved successfully.
C:DOCUME~1UserLOCALS~1TempWLZ4BA5.tmpwinamp.lng moved successfully.
File C:DOCUME~1UserLOCALS~1TempPerflib_Perfdata_228.dat not found!
File C:DOCUME~1UserLOCALS~1TempPerflib_Perfdata_2ac.dat not found!
File C:DOCUME~1UserLOCALS~1TempPerflib_Perfdata_7cc.dat not found!
C:DOCUME~1UserLOCALS~1TempSma8.tmp moved successfully.
C:Documents and SettingsUserLocal SettingsTemporary Internet FilesContent.IE5BNN2WDDposting[1].php moved successfully.
File C:WINDOWStempcch~2b8ab24e3.htp not found!
File C:WINDOWStempcch~2b8ab2891.htp not found!

Logfile of random’s system information tool 1.06 (written by random/random)
Run by User at 2009-04-01 23:57:27
Microsoft Windows XP Professional Service Pack 2
System drive C: has 37 GB (24%) free of 153 GB
Total RAM: 3071 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:57:31, on 01.04.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesAdobeReader 9.0ReaderReader_sl.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesUPSMONUPSMON.exe
C:Program FilesClassic PhoneToolsCapFax.EXE
C:Program FilesVIAVIAudioiHDADeckHDeck.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
C:Program FilesWinampwinampa.exe
C:Program FilesAGAVA SpamProtexxsfproxy.exe
C:Program FilesA4TechMouseAmoumain.exe
C:Program FilesDownload Masterdmaster.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesCommon FilesYandexYupdateyupdate.exe
C:Program FilesAGAVA AntiSpyah.exe
C:PROGRA~1YELLOW~1IEREGI~1IERR.exe
C:Program FilesAnVir Task ManagerAnVir.exe
C:Program FilesScanButton 2.4ScanButton.exe
C:Program FilesATI TechnologiesATI.ACECLI.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe
C:Program FilesUPSMONUPSMON_Service.Exe
C:WINDOWSsystem32svchost.exe
C:Program FilesUPSMONUPSInt2.exe
C:Program FilesCommon FilesTarget Marketing AgencyTMAgentaupdate.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesCommon FilesTarget Marketing AgencyTMAgenttmasrv.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSsystem32wuauclt.exe
?C:WINDOWSsystem32WBEMWMIADAP.EXE
C:Documents and SettingsUserРабочий столRSIT.exe
C:Program Filestrend microUser.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = %WINDIR%system32blank.htm
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: TMAgent IE Adapter — {35A6E2B1-27A9-47D2-913C-559E1EF1D034} — C:Program FilesCommon FilesTarget Marketing AgencyTMAgenttmagent.dll
O2 — BHO: IEVkbdBHO — {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009ievkbd.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [ATICCC] «C:Program FilesATI TechnologiesATI.ACEcli.exe» runtime
O4 — HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 — HKLM..Run: [UPSMON] C:Program FilesUPSMONUPSMON.exe
O4 — HKLM..Run: [CapFax] C:Program FilesClassic PhoneToolsCapFax.EXE
O4 — HKLM..Run: [HDAudDeck] C:Program FilesVIAVIAudioiHDADeckHDeck.exe 1
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe»
O4 — HKLM..Run: [WinampAgent] «C:Program FilesWinampwinampa.exe»
O4 — HKLM..Run: [AGAVA SpamProtexx] «C:Program FilesAGAVA SpamProtexxsfproxy.exe»
O4 — HKLM..Run: [WheelMouse] C:Program FilesA4TechMouseAmoumain.exe
O4 — HKCU..Run: [Download Master] C:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [Beeline GPRS Explorer] «C:Program FilesBeelineGPRS Explorergprsexpl.exe» -autorun
O4 — HKCU..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe»
O4 — HKCU..Run: [AGAVA AntiSpy] «C:Program FilesAGAVA AntiSpyah.exe» -background -scanner
O4 — HKCU..Run: [IERR] C:PROGRA~1YELLOW~1IEREGI~1IERR.exe
O4 — HKCU..Run: [AnVir Task Manager] «C:Program FilesAnVir Task ManagerAnVir.exe» Minimized
O4 — Global Startup: ScanButton 2.4.lnk = C:Program FilesScanButton 2.4ScanButton.exe
O4 — Global Startup: Панель задач ATI CATALYST.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: Cтатистика защиты веб-трафика — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009SCIEPlgn.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O10 — Unknown file in Winsock LSP: c:windowssystem32lsprdir.dll
O10 — Unknown file in Winsock LSP: c:windowssystem32lsprdir.dll
O10 — Unknown file in Winsock LSP: c:windowssystem32lsprdir.dll
O16 — DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) — http://go.microsoft.com/fwlink/?linkid=39204
O17 — HKLMSystemCCSServicesTcpip..{2E1CA6AA-EF62-44B4-B58E-C765CC45A016}: NameServer = 195.190.103.99 195.190.103.100
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll
O23 — Service: GPRS Explorer mobile equipment installation service (ameisvc) — Unknown owner — C:Program FilesBeelineGPRS Explorerameisvc.exe (file missing)
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Kaspersky Anti-Virus (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Nero BackItUp Scheduler 4.0 — Nero AG — C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: UPSMONService — Unknown owner — C:Program FilesUPSMONUPSMON_Service.Exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 8045 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{35A6E2B1-27A9-47D2-913C-559E1EF1D034}]
TMAgent IE Adapter — C:Program FilesCommon FilesTarget Marketing AgencyTMAgenttmagent.dll [2009-03-25 1149952]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class — C:Program FilesKaspersky LabKaspersky Anti-Virus 2009ievkbd.dll [2009-03-11 62728]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2003-05-12 69632]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-03-19 3697440]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«SkyTel»=C:WINDOWSSkyTel.EXE [2006-05-16 2879488]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-10-30 16269312]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2008-06-12 34672]
«ATICCC»=C:Program FilesATI TechnologiesATI.ACEcli.exe [2005-08-06 61440]
«BluetoothAuthenticationAgent»=bthprops.cpl,,BluetoothAuthenticationAgent []
«UPSMON»=C:Program FilesUPSMONUPSMON.exe [2005-03-30 429568]
«CapFax»=C:Program FilesClassic PhoneToolsCapFax.EXE [2001-12-10 20739]
«HDAudDeck»=C:Program FilesVIAVIAudioiHDADeckHDeck.exe [2008-08-15 30003200]
«AVP»=C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe [2009-03-11 201992]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2008-08-04 36352]
«AGAVA SpamProtexx»=C:Program FilesAGAVA SpamProtexxsfproxy.exe [2009-03-25 612352]
«WheelMouse»=C:Program FilesA4TechMouseAmoumain.exe [2008-03-06 188416]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Download Master»=C:Program FilesDownload Masterdmaster.exe [2003-05-28 556544]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584]
«Beeline GPRS Explorer»=C:Program FilesBeelineGPRS Explorergprsexpl.exe -autorun []
«Yupdate!»=C:Program FilesCommon FilesYandexYupdateyupdate.exe [2007-09-10 448000]
«AGAVA AntiSpy»=C:Program FilesAGAVA AntiSpyah.exe [2007-09-18 278528]
«IERR»=C:PROGRA~1YELLOW~1IEREGI~1IERR.exe [2006-06-17 78336]
«AnVir Task Manager»=C:Program FilesAnVir Task ManagerAnVir.exe [2009-03-26 2665696]

C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
ScanButton 2.4.lnk — C:Program FilesScanButton 2.4ScanButton.exe
Панель задач ATI CATALYST.lnk — C:Program FilesATI TechnologiesATI.ACECLI.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1mzvkbd.dll»

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2005-08-04 46080]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2008-04-25 206088]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesWarhammer 40.000 Dawn of War — SoulstormSoulstorm.exe»=»C:Program FilesWarhammer 40.000 Dawn of War — SoulstormSoulstorm.exe:*:Enabled:Soulstorm»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesAGAVA SpamProtexxsfproxy.exe»=»C:Program FilesAGAVA SpamProtexxsfproxy.exe:*:Enabled:AGAVA AntispamServant main module»
«C:Program FilesElectronic ArtsБитва за Средиземье IIgame.dat»=»C:Program FilesElectronic ArtsБитва за Средиземье IIgame.dat:*:Enabled:Битва за Средиземье II»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

======List of files/folders created in the last 1 months======

2009-04-01 23:51:02 —-D—- C:_OTMoveIt
2009-04-01 23:29:41 —-D—- C:Documents and SettingsUserApplication DataNero
2009-04-01 23:15:06 —-A—- C:WINDOWSIrremote.ini
2009-04-01 23:12:50 —-D—- C:Program FilesWindows Sidebar
2009-04-01 23:01:30 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataNero
2009-04-01 23:01:29 —-D—- C:Program FilesCommon FilesNero
2009-04-01 12:43:29 —-HDC—- C:WINDOWS$NtUninstallKB926239$
2009-04-01 12:43:09 —-N—- C:WINDOWSsystem32spmsg.dll
2009-04-01 12:43:08 —-HDC—- C:WINDOWS$NtUninstallMSCompPackV1$
2009-04-01 12:42:56 —-D—- C:Program FilesWindows Media Connect 2
2009-04-01 12:42:45 —-HDC—- C:WINDOWS$NtUninstallwmp11$
2009-04-01 12:42:05 —-HDC—- C:WINDOWS$NtUninstallWMFDist11$
2009-04-01 12:41:42 —-D—- C:b45bb32b609360415a19a95ab8
2009-04-01 12:41:31 —-HDC—- C:WINDOWS$NtUninstallWudf01000$
2009-04-01 12:41:09 —-D—- C:d5f6c863b052d9c9fc2a7be27d61
2009-03-31 22:18:46 —-A—- C:WINDOWSIE4 Error Log.txt
2009-03-30 17:22:10 —-D—- C:Program FilesA4Tech
2009-03-30 17:21:55 —-A—- C:WINDOWSsystem32Amhooker.dll
2009-03-27 18:46:21 —-D—- C:Documents and SettingsUserApplication DataБитва за Средиземье — Мои файлы
2009-03-26 00:25:34 —-D—- C:Documents and SettingsUserApplication DataMozilla
2009-03-26 00:25:29 —-D—- C:Program FilesAnVir Task Manager
2009-03-25 23:55:49 —-D—- C:Program FilesYellow Leaf Software
2009-03-25 23:45:55 —-D—- C:Documents and SettingsUserApplication DataLavasoft
2009-03-25 23:45:51 —-D—- C:Program FilesLavasoft
2009-03-25 23:04:37 —-D—- C:Documents and SettingsUserApplication DataAGAVA AntispamServant
2009-03-25 23:03:34 —-D—- C:Documents and SettingsUserApplication DataAGAVA AntiSpy
2009-03-25 23:02:58 —-D—- C:Program FilesAGAVA SpamProtexx
2009-03-25 22:56:15 —-D—- C:Program FilesCommon FilesTarget Marketing Agency
2009-03-25 22:56:12 —-D—- C:Program FilesAGAVA AntiSpy
2009-03-25 10:47:26 —-A—- C:WINDOWSsystem32lsprdir.dll
2009-03-24 03:37:23 —-D—- C:rsit
2009-03-24 03:37:23 —-D—- C:Program Filestrend micro
2009-03-24 02:27:18 —-HDC—- C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-03-24 02:26:59 —-HDC—- C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-03-24 02:26:36 —-HDC—- C:WINDOWS$NtUninstallKB915865$
2009-03-24 02:26:34 —-N—- C:WINDOWSsystem32xmllite.dll
2009-03-24 02:25:22 —-D—- C:WINDOWSnetwork diagnostic
2009-03-24 02:25:20 —-HDC—- C:WINDOWS$NtUninstallKB914440$
2009-03-24 02:25:09 —-HDC—- C:WINDOWS$NtUninstallKB904942$
2009-03-24 02:11:06 —-D—- C:Documents and SettingsUserApplication DataHelp
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32vxblock.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxwave.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxsfs.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxmas.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxinsa64.exe
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxhpinst.exe
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxdrv.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxcpya64.exe
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32pxafs.dll
2009-03-23 23:18:13 —-N—- C:WINDOWSsystem32px.dll
2009-03-23 22:38:30 —-D—- C:Documents and SettingsUserApplication DataYandex
2009-03-21 18:35:19 —-D—- C:Documents and SettingsUserApplication DataActivision
2009-03-21 18:35:19 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataActivision
2009-03-21 17:53:16 —-D—- C:Documents and SettingsUserApplication DataSega
2009-03-21 02:12:21 —-D—- C:WINDOWSsystem32CatRoot_bak
2009-03-21 01:47:24 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataWindows Genuine Advantage
2009-03-21 01:39:59 —-A—- C:WINDOWSsystem32MRT.exe
2009-03-21 01:39:49 —-HDC—- C:WINDOWS$NtUninstallKB932823-v3$
2009-03-20 21:19:40 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-03-20 11:15:27 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2009-03-20 11:15:20 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2009-03-20 11:15:16 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2009-03-20 11:14:58 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-03-20 11:14:54 —-HDC—- C:WINDOWS$NtUninstallKB935448$
2009-03-20 11:14:45 —-HDC—- C:WINDOWS$NtUninstallKB955839$
2009-03-20 11:14:30 —-HDC—- C:WINDOWS$NtUninstallKB958215$
2009-03-20 11:14:23 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-03-20 11:14:16 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2009-03-20 11:14:12 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-03-20 11:14:03 —-HDC—- C:WINDOWS$NtUninstallKB956841$
2009-03-20 11:13:42 —-HDC—- C:WINDOWS$NtUninstallKB960714$
2009-03-20 11:13:39 —-HDC—- C:WINDOWS$NtUninstallKB938464-v2$
2009-03-20 11:13:32 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2009-03-20 11:13:28 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-03-20 11:13:22 —-HDC—- C:WINDOWS$NtUninstallKB960715$
2009-03-20 11:13:18 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-03-20 11:13:11 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2009-03-20 11:13:05 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2009-03-20 11:12:59 —-HDC—- C:WINDOWS$NtUninstallKB950760$
2009-03-20 11:12:55 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2009-03-20 11:12:48 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-03-20 11:12:42 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-03-20 11:11:15 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-03-20 11:11:11 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-03-20 11:11:04 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-03-20 11:11:00 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-03-20 11:10:55 —-D—- C:Program FilesMSXML 4.0
2009-03-20 11:10:26 —-HDC—- C:WINDOWS$NtUninstallKB944338-v2$
2009-03-19 22:11:25 —-D—- C:WINDOWSsystem32PreInstall
2009-03-19 22:11:24 —-HDC—- C:WINDOWS$NtUninstallKB898461$
2009-03-19 22:11:24 —-HD—- C:WINDOWS$hf_mig$
2009-03-19 21:36:57 —-D—- C:WINDOWSsystem32SoftwareDistribution
2009-03-18 21:12:23 —-D—- C:Documents and SettingsUserApplication DataTMNT
2009-03-16 23:32:06 —-D—- C:Documents and SettingsUserApplication DataMedia Player Classic
2009-03-16 23:01:14 —-D—- C:Documents and SettingsUserApplication DataMacromedia
2009-03-16 23:01:14 —-D—- C:Documents and SettingsUserApplication DataAdobe
2009-03-15 14:08:54 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataTrymedia
2009-03-15 13:22:55 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataAge of Empires 3
2009-03-13 22:09:29 —-RA—- C:WINDOWSsystem32fdco1.dll
2009-03-13 22:09:27 —-A—- C:WINDOWSsystem32nvunrm.exe
2009-03-13 22:09:25 —-RA—- C:WINDOWSsystem32nvconrm.dll
2009-03-13 22:09:25 —-RA—- C:WINDOWSsystem32bdco1.dll
2009-03-13 18:24:51 —-A—- C:WINDOWSsystem32xmlinst.exe
2009-03-13 18:24:51 —-A—- C:WINDOWSsystem32wrap_oal.dll
2009-03-13 18:24:51 —-A—- C:WINDOWSsystem32vp6install.exe
2009-03-13 18:24:50 —-A—- C:WINDOWSsystem32Vb5db.dll
2009-03-13 18:24:50 —-A—- C:WINDOWSsystem32OpenAL32.dll
2009-03-13 18:24:50 —-A—- C:WINDOWSsystem32msxml4r.dll
2009-03-13 18:24:50 —-A—- C:WINDOWSsystem32msxml4a.dll
2009-03-13 18:24:50 —-A—- C:WINDOWSsystem32msxml3a.dll
2009-03-13 18:24:50 —-A—- C:WINDOWSsystem32msvcr80.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvcr71d.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvcr70d.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32Msvcr70.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvcp80.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvcp71d.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvcp70d.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32Msvcp70.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32Msvcp60d.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvcm80.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvci70d.dll
2009-03-13 18:24:49 —-A—- C:WINDOWSsystem32msvci70.dll
2009-03-13 18:24:48 —-A—- C:WINDOWSsystem32mfcm80u.dll
2009-03-13 18:24:48 —-A—- C:WINDOWSsystem32mfcm80.dll
2009-03-13 18:24:48 —-A—- C:WINDOWSsystem32mfc80u.dll
2009-03-13 18:24:48 —-A—- C:WINDOWSsystem32mfc80.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32xmltok.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32xmlparse.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32mfc70u.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32mfc70.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32eax.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32Cc3250mt.dll
2009-03-13 18:24:47 —-A—- C:WINDOWSsystem32Borlndmm.dll
2009-03-13 18:22:54 —-A—- C:WINDOWSsystem32XAudio2_1.dll
2009-03-13 18:22:54 —-A—- C:WINDOWSsystem32XAPOFX1_0.dll
2009-03-13 18:22:53 —-A—- C:WINDOWSsystem32xactengine3_1.dll
2009-03-13 18:22:53 —-A—- C:WINDOWSsystem32X3DAudio1_4.dll
2009-03-13 18:22:53 —-A—- C:WINDOWSsystem32D3DX9_38.dll
2009-03-13 18:22:53 —-A—- C:WINDOWSsystem32d3dx10_38.dll
2009-03-13 18:22:53 —-A—- C:WINDOWSsystem32D3DCompiler_38.dll
2009-03-13 18:22:52 —-A—- C:WINDOWSsystem32XAudio2_0.dll
2009-03-13 18:22:52 —-A—- C:WINDOWSsystem32xactengine3_0.dll
2009-03-13 18:22:51 —-A—- C:WINDOWSsystem32X3DAudio1_3.dll
2009-03-13 18:22:51 —-A—- C:WINDOWSsystem32D3DX9_37.dll
2009-03-13 18:22:51 —-A—- C:WINDOWSsystem32d3dx10_37.dll
2009-03-13 18:22:51 —-A—- C:WINDOWSsystem32D3DCompiler_37.dll
2009-03-13 18:22:50 —-A—- C:WINDOWSsystem32xactengine2_10.dll
2009-03-13 18:22:50 —-A—- C:WINDOWSsystem32d3dx10_36.dll
2009-03-13 18:22:50 —-A—- C:WINDOWSsystem32D3DCompiler_36.dll
2009-03-13 18:22:49 —-A—- C:WINDOWSsystem32xactengine2_9.dll
2009-03-13 18:22:49 —-A—- C:WINDOWSsystem32d3dx9_36.dll
2009-03-13 18:22:48 —-A—- C:WINDOWSsystem32xactengine2_8.dll
2009-03-13 18:22:48 —-A—- C:WINDOWSsystem32X3DAudio1_2.dll
2009-03-13 18:22:48 —-A—- C:WINDOWSsystem32d3dx9_35.dll
2009-03-13 18:22:48 —-A—- C:WINDOWSsystem32d3dx10_35.dll
2009-03-13 18:22:48 —-A—- C:WINDOWSsystem32D3DCompiler_35.dll
2009-03-13 18:22:47 —-A—- C:WINDOWSsystem32d3dx9_34.dll
2009-03-13 18:22:47 —-A—- C:WINDOWSsystem32d3dx10_34.dll
2009-03-13 18:22:47 —-A—- C:WINDOWSsystem32D3DCompiler_34.dll
2009-03-13 18:22:46 —-A—- C:WINDOWSsystem32xactengine2_7.dll
2009-03-13 18:22:45 —-A—- C:WINDOWSsystem32d3dx10_33.dll
2009-03-13 18:22:45 —-A—- C:WINDOWSsystem32D3DCompiler_33.dll
2009-03-13 18:22:44 —-A—- C:WINDOWSsystem32xactengine2_6.dll
2009-03-13 18:22:44 —-A—- C:WINDOWSsystem32d3dx9_33.dll
2009-03-13 18:22:43 —-A—- C:WINDOWSsystem32xactengine2_5.dll
2009-03-13 18:22:43 —-A—- C:WINDOWSsystem32d3dx9_32.dll
2009-03-13 18:21:44 —-D—- C:Mortal Kombat Project 4.8.1
2009-03-13 17:47:49 —-A—- C:WINDOWSsystem32hidserv.dll
2009-03-11 11:02:19 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataKaspersky Lab
2009-03-11 11:01:39 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataKaspersky Lab Setup Files
2009-03-11 10:59:00 —-RA—- C:WINDOWSsystem32nvcohda.dll
2009-03-11 10:59:00 —-A—- C:WINDOWSsystem32nvuhda.exe
2009-03-11 10:46:20 —-D—- C:Program FilesVIA
2009-03-11 10:46:19 —-N—- C:WINDOWSsystem32difxapi.dll

======List of files/folders modified in the last 1 months======

2009-04-01 23:55:18 —-D—- C:WINDOWSTemp
2009-04-01 23:53:03 —-D—- C:WINDOWS
2009-04-01 23:51:48 —-A—- C:WINDOWSSchedLgU.Txt
2009-04-01 23:48:15 —-D—- C:WINDOWSPrefetch
2009-04-01 23:28:01 —-SHD—- C:WINDOWSInstaller
2009-04-01 23:14:13 —-D—- C:Program FilesNero
2009-04-01 23:12:50 —-RD—- C:Program Files
2009-04-01 23:01:49 —-D—- C:WINDOWSsystem32
2009-04-01 23:01:49 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-04-01 23:01:29 —-D—- C:Program FilesCommon Files
2009-04-01 22:55:58 —-D—- C:WINDOWSsystem32CatRoot
2009-04-01 22:55:22 —-HD—- C:WINDOWSinf
2009-04-01 22:55:18 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-04-01 22:55:08 —-HDC—- C:WINDOWS$MSI31Uninstall_KB893803v2$
2009-04-01 22:54:35 —-D—- C:WINDOWSsystem32CatRoot2
2009-04-01 12:58:44 —-D—- C:WINDOWSAppPatch
2009-04-01 12:58:44 —-D—- C:Program FilesWindows Media Player
2009-04-01 12:43:32 —-A—- C:WINDOWSimsins.BAK
2009-04-01 12:43:02 —-A—- C:WINDOWSwin.ini
2009-04-01 12:42:53 —-D—- C:WINDOWSHelp
2009-04-01 12:42:13 —-D—- C:WINDOWSsystem32drivers
2009-04-01 12:41:35 —-D—- C:WINDOWSsystem32LogFiles
2009-03-31 15:07:04 —-D—- C:Downloads
2009-03-30 19:01:46 —-A—- C:memory.txt
2009-03-26 22:42:02 —-D—- C:WINDOWSsystem32DirectX
2009-03-25 23:45:52 —-SD—- C:Documents and SettingsAll Users.WINDOWSApplication DataMicrosoft
2009-03-25 20:22:38 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2009-03-25 20:22:15 —-D—- C:WINDOWSRegisteredPackages
2009-03-25 20:21:40 —-D—- C:Program FilesTwo Worlds
2009-03-24 22:23:25 —-D—- C:Program FilesWarhammer 40.000 Dawn of War — Soulstorm
2009-03-24 19:29:48 —-D—- C:Program FilesAWS
2009-03-23 23:37:15 —-D—- C:Program FilesWinamp
2009-03-23 23:16:40 —-A—- C:WINDOWSwinamp.ini
2009-03-23 22:39:41 —-D—- C:Program FilesYandex
2009-03-23 22:38:30 —-SD—- C:WINDOWSDownloaded Program Files
2009-03-21 23:39:36 —-SD—- C:Documents and SettingsUserApplication DataMicrosoft
2009-03-21 02:12:21 —-D—- C:WINDOWSDebug
2009-03-20 11:15:18 —-D—- C:Program FilesMessenger
2009-03-20 11:14:35 —-D—- C:Program FilesInternet Explorer
2009-03-20 11:13:40 —-D—- C:WINDOWSWinSxS
2009-03-20 11:12:31 —-D—- C:WINDOWSRegistration
2009-03-20 10:33:27 —-D—- C:Documents and SettingsUserApplication DataReal
2009-03-19 22:11:38 —-D—- C:WINDOWSsecurity
2009-03-19 21:37:02 —-D—- C:WINDOWSSoftwareDistribution
2009-03-15 19:38:47 —-D—- C:WINDOWSUbisoft
2009-03-13 22:01:37 —-A—- C:WINDOWSAscd_tmp.ini
2009-03-13 18:43:34 —-D—- C:Games
2009-03-13 18:26:10 —-D—- C:Program Filesdirectx
2009-03-13 18:25:59 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-03-13 18:25:58 —-D—- C:Program FilesAGEIA Technologies
2009-03-13 18:22:20 —-D—- C:WINDOWSLogs
2009-03-11 11:02:19 —-D—- C:Program FilesKaspersky Lab
2009-03-11 10:45:00 —-RSH—- C:boot.ini
2009-03-11 10:45:00 —-D—- C:Program FilesAMD

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Драйвер AMD HwPState процессора; C:WINDOWSsystem32DRIVERSAmdPPM.sys [2007-04-16 33792]
R1 Amfilter;A4Tech Mouse Filter Driver; C:WINDOWSsystem32DRIVERSAmfilter.sys [2007-01-24 8704]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-17 14848]
R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2009-03-11 213520]
R1 WmiAcpi;Интерфейс управления для ACPI Microsoft Windows; C:WINDOWSsystem32DRIVERSwmiacpi.sys [2004-08-04 8832]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2003-07-07 12032]
R2 irda;ИК-протокол IrDA; C:WINDOWSsystem32DRIVERSirda.sys [2004-08-04 87424]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:WINDOWSsystem32DRIVERSAmusbprt.sys [2007-12-25 14336]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2005-08-04 1273344]
R3 HCF_MSFT;HCF_MSFT; C:WINDOWSsystem32DRIVERSHCF_MSFT.sys [2001-10-19 907968]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 monfilt;monfilt; C:WINDOWSsystem32driversmonfilt.sys [2008-02-14 1389056]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-12 5810]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2008-01-29 54016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:WINDOWSsystem32driversnvhda32.sys [2008-01-11 31392]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2008-01-29 22016]
R3 nvsmu;nvsmu; C:WINDOWSsystem32DRIVERSnvsmu.sys [2007-10-12 13312]
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2001-08-18 19584]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-04 31616]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-03 17024]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:WINDOWSsystem32driversviahduaa.sys [2008-07-25 845184]
S1 AmdK8;Драйвер AMD процессора; C:WINDOWSsystem32DRIVERSAmdK8.sys [2006-07-02 43520]
S1 FileDisk;FileDisk; C:WINDOWSsystem32driversFileDisk.sys [2002-11-29 10460]
S3 BthEnum;Драйвер блока запроса Bluetooth; C:WINDOWSsystem32DRIVERSBthEnum.sys [2004-08-04 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:WINDOWSsystem32DRIVERSbthpan.sys [2004-08-03 100992]
S3 BTHPORT;Драйвер порта Bluetooth; C:WINDOWSSystem32DriversBTHport.sys [2008-06-14 272512]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WINDOWSSystem32DriversBTHUSB.sys [2004-08-04 18944]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-11-03 4394496]
S3 irsir;Драйвер для инфракрасного последовательного порта Microsoft; C:WINDOWSsystem32DRIVERSirsir.sys [2001-08-18 18688]
S3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2008-03-25 24592]
S3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:WINDOWSsystem32DRIVERSrfcomm.sys [2004-08-04 59648]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-04 26496]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2005-08-04 380928]
R2 AVP;Kaspersky Anti-Virus; C:Program FilesKaspersky LabKaspersky Anti-Virus 2009avp.exe [2009-03-11 201992]
R2 BthServ;Bluetooth Support Service; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:Program FilesCommon FilesNeroNero BackItUp 4NBService.exe [2008-12-05 935208]
R2 UPSMONService;UPSMONService; C:Program FilesUPSMONUPSMON_Service.Exe [2005-03-22 368128]
S2 ameisvc;GPRS Explorer mobile equipment installation service; C:Program FilesBeelineGPRS Explorerameisvc.exe []
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2005-08-05 516096]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2004-07-15 32768]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]

---

EOF

---

[Admin]

Выглядит нормально. Как работает компьютер, нет проблем ?

[anatoliy]

Здравствуйте!Компьютер работает нормально.Спасибо огромное за помощь!

[Admin]

Несколько завершающих действий.

1. Обновите ваши программы.
Зайдите на сайт update.microsoft.com и обновите Windows.

2. Удалите все программы, которые вы использовали в процессе лечения, в случае необходимости, вы всегда сможете скачать их заново. Удаление их необходимо по-причине того, что они содержат компоненты, которые вирусы и трояны могут использовать в плохих целях.

Запустите программу OTMoveIT3. Кликните по кнопке CleanUp. Если появится запрос на перезагрузку компьютера, то кликните Да/Yes.
Удалите RSIT и другие скачанные вами сканеры и небольшие утилиты, а так же все файлы и каталоги который были созданы в процессе лечения компьютера.

3. Подойдите к защите вашего компьютера более серьёзно.

Установите программу Spybot Search and Destroy, это довольно неплохая дополнительная защита от шпионских и других вредоносных программ.

Большинство троянов и вирусов разработаны для поражения Internet Explorer`а, поэтому рекомендую установить и использовать Оперу или Firefox.

4. Создайте новую точку восстановления и удалите все старые.

Удалите старые точки восстановления, так как в них возможно нахождения инфицированных файлов, троянов и других вредоносных программ. Для этого кликните по иконке Мой компьютер, выберите пункт Свойства. В открывшемся окне выберите вкладку Восстановление системы. Поставьте галочку напротив пункта Отключить восстановление системы на всех дисках. Кликните по кнопке Применить. Подтвердите свои действия кликнув по кнопке OK в открывшемся диалоге. Закройте окно Свойства системы, кликнув по кнопке OK.

После загрузки компьютера выполните действия описанные выше, только в этот раз снимите галочку.

Создайте новую точку восстановления. Это поможет вам в случае необходимости загрузить текущую конфигурацию Windows и быстро излечиться от спайваре/вируса. Для этого кликните по кнопке Пуск, далее выберите пункт Стандартные, в нём Служебные и запустите программу Восстановление системы. В открывшемся окне выберите задачу Создать точку восстановления и нажмите кнопку Далее и следуйте указаниям.

5. И несколько дополнительных советов.

Запустите ваш антивирус и проверьте состояние автоматической защиты. Включите, если она выключена.

Не забывайте обновлять Windows, ваши программы и особенно ваш антивирус.

Не посещайте незнакомые сайты, очень внимательно относитесь к файлам скаченным с Интернета.

Всего доброго!

[Автор]

Сообщения