Созданные ответы форума
-
Сообщения
-
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Vitochka at 2010-03-27 22:53:36
Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (6%) free of 76 GB
Total RAM: 894 MB (63% free)HijackThis download failed
======Scheduled tasks folder======
C:WINDOWStasksAppleSoftwareUpdate.job
C:WINDOWStasksOGALogon.job======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-22 62080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_06binssv.dll [2008-03-25 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class — C:Documents and SettingsVitochkaApplication DataMicrosoftInternet Explorerqipsearchbar.dll [2009-06-17 119808][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{b4efb02b-cd4a-44b9-b5d9-aa486cdffab6}]
Radio W Toolbar — C:Program FilesRadio_WtbRad0.dll [2010-03-07 2349080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{af83e43c-dd2b-4787-826b-31b17dee52ed} — QT Breadcrumbs Address Bar — C:WINDOWSsystem32mscoree.dll [2008-07-25 282112]
{b4efb02b-cd4a-44b9-b5d9-aa486cdffab6} — Radio W Toolbar — C:Program FilesRadio_WtbRad0.dll [2010-03-07 2349080][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2007-12-05 8523776]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2007-12-05 81920]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2007-04-16 577536]
«TaskSwitchXP»=C:Program FilesTaskSwitchXPTaskSwitchXP.exe [2007-03-09 62976]
«NeroFilterCheck»=C:Program FilesCommon FilesNeroLibNeroCheck.exe [2007-03-01 153136]
«NBKeyScan»=C:Program FilesNeroNero8Nero BackItUpNBKeyScan.exe [2007-12-03 2213160]
«HP Component Manager»=C:Program FilesHPhpcoretechhpcmpmgr.exe [2003-10-23 233472]
«HP Software Update»=C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe [2003-06-25 49152]
«HPDJ Taskbar Utility»=C:WINDOWSsystem32spooldriversw32x863hpztsb09.exe [2003-11-10 176128]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-05-23 6210744]
«WheelMouse»=C:Program FilesMouseAmoumain.exe [2007-04-19 184320]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2008-08-18 1447168]
«QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2009-09-05 417792]
«iTunesHelper»=C:Program FilesiTunesiTunesHelper.exe [2009-10-28 141600]
«NevoDRM»=C:Игры от NevoSoftNevoDRMNevoDRM.exe [2008-12-11 41984][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-15 37376]
«VistaIcon»=C:Program FilesVistaDriveIconVistaDrv.exe [2008-01-02 132096]
«VisualTaskTips»=C:Program FilesVisualTaskTipsVisualTaskTips.exe [2008-06-23 65536]
«Uniblue RegistryBooster 2″=C:Program FilesUniblueRegistryBooster 2RegistryBooster.exe /S []
«IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesNeroLibNMIndexStoreSvr.exe [2007-12-13 1688872]
«DAEMON Tools Lite»=C:Program FilesDAEMON Tools Litedaemon.exe [2009-04-23 691656]
«uTorrent»=C:Program FilesuTorrentuTorrent.exe [2009-12-19 289584]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Microsoft Office.lnk — C:Program FilesMicrosoft OfficeOffice10OSA.EXE
Быстрый запуск AutoCAD.lnk — C:Program FilesCommon FilesAutodesk Sharedacstart17.exeC:Documents and SettingsVitochkaГлавное менюПрограммыАвтозагрузка
A2DB3F.lnk — C:WINDOWSsystem3282B05DA2DB3F.EXE[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetwork{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesQIPqip.exe»=»C:Program FilesQIPqip.exe:*:Enabled:Quiet Internet Pager»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»
«C:Program FilesMail.RuAgentmagent.exe»=»C:Program FilesMail.RuAgentmagent.exe:*:Enabled:Mail.Ru Агент»
«C:Program FilesOperaopera.exe»=»C:Program FilesOperaopera.exe:*:Enabled:Opera Internet Browser»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
«C:Program FilesiTunesiTunes.exe»=»C:Program FilesiTunesiTunes.exe:*:Enabled:iTunes»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======File associations======
.scr — open — «C:WINDOWSsystem32NOTEPAD.EXE» «%1»
.scr — install —
.scr — config —======List of files/folders created in the last 1 months======
2010-03-27 22:53:38 —-D—- C:Program Filestrend micro
2010-03-27 22:53:36 —-D—- C:rsit
2010-03-26 22:37:24 —-HDC—- C:WINDOWS$NtUninstallWudf01007$
2010-03-26 22:36:46 —-N—- C:WINDOWSsystem32spmsgXP_2k3.dll
2010-03-26 22:36:37 —-HDC—- C:WINDOWS$NtUninstallWdf01007$
2010-03-26 22:32:17 —-D—- C:Documents and SettingsVitochkaApplication DataNokia
2010-03-26 22:32:12 —-D—- C:Documents and SettingsVitochkaApplication DataPC Suite
2010-03-26 22:32:09 —-D—- C:Documents and SettingsAll UsersApplication DataPC Suite
2010-03-26 22:31:07 —-D—- C:Program FilesDIFX
2010-03-26 22:30:44 —-D—- C:Program FilesPC Connectivity Solution
2010-03-26 22:30:08 —-A—- C:WINDOWSsystem32wdfcoinstaller01007.dll
2010-03-26 22:30:08 —-A—- C:WINDOWSsystem32nmwcdcocls.dll
2010-03-26 22:30:04 —-A—- C:WINDOWSsystem32nmwcdcls.dll
2010-03-26 22:30:02 —-D—- C:Program FilesNokia
2010-03-26 22:29:15 —-D—- C:Documents and SettingsAll UsersApplication DataInstallations
2010-03-22 19:00:41 —-A—- C:WINDOWSsystem328l6KNn7.exe
2010-03-21 22:50:29 —-A—- C:WINDOWSsystem322YUr4nU.exe
2010-03-21 17:47:00 —-A—- C:WINDOWSsystem32Zy5hmUu.exe
2010-03-21 15:49:22 —-A—- C:WINDOWSsystem32d22CMyh.exe
2010-03-21 12:23:59 —-A—- C:WINDOWSsystem32Mq8radC.exe
2010-03-21 12:02:54 —-A—- C:WINDOWSsystem32POSbHIV.exe
2010-03-20 16:25:48 —-A—- C:WINDOWSsystem32JOE4gh2.exe
2010-03-20 14:56:39 —-A—- C:WINDOWSsystem32slf4LvA.exe
2010-03-20 13:19:07 —-A—- C:WINDOWSsystem32ibyTVvG.exe
2010-03-20 12:42:35 —-A—- C:WINDOWSsystem32S0ENIcZ.exe
2010-03-20 10:28:04 —-A—- C:WINDOWSsystem32piyIW0o.exe
2010-03-20 01:08:26 —-A—- C:WINDOWSsystem32rkd3MGV.exe
2010-03-19 20:06:50 —-A—- C:WINDOWSsystem32qINIWWj.exe
2010-03-19 12:44:49 —-A—- C:WINDOWSsystem32sW1Xw81.exe
2010-03-19 12:12:10 —-A—- C:WINDOWSsystem32E02coM9.exe
2010-03-18 17:46:38 —-A—- C:WINDOWSsystem32RY7eQxU.exe
2010-03-18 17:41:48 —-A—- C:WINDOWSsystem32F9BEi3B.exe
2010-03-17 16:42:06 —-A—- C:WINDOWSsystem32Kobz2bz.exe
2010-03-16 19:26:09 —-A—- C:WINDOWSsystem32CIKoPBv.exe
2010-03-16 08:17:46 —-A—- C:WINDOWSsystem32nTCTAbG.exe
2010-03-15 15:31:07 —-A—- C:WINDOWSsystem32quL1A7X.exe
2010-03-14 22:36:03 —-A—- C:WINDOWSsystem32ba2DTTe.exe
2010-03-14 13:15:07 —-A—- C:WINDOWSsystem32aqLfVsS.exe
2010-03-14 01:32:08 —-A—- C:WINDOWSsystem32TbPfvDk.exe
2010-03-13 22:33:44 —-A—- C:WINDOWSsystem32xOdl9Kc.exe
2010-03-11 03:03:28 —-HDC—- C:WINDOWS$NtUninstallKB975561$
2010-03-10 22:21:09 —-A—- C:WINDOWSsystem32aaVqRlQ.exe
2010-03-10 22:21:04 —-A—- C:WINDOWSsystem32bjGSnDe.exe
2010-03-10 09:45:57 —-A—- C:WINDOWSsystem32iziRFJK.exe
2010-03-10 09:45:43 —-A—- C:WINDOWSsystem32WA9zrCv.exe
2010-03-09 20:16:48 —-A—- C:WINDOWSsystem32pJepiVq.exe
2010-03-09 20:16:41 —-A—- C:WINDOWSsystem32Enph49g.exe
2010-03-09 18:19:17 —-A—- C:WINDOWSsystem32LTeerLI.exe
2010-03-09 18:19:15 —-A—- C:WINDOWSsystem324HhTbyR.exe
2010-03-08 21:07:34 —-A—- C:WINDOWSsystem32R1nM6Za.exe
2010-03-08 21:07:17 —-A—- C:WINDOWSsystem32wzhxCNB.exe
2010-03-08 17:09:19 —-A—- C:WINDOWSsystem32NLpqmEk.exe
2010-03-08 17:09:01 —-A—- C:WINDOWSsystem32bSNf1ge.exe
2010-03-08 16:03:37 —-A—- C:WINDOWSsystem32cSvQgdl.exe
2010-03-08 16:03:34 —-A—- C:WINDOWSsystem32KOLULSZ.exe
2010-03-08 10:38:47 —-A—- C:WINDOWSsystem323Yos3a8.exe
2010-03-08 10:38:41 —-A—- C:WINDOWSsystem321O5bXoj.exe
2010-03-07 23:55:16 —-A—- C:WINDOWSsystem328knjTYS.exe
2010-03-07 23:55:13 —-A—- C:WINDOWSsystem32vGM7Mh1.exe
2010-03-07 23:54:05 —-A—- C:WINDOWSsystem32edqowyg.exe
2010-03-07 17:40:39 —-D—- C:WINDOWSMinidump
2010-03-07 16:21:55 —-A—- C:WINDOWSsystem32ppLLdc3.exe
2010-03-07 16:21:44 —-A—- C:WINDOWSsystem32hyrEjGk.exe
2010-03-07 00:57:56 —-A—- C:WINDOWSsystem32hidserv.dll
2010-03-07 00:57:23 —-A—- C:WINDOWSsystem32hcu8g9V.exe
2010-03-07 00:57:15 —-A—- C:WINDOWSsystem329mCzMgM.exe
2010-03-06 14:38:12 —-A—- C:WINDOWSsystem32VCBtztM.exe
2010-03-06 14:37:58 —-A—- C:WINDOWSsystem3284Js3Jz.exe
2010-03-06 13:40:51 —-A—- C:WINDOWSsystem32Jn0aJ5w.exe
2010-03-06 13:40:33 —-A—- C:WINDOWSsystem32tHqHr42.exe
2010-03-06 11:15:22 —-A—- C:WINDOWSsystem324M7XQTk.exe
2010-03-06 11:10:19 —-A—- C:WINDOWSsystem32tYm0PVQ.exe
2010-03-05 16:29:40 —-A—- C:WINDOWSsystem32eFVEBEV.exe
2010-03-05 16:29:19 —-A—- C:WINDOWSsystem321D9cOwF.exe
2010-03-05 16:15:23 —-A—- C:WINDOWSsystem32Rr0ggYw.exe
2010-03-05 16:15:06 —-A—- C:WINDOWSsystem32MRinyrV.exe
2010-03-04 18:28:25 —-A—- C:WINDOWSsystem32Kybqcey.exe
2010-03-04 18:28:20 —-A—- C:WINDOWSsystem32GkpcObl.exe
2010-03-04 08:43:37 —-A—- C:WINDOWSsystem32w6U3C6X.exe
2010-03-04 08:43:37 —-A—- C:WINDOWSsystem32PSjkXEz.exe
2010-03-04 06:21:19 —-A—- C:WINDOWSsystem32UkQ6B7W.exe
2010-03-04 06:21:08 —-A—- C:WINDOWSsystem32qGTnJV6.exe
2010-03-03 23:05:36 —-A—- C:WINDOWSsystem32Mif5aPj.exe
2010-03-03 23:05:25 —-A—- C:WINDOWSsystem32FD6dtIQ.exe
2010-03-03 22:51:30 —-A—- C:WINDOWSsystem32Lkh2Btd.exe
2010-03-03 22:51:30 —-A—- C:WINDOWSsystem32bCuVSfw.exe
2010-03-03 22:48:56 —-A—- C:WINDOWSsystem32jQg8EsS.exe
2010-03-03 22:48:54 —-A—- C:WINDOWSsystem32pD9ryX9.exe
2010-03-03 22:05:24 —-A—- C:WINDOWSsystem32T4wg4hG.exe
2010-03-03 22:05:23 —-A—- C:WINDOWSsystem322sHcVXq.exe
2010-03-03 18:41:04 —-A—- C:WINDOWSsystem322IhcDdQ.exe
2010-03-03 18:40:50 —-A—- C:WINDOWSsystem32LvEUUY3.exe
2010-03-03 18:18:56 —-A—- C:WINDOWSsystem32iIvhkc4.exe
2010-03-03 18:18:44 —-A—- C:WINDOWSsystem32MeVwf7I.exe
2010-03-03 13:06:44 —-A—- C:WINDOWSsystem32Lm3Grrk.exe
2010-03-03 13:06:29 —-A—- C:WINDOWSsystem32kegg7H7.exe
2010-03-03 08:21:41 —-A—- C:WINDOWSsystem32BvvKEls.exe
2010-03-03 08:21:32 —-A—- C:WINDOWSsystem32I2gi2Tg.exe
2010-03-02 22:59:04 —-A—- C:WINDOWSsystem32Ygh6Lpa.exe
2010-03-02 22:58:30 —-A—- C:WINDOWSsystem32fpDsMy1.exe
2010-03-02 22:31:39 —-A—- C:WINDOWSsystem32GO6Zfkw.exe
2010-03-02 22:31:39 —-A—- C:WINDOWSsystem325PJ3L95.exe
2010-03-02 21:00:44 —-A—- C:WINDOWSsystem32Q1yiiQn.exe
2010-03-02 20:59:54 —-A—- C:WINDOWSsystem32Xy8ZQWb.exe
2010-03-02 19:37:00 —-A—- C:WINDOWSsystem32MWHBi8W.exe
2010-03-02 19:36:57 —-A—- C:WINDOWSsystem32yacKjY5.exe
2010-03-02 10:05:40 —-A—- C:WINDOWSsystem32SO6efsw.exe
2010-03-02 10:05:19 —-A—- C:WINDOWSsystem329OOhQOk.exe
2010-03-02 08:44:16 —-A—- C:WINDOWSsystem323RNIQgT.exe
2010-03-02 01:37:30 —-A—- C:WINDOWSsystem32QMVEZbZ.exe
2010-03-01 14:39:40 —-A—- C:WINDOWSsystem32sOt3M2W.exe
2010-03-01 14:39:28 —-A—- C:Program FilesCommon Fileskeylog.txt
2010-03-01 14:39:27 —-D—- C:Program FilesCommon Fileswm
2010-03-01 14:35:35 —-A—- C:WINDOWSsystem32sDFPKns.exe======List of files/folders modified in the last 1 months======
2010-03-27 22:53:43 —-D—- C:WINDOWSPrefetch
2010-03-27 22:53:38 —-AD—- C:Program Files
2010-03-27 22:52:26 —-D—- C:WINDOWSTemp
2010-03-27 22:47:00 —-D—- C:WINDOWSsystem32inetsrv
2010-03-27 17:44:31 —-D—- C:Documents and SettingsVitochkaApplication DatauTorrent
2010-03-27 14:07:41 —-A—- C:WINDOWSSchedLgU.Txt
2010-03-27 12:18:17 —-D—- C:Program FilesMozilla Firefox
2010-03-27 00:09:14 —-D—- C:WINDOWS
2010-03-26 22:46:20 —-SHD—- C:WINDOWSInstaller
2010-03-26 22:46:20 —-AD—- C:Program FilesCommon Files
2010-03-26 22:46:13 —-HD—- C:WINDOWSinf
2010-03-26 22:45:56 —-DC—- C:WINDOWSsystem32DRVSTORE
2010-03-26 22:38:00 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2010-03-26 22:37:57 —-D—- C:WINDOWSsystem32drivers
2010-03-26 22:37:35 —-AD—- C:WINDOWSsystem32
2010-03-26 22:37:21 —-RSHDC—- C:WINDOWSsystem32dllcache
2010-03-26 22:36:54 —-A—- C:WINDOWSimsins.BAK
2010-03-26 22:29:56 —-D—- C:WINDOWSWinSxS
2010-03-26 22:13:36 —-D—- C:WINDOWSsystem32CatRoot2
2010-03-17 17:42:49 —-A—- C:WINDOWSNeroDigital.ini
2010-03-11 03:04:22 —-D—- C:Documents and SettingsAll UsersApplication DataMicrosoft Help
2010-03-11 03:03:32 —-D—- C:Program FilesMovie Maker
2010-03-11 03:03:17 —-HD—- C:WINDOWS$hf_mig$
2010-03-08 10:34:18 —-D—- C:WINDOWSsystem32Restore
2010-03-08 10:34:17 —-SHD—- C:System Volume Information
2010-03-07 17:38:42 —-D—- C:Program FilesRadio_W
2010-03-03 20:42:27 —-D—- C:Вита
2010-03-03 20:42:21 —-D—- C:Новая папка
2010-03-02 08:30:12 —-A—- C:WINDOWSsystem32MRT.exe
2010-03-02 01:56:26 —-D—- C:я на сноуборде======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;AMD Processor Driver; C:WINDOWSsystem32DRIVERSAmdK8.sys [2006-06-19 36864]
R1 Amfilter;Compatible Mouse Filter Driver; C:WINDOWSsystem32DRIVERSAmfilter.sys [2007-04-19 8704]
R1 easdrv;easdrv; C:WINDOWSsystem32DRIVERSeasdrv.sys [2008-08-18 53256]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2008-08-18 34312]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-07-20 14720]
R2 eamon;EAMON; C:WINDOWSsystem32DRIVERSeamon.sys [2008-08-18 39944]
R2 hl_mull;hl_mull; C:WINDOWSSystem32drivershl_mull.SYS [2008-06-21 67712]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2008-07-08 62848]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2008-01-25 4127488]
R3 Amusbprt;Compatible HID-compliant Mouse Driver; C:WINDOWSsystem32DRIVERSAmusbprt.sys [2007-04-19 14336]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:WINDOWSsystem32DRIVERSGEARAspiWDM.sys [2009-05-18 26600]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-07-20 10368]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2007-12-05 7435392]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:WINDOWSsystem32DRIVERSNVENETFD.sys [2007-10-12 54144]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:WINDOWSsystem32DRIVERSnvnetbus.sys [2007-10-12 22016]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-07-20 32384]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-07-20 30336]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbohci;Драйвер минипорта Microsoft USB открытого хост-контроллера; C:WINDOWSsystem32DRIVERSusbohci.sys [2008-07-20 17152]
R3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-07-20 25856]
R3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-15 26368]
S3 a4zodfga;a4zodfga; C:WINDOWSsystem32driversa4zodfga.sys []
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:WINDOWSsystem32DRIVERSL8042Kbd.sys [2006-07-19 13568]
S3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-07-20 12160]
S3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:WINDOWSsystem32DRIVERSpccsmcfd.sys [2008-08-26 18816]
S3 Point32;Microsoft IntelliPoint Filter Driver; C:WINDOWSsystem32DRIVERSpoint32.sys [2006-11-08 21760]
S3 upperdev;upperdev; C:WINDOWSsystem32DRIVERSusbser_lowerflt.sys [2009-10-06 7936]
S3 USBAAPL;Apple Mobile USB Driver; C:WINDOWSSystem32Driversusbaapl.sys [2009-08-28 40448]
S3 usbser;USB Modem Driver; C:WINDOWSsystem32driversusbser.sys [2008-07-20 26112]
S3 UsbserFilt;UsbserFilt; C:WINDOWSsystem32DRIVERSusbser_lowerfltj.sys [2009-10-06 7936]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:WINDOWSSystem32Driverswdf01000.sys [2008-03-27 503008]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
S4 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2008-04-15 12032]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:Program FilesCommon FilesABBYYFineReader9.00LicensingPENetworkLicenseServer.exe [2007-12-06 660768]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:Program FilesCommon FilesABBYYFineReaderSprint9.00LicensingNetworkLicenseServer.exe [2008-10-09 759072]
R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bonjour Service;Bonjour Service; C:Program FilesBonjourmDNSResponder.exe [2008-12-12 238888]
R2 ekrn;Eset Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2008-08-18 468224]
R2 IISADMIN;IIS Admin; C:WINDOWSsystem32inetsrvinetinfo.exe [2008-04-15 15872]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe [2001-02-23 270336]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:Program FilesNeroNero8Nero BackItUpNBService.exe [2007-12-03 869672]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2007-12-05 155716]
R2 W3SVC;Веб-публикации; C:WINDOWSsystem32inetsrvinetinfo.exe [2008-04-15 15872]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
R3 iPod Service;Сервис iPod; C:Program FilesiPodbiniPodService.exe [2009-10-28 545568]
R3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesNeroLibNMIndexingService.exe [2007-12-13 447784]
S2 hpdj;hpdj; C:DOCUME~1VitochkaLOCALS~1Temphpdj.exe [2003-11-10 266240]
S3 aspnet_state;Служба состояний ASP.NET; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe [2009-05-18 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2008-08-18 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2009-10-27 657408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]
EOF
комп в принципе работает нормально, только не заходит на некоторые сайты….не пойму только по какой системе… с удивлением обнаружил, что антавирус стал обновлятся при «выбирать автоматически»
еще последнее время, нод32 очень часто удаляет какие то файлы, с непонятными названиями, различный набор букв и цифр…
з.ы. у подруги тоже комп так же «заболел», создам еще одну тему:)я, как культурный гражданин, жду вашего ответа, поэтому не пишу долго в ЛС… просто правила почитал…
жду дальнейших инструкций
Спасибо!+ 2010-03-02 10:39 . 2010-02-03 03:34 887724 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ativva6x.dat
+ 2010-03-02 10:39 . 2010-02-03 03:23 109058 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atipdlxx.dll
+ 2010-03-02 10:39 . 2010-02-03 03:32 186995 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiok3x2.dll
+ 2010-03-02 10:39 . 2010-02-03 03:15 296448 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atikvmag.dll
+ 2010-03-02 10:39 . 2010-02-03 04:07 311296 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiiiexx.dll
+ 2010-03-02 10:39 . 2009-12-04 21:17 198341 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiicdxx.dat
+ 2010-03-02 10:39 . 2010-02-03 03:40 446464 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atidemgx.dll
+ 2010-03-02 10:39 . 2010-02-03 03:21 317697 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2evxx.exe
+ 2010-03-02 10:39 . 2010-02-03 03:39 188602 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2dvag.dll
+ 2010-03-02 10:39 . 2010-02-03 03:06 329403 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2cqag.dll
+ 2009-08-08 10:51 . 2009-03-09 12:27 453456 c:windowssystem32d3dx10_41.dll
— 2009-08-08 10:51 . 2009-03-09 11:27 453456 c:windowssystem32d3dx10_41.dll
— 2008-12-28 19:48 . 2008-10-15 02:22 452440 c:windowssystem32d3dx10_40.dll
+ 2008-12-28 19:48 . 2008-10-15 03:22 452440 c:windowssystem32d3dx10_40.dll
— 2009-02-18 17:55 . 2009-02-18 17:55 294912 c:windowssystem32ATIODE.exe
+ 2009-02-18 17:55 . 2009-02-18 18:55 294912 c:windowssystem32ATIODE.exe
+ 2009-06-10 16:54 . 2009-12-04 21:17 198341 c:windowssystem32atiicdxx.dat
+ 2009-05-11 21:35 . 2009-05-11 22:35 118784 c:windowssystem32atibtmon.exe
— 2009-05-11 21:35 . 2009-05-11 21:35 118784 c:windowssystem32atibtmon.exe
+ 2010-03-02 10:42 . 2010-03-02 10:42 718336 c:windowsInstaller8ed3b.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 194560 c:windowsInstaller8ed1c.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 261632 c:windowsInstaller8ed12.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 252416 c:windowsInstaller8ed08.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 258560 c:windowsInstaller8ecfe.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 182784 c:windowsInstaller8ecf4.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 179712 c:windowsInstaller8ecea.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 287232 c:windowsInstaller8ece0.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 258048 c:windowsInstaller8ecd6.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 268288 c:windowsInstaller8eccc.msi
+ 2010-03-02 10:41 . 2010-03-02 10:41 322048 c:windowsInstaller8ecc2.msi
+ 2010-03-02 10:39 . 2010-03-02 10:39 434688 c:windowsInstaller8ebd4.msi
+ 2010-03-02 10:39 . 2010-03-02 10:39 219648 c:windowsInstaller8ebca.msi
+ 2010-03-08 23:36 . 2010-03-08 23:36 331264 c:windowsInstaller164748.msi
— 2008-11-23 19:40 . 2010-02-26 09:24 888080 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}wordicon.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 888080 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}wordicon.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 272648 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}pubs.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 272648 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}pubs.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 922384 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}pptico.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 922384 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}pptico.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 845584 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}outicon.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 845584 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}outicon.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 217864 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}misc.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 217864 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}misc.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 184080 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}joticon.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 184080 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}joticon.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 159504 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}inficon.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 159504 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}inficon.exe
+ 2010-03-02 10:42 . 2010-03-02 10:42 238223 c:windowsInstaller{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 741376 c:windowsassemblyGAC_MSILResourceManagement.Foundation.Implementation2.0.3685.42415__90ba9c70f846762eResourceManagement.Foundation.Implementation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 106496 c:windowsassemblyGAC_MSILMOM.Implementation2.0.3685.42372__90ba9c70f846762eMOM.Implementation.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 131072 c:windowsassemblyGAC_MSILInterop.SHDocVw1.1.0.0__90ba9c70f846762eInterop.SHDocVw.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 131072 c:windowsassemblyGAC_MSILInterop.SHDocVw1.1.0.0__90ba9c70f846762eInterop.SHDocVw.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 405504 c:windowsassemblyGAC_MSILCLI.Component.Wizard2.0.3685.42270__90ba9c70f846762eCLI.Component.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 577536 c:windowsassemblyGAC_MSILCLI.Component.Systemtray2.0.3685.42364__90ba9c70f846762eCLI.Component.Systemtray.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 278528 c:windowsassemblyGAC_MSILCLI.Component.Launchpad2.0.3685.42393__90ba9c70f846762eCLI.Component.Launchpad.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 147456 c:windowsassemblyGAC_MSILCLI.Component.Dashboard.ProfileManager2.0.3685.42298__90ba9c70f846762eCLI.Component.Dashboard.ProfileManager.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 155648 c:windowsassemblyGAC_MSILCLI.Component.Dashboard.HotKeyManager2.0.3685.42297__90ba9c70f846762eCLI.Component.Dashboard.HotKeyManager.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 151552 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Shared2.0.3685.42239__90ba9c70f846762eCLI.Caste.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 380928 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Runtime2.0.3685.42249__90ba9c70f846762eCLI.Caste.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 139264 c:windowsassemblyGAC_MSILCLI.Aspect.VeryLargeDesktop.Graphics.Dashboard2.0.3685.42321__90ba9c70f846762eCLI.Aspect.VeryLargeDesktop.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 151552 c:windowsassemblyGAC_MSILCLI.Aspect.TutorialInfoCentre.Graphics.Dashboard2.0.3685.42424__90ba9c70f846762eCLI.Aspect.TutorialInfoCentre.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 491520 c:windowsassemblyGAC_MSILCLI.Aspect.TransCode.Graphics.Wizard2.0.3685.42379__90ba9c70f846762eCLI.Aspect.TransCode.Graphics.Wizard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 241664 c:windowsassemblyGAC_MSILCLI.Aspect.SmartGart.Graphics.Dashboard2.0.3685.42290__90ba9c70f846762eCLI.Aspect.SmartGart.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 356352 c:windowsassemblyGAC_MSILCLI.Aspect.Radeon3D.Graphics.Dashboard2.0.3685.42331__90ba9c70f846762eCLI.Aspect.Radeon3D.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 102400 c:windowsassemblyGAC_MSILCLI.Aspect.PowerXpress.Graphics.Dashboard2.0.3685.42392__90ba9c70f846762eCLI.Aspect.PowerXpress.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 118784 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlayDPPE.Graphics.Dashboard2.0.3685.42378__90ba9c70f846762eCLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 114688 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlay4.Graphics.Dashboard2.0.3685.42381__90ba9c70f846762eCLI.Aspect.PowerPlay4.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 139264 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlay3.Graphics.Dashboard2.0.3685.42322__90ba9c70f846762eCLI.Aspect.PowerPlay3.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 651264 c:windowsassemblyGAC_MSILCLI.Aspect.OverDrive5.Graphics.Dashboard2.0.3685.42394__90ba9c70f846762eCLI.Aspect.OverDrive5.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 118784 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU4.Graphics.Dashboard2.0.3685.42400__90ba9c70f846762eCLI.Aspect.MultiVPU4.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 167936 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU3.Graphics.Dashboard2.0.3685.42373__90ba9c70f846762eCLI.Aspect.MultiVPU3.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 163840 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU2.Graphics.Dashboard2.0.3685.42314__90ba9c70f846762eCLI.Aspect.MultiVPU2.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 241664 c:windowsassemblyGAC_MSILCLI.Aspect.MultiDesk.HydraVision.Dashboard2.0.3685.42406__90ba9c70f846762eCLI.Aspect.MultiDesk.HydraVision.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 409600 c:windowsassemblyGAC_MSILCLI.Aspect.MMVideo.Graphics.Wizard2.0.3685.42344__90ba9c70f846762eCLI.Aspect.MMVideo.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 827392 c:windowsassemblyGAC_MSILCLI.Aspect.MMVideo.Graphics.Dashboard2.0.3685.42313__90ba9c70f846762eCLI.Aspect.MMVideo.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 212992 c:windowsassemblyGAC_MSILCLI.Aspect.MDProp.HydraVision.Dashboard2.0.3685.42404__90ba9c70f846762eCLI.Aspect.MDProp.HydraVision.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 204800 c:windowsassemblyGAC_MSILCLI.Aspect.InfoCentre.Graphics.Wizard2.0.3685.42279__90ba9c70f846762eCLI.Aspect.InfoCentre.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 196608 c:windowsassemblyGAC_MSILCLI.Aspect.InfoCentre.Graphics.Dashboard2.0.3685.42279__90ba9c70f846762eCLI.Aspect.InfoCentre.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 311296 c:windowsassemblyGAC_MSILCLI.Aspect.HydraVision.Wizard2.0.3685.42407__90ba9c70f846762eCLI.Aspect.HydraVision.Wizard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 147456 c:windowsassemblyGAC_MSILCLI.Aspect.Grid.HydraVision.Dashboard2.0.3685.42397__90ba9c70f846762eCLI.Aspect.Grid.HydraVision.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 315392 c:windowsassemblyGAC_MSILCLI.Aspect.FramelockGenlock.Graphics.Dashboard2.0.3685.42412__90ba9c70f846762eCLI.Aspect.FramelockGenlock.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 409600 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysManager.Graphics.Dashboard2.0.3685.42265__90ba9c70f846762eCLI.Aspect.DisplaysManager.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 573440 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysColour2.Graphics.Dashboard2.0.3685.42280__90ba9c70f846762eCLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 364544 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceTV.Graphics.Wizard2.0.3685.42359__90ba9c70f846762eCLI.Aspect.DeviceTV.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 749568 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceTV.Graphics.Dashboard2.0.3685.42354__90ba9c70f846762eCLI.Aspect.DeviceTV.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 475136 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared2.0.3685.42301__90ba9c70f846762eCLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 307200 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceLCD.Graphics.Wizard2.0.3685.42286__90ba9c70f846762eCLI.Aspect.DeviceLCD.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 323584 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceLCD.Graphics.Dashboard2.0.3685.42322__90ba9c70f846762eCLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 372736 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceDFP.Graphics.Dashboard2.0.3685.42305__90ba9c70f846762eCLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 692224 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCV.Graphics.Wizard2.0.3685.42339__90ba9c70f846762eCLI.Aspect.DeviceCV.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 630784 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCV.Graphics.Dashboard2.0.3685.42326__90ba9c70f846762eCLI.Aspect.DeviceCV.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 397312 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCRT.Graphics.Dashboard2.0.3685.42311__90ba9c70f846762eCLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 163840 c:windowsassemblyGAC_MSILCLI.Aspect.DeskMan.HydraVision.Dashboard2.0.3685.42403__90ba9c70f846762eCLI.Aspect.DeskMan.HydraVision.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 270336 c:windowsassemblyGAC_MSILCLI.Aspect.CrossDisplay.Graphics.Dashboard1.0.0.0__90ba9c70f846762eCLI.Aspect.CrossDisplay.Graphics.Dashboard.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 270336 c:windowsassemblyGAC_MSILCLI.Aspect.CrossDisplay.Graphics.Dashboard1.0.0.0__90ba9c70f846762eCLI.Aspect.CrossDisplay.Graphics.Dashboard.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 262144 c:windowsassemblyGAC_MSILCLI.AIB.TutorialInfoCentre.Tutorial.Dashboard1.2.2600.29179__90ba9c70f846762eCLI.AIB.TutorialInfoCentre.Tutorial.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 262144 c:windowsassemblyGAC_MSILCLI.AIB.TutorialInfoCentre.Tutorial.Dashboard1.2.2600.29179__90ba9c70f846762eCLI.AIB.TutorialInfoCentre.Tutorial.Dashboard.DLL
— 2010-02-03 19:58 . 2010-02-03 19:58 223232 c:windowsassemblyGACMicrosoft.DirectX1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 223232 c:windowsassemblyGACMicrosoft.DirectX1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 178176 c:windowsassemblyGACMicrosoft.DirectX.DirectSound1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectSound.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 178176 c:windowsassemblyGACMicrosoft.DirectX.DirectSound1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectSound.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 364544 c:windowsassemblyGACMicrosoft.DirectX.DirectPlay1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectPlay.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 364544 c:windowsassemblyGACMicrosoft.DirectX.DirectPlay1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectPlay.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 159232 c:windowsassemblyGACMicrosoft.DirectX.DirectInput1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectInput.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 159232 c:windowsassemblyGACMicrosoft.DirectX.DirectInput1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectInput.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 145920 c:windowsassemblyGACMicrosoft.DirectX.DirectDraw1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectDraw.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 145920 c:windowsassemblyGACMicrosoft.DirectX.DirectDraw1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.DirectDraw.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 578560 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2911.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 578560 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2911.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 578560 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2910.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 578560 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2910.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 577536 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2909.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 577536 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2909.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 577536 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2908.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 577536 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2908.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 577024 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2907.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 577024 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2907.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 576000 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2906.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 576000 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2906.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 567296 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2905.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 567296 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2905.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 563712 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2904.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 563712 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2904.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 473600 c:windowsassemblyGACMicrosoft.DirectX.Direct3D1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.Direct3D.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 473600 c:windowsassemblyGACMicrosoft.DirectX.Direct3D1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.Direct3D.dll
— 2009-08-25 07:56 . 2009-08-25 07:56 360448 c:windowsassemblyGACInterop.MSForms2.0.0.0__90ba9c70f846762eInterop.MSForms.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 360448 c:windowsassemblyGACInterop.MSForms2.0.0.0__90ba9c70f846762eInterop.MSForms.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 225280 c:windowsassemblyGACInterop.MSComctlLib2.0.0.0__90ba9c70f846762eInterop.MSComctlLib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 225280 c:windowsassemblyGACInterop.MSComctlLib2.0.0.0__90ba9c70f846762eInterop.MSComctlLib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 143360 c:windowsassemblyGACICSharpCode.SharpZipLib.84.0.0__1b03e6acf1164f73ICSharpCode.SharpZipLib.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 143360 c:windowsassemblyGACICSharpCode.SharpZipLib.84.0.0__1b03e6acf1164f73ICSharpCode.SharpZipLib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 212992 c:windowsassemblyGACAxInterop.MSForms2.0.0.0__90ba9c70f846762eAxInterop.MSForms.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 212992 c:windowsassemblyGACAxInterop.MSForms2.0.0.0__90ba9c70f846762eAxInterop.MSForms.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 135168 c:windowsassemblyGACAxInterop.MSComctlLib2.0.0.0__90ba9c70f846762eAxInterop.MSComctlLib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 135168 c:windowsassemblyGACAxInterop.MSComctlLib2.0.0.0__90ba9c70f846762eAxInterop.MSComctlLib.DLL
+ 2010-03-08 09:25 . 2008-07-08 13:21 391032 c:windows$hf_mig$KB957097updateupdspapi.dll
+ 2010-03-08 09:25 . 2008-07-08 13:21 760184 c:windows$hf_mig$KB957097updateupdate.exe
+ 2010-03-08 09:25 . 2008-07-08 13:21 232824 c:windows$hf_mig$KB957097spuninst.exe
+ 2010-03-08 09:25 . 2008-10-24 11:41 455936 c:windows$hf_mig$KB957097SP3QFEmrxsmb.sys
+ 2009-07-11 21:02 . 2009-07-11 21:02 3780424 c:windowsWinSxSx86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53mfc90u.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 3765048 c:windowsWinSxSx86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53mfc90.dll
+ 2010-03-02 10:39 . 2009-07-15 01:44 2053888 c:windowssystem32ReinstallBackups021DriverFilesB_85444ativvaxx.dll
+ 2010-03-02 10:39 . 2009-07-15 01:20 3289088 c:windowssystem32ReinstallBackups021DriverFilesB_85444aticaldd.dll
+ 2010-03-02 10:39 . 2009-07-15 01:58 3281408 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati3duag.dll
+ 2010-03-02 10:39 . 2009-07-15 04:20 4407808 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2mtag.sys
+ 2010-03-02 10:39 . 2010-02-03 03:35 1054067 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ativvaxx.dll
+ 2010-03-02 10:39 . 2010-02-03 04:02 6283522 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atioglxx.dll
+ 2010-03-02 10:39 . 2010-02-03 04:10 1819969 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228aticaldd.dll
+ 2010-03-02 10:39 . 2010-02-03 03:50 1918555 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati3duag.dll
+ 2010-03-02 10:39 . 2010-02-03 04:52 3069099 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2mtag.sys
— 2008-11-23 17:14 . 2008-04-15 12:00 3558912 c:windowssystem32dllcachemoviemk.exe
+ 2008-11-23 17:14 . 2009-10-23 15:28 3558912 c:windowssystem32dllcachemoviemk.exe
— 2009-08-08 10:51 . 2009-03-09 11:27 4178264 c:windowssystem32D3DX9_41.dll
+ 2009-08-08 10:51 . 2009-03-09 12:27 4178264 c:windowssystem32D3DX9_41.dll
+ 2008-12-28 19:48 . 2008-10-15 03:22 4379984 c:windowssystem32D3DX9_40.dll
— 2008-12-28 19:48 . 2008-10-15 02:22 4379984 c:windowssystem32D3DX9_40.dll
+ 2009-08-08 10:51 . 2009-03-09 12:27 1846632 c:windowssystem32D3DCompiler_41.dll
— 2009-08-08 10:51 . 2009-03-09 11:27 1846632 c:windowssystem32D3DCompiler_41.dll
+ 2008-12-28 19:48 . 2008-10-15 03:22 2036576 c:windowssystem32D3DCompiler_40.dll
— 2008-12-28 19:48 . 2008-10-15 02:22 2036576 c:windowssystem32D3DCompiler_40.dll
+ 2010-03-02 10:41 . 2010-03-02 10:41 1088000 c:windowsInstaller8ed27.msi
+ 2010-03-02 10:39 . 2010-03-02 10:39 1597440 c:windowsInstaller8ebdf.msi
+ 2010-02-04 14:24 . 2010-02-04 14:24 9122304 c:windowsInstaller52003.msp
+ 2010-02-20 22:00 . 2010-02-20 22:00 8480768 c:windowsInstaller51fe8.msp
+ 2010-02-03 21:59 . 2010-02-03 21:59 5031936 c:windowsInstaller51fcd.msp
— 2008-11-23 19:40 . 2010-02-26 09:24 1172240 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}xlicons.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 1172240 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}xlicons.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 1165584 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}accicons.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 1165584 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}accicons.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 1048576 c:windowsassemblyGAC_MSILCLI.Component.Eeu2.0.3685.42347__90ba9c70f846762eCLI.Component.Eeu.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 1220608 c:windowsassemblyGAC_MSILCLI.Component.Dashboard2.0.3685.42256__90ba9c70f846762eCLI.Component.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 1007616 c:windowsassemblyGAC_MSILCLI.Aspect.OverDrive3.Graphics.Dashboard2.0.3685.42293__90ba9c70f846762eCLI.Aspect.OverDrive3.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 1708032 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysManager2.Graphics.Wizard2.0.3685.42422__90ba9c70f846762eCLI.Aspect.DisplaysManager2.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 1302528 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysManager2.Graphics.Dashboard2.0.3685.42418__90ba9c70f846762eCLI.Aspect.DisplaysManager2.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 1736704 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysManager.Graphics.Wizard2.0.3685.42276__90ba9c70f846762eCLI.Aspect.DisplaysManager.Graphics.Wizard.DLL
— 2010-02-03 19:58 . 2010-02-03 19:58 2846720 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2903.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 2846720 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2903.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 2676224 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 2676224 c:windowsassemblyGACMicrosoft.DirectX.Direct3DX1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 10:39 . 2009-07-15 01:48 12693504 c:windowssystem32ReinstallBackups021DriverFilesB_85444atioglxx.dll
+ 2008-11-25 18:14 . 2010-03-02 05:30 31648712 c:windowssystem32MRT.exe
+ 2009-11-20 20:46 . 2009-11-20 20:46 11524608 c:windowsInstaller5201e.msp
+ 2009-04-03 14:46 . 2009-04-03 14:46 17314688 c:windowsInstaller$PatchCache$Managed0002109030000000000000000F01FEC12.0.6425MSO.DLL
.
— Snapshot reset to current date —
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536]
«LDM»=»c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe» [2009-01-29 67128]
«Start WingMan Profiler»=»c:program filesLogitechProfilerlwemon.exe» [2006-07-05 60416]
«AlcoholAutomount»=»e:alcohol 120axcmd.exe» [2009-03-17 203928]
«Backup4all 3″=»c:program filesSoftlandBackup4all 3Backup4all.exe» [2007-11-05 3133080]
«Backup4all Scheduler»=»c:program filesSoftlandBackup4all 3b4aSched.Exe» [2007-11-05 478360]
«PC Suite Tray»=»c:program filesNokiaNokia PC Suite 7PCSuite.exe» [2009-11-11 1451520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Bluetooth Connection Assistant»=»LBTWIZ.EXE -silent» [X]
«Kernel and Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«TaskSwitchXP»=»c:program filesTaskSwitchXPTaskSwitchXP.exe» [2007-03-09 62976]
«JMB36X IDE Setup»=»c:windowsRaidToolxInsIDE.exe» [2007-03-20 36864]
«36X Raid Configurer»=»c:windowssystem32xRaidSetup.exe» [2007-03-21 1953792]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«zBrowser Launcher»=»c:program filesLogitechiTouchiTouch.exe» [2002-11-22 631362]
«Logitech Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«GrooveMonitor»=»c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe» [2008-10-25 31072]
«MAgent»=»c:program filesMail.RuAgentmagent.exe» [2009-07-27 7975608]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2008-08-18 1447168]
«SoundMAXPnP»=»c:program filesAnalog DevicesCoresmax4pnp.exe» [2006-12-18 868352]
«Ai Remote Help»=»c:program filesASUSAI RemoteAiRc.exe» [2007-09-03 3346432]
«ASUS UpdateChecker»=»c:program filesASUSUpdateCheckerUpdateChecker.exe» [2008-11-03 110592]
«Ai Nap»=»c:program filesASUSAI SuiteAiNapAiNap.exe» [2008-01-28 1413120]
«CPU Power Monitor»=»c:program filesASUSAI SuiteAiGear3CpuPowerMonitor.exe» [2008-01-09 627200]
«Cpu Level Up help»=»c:program filesASUSAI SuiteCpuLevelUpHelp.exe» [2007-11-30 881152]
«ASUS Energy Saving»=»c:program filesASUSAI SuiteEnergySavingPwSave.exe» [2008-01-28 1352704]
«BluetoothAuthenticationAgent»=»bthprops.cpl» [2008-04-15 110592]
«DiscWizardMonitor.exe»=»c:program filesSeagateDiscWizardDiscWizardMonitor.exe» [2007-09-04 1188864]
«AcronisTimounterMonitor»=»c:program filesSeagateDiscWizardTimounterMonitor.exe» [2007-09-04 1963768]
«Acronis Scheduler2 Service»=»c:program filesCommon FilesSeagateSchedule2schedhlp.exe» [2007-09-04 148760]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«QuickTime Task»=»c:program filesQuickTimeQTTask.exe» [2009-11-10 417792]
«iTunesHelper»=»c:program filesiTunesiTunesHelper.exe» [2009-11-12 141600]
«UPSMON»=»c:program filesUPSMONUPSMON.exe» [2008-07-02 433664]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2010-02-02 98304][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-15 37376]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«IE7_012″=»advpack.dll» [2010-01-05 124928]
«IE7_013″=»rebuild.exe» [2007-11-01 114280]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Logitech Desktop Messenger.lnk — c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2009-1-29 67128]
Logitech SetPoint.lnk — c:program filesLogitechSetPointSetPoint.exe [2009-3-24 809488][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyLBTWlgn]
2009-02-18 21:30 72208 —-a-w- c:program filesCommon FilesLogitechBluetoothLBTWLgn.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
@=»»[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«DisableNotifications»= 1 (0x1)
«DisableUnicastResponsesToMulticastBroadcast»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE»=
«c:\Program Files\Microsoft Office\Office12\GROOVE.EXE»=
«c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE»=
«e:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\GTAIV.exe»=
«c:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe»=
«e:\Gears of War\Binaries\WarGame-G4WLive.exe»=
«e:\uTorrent\uTorrent.exe»=
«e:\Race Driver GRID\GRID.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\xrEngine.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\dedicated\xrEngine.exe»=
«c:\WINDOWS\system32\PnkBstrA.exe»=
«c:\WINDOWS\system32\PnkBstrB.exe»=
«e:\Call of Duty 4 — Modern Warfare\iw3mp.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\xrEngine.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\dedicated\xrEngine.exe»=
«c:\Program Files\iTunes\iTunes.exe»=
«c:\Program Files\Skype\Plugin Manager\skypePM.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx9.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx10.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Launcher.exe»=
«c:\Program Files\ICQ7.0\ICQ.exe»=
«c:\Program Files\ICQ7.0\aolload.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=
«d:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe»=
«c:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe»=
«e:\Assassin’s Creed II\AssassinsCreedIIGame.exe»=
«e:\Assassin’s Creed II\AssassinsCreedII.exe»=
«e:\Assassin’s Creed II\UPlayBrowser.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«26689:TCP»= 26689:TCPR0 pe3ajtsc;Stalker (Pro) Environment Driver (pe3ajtsc);c:windowssystem32driverspe3ajtsc.sys [15.08.2007 15:11 64640]
R0 ps7ajtsc;Stalker (Pro) Synchronization Driver (ps7ajtsc);c:windowssystem32driversps7ajtsc.sys [15.08.2007 15:11 68744]
R1 appdrv01;Application Driver (01);c:windowssystem32driversappdrv01.sys [08.10.2009 2:40 3069040]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [18.08.2008 13:27 34312]
R2 ekrn;Eset Service;c:program filesESETESET NOD32 Antivirusekrn.exe [18.08.2008 13:25 468224]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc —> c:windowsSystem32appdrvrem01.exe svc [?]
S2 pr2ajtsc;Stalker (Pro) Drivers Auto Removal (pr2ajtsc);c:windowssystem32pr2ajtsc.exe svc —> c:windowssystem32pr2ajtsc.exe svc [?]
S4 sptd;sptd;c:windowssystem32driverssptd.sys [23.11.2008 20:22 721904]
.
Contents of the ‘Scheduled Tasks’ folder2010-03-22 c:windowsTasksb4a_bp6.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-03-22 c:windowsTasksb4a_Мои документы.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-03-22 c:windowsTasksOGALogon.job
— c:windowssystem32OGAEXEC.exe [2009-08-03 11:07]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.lofisnet.ru/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master
IE: Закачать при помощи Download Master
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} — c:program filesICQ7.0ICQ.exe
TCP: {A80D0705-8D40-4C7D-AFE9-E8D841452343} = 80.79.176.2,80.79.176.3
Handler: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — c:program filesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
FF — ProfilePath — c:documents and settingsАндрейApplication DataMozillaFirefoxProfiles1djs6yc0.default
FF — prefs.js: browser.startup.homepage — hxxp://lofisnet.ru/
FF — prefs.js: keyword.URL — hxxp://search.qip.ru/search?from=FF&query=
FF — component: c:documents and settingsАндрейApplication DataMozillaFirefoxProfiles1djs6yc0.defaultextensions{32a1fd71-835e-4b11-8e54-886fda0b4c89}componentsqippipe.dll
FF — component: c:program filesMozilla Firefoxextensions{B13721C7-F507-4982-B2E5-502A71474FED}componentsNPComponent.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnprpjplug.dll
FF — HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} — c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension—- FIREFOX POLICIES —-
FF — user.js: general.useragent.extra.zencast — Creative ZENcast v2.01.01);user_pref(general.useragent.extra.zencast, c:program filesMozilla Firefoxgreprefsall.js — pref(«ui.use_native_colors», true);
c:program filesMozilla Firefoxgreprefsall.js — pref(«ui.use_native_popup_windows», false);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.enable_click_image_resizing», true);
c:program filesMozilla Firefoxgreprefsall.js — pref(«accessibility.browsewithcaret_shortcut.enabled», true);
c:program filesMozilla Firefoxgreprefsall.js — pref(«javascript.options.mem.high_water_mark», 32);
c:program filesMozilla Firefoxgreprefsall.js — pref(«javascript.options.mem.gc_frequency», 1600);
c:program filesMozilla Firefoxgreprefsall.js — pref(«network.auth.force-generic-ntlm», false);
c:program filesMozilla Firefoxgreprefsall.js — pref(«svg.smil.enabled», false);
c:program filesMozilla Firefoxgreprefsall.js — pref(«ui.trackpoint_hack.enabled», -1);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.debug», false);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.agedWeight», 2);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.bucketSize», 1);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.maxTimeGroupings», 25);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.timeGroupingSize», 604800);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.boundaryWeight», 25);
c:program filesMozilla Firefoxgreprefsall.js — pref(«browser.formfill.prefixWeight», 5);
c:program filesMozilla Firefoxgreprefsall.js — pref(«html5.enable», false);
c:program filesMozilla Firefoxdefaultspreffirefox-branding.js — pref(«app.update.download.backgroundInterval», 600);
c:program filesMozilla Firefoxdefaultspreffirefox-branding.js — pref(«app.update.url.manual», «http://www.firefox.com»);
c:program filesMozilla Firefoxdefaultspreffirefox-branding.js — pref(«browser.search.param.yahoo-fr-ja», «mozff»);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name», «chrome://browser/locale/browser.properties»);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description», «chrome://browser/locale/browser.properties»);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«xpinstall.whitelist.add», «addons.mozilla.org»);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«xpinstall.whitelist.add.36», «getpersonas.com»);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«lightweightThemes.update.enabled», true);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«browser.allTabs.previews», false);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«plugins.hide_infobar_for_outdated_plugin», false);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«plugins.update.notifyUser», false);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«toolbar.customization.usesheet», false);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«browser.taskbar.previews.enable», false);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«browser.taskbar.previews.max», 20);
c:program filesMozilla Firefoxdefaultspreffirefox.js — pref(«browser.taskbar.previews.cachetime», 20);
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-22 21:27
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(720)
c:windowssystem32SETUPAPI.dll
c:windowssystem32Ati2evxx.dll
c:windowssystem32atiadlxx.dll
c:program filescommon fileslogitechbluetoothLBTWlgn.dll
c:program filescommon fileslogitechbluetoothLBTServ.dll
c:windowssystem32cscui.dll
c:windowssystem32COMRes.dll— — — — — — — > ‘lsass.exe'(792)
c:windowssystem32setupapi.dll
.
Completion time: 2010-03-22 21:28:37
ComboFix-quarantined-files.txt 2010-03-22 18:28
ComboFix2.txt 2010-02-28 12:19
ComboFix3.txt 2010-02-28 05:44
ComboFix4.txt 2010-02-25 23:39Pre-Run: 13 212 454 912 байт свободно
Post-Run: 13 239 296 000 байт свободно— — End Of File — — 88A281FC7E1F9E06CB6869DC4058A856
ComboFix 10-03-21.05 — Андрей 22.03.2010 21:18:51.4.4 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.3071.2272 [GMT 3:00]
Running from: c:documents and settingsАндрейРабочий столComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:docume~186A9~1LOCALS~1TempSoftlandBackup4all 3LangTempBackup4all.RUS
c:documents and settingsАндрейLocal SettingstempSoftlandBackup4all 3LangTempBackup4all.RUS
c:windowssystem323795871a.exe
c:windowssystem325d6f8e5b.exe.
((((((((((((((((((((((((( Files Created from 2010-02-22 to 2010-03-22 )))))))))))))))))))))))))))))))
.2010-03-08 23:37 . 2010-03-08 23:37
d
w- c:program filesUbisoft
2010-03-08 23:36 . 2009-09-04 14:44 515416 —-a-w- c:windowssystem32XAudio2_5.dll
2010-03-08 23:36 . 2009-09-04 14:44 238936 —-a-w- c:windowssystem32xactengine3_5.dll
2010-03-08 23:36 . 2009-09-04 14:29 1974616 —-a-w- c:windowssystem32D3DCompiler_42.dll
2010-03-08 23:36 . 2009-09-04 14:29 5501792 —-a-w- c:windowssystem32d3dcsx_42.dll
2010-03-08 23:36 . 2009-09-04 14:29 235344 —-a-w- c:windowssystem32d3dx11_42.dll
2010-03-08 23:36 . 2009-09-04 14:29 453456 —-a-w- c:windowssystem32d3dx10_42.dll
2010-03-08 23:36 . 2009-09-04 14:29 1892184 —-a-w- c:windowssystem32D3DX9_42.dll
2010-03-02 10:47 . 2010-03-02 10:47
d
w- c:documents and settingsAll UsersApplication DataATI
2010-03-02 10:39 . 2010-02-03 03:19 143360 —-a-w- c:windowssystem32atiapfxx.exe
2010-03-02 10:39 . 2010-03-02 10:47
d
w- c:program filesATI
2010-03-02 08:56 . 2009-04-06 06:08 4682 —-a-w- c:windowssystem32npptNT2.sys.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-22 18:09 . 2009-05-21 18:40
d—a-w- c:documents and settingsAll UsersApplication DataTEMP
2010-03-22 18:07 . 2010-02-15 15:06
d
w- c:program filesUPSMON
2010-03-16 07:35 . 2008-12-09 15:26
d
w- c:program filesQIP Infium
2010-03-15 11:57 . 2008-11-23 20:09
d
w- c:program filesStarlink VideoLAN
2010-03-09 20:01 . 2008-11-23 19:36
d
w- c:documents and settingsAll UsersApplication DataMicrosoft Help
2010-03-08 23:54 . 2010-02-03 20:04
d
w- c:documents and settingsAll UsersApplication DataUbisoft
2010-03-08 23:37 . 2008-11-23 17:54
d—h—w- c:program filesInstallShield Installation Information
2010-03-07 10:54 . 2009-08-28 19:25
d
w- c:program filesBonjour
2010-03-07 10:49 . 2009-10-05 17:52
d
w- c:documents and settingsAll UsersApplication DataCreative
2010-03-02 10:41 . 2009-08-25 07:55
d
w- c:program filesATI Technologies
2010-02-28 05:24 . 2008-11-23 17:16 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2010-02-16 12:59 . 2010-02-16 09:10
d
w- c:program filesICQ7.0
2010-02-14 10:28 . 2010-02-14 10:28 31744 —-a-w- c:windowssystem32bd4d22d1.exe
2010-02-13 22:47 . 2010-02-13 22:47
d
w- c:program filestrend micro
2010-02-13 07:44 . 2008-11-23 18:02
d
w- c:program filesESET
2010-02-12 23:03 . 2010-02-12 23:03 83968 —-a-w- c:windowssystem32dubpDkV.exe
2010-02-11 20:34 . 2010-02-11 20:34
d
w- c:program filesCommon Fileswm
2010-02-09 09:10 . 2008-11-23 19:22
d
w- c:documents and settingsAll UsersApplication DataInstallations
2010-02-09 09:10 . 2009-01-08 22:41
d
w- c:program filesCommon FilesNokia
2010-02-09 09:10 . 2008-11-23 19:23
d
w- c:program filesNokia
2010-02-09 09:08 . 2010-02-09 09:08 3351812 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsmsxml6Exec.exe
2010-02-09 09:08 . 2010-02-09 09:08 36864 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsSleep.exe
2010-02-09 09:08 . 2010-02-09 09:08 3203453 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsvcredistExec.exe
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsftWdf_user_01_07_00.Wdf
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesCommon FilesPCSuite
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesPC Connectivity Solution
2010-02-09 08:59 . 2010-02-09 09:09 24536384 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}NokiaSoftwareUpdaterSetup_ru.exe
2010-02-09 08:59 . 2010-02-09 08:59 95232 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionspcswpcsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 61440 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCSFEMsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 8192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstCCD.exe
2010-02-09 08:59 . 2010-02-09 08:59 10240 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCS.exe
2010-02-09 08:58 . 2010-02-09 08:59 34864192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}Nokia_PC_Suite_rus_web.exe
2010-02-03 04:52 . 2009-07-15 04:20 4605952 —-a-w- c:windowssystem32driversati2mtag.sys
2010-02-03 04:12 . 2009-07-15 01:22 45056 —-a-w- c:windowssystem32aticalrt.dll
2010-02-03 04:12 . 2009-07-15 01:22 45056 —-a-w- c:windowssystem32aticalcl.dll
2010-02-03 04:10 . 2009-07-15 01:20 3633152 —-a-w- c:windowssystem32aticaldd.dll
2010-02-03 04:07 . 2009-07-15 02:00 311296 —-a-w- c:windowssystem32atiiiexx.dll
2010-02-03 04:02 . 2009-07-15 01:48 14188544 —-a-w- c:windowssystem32atioglxx.dll
2010-02-03 03:50 . 2009-07-15 01:58 3566048 —-a-w- c:windowssystem32ati3duag.dll
2010-02-03 03:40 . 2009-07-15 02:29 446464 —-a-w- c:windowssystem32ATIDEMGX.dll
2010-02-03 03:39 . 2009-07-15 02:27 301568 —-a-w- c:windowssystem32ati2dvag.dll
2010-02-03 03:35 . 2009-07-15 01:44 2176640 —-a-w- c:windowssystem32ativvaxx.dll
2010-02-03 03:34 . 2009-07-15 01:43 887724 —-a-w- c:windowssystem32ativva6x.dat
2010-02-03 03:34 . 2009-07-15 01:43 3 —-a-w- c:windowssystem32ativva5x.dat
2010-02-03 03:32 . 2009-07-15 01:18 397312 —-a-w- c:windowssystem32atiok3x2.dll
2010-02-03 03:23 . 2009-07-15 02:10 208896 —-a-w- c:windowssystem32atipdlxx.dll
2010-02-03 03:23 . 2009-07-15 02:10 155648 —-a-w- c:windowssystem32Oemdspif.dll
2010-02-03 03:23 . 2009-07-15 02:10 26112 —-a-w- c:windowssystem32Ati2mdxx.exe
2010-02-03 03:23 . 2009-07-15 02:10 43520 —-a-w- c:windowssystem32ati2edxx.dll
2010-02-03 03:22 . 2009-07-15 02:09 159744 —-a-w- c:windowssystem32ati2evxx.dll
2010-02-03 03:21 . 2009-07-15 02:08 602112 —-a-w- c:windowssystem32ati2evxx.exe
2010-02-03 03:19 . 2009-07-15 02:06 53248 —-a-w- c:windowssystem32ATIDDC.DLL
2010-02-03 03:18 . 2009-07-15 01:27 65024 —-a-w- c:windowssystem32atimpc32.dll
2010-02-03 03:18 . 2009-07-15 01:27 65024 —-a-w- c:windowssystem32amdpcom32.dll
2010-02-03 03:17 . 2009-07-15 01:19 53248 —-a-w- c:windowssystem32driversati2erec.dll
2010-02-03 03:15 . 2009-07-15 01:23 565248 —-a-w- c:windowssystem32atikvmag.dll
2010-02-03 03:12 . 2009-07-15 01:21 180224 —-a-w- c:windowssystem32atiadlxx.dll
2010-02-03 03:12 . 2009-07-15 01:20 17408 —-a-w- c:windowssystem32atitvo32.dll
2010-02-03 03:06 . 2009-07-15 01:14 638976 —-a-w- c:windowssystem32ati2cqag.dll
2010-01-17 08:47 . 2010-01-17 08:47 41704 —ha-w- c:windowssystem32mlfcache.dat
2010-01-05 09:48 . 2008-07-20 07:07 841216
w- c:windowssystem32wininet.dll
2010-01-05 09:48 . 2008-07-20 07:07 78336 —-a-w- c:windowssystem32ieencode.dll
2010-01-05 09:48 . 2008-07-20 07:07 17408 —-a-w- c:windowssystem32corpol.dll
2009-12-31 16:50 . 2008-04-15 12:00 353792 —-a-w- c:windowssystem32driverssrv.sys
2009-12-30 05:11 . 2009-12-30 05:11 79144 —-a-w- c:documents and settingsAll UsersApplication DataApple ComputerInstaller CacheiTunes 9.0.2.25SetupAdmin.exe
.
Sigcheck
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32comctl32.dll
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32dllcachecomctl32.dll[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32user32.dll
[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32dllcacheuser32.dll[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowsexplorer.exe
[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowssystem32dllcacheexplorer.exe[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32SfcFiles.dll
[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32dllcacheSfcFiles.dll[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32dllcachectfmon.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-02-28_05.41.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 21:02 . 2009-07-11 21:02 51008 c:windowsWinSxSx86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aavcomp90.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 59728 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90rus.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 42832 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90kor.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 43344 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90jpn.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 61264 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90ita.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 62800 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90fra.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 61760 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90esp.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 61776 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90esn.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 53568 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90enu.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 63296 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90deu.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 36688 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90cht.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 35648 c:windowsWinSxSx86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313mfc90chs.dll
+ 2009-07-11 21:05 . 2009-07-11 21:05 59904 c:windowsWinSxSx86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53mfcm90u.dll
+ 2009-07-11 21:05 . 2009-07-11 21:05 59904 c:windowsWinSxSx86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53mfcm90.dll
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsWinSxSMSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8MOM.EXE
— 2009-08-25 07:56 . 2009-08-25 07:56 65536 c:windowsWinSxSMSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8MOM.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 86016 c:windowsWinSxSMSIL_LOG_90ba9c70f846762e_2.0.3685.42369_x-ww_502e3afbLOG.EXE
— 2009-08-25 07:56 . 2009-08-25 07:56 65536 c:windowsWinSxSMSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733CLI.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsWinSxSMSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733CLI.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsWinSxSMSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0CCC.EXE
— 2009-08-25 07:56 . 2009-08-25 07:56 65536 c:windowsWinSxSMSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0CCC.EXE
+ 2009-08-08 10:51 . 2009-09-04 14:44 69464 c:windowssystem32XAPOFX1_3.dll
+ 2008-12-28 19:48 . 2008-07-31 07:41 68616 c:windowssystem32XAPOFX1_1.dll
— 2008-12-28 19:48 . 2008-07-30 03:20 68616 c:windowssystem32XAPOFX1_1.dll
+ 2009-10-07 17:18 . 2009-03-16 11:18 22360 c:windowssystem32X3DAudio1_6.dll
— 2009-10-07 17:18 . 2009-03-16 10:18 22360 c:windowssystem32X3DAudio1_6.dll
— 2008-12-29 14:35 . 2009-05-26 11:43 17784 c:windowssystem32spmsg.dll
+ 2008-12-29 14:35 . 2008-07-08 13:21 17784 c:windowssystem32spmsg.dll
+ 2010-03-02 10:39 . 2001-11-09 15:01 24064 c:windowssystem32ReinstallBackups021DriverFilesB_85444ativcoxx.dll
+ 2010-03-02 10:39 . 2009-07-15 01:20 17408 c:windowssystem32ReinstallBackups021DriverFilesB_85444atitvo32.dll
+ 2010-03-02 10:39 . 2009-02-03 20:52 45056 c:windowssystem32ReinstallBackups021DriverFilesB_85444ATIODCLI.exe
+ 2010-03-02 10:39 . 2009-07-15 01:27 49664 c:windowssystem32ReinstallBackups021DriverFilesB_85444atimpc32.dll
+ 2010-03-02 10:39 . 2009-07-15 02:06 53248 c:windowssystem32ReinstallBackups021DriverFilesB_85444ATIDDC.DLL
+ 2010-03-02 10:39 . 2009-07-15 01:22 45056 c:windowssystem32ReinstallBackups021DriverFilesB_85444aticalrt.dll
+ 2010-03-02 10:39 . 2009-07-15 01:22 45056 c:windowssystem32ReinstallBackups021DriverFilesB_85444aticalcl.dll
+ 2010-03-02 10:39 . 2009-07-15 02:10 26112 c:windowssystem32ReinstallBackups021DriverFilesB_85444Ati2mdxx.exe
+ 2010-03-02 10:39 . 2009-07-15 01:19 53248 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2erec.dll
+ 2010-03-02 10:39 . 2009-07-15 02:10 43520 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2edxx.dll
+ 2010-03-02 10:39 . 2010-02-03 03:23 81024 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228oemdspif.dll
+ 2010-03-02 10:39 . 2001-11-09 16:01 12614 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ativcoxx.dll
+ 2010-03-02 10:39 . 2009-02-18 18:55 81447 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiode.exe
+ 2010-03-02 10:39 . 2009-02-03 21:52 25093 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiodcli.exe
+ 2010-03-02 10:39 . 2010-02-03 03:18 41501 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atimpc32.dll
+ 2010-03-02 10:39 . 2010-02-03 03:19 28700 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiddc.dll
+ 2010-03-02 10:39 . 2010-02-03 04:12 23096 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228aticalrt.dll
+ 2010-03-02 10:39 . 2010-02-03 04:12 22691 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228aticalcl.dll
+ 2010-03-02 10:39 . 2009-05-11 22:35 71662 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atibtmon.exe
+ 2010-03-02 10:39 . 2010-02-03 03:19 54490 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiapfxx.exe
+ 2010-03-02 10:39 . 2010-02-03 03:12 98311 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atiadlxx.dll
+ 2010-03-02 10:39 . 2010-02-03 03:23 16309 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2mdxx.exe
+ 2010-03-02 10:39 . 2010-02-03 03:22 80879 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2evxx.dll
+ 2010-03-02 10:39 . 2010-02-03 03:17 13650 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2erec.dll
+ 2010-03-02 10:39 . 2010-02-03 03:23 28841 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228ati2edxx.dll
+ 2008-11-23 17:26 . 2010-03-03 19:17 32768 c:windowssystem32configsystemprofileLocal SettingsTemporary Internet FilesContent.IE5index.dat
— 2008-11-23 17:26 . 2010-02-14 10:28 32768 c:windowssystem32configsystemprofileLocal SettingsTemporary Internet FilesContent.IE5index.dat
— 2008-11-23 17:26 . 2010-02-14 10:28 32768 c:windowssystem32configsystemprofileLocal SettingsHistoryHistory.IE5index.dat
+ 2008-11-23 17:26 . 2010-03-03 19:17 32768 c:windowssystem32configsystemprofileLocal SettingsHistoryHistory.IE5index.dat
+ 2010-03-03 19:17 . 2010-03-03 19:17 16384 c:windowssystem32configsystemprofileCookiesindex.dat
+ 2001-11-09 15:01 . 2001-11-09 16:01 24064 c:windowssystem32ativcoxx.dll
— 2001-11-09 15:01 . 2001-11-09 15:01 24064 c:windowssystem32ativcoxx.dll
+ 2009-02-03 20:52 . 2009-02-03 21:52 45056 c:windowssystem32ATIODCLI.exe
— 2009-02-03 20:52 . 2009-02-03 20:52 45056 c:windowssystem32ATIODCLI.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{E7231089-60AD-CD67-8CC0-B0F415E2A32A}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{E4C82E4B-CD9E-27ED-BC6A-E099DE3EC3ED}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{D0E6B5D9-6737-AF3E-7BE5-7327DD6B6002}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{A9867BC9-0EAD-BAC6-C320-4FBC2E127643}ARPPRODUCTICON.exe
+ 2010-03-02 10:39 . 2010-03-02 10:39 77542 c:windowsInstaller{9BB86C70-E1EF-7457-46DC-0093B5269458}NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-03-02 10:39 . 2010-03-02 10:39 77542 c:windowsInstaller{9BB86C70-E1EF-7457-46DC-0093B5269458}NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-03-02 10:39 . 2010-03-02 10:39 77542 c:windowsInstaller{9BB86C70-E1EF-7457-46DC-0093B5269458}NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-03-02 10:39 . 2010-03-02 10:39 77542 c:windowsInstaller{9BB86C70-E1EF-7457-46DC-0093B5269458}NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-03-02 10:39 . 2010-03-02 10:39 77542 c:windowsInstaller{9BB86C70-E1EF-7457-46DC-0093B5269458}ARPPRODUCTICON.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 35088 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}oisicon.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 35088 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}oisicon.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 18704 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}mspicons.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 18704 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}mspicons.exe
+ 2008-11-23 19:40 . 2010-03-09 20:01 20240 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}cagicon.exe
— 2008-11-23 19:40 . 2010-02-26 09:24 20240 c:windowsInstaller{90120000-0030-0000-0000-0000000FF1CE}cagicon.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{8D7133DE-27D2-47E5-B248-4180278D32AA}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{855AA20A-CA81-7EF1-1936-AE4AA3DC4BEA}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{5B9EFDF8-AC4F-CA21-9A8C-7534D49E7EE9}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 44758 c:windowsInstaller{302126A2-BB96-5931-6249-CAACA2C89AA1}NewShortcut11_EAB9635D261D49BE88DDE71A7C809B2D.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{302126A2-BB96-5931-6249-CAACA2C89AA1}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{2CF6349E-8A3F-B726-F59A-8703FC8885E8}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{257DEF70-A302-CF80-79FE-D8C72EB5E4D0}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 10134 c:windowsInstaller{1A48AB8A-DA88-545F-9D3D-C481DC6C31A3}ARPPRODUCTICON.exe
+ 2010-03-02 10:41 . 2010-03-02 10:41 19968 c:windowsassemblyGAC_MSILPCKGHLP.Foundation.Implementation2.0.3685.42388__90ba9c70f846762ePCKGHLP.Foundation.Implementation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 15360 c:windowsassemblyGAC_MSILNEWAEM.Foundation2.0.3685.42236__90ba9c70f846762eNEWAEM.Foundation.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 65536 c:windowsassemblyGAC_MSILMOM2.0.0.0__90ba9c70f846762eMOM.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILMOM2.0.0.0__90ba9c70f846762eMOM.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 86016 c:windowsassemblyGAC_MSILLOG2.0.3685.42369__90ba9c70f846762eLOG.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 32768 c:windowsassemblyGAC_MSILLOG.Foundation2.0.3685.42235__90ba9c70f846762eLOG.Foundation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 36864 c:windowsassemblyGAC_MSILLOG.Foundation.Private2.0.3685.42239__90ba9c70f846762eLOG.Foundation.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILLOG.Foundation.Implementation2.0.3685.42369__90ba9c70f846762eLOG.Foundation.Implementation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILLOG.Foundation.Implementation.Private2.0.3685.42240__90ba9c70f846762eLOG.Foundation.Implementation.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 16384 c:windowsassemblyGAC_MSILDEM.OS2.0.3337.29364__90ba9c70f846762eDEM.OS.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 16384 c:windowsassemblyGAC_MSILDEM.OS2.0.3337.29364__90ba9c70f846762eDEM.OS.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 20480 c:windowsassemblyGAC_MSILDEM.OS.I06022.0.3337.29328__90ba9c70f846762eDEM.OS.I0602.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILDEM.OS.I06022.0.3337.29328__90ba9c70f846762eDEM.OS.I0602.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 16384 c:windowsassemblyGAC_MSILDEM.Graphics.I07062.0.2743.23304__90ba9c70f846762eDEM.Graphics.I0706.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 16384 c:windowsassemblyGAC_MSILDEM.Graphics.I07062.0.2743.23304__90ba9c70f846762eDEM.Graphics.I0706.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILDEM.Graphics.I07032.0.2651.18802__90ba9c70f846762eDEM.Graphics.I0703.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 20480 c:windowsassemblyGAC_MSILDEM.Graphics.I07032.0.2651.18802__90ba9c70f846762eDEM.Graphics.I0703.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 16384 c:windowsassemblyGAC_MSILDEM.Graphics.I07022.0.2594.25693__90ba9c70f846762eDEM.Graphics.I0702.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 16384 c:windowsassemblyGAC_MSILDEM.Graphics.I07022.0.2594.25693__90ba9c70f846762eDEM.Graphics.I0702.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILDEM.Graphics.I06012.0.2573.17685__90ba9c70f846762eDEM.Graphics.I0601.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 45056 c:windowsassemblyGAC_MSILDEM.Graphics.I06012.0.2573.17685__90ba9c70f846762eDEM.Graphics.I0601.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 16384 c:windowsassemblyGAC_MSILDEM.Foundation2.0.2573.17684__90ba9c70f846762eDEM.Foundation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 16384 c:windowsassemblyGAC_MSILDEM.Foundation2.0.2573.17684__90ba9c70f846762eDEM.Foundation.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 65536 c:windowsassemblyGAC_MSILCLI2.0.0.0__90ba9c70f846762eCLI.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILCLI2.0.0.0__90ba9c70f846762eCLI.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Implementation2.0.3685.42240__90ba9c70f846762eCLI.Implementation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 98304 c:windowsassemblyGAC_MSILCLI.Foundation2.0.3685.42237__90ba9c70f846762eCLI.Foundation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Foundation.XManifest2.0.3685.42371__90ba9c70f846762eCLI.Foundation.XManifest.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 40960 c:windowsassemblyGAC_MSILCLI.Foundation.Private2.0.3685.42241__90ba9c70f846762eCLI.Foundation.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Component.Wizard.Shared2.0.3685.42238__90ba9c70f846762eCLI.Component.Wizard.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 11776 c:windowsassemblyGAC_MSILCLI.Component.Wizard.Shared.Private2.0.3685.42269__90ba9c70f846762eCLI.Component.Wizard.Shared.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 57344 c:windowsassemblyGAC_MSILCLI.Component.SkinFactory2.0.3685.42247__90ba9c70f846762eCLI.Component.SkinFactory.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILCLI.Component.Runtime2.0.3685.42246__90ba9c70f846762eCLI.Component.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 49152 c:windowsassemblyGAC_MSILCLI.Component.Runtime.Shared.Private2.0.3685.42245__90ba9c70f846762eCLI.Component.Runtime.Shared.Private.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 81920 c:windowsassemblyGAC_MSILCLI.Component.PowerXpressHybrid2.0.3685.42406__90ba9c70f846762eCLI.Component.PowerXpressHybrid.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Component.Load2.0.3685.42369__90ba9c70f846762eCLI.Component.Load.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Component.Icomponent2.0.3685.42278__90ba9c70f846762eCLI.Component.Icomponent.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Component.Help2.0.3685.42368__90ba9c70f846762eCLI.Component.Help.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILCLI.Component.Erecord2.0.3685.42291__90ba9c70f846762eCLI.Component.Erecord.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Component.Dashboard.Shared2.0.3685.42238__90ba9c70f846762eCLI.Component.Dashboard.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 10240 c:windowsassemblyGAC_MSILCLI.Component.Dashboard.Shared.Private2.0.3685.42255__90ba9c70f846762eCLI.Component.Dashboard.Shared.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILCLI.Component.Dashboard.ProfileManager.Resources2.0.3685.42299__90ba9c70f846762eCLI.Component.Dashboard.ProfileManager.Resources.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILCLI.Component.Dashboard.HotKeyManager.Resources2.0.3685.42298__90ba9c70f846762eCLI.Component.Dashboard.HotKeyManager.Resources.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 40960 c:windowsassemblyGAC_MSILCLI.Component.Client.Shared.Private2.0.3685.42254__90ba9c70f846762eCLI.Component.Client.Shared.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Component.AutoRemoval2.0.3685.42352__90ba9c70f846762eCLI.Component.Autoremoval.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 11776 c:windowsassemblyGAC_MSILCLI.Caste.HydraVision.Runtime2.0.3685.42396__90ba9c70f846762eCLI.Caste.HydraVision.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 40960 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Wizard2.0.3685.42271__90ba9c70f846762eCLI.Caste.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 16384 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Wizard.Shared2.0.3685.42270__90ba9c70f846762eCLI.Caste.Graphics.Wizard.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 73728 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Dashboard2.0.3685.42261__90ba9c70f846762eCLI.Caste.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 16384 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Dashboard.Shared2.0.3685.42261__90ba9c70f846762eCLI.Caste.Graphics.Dashboard.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Aspect.WorkstationConfig2.Graphics.Shared2.0.3685.42401__90ba9c70f846762eCLI.Aspect.WorkstationConfig2.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 36864 c:windowsassemblyGAC_MSILCLI.Aspect.WorkstationConfig2.Graphics.Runtime2.0.3685.42402__90ba9c70f846762eCLI.Aspect.WorkstationConfig2.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 90112 c:windowsassemblyGAC_MSILCLI.Aspect.WorkstationConfig2.Graphics.Dashboard2.0.3685.42401__90ba9c70f846762eCLI.Aspect.WorkstationConfig2.Graphics.Dashboard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 13312 c:windowsassemblyGAC_MSILCLI.Aspect.Welcome.Graphics.Runtime2.0.3685.42422__90ba9c70f846762eCLI.Aspect.Welcome.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 65536 c:windowsassemblyGAC_MSILCLI.Aspect.Welcome.Graphics.Dashboard2.0.3685.42380__90ba9c70f846762eCLI.Aspect.Welcome.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Aspect.VPURecover.Graphics.Shared2.0.3685.42277__90ba9c70f846762eCLI.Aspect.VPURecover.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 28672 c:windowsassemblyGAC_MSILCLI.Aspect.VPURecover.Graphics.Runtime2.0.3685.42277__90ba9c70f846762eCLI.Aspect.VPURecover.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 61440 c:windowsassemblyGAC_MSILCLI.Aspect.VPURecover.Graphics.Dashboard2.0.3685.42278__90ba9c70f846762eCLI.Aspect.VPURecover.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Aspect.VeryLargeDesktop.Graphics.Shared2.0.3685.42320__90ba9c70f846762eCLI.Aspect.VeryLargeDesktop.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 32768 c:windowsassemblyGAC_MSILCLI.Aspect.VeryLargeDesktop.Graphics.Runtime2.0.3685.42320__90ba9c70f846762eCLI.Aspect.VeryLargeDesktop.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 40960 c:windowsassemblyGAC_MSILCLI.Aspect.TransCode.Graphics.Shared2.0.3685.42378__90ba9c70f846762eCLI.Aspect.TransCode.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Aspect.SmartGart.Graphics.Shared2.0.3685.42290__90ba9c70f846762eCLI.Aspect.SmartGart.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 32768 c:windowsassemblyGAC_MSILCLI.Aspect.SmartGart.Graphics.Runtime2.0.3685.42291__90ba9c70f846762eCLI.Aspect.SmartGart.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 94208 c:windowsassemblyGAC_MSILCLI.Aspect.Radeon3D.Graphics.Wizard2.0.3685.42332__90ba9c70f846762eCLI.Aspect.Radeon3D.Graphics.Wizard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 57344 c:windowsassemblyGAC_MSILCLI.Aspect.Radeon3D.Graphics.Shared2.0.3685.42330__90ba9c70f846762eCLI.Aspect.Radeon3D.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 65536 c:windowsassemblyGAC_MSILCLI.Aspect.Radeon3D.Graphics.Runtime2.0.3685.42330__90ba9c70f846762eCLI.Aspect.Radeon3D.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 12800 c:windowsassemblyGAC_MSILCLI.Aspect.PowerXpress.Graphics.Shared2.0.3685.42345__90ba9c70f846762eCLI.Aspect.PowerXpress.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 32768 c:windowsassemblyGAC_MSILCLI.Aspect.PowerXpress.Graphics.Runtime2.0.3685.42392__90ba9c70f846762eCLI.Aspect.PowerXpress.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlayDPPE.Graphics.Shared2.0.3685.42344__90ba9c70f846762eCLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 45056 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlayDPPE.Graphics.Runtime2.0.3685.42377__90ba9c70f846762eCLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlay4.Graphics.Shared2.0.3685.42345__90ba9c70f846762eCLI.Aspect.PowerPlay4.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 49152 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlay4.Graphics.Runtime2.0.3685.42380__90ba9c70f846762eCLI.Aspect.PowerPlay4.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlay3.Graphics.Shared2.0.3685.42322__90ba9c70f846762eCLI.Aspect.PowerPlay3.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 49152 c:windowsassemblyGAC_MSILCLI.Aspect.PowerPlay3.Graphics.Runtime2.0.3685.42323__90ba9c70f846762eCLI.Aspect.PowerPlay3.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILCLI.Aspect.OverDrive5.Graphics.Shared2.0.3685.42393__90ba9c70f846762eCLI.Aspect.OverDrive5.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 77824 c:windowsassemblyGAC_MSILCLI.Aspect.OverDrive5.Graphics.Runtime2.0.3685.42394__90ba9c70f846762eCLI.Aspect.OverDrive5.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Aspect.OverDrive3.Graphics.Shared2.0.3685.42291__90ba9c70f846762eCLI.Aspect.OverDrive3.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 69632 c:windowsassemblyGAC_MSILCLI.Aspect.OverDrive3.Graphics.Runtime2.0.3685.42292__90ba9c70f846762eCLI.Aspect.OverDrive3.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU4.Graphics.Shared2.0.3685.42363__90ba9c70f846762eCLI.Aspect.MultiVPU4.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU4.Graphics.Runtime2.0.3685.42399__90ba9c70f846762eCLI.Aspect.MultiVPU4.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 12800 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU3.Graphics.Shared2.0.3685.42344__90ba9c70f846762eCLI.Aspect.MultiVPU3.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU3.Graphics.Runtime2.0.3685.42372__90ba9c70f846762eCLI.Aspect.MultiVPU3.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU2.Graphics.Shared2.0.3685.42313__90ba9c70f846762eCLI.Aspect.MultiVPU2.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILCLI.Aspect.MultiVPU2.Graphics.Runtime2.0.3685.42314__90ba9c70f846762eCLI.Aspect.MultiVPU2.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 32768 c:windowsassemblyGAC_MSILCLI.Aspect.MultiDesk.HydraVision.Runtime2.0.3685.42405__90ba9c70f846762eCLI.Aspect.MultiDesk.HydraVision.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILCLI.Aspect.MMVideo.Graphics.Shared2.0.3685.42300__90ba9c70f846762eCLI.Aspect.MMVideo.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 98304 c:windowsassemblyGAC_MSILCLI.Aspect.MMVideo.Graphics.Runtime2.0.3685.42312__90ba9c70f846762eCLI.Aspect.MMVideo.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 10240 c:windowsassemblyGAC_MSILCLI.Aspect.MDProp.HydraVision.Shared2.0.3685.42403__90ba9c70f846762eCLI.Aspect.MDProp.HydraVision.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 32768 c:windowsassemblyGAC_MSILCLI.Aspect.MDProp.HydraVision.Runtime2.0.3685.42404__90ba9c70f846762eCLI.Aspect.MDProp.HydraVision.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Aspect.HotkeysHandling.Graphics.Shared2.0.3685.42248__90ba9c70f846762eCLI.Aspect.HotkeysHandling.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 20480 c:windowsassemblyGAC_MSILCLI.Aspect.HotkeysHandling.Graphics.Runtime2.0.3685.42263__90ba9c70f846762eCLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 10240 c:windowsassemblyGAC_MSILCLI.Aspect.Grid.HydraVision.Shared2.0.3685.42396__90ba9c70f846762eCLI.Aspect.Grid.HydraVision.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 36864 c:windowsassemblyGAC_MSILCLI.Aspect.Grid.HydraVision.Runtime2.0.3685.42397__90ba9c70f846762eCLI.Aspect.Grid.HydraVision.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 69632 c:windowsassemblyGAC_MSILCLI.Aspect.FramelockGenlock.Graphics.Shared2.0.3685.42411__90ba9c70f846762eCLI.Aspect.FramelockGenlock.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 73728 c:windowsassemblyGAC_MSILCLI.Aspect.FramelockGenlock.Graphics.Runtime2.0.3685.42412__90ba9c70f846762eCLI.Aspect.FramelockGenlock.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysOptions.Graphics.Shared2.0.3685.42319__90ba9c70f846762eCLI.Aspect.DisplaysOptions.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 40960 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysOptions.Graphics.Runtime2.0.3685.42319__90ba9c70f846762eCLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 94208 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysOptions.Graphics.Dashboard2.0.3685.42320__90ba9c70f846762eCLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysColour2.Graphics.Shared2.0.3685.42262__90ba9c70f846762eCLI.Aspect.DisplaysColour2.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 40960 c:windowsassemblyGAC_MSILCLI.Aspect.DisplaysColour2.Graphics.Runtime2.0.3685.42284__90ba9c70f846762eCLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceTV.Graphics.Shared2.0.3685.42352__90ba9c70f846762eCLI.Aspect.DeviceTV.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 77824 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceTV.Graphics.Runtime2.0.3685.42353__90ba9c70f846762eCLI.Aspect.DeviceTV.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 49152 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceProperty.Graphics.Shared2.0.3685.42261__90ba9c70f846762eCLI.Aspect.DeviceProperty.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 53248 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceProperty.Graphics.Runtime2.0.3685.42310__90ba9c70f846762eCLI.Aspect.DeviceProperty.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceLCD.Graphics.Shared2.0.3685.42262__90ba9c70f846762eCLI.Aspect.DeviceLCD.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 36864 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceLCD.Graphics.Runtime2.0.3685.42321__90ba9c70f846762eCLI.Aspect.DeviceLCD.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 53248 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceDFP.Graphics.Shared2.0.3685.42276__90ba9c70f846762eCLI.Aspect.DeviceDFP.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceDFP.Graphics.Runtime2.0.3685.42310__90ba9c70f846762eCLI.Aspect.DeviceDFP.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 40960 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCV.Graphics.Shared2.0.3685.42323__90ba9c70f846762eCLI.Aspect.DeviceCV.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 65536 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCV.Graphics.Runtime2.0.3685.42324__90ba9c70f846762eCLI.Aspect.DeviceCV.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 53248 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCRT.Graphics.Shared2.0.3685.42310__90ba9c70f846762eCLI.Aspect.DeviceCRT.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILCLI.Aspect.DeviceCRT.Graphics.Runtime2.0.3685.42312__90ba9c70f846762eCLI.Aspect.DeviceCRT.Graphics.Runtime.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 12800 c:windowsassemblyGAC_MSILCLI.Aspect.DeskMan.HydraVision.Shared2.0.3685.42402__90ba9c70f846762eCLI.Aspect.DeskMan.HydraVision.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 36864 c:windowsassemblyGAC_MSILCLI.Aspect.DeskMan.HydraVision.Runtime2.0.3685.42403__90ba9c70f846762eCLI.Aspect.DeskMan.HydraVision.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 98304 c:windowsassemblyGAC_MSILCLI.Aspect.CustomFormatSelection.Graphics.Dashboard2.0.3685.42299__90ba9c70f846762eCLI.Aspect.CustomFormatSelection.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILCLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private2.0.3685.42299__90ba9c70f846762eCLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 28672 c:windowsassemblyGAC_MSILCLI.Aspect.CustomFormats.Graphics.Shared2.0.3685.42275__90ba9c70f846762eCLI.Aspect.CustomFormats.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 57344 c:windowsassemblyGAC_MSILCLI.Aspect.CrossFireX.Graphics.Dashboard2.0.3685.42416__90ba9c70f846762eCLI.Aspect.CrossFireX.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 15360 c:windowsassemblyGAC_MSILCLI.Aspect.ALICrossfire.Graphics.Shared2.0.3685.42363__90ba9c70f846762eCLI.Aspect.ALICrossfire.Graphics.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 36864 c:windowsassemblyGAC_MSILCLI.Aspect.ALICrossfire.Graphics.Runtime2.0.3685.42410__90ba9c70f846762eCLI.Aspect.ALICrossfire.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 57344 c:windowsassemblyGAC_MSILCLI.Aspect.ALICrossfire.Graphics.Dashboard2.0.3685.42410__90ba9c70f846762eCLI.Aspect.ALICrossfire.Graphics.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 12288 c:windowsassemblyGAC_MSILCLI.Aspect.AForce.Graphics.Runtime2.0.3685.42386__90ba9c70f846762eCLI.Aspect.AForce.Graphics.Runtime.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILCLI.Aspect.AForce.Graphics.Dashboard2.0.3685.42386__90ba9c70f846762eCLI.Aspect.AForce.Graphics.Dashboard.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 65536 c:windowsassemblyGAC_MSILCCC2.0.0.0__90ba9c70f846762eCCC.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 65536 c:windowsassemblyGAC_MSILCCC2.0.0.0__90ba9c70f846762eCCC.EXE
+ 2010-03-02 10:41 . 2010-03-02 10:41 19456 c:windowsassemblyGAC_MSILCCC.Implementation2.0.3685.42371__90ba9c70f846762eCCC.Implementation.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 14848 c:windowsassemblyGAC_MSILAxInterop.WBOCXLib1.0.0.0__90ba9c70f846762eAxInterop.WBOCXLib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 14848 c:windowsassemblyGAC_MSILAxInterop.WBOCXLib1.0.0.0__90ba9c70f846762eAxInterop.WBOCXLib.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 45056 c:windowsassemblyGAC_MSILAxInterop.SHDocVw1.1.0.0__90ba9c70f846762eAxInterop.SHDocVw.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILAxInterop.SHDocVw1.1.0.0__90ba9c70f846762eAxInterop.SHDocVw.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 32768 c:windowsassemblyGAC_MSILATICCCom2.0.0.0__90ba9c70f846762eATICCCom.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 32768 c:windowsassemblyGAC_MSILATICCCom2.0.0.0__90ba9c70f846762eATICCCom.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILAPM.Server2.0.3685.42242__90ba9c70f846762eAPM.Server.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 20480 c:windowsassemblyGAC_MSILAPM.Foundation2.0.3685.42237__90ba9c70f846762eAPM.Foundation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 61440 c:windowsassemblyGAC_MSILAEM.UI2.0.3685.42370__90ba9c70f846762eAEM.UI.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILAEM.Server2.0.3685.42244__90ba9c70f846762eAEM.Server.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 45056 c:windowsassemblyGAC_MSILAEM.Plugin.Source.Kit.Server2.0.3685.42387__90ba9c70f846762eAEM.Plugin.Source.Kit.Server.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 24576 c:windowsassemblyGAC_MSILACE.Graphics.DisplaysManager.Shared2.0.2573.17685__90ba9c70f846762eACE.Graphics.DisplaysManager.Shared.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 24576 c:windowsassemblyGAC_MSILACE.Graphics.DisplaysManager.Shared2.0.2573.17685__90ba9c70f846762eACE.Graphics.DisplaysManager.Shared.DLL
+ 2010-03-08 23:34 . 2010-03-08 23:34 12800 c:windowsassemblyGACMicrosoft.DirectX.Diagnostics1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.Diagnostics.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 12800 c:windowsassemblyGACMicrosoft.DirectX.Diagnostics1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.Diagnostics.dll
— 2010-02-03 19:58 . 2010-02-03 19:58 53248 c:windowsassemblyGACMicrosoft.DirectX.AudioVideoPlayback1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-03-08 23:34 . 2010-03-08 23:34 53248 c:windowsassemblyGACMicrosoft.DirectX.AudioVideoPlayback1.0.2902.0__31bf3856ad364e35Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-03-02 10:41 . 2010-03-02 10:41 13312 c:windowsassemblyGACInterop.WBOCXLib1.0.0.0__90ba9c70f846762eInterop.WBOCXLib.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 13312 c:windowsassemblyGACInterop.WBOCXLib1.0.0.0__90ba9c70f846762eInterop.WBOCXLib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 49152 c:windowsassemblyGACInterop.NewIWshRuntimeLibrary1.0.0.0__90ba9c70f846762eInterop.NewIWshRuntimeLibrary.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 49152 c:windowsassemblyGACInterop.NewIWshRuntimeLibrary1.0.0.0__90ba9c70f846762eInterop.NewIWshRuntimeLibrary.DLL
+ 2010-03-08 09:25 . 2008-07-08 13:21 26488 c:windows$hf_mig$KB957097updatespcustom.dll
+ 2010-03-08 09:25 . 2008-07-08 13:21 17784 c:windows$hf_mig$KB957097spmsg.dll
+ 2010-03-02 10:39 . 2010-02-03 03:12 8347 c:windowssystem32DRVSTORECX_95689_73820B9BDB9E4E5792B018819866C5E53281AA87B_95228atitvo32.dll
+ 2010-03-02 10:41 . 2010-03-02 10:41 7168 c:windowsassemblyGAC_MSILResourceManagement.Foundation.Private2.0.3685.42246__90ba9c70f846762eResourceManagement.Foundation.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 6656 c:windowsassemblyGAC_MSILPCKGHLP.Foundation.Private2.0.3685.42254__90ba9c70f846762ePCKGHLP.Foundation.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILMOM.Foundation2.0.3685.42240__90ba9c70f846762eMOM.Foundation.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 6656 c:windowsassemblyGAC_MSILDEM.Graphics2.0.3685.42247__90ba9c70f846762eDEM.Graphics.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILCLI.Component.Runtime.Shared2.0.3685.42243__90ba9c70f846762eCLI.Component.Runtime.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 7168 c:windowsassemblyGAC_MSILCLI.Component.Runtime.Extension.EEU2.0.3685.42245__90ba9c70f846762eCLI.Component.Runtime.Extension.EEU.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 7680 c:windowsassemblyGAC_MSILCLI.Component.Client.Shared2.0.3685.42238__90ba9c70f846762eCLI.Component.Client.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 7680 c:windowsassemblyGAC_MSILCLI.Caste.HydraVision.Wizard2.0.3685.42400__90ba9c70f846762eCLI.Caste.HydraVision.Wizard.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 8704 c:windowsassemblyGAC_MSILCLI.Caste.HydraVision.Shared2.0.3685.42395__90ba9c70f846762eCLI.Caste.HydraVision.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 7680 c:windowsassemblyGAC_MSILCLI.Caste.HydraVision.Dashboard2.0.3685.42396__90ba9c70f846762eCLI.Caste.HydraVision.Dashboard.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 8704 c:windowsassemblyGAC_MSILCLI.Caste.Graphics.Runtime.Shared.Private2.0.3685.42277__90ba9c70f846762eCLI.Caste.Graphics.Runtime.Shared.Private.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 9728 c:windowsassemblyGAC_MSILCLI.Aspect.Welcome.Graphics.Shared2.0.3685.42379__90ba9c70f846762eCLI.Aspect.Welcome.Graphics.Shared.DLL
+ 2010-03-02 10:42 . 2010-03-02 10:42 9728 c:windowsassemblyGAC_MSILCLI.Aspect.MultiDesk.HydraVision.Shared2.0.3685.42405__90ba9c70f846762eCLI.Aspect.MultiDesk.HydraVision.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 7680 c:windowsassemblyGAC_MSILCLI.Aspect.AForce.Graphics.Shared2.0.3685.42345__90ba9c70f846762eCLI.Aspect.AForce.Graphics.Shared.DLL
— 2009-08-25 07:56 . 2009-08-25 07:56 7168 c:windowsassemblyGAC_MSILatixclib1.0.0.0__90ba9c70f846762eatixclib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 7168 c:windowsassemblyGAC_MSILatixclib1.0.0.0__90ba9c70f846762eatixclib.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 7168 c:windowsassemblyGAC_MSILAEM.UI.Shared2.0.3685.42370__90ba9c70f846762eAEM.UI.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 6144 c:windowsassemblyGAC_MSILAEM.Server.Shared2.0.3685.42243__90ba9c70f846762eAEM.Server.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 6144 c:windowsassemblyGAC_MSILAEM.Plugin.WinMessages.Shared2.0.3685.42244__90ba9c70f846762eAEM.Plugin.WinMessages.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILAEM.Plugin.Source.GD.Shared2.0.3685.42385__90ba9c70f846762eAEM.Plugin.Source.GD.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILAEM.Plugin.Source.EEU.Shared2.0.3685.42385__90ba9c70f846762eAEM.Plugin.Source.EEU.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILAEM.Plugin.REG.Shared2.0.3685.42387__90ba9c70f846762eAEM.Plugin.REG.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 7168 c:windowsassemblyGAC_MSILAEM.Plugin.Hotkeys.Shared2.0.3685.42236__90ba9c70f846762eAEM.Plugin.Hotkeys.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILAEM.Plugin.GD.Shared2.0.3685.42248__90ba9c70f846762eAEM.Plugin.GD.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 5632 c:windowsassemblyGAC_MSILAEM.Plugin.EEU.Shared2.0.3685.42244__90ba9c70f846762eAEM.Plugin.EEU.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 6656 c:windowsassemblyGAC_MSILAEM.Plugin.DPPE.Shared2.0.3685.42377__90ba9c70f846762eAEM.Plugin.DPPE.Shared.DLL
+ 2010-03-02 10:41 . 2010-03-02 10:41 8192 c:windowsassemblyGAC_MSILAEM.Actions.CCAA.Shared2.0.3685.42241__90ba9c70f846762eAEM.Actions.CCAA.Shared.DLL
+ 2009-07-11 21:02 . 2009-07-11 21:02 653120 c:windowsWinSxSx86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4emsvcr90.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 569664 c:windowsWinSxSx86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4emsvcp90.dll
+ 2009-07-11 21:05 . 2009-07-11 21:05 225280 c:windowsWinSxSx86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4emsvcm90.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02 159032 c:windowsWinSxSx86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2atl90.dll
+ 2009-08-08 10:51 . 2009-03-16 11:18 517448 c:windowssystem32XAudio2_4.dll
— 2009-08-08 10:51 . 2009-03-16 10:18 517448 c:windowssystem32XAudio2_4.dll
— 2008-12-28 19:48 . 2008-07-30 03:20 509448 c:windowssystem32XAudio2_2.dll
+ 2008-12-28 19:48 . 2008-07-31 07:40 509448 c:windowssystem32XAudio2_2.dll
+ 2009-08-08 10:51 . 2009-03-16 11:18 235352 c:windowssystem32xactengine3_4.dll
— 2009-08-08 10:51 . 2009-03-16 10:18 235352 c:windowssystem32xactengine3_4.dll
— 2008-12-28 19:48 . 2008-07-30 03:20 238088 c:windowssystem32xactengine3_2.dll
+ 2008-12-28 19:48 . 2008-07-31 07:41 238088 c:windowssystem32xactengine3_2.dll
+ 2010-03-02 10:39 . 2009-07-15 02:10 155648 c:windowssystem32ReinstallBackups021DriverFilesB_85444Oemdspif.dll
+ 2010-03-02 10:39 . 2009-07-15 01:43 887724 c:windowssystem32ReinstallBackups021DriverFilesB_85444ativva6x.dat
+ 2010-03-02 10:39 . 2009-07-15 02:10 204800 c:windowssystem32ReinstallBackups021DriverFilesB_85444atipdlxx.dll
+ 2010-03-02 10:39 . 2009-07-15 01:18 376832 c:windowssystem32ReinstallBackups021DriverFilesB_85444atiok3x2.dll
+ 2010-03-02 10:39 . 2009-02-18 17:55 294912 c:windowssystem32ReinstallBackups021DriverFilesB_85444ATIODE.exe
+ 2010-03-02 10:39 . 2009-07-15 01:23 561152 c:windowssystem32ReinstallBackups021DriverFilesB_85444atikvmag.dll
+ 2010-03-02 10:39 . 2009-07-15 02:00 311296 c:windowssystem32ReinstallBackups021DriverFilesB_85444atiiiexx.dll
+ 2010-03-02 10:39 . 2009-06-10 16:54 197655 c:windowssystem32ReinstallBackups021DriverFilesB_85444atiicdxx.dat
+ 2010-03-02 10:39 . 2009-07-15 02:29 446464 c:windowssystem32ReinstallBackups021DriverFilesB_85444ATIDEMGX.dll
+ 2010-03-02 10:39 . 2009-05-11 21:35 118784 c:windowssystem32ReinstallBackups021DriverFilesB_85444atibtmon.exe
+ 2010-03-02 10:39 . 2009-07-15 01:21 159744 c:windowssystem32ReinstallBackups021DriverFilesB_85444atiadlxx.dll
+ 2010-03-02 10:39 . 2009-07-15 02:08 602112 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2evxx.exe
+ 2010-03-02 10:39 . 2009-07-15 02:09 155648 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2evxx.dll
+ 2010-03-02 10:39 . 2009-07-15 02:27 336896 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2dvag.dll
+ 2010-03-02 10:39 . 2009-07-15 01:14 614400 c:windowssystem32ReinstallBackups021DriverFilesB_85444ati2cqag.dll
+ 2008-11-23 17:13 . 2010-03-22 18:07 207094 c:windowssystem32inetsrvMetaBase.binданные логи повторно сделаны… первый раз, файл Log не сохранился, по неизветсным мне причинам…
забыл сказать спасибо Вам) то что помогаете избавится от нечисти на компе)на даный момент, все так же остается проблема…
не захотит большинство сайтов антивирусов… сейчас вот только к касперскому проходит, до этого и к нему не заходил…
ну и не обновляется с офф-серверов нода…ComboFix 10-02-25.02 — Андрей 28.02.2010 15:13:29.3.4 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.3071.2529 [GMT 3:00]
Running from: c:documents and settingsАндрейРабочий столComboFix.exe
Command switches used :: c:documents and settingsАндрейРабочий столCFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is activeFILE ::
«c:windowssystem32Aee2Uan.exe»
«c:windowssystem32CkhD9Ga.exe»
«c:windowssystem32CUUip9Y.exe»
«c:windowssystem32gHqmFsZ.exe»
«c:windowssystem32Lpkbnt4.exe»
«c:windowssystem32no5bVlY.exe»
«c:windowssystem32O1nQLoW.exe»
«c:windowssystem32oh6jlmm.exe»
«c:windowssystem32QtwhHFn.exe»
«c:windowssystem32qypO8wq.exe»
«c:windowssystem32rjU0dZJ.exe»
«c:windowssystem32v0DWEPF.exe»
«c:windowssystem32X6mstvE.exe»
.((((((((((((((((((((((((( Files Created from 2010-01-28 to 2010-02-28 )))))))))))))))))))))))))))))))
.2010-02-16 09:10 . 2010-02-16 12:59
d
w- c:program filesICQ7.0
2010-02-15 15:08 . 2010-02-28 12:17
d
w- c:documents and settingsAll UsersUPSMON
2010-02-15 15:06 . 2010-02-28 12:18
d
w- c:program filesUPSMON
2010-02-15 15:05 . 2008-07-20 09:07 10240 -c—a-w- c:windowssystem32dllcachecompbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 10240 —-a-w- c:windowssystem32driverscompbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 20352 -c—a-w- c:windowssystem32dllcachehidbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 20352 —-a-w- c:windowssystem32drivershidbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 14208 -c—a-w- c:windowssystem32dllcachebattc.sys
2010-02-15 15:05 . 2008-07-20 09:07 14208 —-a-w- c:windowssystem32driversbattc.sys
2010-02-14 10:28 . 2010-02-14 10:28 31744 —-a-w- c:windowssystem32bd4d22d1.exe
2010-02-13 22:47 . 2010-02-13 22:47
d
w- c:program filestrend micro
2010-02-13 22:47 . 2010-02-13 22:47
d
w- C:rsit
2010-02-13 06:38 . 2010-02-13 06:38
d
w- c:documents and settingsАдминистраторDoctorWeb
2010-02-13 06:34 . 2010-02-13 06:34
d
w- c:documents and settingsАдминистраторLocal SettingsApplication DataMozilla
2010-02-12 23:03 . 2010-02-12 23:03 83968 —-a-w- c:windowssystem32dubpDkV.exe
2010-02-11 20:34 . 2010-02-11 20:34
d
w- c:program filesCommon Fileswm
2010-02-09 09:09 . 2010-02-09 08:59 24536384 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}NokiaSoftwareUpdaterSetup_ru.exe
2010-02-09 09:08 . 2010-02-09 09:08 3351812 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsmsxml6Exec.exe
2010-02-09 09:08 . 2010-02-09 09:08 36864 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsSleep.exe
2010-02-09 09:08 . 2010-02-09 09:08 3203453 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsvcredistExec.exe
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesCommon FilesPCSuite
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesPC Connectivity Solution
2010-02-09 09:01 . 2009-10-06 08:52 7936 —-a-w- c:windowssystem32driversusbser_lowerfltj.sys
2010-02-09 09:01 . 2009-10-06 08:52 7936 —-a-w- c:windowssystem32driversusbser_lowerflt.sys
2010-02-09 09:01 . 2009-10-06 08:52 22016 —-a-w- c:windowssystem32driversccdcmbo.sys
2010-02-09 09:01 . 2009-10-06 08:55 1112288 —-a-w- c:windowssystem32wdfcoinstaller01007.dll
2010-02-09 09:01 . 2009-10-06 08:52 660480 —-a-w- c:windowssystem32nmwcdcocls.dll
2010-02-09 09:01 . 2009-10-06 08:52 17664 —-a-w- c:windowssystem32driversccdcmb.sys
2010-02-09 08:59 . 2010-02-09 08:58 34864192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}Nokia_PC_Suite_rus_web.exe
2010-02-09 08:59 . 2010-02-09 08:59 95232 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionspcswpcsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 61440 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCSFEMsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 8192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstCCD.exe
2010-02-09 08:59 . 2010-02-09 08:59 10240 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCS.exe
2010-02-09 08:13 . 2010-02-09 08:13
d
w- c:documents and settings??????
2010-02-03 20:04 . 2010-02-03 20:04
d
w- c:documents and settingsAll UsersApplication DataUbisoft.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-28 12:18 . 2009-05-21 18:40
d—a-w- c:documents and settingsAll UsersApplication DataTEMP
2010-02-28 05:24 . 2008-11-23 17:16 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2010-02-26 09:24 . 2008-11-23 19:36
d
w- c:documents and settingsAll UsersApplication DataMicrosoft Help
2010-02-16 09:11 . 2008-11-23 17:54
d—h—w- c:program filesInstallShield Installation Information
2010-02-13 07:44 . 2008-11-23 18:02
d
w- c:program filesESET
2010-02-09 09:10 . 2008-11-23 19:22
d
w- c:documents and settingsAll UsersApplication DataInstallations
2010-02-09 09:10 . 2009-01-08 22:41
d
w- c:program filesCommon FilesNokia
2010-02-09 09:10 . 2008-11-23 19:23
d
w- c:program filesNokia
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsftWdf_user_01_07_00.Wdf
2010-01-17 08:50 . 2010-01-17 08:50
d
w- c:program filesStanza
2010-01-17 08:47 . 2010-01-17 08:47 41704 —ha-w- c:windowssystem32mlfcache.dat
2010-01-12 09:52 . 2010-01-12 09:52
d
w- c:program filesMalwarebytes’ Anti-Malware
2010-01-12 09:52 . 2010-01-12 09:52
d
w- c:documents and settingsAll UsersApplication DataMalwarebytes
2010-01-07 13:07 . 2010-01-12 09:52 38224 —-a-w- c:windowssystem32driversmbamswissarmy.sys
2010-01-07 13:07 . 2010-01-12 09:52 19160 —-a-w- c:windowssystem32driversmbam.sys
2010-01-05 09:48 . 2008-07-20 07:07 841216
w- c:windowssystem32wininet.dll
2010-01-05 09:48 . 2008-07-20 07:07 78336 —-a-w- c:windowssystem32ieencode.dll
2010-01-05 09:48 . 2008-07-20 07:07 17408 —-a-w- c:windowssystem32corpol.dll
2010-01-03 11:06 . 2009-01-12 16:25
d
r- c:program filesSkype
2010-01-03 11:06 . 2010-01-03 11:06
d
w- c:program filesCommon FilesSkype
2010-01-03 11:06 . 2009-01-12 16:25
d
w- c:documents and settingsAll UsersApplication DataSkype
2009-12-31 16:50 . 2008-04-15 12:00 353792 —-a-w- c:windowssystem32driverssrv.sys
2009-12-30 05:11 . 2009-12-30 05:11 79144 —-a-w- c:documents and settingsAll UsersApplication DataApple ComputerInstaller CacheiTunes 9.0.2.25SetupAdmin.exe
2009-12-20 19:27 . 2009-12-20 19:27 1924200 —-a-w- c:documents and settingsAll UsersApplication DataNOSAdobe_Downloadsinstall_flash_player.exe
2009-12-17 07:42 . 2008-11-23 17:11 345088 —-a-w- c:windowssystem32mspaint.exe
2009-12-14 07:10 . 2008-04-15 12:00 33280 —-a-w- c:windowssystem32csrsrv.dll
2009-12-09 10:03 . 2008-06-18 12:53 2147328
w- c:windowssystem32ntoskrnl.exe
2009-12-09 10:03 . 2008-07-20 12:07 2025984
w- c:windowssystem32ntkrnlpa.exe
2009-12-04 17:25 . 2008-07-20 07:07 456832 —-a-w- c:windowssystem32driversmrxsmb.sys
2009-08-31 13:55 . 2009-10-06 06:48 118000 —-a-w- c:program filesmozilla firefoxcomponentsqippipe.dll
.
Sigcheck
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32comctl32.dll
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32dllcachecomctl32.dll[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32user32.dll
[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32dllcacheuser32.dll[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowsexplorer.exe
[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowssystem32dllcacheexplorer.exe[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32SfcFiles.dll
[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32dllcacheSfcFiles.dll[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32dllcachectfmon.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-02-28_05.41.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-23 17:13 . 2010-02-28 12:17 207101 c:windowssystem32inetsrvMetaBase.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}»= «c:documents and settingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll» [2009-07-14 150768][HKEY_CLASSES_ROOTclsid{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOTqipbar.QIPBHO.1]
[HKEY_CLASSES_ROOTTypeLib{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[HKEY_CLASSES_ROOTqipbar.QIPBHO][HKEY_LOCAL_MACHINE~Browser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-07-14 09:08 150768 —-a-w- c:documents and settingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536]
«LDM»=»c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe» [2009-01-29 67128]
«Start WingMan Profiler»=»c:program filesLogitechProfilerlwemon.exe» [2006-07-05 60416]
«AlcoholAutomount»=»e:alcohol 120axcmd.exe» [2009-03-17 203928]
«Backup4all 3″=»c:program filesSoftlandBackup4all 3Backup4all.exe» [2007-11-05 3133080]
«Backup4all Scheduler»=»c:program filesSoftlandBackup4all 3b4aSched.Exe» [2007-11-05 478360]
«SJelite3Launch»=»c:documents and settingsАндрейApplication DataTranscendSJelite3SJelite3Launch.exe» [2009-09-18 176128]
«PC Suite Tray»=»c:program filesNokiaNokia PC Suite 7PCSuite.exe» [2009-11-11 1451520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Bluetooth Connection Assistant»=»LBTWIZ.EXE -silent» [X]
«Kernel and Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«TaskSwitchXP»=»c:program filesTaskSwitchXPTaskSwitchXP.exe» [2007-03-09 62976]
«JMB36X IDE Setup»=»c:windowsRaidToolxInsIDE.exe» [2007-03-20 36864]
«36X Raid Configurer»=»c:windowssystem32xRaidSetup.exe» [2007-03-21 1953792]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«zBrowser Launcher»=»c:program filesLogitechiTouchiTouch.exe» [2002-11-22 631362]
«Logitech Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«GrooveMonitor»=»c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe» [2008-10-25 31072]
«MAgent»=»c:program filesMail.RuAgentmagent.exe» [2009-07-27 7975608]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2008-08-18 1447168]
«SoundMAXPnP»=»c:program filesAnalog DevicesCoresmax4pnp.exe» [2006-12-18 868352]
«Ai Remote Help»=»c:program filesASUSAI RemoteAiRc.exe» [2007-09-03 3346432]
«ASUS UpdateChecker»=»c:program filesASUSUpdateCheckerUpdateChecker.exe» [2008-11-03 110592]
«Ai Nap»=»c:program filesASUSAI SuiteAiNapAiNap.exe» [2008-01-28 1413120]
«CPU Power Monitor»=»c:program filesASUSAI SuiteAiGear3CpuPowerMonitor.exe» [2008-01-09 627200]
«Cpu Level Up help»=»c:program filesASUSAI SuiteCpuLevelUpHelp.exe» [2007-11-30 881152]
«ASUS Energy Saving»=»c:program filesASUSAI SuiteEnergySavingPwSave.exe» [2008-01-28 1352704]
«BluetoothAuthenticationAgent»=»bthprops.cpl» [2008-04-15 110592]
«DiscWizardMonitor.exe»=»c:program filesSeagateDiscWizardDiscWizardMonitor.exe» [2007-09-04 1188864]
«AcronisTimounterMonitor»=»c:program filesSeagateDiscWizardTimounterMonitor.exe» [2007-09-04 1963768]
«Acronis Scheduler2 Service»=»c:program filesCommon FilesSeagateSchedule2schedhlp.exe» [2007-09-04 148760]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2009-07-14 98304]
«QuickTime Task»=»c:program filesQuickTimeQTTask.exe» [2009-11-10 417792]
«iTunesHelper»=»c:program filesiTunesiTunesHelper.exe» [2009-11-12 141600]
«UPSMON»=»c:program filesUPSMONUPSMON.exe» [2008-07-02 433664][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-15 37376]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«IE7_012″=»advpack.dll» [2010-01-05 124928]
«IE7_013″=»rebuild.exe» [2007-11-01 114280]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Logitech Desktop Messenger.lnk — c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2009-1-29 67128]
Logitech SetPoint.lnk — c:program filesLogitechSetPointSetPoint.exe [2009-3-24 809488][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyLBTWlgn]
2009-02-18 21:30 72208 —-a-w- c:program filesCommon FilesLogitechBluetoothLBTWLgn.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
@=»»[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«DisableNotifications»= 1 (0x1)
«DisableUnicastResponsesToMulticastBroadcast»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE»=
«c:\Program Files\Microsoft Office\Office12\GROOVE.EXE»=
«c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE»=
«c:\Program Files\Starlink VideoLAN\vlc.exe»=
«e:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\GTAIV.exe»=
«e:\Ventrilo\Ventrilo.exe»=
«c:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe»=
«e:\Gears of War\Binaries\WarGame-G4WLive.exe»=
«e:\uTorrent\uTorrent.exe»=
«e:\Race Driver GRID\GRID.exe»=
«e:\SREETFIGHTERIV\StreetFighterIV.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\xrEngine.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\dedicated\xrEngine.exe»=
«c:\WINDOWS\system32\PnkBstrA.exe»=
«c:\WINDOWS\system32\PnkBstrB.exe»=
«e:\Call of Duty 4 — Modern Warfare\iw3mp.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\xrEngine.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\dedicated\xrEngine.exe»=
«e:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe»=
«e:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe»=
«c:\Program Files\iTunes\iTunes.exe»=
«c:\Program Files\Skype\Plugin Manager\skypePM.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx9.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx10.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Launcher.exe»=
«c:\Program Files\ICQ7.0\ICQ.exe»=
«c:\Program Files\ICQ7.0\aolload.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=
«d:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«26689:TCP»= 26689:TCPR0 pe3ajtsc;Stalker (Pro) Environment Driver (pe3ajtsc);c:windowssystem32driverspe3ajtsc.sys [15.08.2007 15:11 64640]
R0 ps7ajtsc;Stalker (Pro) Synchronization Driver (ps7ajtsc);c:windowssystem32driversps7ajtsc.sys [15.08.2007 15:11 68744]
R0 sptd;sptd;c:windowssystem32driverssptd.sys [23.11.2008 20:22 721904]
R1 appdrv01;Application Driver (01);c:windowssystem32driversappdrv01.sys [08.10.2009 2:40 3069040]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [18.08.2008 13:27 34312]
R2 ekrn;Eset Service;c:program filesESETESET NOD32 Antivirusekrn.exe [18.08.2008 13:25 468224]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc —> c:windowsSystem32appdrvrem01.exe svc [?]
S2 pr2ajtsc;Stalker (Pro) Drivers Auto Removal (pr2ajtsc);c:windowssystem32pr2ajtsc.exe svc —> c:windowssystem32pr2ajtsc.exe svc [?]— Other Services/Drivers In Memory —
*NewlyCreated* — UPSMONSERVICE
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
DcomLaunch REG_MULTI_SZ DcomLaunch TermService Netprotocol
.
Contents of the ‘Scheduled Tasks’ folder2010-02-27 c:windowsTasksb4a_bp6.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-02-27 c:windowsTasksb4a_Мои документы.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-02-28 c:windowsTasksOGALogon.job
— c:windowssystem32OGAEXEC.exe [2009-08-03 11:07]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.lofisnet.ru/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master — d:download masterdmieall.htm
IE: Закачать при помощи Download Master — d:download masterdmie.htm
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} — c:program filesICQ7.0ICQ.exe
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — d:download masterdmaster.exe
TCP: {A80D0705-8D40-4C7D-AFE9-E8D841452343} = 80.79.176.2,80.79.176.3
Handler: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — c:program filesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
FF — ProfilePath — c:documents and settingsАндрейApplication DataMozillaFirefoxProfiles1djs6yc0.default
FF — prefs.js: browser.search.selectedEngine — QIP Search
FF — prefs.js: browser.startup.homepage — hxxp://info.starlink.ru/
FF — prefs.js: keyword.URL — hxxp://search.qip.ru/search?from=FF&query=
FF — component: c:program filesMozilla Firefoxcomponentsqippipe.dll
FF — component: c:program filesMozilla Firefoxextensions{B13721C7-F507-4982-B2E5-502A71474FED}componentsNPComponent.dll
FF — component: c:program filesNokiaNokia PC Suite 7bkmrksynccomponentsBkMrkExt.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnprpjplug.dll
FF — plugin: c:program filesStarlink VideoLANnpvlc.dll
FF — HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} — c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension—- FIREFOX POLICIES —-
FF — user.js: general.useragent.extra.zencast — Creative ZENcast v2.01.01.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-28 15:17
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spro.sys >>UNKNOWN [0x8ADB6938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
DriverDisk -> CLASSPNP.SYS @ 0xba11cf28
DriverACPI -> ACPI.sys @ 0xb9e66cb8
Driveratapi -> atapi.sys @ 0xb9de5b40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
DeviceHarddisk0DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xb9cdbbb0
PacketIndicateHandler -> NDIS.sys @ 0xb9ce8b21
SendHandler -> NDIS.sys @ 0xb9cc687b
user & kernel MBR OK**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(936)
c:windowssystem32SETUPAPI.dll
c:windowssystem32Ati2evxx.dll
c:program filescommon fileslogitechbluetoothLBTWlgn.dll
c:program filescommon fileslogitechbluetoothLBTServ.dll
c:windowssystem32cscui.dll
c:windowssystem32COMRes.dll— — — — — — — > ‘lsass.exe'(1008)
c:windowssystem32setupapi.dll— — — — — — — > ‘explorer.exe'(2180)
c:windowssystem32WININET.dll
c:program filesLogitechSetPointIMHook.dll
c:program filesVisualTaskTipsVttHooks.dll
c:program filesLogitechSetPointlgscroll.dll
c:windowssystem32COMRes.dll
c:windowsSystem32cscui.dll
c:program filesLogitechiTouchiTchHk.dll
c:windowssystem32SETUPAPI.dll
c:windowssystem32msi.dll
c:windowssystem32WPDShServiceObj.dll
c:program filesNokiaNokia PC Suite 7PhoneBrowser.dll
c:program filesNokiaNokia PC Suite 7NGSCM.DLL
c:program filesNokiaNokia PC Suite 7LangPhoneBrowser_rus.nlr
c:program filesNokiaNokia PC Suite 7ResourcePhoneBrowser_Nokia.ngr
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
c:windowssystem32credui.dll
c:windowssystem32MSVCP60.dll
.
Other Running Processes
.
c:windowssystem32Ati2evxx.exe
c:program filesCommon FilesLogitechBluetoothLBTServ.exe
c:windowssystem32Ati2evxx.exe
c:program filesCommon FilesSeagateSchedule2schedul2.exe
c:program filesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
c:program filesBonjourmDNSResponder.exe
c:windowssystem32inetsrvinetinfo.exe
c:program filesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
c:windowssystem32PnkBstrA.exe
e:alcohol 120StarWindStarWindServiceAE.exe
c:windowssystem32dllhost.exe
c:windowsSystem32vssvc.exe
c:windowssystem32dllhost.exe
c:windowssystem32msdtc.exe
c:program filesLogitechSetPointLBTWiz.exe
c:windowssystem32rundll32.exe
c:program filesASUSAASP1.00.59aaCenter.exe
c:program filesASUSAI RemoteAiRemote.exe
c:program filesATI TechnologiesATI.ACECore-StaticMOM.exe
c:program filesUPSMONUPSMON_Service.Exe
c:program filesCommon FilesLogishrdKHAL2KHALMNPR.EXE
c:program filesATI TechnologiesATI.ACECore-Staticccc.exe
c:program filesiPodbiniPodService.exe
c:program filesUPSMONUPSUSBInt3.exe
c:program filesPC Connectivity SolutionServiceLayer.exe
c:program filesPC Connectivity SolutionTransportsNclUSBSrv.exe
c:program filesPC Connectivity SolutionTransportsNclRSSrv.exe
c:program filesPC Connectivity SolutionTransportsNclMSBTSrv.exe
.
**************************************************************************
.
Completion time: 2010-02-28 15:19:48 — machine was rebooted
ComboFix-quarantined-files.txt 2010-02-28 12:19
ComboFix2.txt 2010-02-28 05:44
ComboFix3.txt 2010-02-25 23:39Pre-Run: 14 951 153 664 байт свободно
Post-Run: 14 916 173 824 байт свободно— — End Of File — — 1A0BE42A0D65E8CD204647B1090BFF80
ComboFix 10-02-25.02 — Андрей 28.02.2010 15:13:29.3.4 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.3071.2529 [GMT 3:00]
Running from: c:documents and settingsАндрейРабочий столComboFix.exe
Command switches used :: c:documents and settingsАндрейРабочий столCFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is activeFILE ::
«c:windowssystem32Aee2Uan.exe»
«c:windowssystem32CkhD9Ga.exe»
«c:windowssystem32CUUip9Y.exe»
«c:windowssystem32gHqmFsZ.exe»
«c:windowssystem32Lpkbnt4.exe»
«c:windowssystem32no5bVlY.exe»
«c:windowssystem32O1nQLoW.exe»
«c:windowssystem32oh6jlmm.exe»
«c:windowssystem32QtwhHFn.exe»
«c:windowssystem32qypO8wq.exe»
«c:windowssystem32rjU0dZJ.exe»
«c:windowssystem32v0DWEPF.exe»
«c:windowssystem32X6mstvE.exe»
.((((((((((((((((((((((((( Files Created from 2010-01-28 to 2010-02-28 )))))))))))))))))))))))))))))))
.2010-02-16 09:10 . 2010-02-16 12:59
d
w- c:program filesICQ7.0
2010-02-15 15:08 . 2010-02-28 12:17
d
w- c:documents and settingsAll UsersUPSMON
2010-02-15 15:06 . 2010-02-28 12:18
d
w- c:program filesUPSMON
2010-02-15 15:05 . 2008-07-20 09:07 10240 -c—a-w- c:windowssystem32dllcachecompbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 10240 —-a-w- c:windowssystem32driverscompbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 20352 -c—a-w- c:windowssystem32dllcachehidbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 20352 —-a-w- c:windowssystem32drivershidbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 14208 -c—a-w- c:windowssystem32dllcachebattc.sys
2010-02-15 15:05 . 2008-07-20 09:07 14208 —-a-w- c:windowssystem32driversbattc.sys
2010-02-14 10:28 . 2010-02-14 10:28 31744 —-a-w- c:windowssystem32bd4d22d1.exe
2010-02-13 22:47 . 2010-02-13 22:47
d
w- c:program filestrend micro
2010-02-13 22:47 . 2010-02-13 22:47
d
w- C:rsit
2010-02-13 06:38 . 2010-02-13 06:38
d
w- c:documents and settingsАдминистраторDoctorWeb
2010-02-13 06:34 . 2010-02-13 06:34
d
w- c:documents and settingsАдминистраторLocal SettingsApplication DataMozilla
2010-02-12 23:03 . 2010-02-12 23:03 83968 —-a-w- c:windowssystem32dubpDkV.exe
2010-02-11 20:34 . 2010-02-11 20:34
d
w- c:program filesCommon Fileswm
2010-02-09 09:09 . 2010-02-09 08:59 24536384 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}NokiaSoftwareUpdaterSetup_ru.exe
2010-02-09 09:08 . 2010-02-09 09:08 3351812 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsmsxml6Exec.exe
2010-02-09 09:08 . 2010-02-09 09:08 36864 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsSleep.exe
2010-02-09 09:08 . 2010-02-09 09:08 3203453 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsvcredistExec.exe
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesCommon FilesPCSuite
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesPC Connectivity Solution
2010-02-09 09:01 . 2009-10-06 08:52 7936 —-a-w- c:windowssystem32driversusbser_lowerfltj.sys
2010-02-09 09:01 . 2009-10-06 08:52 7936 —-a-w- c:windowssystem32driversusbser_lowerflt.sys
2010-02-09 09:01 . 2009-10-06 08:52 22016 —-a-w- c:windowssystem32driversccdcmbo.sys
2010-02-09 09:01 . 2009-10-06 08:55 1112288 —-a-w- c:windowssystem32wdfcoinstaller01007.dll
2010-02-09 09:01 . 2009-10-06 08:52 660480 —-a-w- c:windowssystem32nmwcdcocls.dll
2010-02-09 09:01 . 2009-10-06 08:52 17664 —-a-w- c:windowssystem32driversccdcmb.sys
2010-02-09 08:59 . 2010-02-09 08:58 34864192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}Nokia_PC_Suite_rus_web.exe
2010-02-09 08:59 . 2010-02-09 08:59 95232 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionspcswpcsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 61440 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCSFEMsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 8192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstCCD.exe
2010-02-09 08:59 . 2010-02-09 08:59 10240 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCS.exe
2010-02-09 08:13 . 2010-02-09 08:13
d
w- c:documents and settings??????
2010-02-03 20:04 . 2010-02-03 20:04
d
w- c:documents and settingsAll UsersApplication DataUbisoft.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-28 12:18 . 2009-05-21 18:40
d—a-w- c:documents and settingsAll UsersApplication DataTEMP
2010-02-28 05:24 . 2008-11-23 17:16 86327 —-a-w- c:windowspchealthhelpctrOfflineCacheindex.dat
2010-02-26 09:24 . 2008-11-23 19:36
d
w- c:documents and settingsAll UsersApplication DataMicrosoft Help
2010-02-16 09:11 . 2008-11-23 17:54
d—h—w- c:program filesInstallShield Installation Information
2010-02-13 07:44 . 2008-11-23 18:02
d
w- c:program filesESET
2010-02-09 09:10 . 2008-11-23 19:22
d
w- c:documents and settingsAll UsersApplication DataInstallations
2010-02-09 09:10 . 2009-01-08 22:41
d
w- c:program filesCommon FilesNokia
2010-02-09 09:10 . 2008-11-23 19:23
d
w- c:program filesNokia
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsftWdf_user_01_07_00.Wdf
2010-01-17 08:50 . 2010-01-17 08:50
d
w- c:program filesStanza
2010-01-17 08:47 . 2010-01-17 08:47 41704 —ha-w- c:windowssystem32mlfcache.dat
2010-01-12 09:52 . 2010-01-12 09:52
d
w- c:program filesMalwarebytes’ Anti-Malware
2010-01-12 09:52 . 2010-01-12 09:52
d
w- c:documents and settingsAll UsersApplication DataMalwarebytes
2010-01-07 13:07 . 2010-01-12 09:52 38224 —-a-w- c:windowssystem32driversmbamswissarmy.sys
2010-01-07 13:07 . 2010-01-12 09:52 19160 —-a-w- c:windowssystem32driversmbam.sys
2010-01-05 09:48 . 2008-07-20 07:07 841216
w- c:windowssystem32wininet.dll
2010-01-05 09:48 . 2008-07-20 07:07 78336 —-a-w- c:windowssystem32ieencode.dll
2010-01-05 09:48 . 2008-07-20 07:07 17408 —-a-w- c:windowssystem32corpol.dll
2010-01-03 11:06 . 2009-01-12 16:25
d
r- c:program filesSkype
2010-01-03 11:06 . 2010-01-03 11:06
d
w- c:program filesCommon FilesSkype
2010-01-03 11:06 . 2009-01-12 16:25
d
w- c:documents and settingsAll UsersApplication DataSkype
2009-12-31 16:50 . 2008-04-15 12:00 353792 —-a-w- c:windowssystem32driverssrv.sys
2009-12-30 05:11 . 2009-12-30 05:11 79144 —-a-w- c:documents and settingsAll UsersApplication DataApple ComputerInstaller CacheiTunes 9.0.2.25SetupAdmin.exe
2009-12-20 19:27 . 2009-12-20 19:27 1924200 —-a-w- c:documents and settingsAll UsersApplication DataNOSAdobe_Downloadsinstall_flash_player.exe
2009-12-17 07:42 . 2008-11-23 17:11 345088 —-a-w- c:windowssystem32mspaint.exe
2009-12-14 07:10 . 2008-04-15 12:00 33280 —-a-w- c:windowssystem32csrsrv.dll
2009-12-09 10:03 . 2008-06-18 12:53 2147328
w- c:windowssystem32ntoskrnl.exe
2009-12-09 10:03 . 2008-07-20 12:07 2025984
w- c:windowssystem32ntkrnlpa.exe
2009-12-04 17:25 . 2008-07-20 07:07 456832 —-a-w- c:windowssystem32driversmrxsmb.sys
2009-08-31 13:55 . 2009-10-06 06:48 118000 —-a-w- c:program filesmozilla firefoxcomponentsqippipe.dll
.
Sigcheck
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32comctl32.dll
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32dllcachecomctl32.dll[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32user32.dll
[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32dllcacheuser32.dll[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowsexplorer.exe
[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowssystem32dllcacheexplorer.exe[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32SfcFiles.dll
[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32dllcacheSfcFiles.dll[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32dllcachectfmon.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-02-28_05.41.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-23 17:13 . 2010-02-28 12:17 207101 c:windowssystem32inetsrvMetaBase.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}»= «c:documents and settingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll» [2009-07-14 150768][HKEY_CLASSES_ROOTclsid{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOTqipbar.QIPBHO.1]
[HKEY_CLASSES_ROOTTypeLib{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[HKEY_CLASSES_ROOTqipbar.QIPBHO][HKEY_LOCAL_MACHINE~Browser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-07-14 09:08 150768 —-a-w- c:documents and settingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536]
«LDM»=»c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe» [2009-01-29 67128]
«Start WingMan Profiler»=»c:program filesLogitechProfilerlwemon.exe» [2006-07-05 60416]
«AlcoholAutomount»=»e:alcohol 120axcmd.exe» [2009-03-17 203928]
«Backup4all 3″=»c:program filesSoftlandBackup4all 3Backup4all.exe» [2007-11-05 3133080]
«Backup4all Scheduler»=»c:program filesSoftlandBackup4all 3b4aSched.Exe» [2007-11-05 478360]
«SJelite3Launch»=»c:documents and settingsАндрейApplication DataTranscendSJelite3SJelite3Launch.exe» [2009-09-18 176128]
«PC Suite Tray»=»c:program filesNokiaNokia PC Suite 7PCSuite.exe» [2009-11-11 1451520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Bluetooth Connection Assistant»=»LBTWIZ.EXE -silent» [X]
«Kernel and Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«TaskSwitchXP»=»c:program filesTaskSwitchXPTaskSwitchXP.exe» [2007-03-09 62976]
«JMB36X IDE Setup»=»c:windowsRaidToolxInsIDE.exe» [2007-03-20 36864]
«36X Raid Configurer»=»c:windowssystem32xRaidSetup.exe» [2007-03-21 1953792]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«zBrowser Launcher»=»c:program filesLogitechiTouchiTouch.exe» [2002-11-22 631362]
«Logitech Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«GrooveMonitor»=»c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe» [2008-10-25 31072]
«MAgent»=»c:program filesMail.RuAgentmagent.exe» [2009-07-27 7975608]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2008-08-18 1447168]
«SoundMAXPnP»=»c:program filesAnalog DevicesCoresmax4pnp.exe» [2006-12-18 868352]
«Ai Remote Help»=»c:program filesASUSAI RemoteAiRc.exe» [2007-09-03 3346432]
«ASUS UpdateChecker»=»c:program filesASUSUpdateCheckerUpdateChecker.exe» [2008-11-03 110592]
«Ai Nap»=»c:program filesASUSAI SuiteAiNapAiNap.exe» [2008-01-28 1413120]
«CPU Power Monitor»=»c:program filesASUSAI SuiteAiGear3CpuPowerMonitor.exe» [2008-01-09 627200]
«Cpu Level Up help»=»c:program filesASUSAI SuiteCpuLevelUpHelp.exe» [2007-11-30 881152]
«ASUS Energy Saving»=»c:program filesASUSAI SuiteEnergySavingPwSave.exe» [2008-01-28 1352704]
«BluetoothAuthenticationAgent»=»bthprops.cpl» [2008-04-15 110592]
«DiscWizardMonitor.exe»=»c:program filesSeagateDiscWizardDiscWizardMonitor.exe» [2007-09-04 1188864]
«AcronisTimounterMonitor»=»c:program filesSeagateDiscWizardTimounterMonitor.exe» [2007-09-04 1963768]
«Acronis Scheduler2 Service»=»c:program filesCommon FilesSeagateSchedule2schedhlp.exe» [2007-09-04 148760]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2009-07-14 98304]
«QuickTime Task»=»c:program filesQuickTimeQTTask.exe» [2009-11-10 417792]
«iTunesHelper»=»c:program filesiTunesiTunesHelper.exe» [2009-11-12 141600]
«UPSMON»=»c:program filesUPSMONUPSMON.exe» [2008-07-02 433664][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-15 37376]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«IE7_012″=»advpack.dll» [2010-01-05 124928]
«IE7_013″=»rebuild.exe» [2007-11-01 114280]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Logitech Desktop Messenger.lnk — c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2009-1-29 67128]
Logitech SetPoint.lnk — c:program filesLogitechSetPointSetPoint.exe [2009-3-24 809488][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyLBTWlgn]
2009-02-18 21:30 72208 —-a-w- c:program filesCommon FilesLogitechBluetoothLBTWLgn.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
@=»»[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«DisableNotifications»= 1 (0x1)
«DisableUnicastResponsesToMulticastBroadcast»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE»=
«c:\Program Files\Microsoft Office\Office12\GROOVE.EXE»=
«c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE»=
«c:\Program Files\Starlink VideoLAN\vlc.exe»=
«e:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\GTAIV.exe»=
«e:\Ventrilo\Ventrilo.exe»=
«c:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe»=
«e:\Gears of War\Binaries\WarGame-G4WLive.exe»=
«e:\uTorrent\uTorrent.exe»=
«e:\Race Driver GRID\GRID.exe»=
«e:\SREETFIGHTERIV\StreetFighterIV.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\xrEngine.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\dedicated\xrEngine.exe»=
«c:\WINDOWS\system32\PnkBstrA.exe»=
«c:\WINDOWS\system32\PnkBstrB.exe»=
«e:\Call of Duty 4 — Modern Warfare\iw3mp.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\xrEngine.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\dedicated\xrEngine.exe»=
«e:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe»=
«e:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe»=
«c:\Program Files\iTunes\iTunes.exe»=
«c:\Program Files\Skype\Plugin Manager\skypePM.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx9.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx10.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Launcher.exe»=
«c:\Program Files\ICQ7.0\ICQ.exe»=
«c:\Program Files\ICQ7.0\aolload.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=
«d:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«26689:TCP»= 26689:TCPR0 pe3ajtsc;Stalker (Pro) Environment Driver (pe3ajtsc);c:windowssystem32driverspe3ajtsc.sys [15.08.2007 15:11 64640]
R0 ps7ajtsc;Stalker (Pro) Synchronization Driver (ps7ajtsc);c:windowssystem32driversps7ajtsc.sys [15.08.2007 15:11 68744]
R0 sptd;sptd;c:windowssystem32driverssptd.sys [23.11.2008 20:22 721904]
R1 appdrv01;Application Driver (01);c:windowssystem32driversappdrv01.sys [08.10.2009 2:40 3069040]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [18.08.2008 13:27 34312]
R2 ekrn;Eset Service;c:program filesESETESET NOD32 Antivirusekrn.exe [18.08.2008 13:25 468224]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc —> c:windowsSystem32appdrvrem01.exe svc [?]
S2 pr2ajtsc;Stalker (Pro) Drivers Auto Removal (pr2ajtsc);c:windowssystem32pr2ajtsc.exe svc —> c:windowssystem32pr2ajtsc.exe svc [?]— Other Services/Drivers In Memory —
*NewlyCreated* — UPSMONSERVICE
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
DcomLaunch REG_MULTI_SZ DcomLaunch TermService Netprotocol
.
Contents of the ‘Scheduled Tasks’ folder2010-02-27 c:windowsTasksb4a_bp6.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-02-27 c:windowsTasksb4a_Мои документы.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-02-28 c:windowsTasksOGALogon.job
— c:windowssystem32OGAEXEC.exe [2009-08-03 11:07]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.lofisnet.ru/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master — d:download masterdmieall.htm
IE: Закачать при помощи Download Master — d:download masterdmie.htm
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} — c:program filesICQ7.0ICQ.exe
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — d:download masterdmaster.exe
TCP: {A80D0705-8D40-4C7D-AFE9-E8D841452343} = 80.79.176.2,80.79.176.3
Handler: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — c:program filesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
FF — ProfilePath — c:documents and settingsАндрейApplication DataMozillaFirefoxProfiles1djs6yc0.default
FF — prefs.js: browser.search.selectedEngine — QIP Search
FF — prefs.js: browser.startup.homepage — hxxp://info.starlink.ru/
FF — prefs.js: keyword.URL — hxxp://search.qip.ru/search?from=FF&query=
FF — component: c:program filesMozilla Firefoxcomponentsqippipe.dll
FF — component: c:program filesMozilla Firefoxextensions{B13721C7-F507-4982-B2E5-502A71474FED}componentsNPComponent.dll
FF — component: c:program filesNokiaNokia PC Suite 7bkmrksynccomponentsBkMrkExt.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnprpjplug.dll
FF — plugin: c:program filesStarlink VideoLANnpvlc.dll
FF — HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} — c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension—- FIREFOX POLICIES —-
FF — user.js: general.useragent.extra.zencast — Creative ZENcast v2.01.01.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-28 15:17
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spro.sys >>UNKNOWN [0x8ADB6938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
DriverDisk -> CLASSPNP.SYS @ 0xba11cf28
DriverACPI -> ACPI.sys @ 0xb9e66cb8
Driveratapi -> atapi.sys @ 0xb9de5b40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
DeviceHarddisk0DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xb9cdbbb0
PacketIndicateHandler -> NDIS.sys @ 0xb9ce8b21
SendHandler -> NDIS.sys @ 0xb9cc687b
user & kernel MBR OK**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(936)
c:windowssystem32SETUPAPI.dll
c:windowssystem32Ati2evxx.dll
c:program filescommon fileslogitechbluetoothLBTWlgn.dll
c:program filescommon fileslogitechbluetoothLBTServ.dll
c:windowssystem32cscui.dll
c:windowssystem32COMRes.dll— — — — — — — > ‘lsass.exe'(1008)
c:windowssystem32setupapi.dll— — — — — — — > ‘explorer.exe'(2180)
c:windowssystem32WININET.dll
c:program filesLogitechSetPointIMHook.dll
c:program filesVisualTaskTipsVttHooks.dll
c:program filesLogitechSetPointlgscroll.dll
c:windowssystem32COMRes.dll
c:windowsSystem32cscui.dll
c:program filesLogitechiTouchiTchHk.dll
c:windowssystem32SETUPAPI.dll
c:windowssystem32msi.dll
c:windowssystem32WPDShServiceObj.dll
c:program filesNokiaNokia PC Suite 7PhoneBrowser.dll
c:program filesNokiaNokia PC Suite 7NGSCM.DLL
c:program filesNokiaNokia PC Suite 7LangPhoneBrowser_rus.nlr
c:program filesNokiaNokia PC Suite 7ResourcePhoneBrowser_Nokia.ngr
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
c:windowssystem32credui.dll
c:windowssystem32MSVCP60.dll
.
Other Running Processes
.
c:windowssystem32Ati2evxx.exe
c:program filesCommon FilesLogitechBluetoothLBTServ.exe
c:windowssystem32Ati2evxx.exe
c:program filesCommon FilesSeagateSchedule2schedul2.exe
c:program filesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
c:program filesBonjourmDNSResponder.exe
c:windowssystem32inetsrvinetinfo.exe
c:program filesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
c:windowssystem32PnkBstrA.exe
e:alcohol 120StarWindStarWindServiceAE.exe
c:windowssystem32dllhost.exe
c:windowsSystem32vssvc.exe
c:windowssystem32dllhost.exe
c:windowssystem32msdtc.exe
c:program filesLogitechSetPointLBTWiz.exe
c:windowssystem32rundll32.exe
c:program filesASUSAASP1.00.59aaCenter.exe
c:program filesASUSAI RemoteAiRemote.exe
c:program filesATI TechnologiesATI.ACECore-StaticMOM.exe
c:program filesUPSMONUPSMON_Service.Exe
c:program filesCommon FilesLogishrdKHAL2KHALMNPR.EXE
c:program filesATI TechnologiesATI.ACECore-Staticccc.exe
c:program filesiPodbiniPodService.exe
c:program filesUPSMONUPSUSBInt3.exe
c:program filesPC Connectivity SolutionServiceLayer.exe
c:program filesPC Connectivity SolutionTransportsNclUSBSrv.exe
c:program filesPC Connectivity SolutionTransportsNclRSSrv.exe
c:program filesPC Connectivity SolutionTransportsNclMSBTSrv.exe
.
**************************************************************************
.
Completion time: 2010-02-28 15:19:48 — machine was rebooted
ComboFix-quarantined-files.txt 2010-02-28 12:19
ComboFix2.txt 2010-02-28 05:44
ComboFix3.txt 2010-02-25 23:39Pre-Run: 14 951 153 664 байт свободно
Post-Run: 14 916 173 824 байт свободно— — End Of File — — 1A0BE42A0D65E8CD204647B1090BFF80
ComboFix 10-02-25.02 — Андрей 26.02.2010 2:33.1.4 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.3071.2531 [GMT 3:00]
Running from: c:documents and settingsАндрейРабочий столComboFix.exe
Command switches used :: c:documents and settingsАндрейРабочий столWindowsXP-KB310994-SP2-Pro-BootDisk-RUS.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.C:LOG.TXT
c:program filesCommon Fileskeylog.txt
c:program filesMail.RuAgentMradllnewmrasearch.dll
c:windowssrchasstnls302en.lex
c:windowssystem328JXhX5R.exe
c:windowssystem329804c90.exe
c:windowssystem32Cache
c:windowssystem32Config.cfg
c:windowssystem32driversnpf.sys
c:windowssystem32ealregsnapshot1.reg
c:windowssystem32Packet.dll
c:windowssystem32tmp89.tmp
c:windowssystem32WanPacket.dll
c:windowssystem32wpcap.dll
D:install.exe
I:install.exe.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
Legacy_NPF
Service_NPF((((((((((((((((((((((((( Files Created from 2010-01-25 to 2010-02-25 )))))))))))))))))))))))))))))))
.2010-02-19 18:56 . 2010-02-19 18:56 77824 —-a-w- c:windowssystem32rjU0dZJ.exe
2010-02-18 05:18 . 2010-02-18 05:18 78848 —-a-w- c:windowssystem32Aee2Uan.exe
2010-02-18 04:13 . 2010-02-18 04:13 78848 —-a-w- c:windowssystem32Lpkbnt4.exe
2010-02-17 09:54 . 2010-02-17 09:54 83968 —-a-w- c:windowssystem32gHqmFsZ.exe
2010-02-17 09:08 . 2010-02-17 09:08 83968 —-a-w- c:windowssystem32CUUip9Y.exe
2010-02-17 08:58 . 2010-02-17 08:58 83968 —-a-w- c:windowssystem32oh6jlmm.exe
2010-02-17 08:52 . 2010-02-17 08:52 83968 —-a-w- c:windowssystem32qypO8wq.exe
2010-02-17 07:48 . 2010-02-17 07:48 83968 —-a-w- c:windowssystem32CkhD9Ga.exe
2010-02-16 22:08 . 2010-02-16 22:08 83968 —-a-w- c:windowssystem32no5bVlY.exe
2010-02-16 09:10 . 2010-02-16 12:59
d
w- c:program filesICQ7.0
2010-02-15 15:08 . 2010-02-25 23:37
d
w- c:documents and settingsAll UsersUPSMON
2010-02-15 15:06 . 2010-02-25 23:38
d
w- c:program filesUPSMON
2010-02-15 15:05 . 2008-07-20 09:07 10240 -c—a-w- c:windowssystem32dllcachecompbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 10240 —-a-w- c:windowssystem32driverscompbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 20352 -c—a-w- c:windowssystem32dllcachehidbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 20352 —-a-w- c:windowssystem32drivershidbatt.sys
2010-02-15 15:05 . 2008-07-20 09:07 14208 -c—a-w- c:windowssystem32dllcachebattc.sys
2010-02-15 15:05 . 2008-07-20 09:07 14208 —-a-w- c:windowssystem32driversbattc.sys
2010-02-14 10:28 . 2010-02-14 10:28 31744 —-a-w- c:windowssystem32bd4d22d1.exe
2010-02-13 22:47 . 2010-02-13 22:47
d
w- c:program filestrend micro
2010-02-13 22:47 . 2010-02-13 22:47
d
w- C:rsit
2010-02-13 15:24 . 2010-02-13 15:24 83968 —-a-w- c:windowssystem32v0DWEPF.exe
2010-02-13 12:22 . 2010-02-13 12:22 83968 —-a-w- c:windowssystem32QtwhHFn.exe
2010-02-13 07:39 . 2010-02-13 07:39 83968 —-a-w- c:windowssystem32X6mstvE.exe
2010-02-13 06:59 . 2010-02-13 06:59 83968 —-a-w- c:windowssystem32O1nQLoW.exe
2010-02-13 06:38 . 2010-02-13 06:38
d
w- c:documents and settingsАдминистраторDoctorWeb
2010-02-13 06:34 . 2010-02-13 06:34
d
w- c:documents and settingsАдминистраторLocal SettingsApplication DataMozilla
2010-02-12 23:03 . 2010-02-12 23:03 83968 —-a-w- c:windowssystem32dubpDkV.exe
2010-02-11 20:34 . 2010-02-11 20:34
d
w- c:program filesCommon Fileswm
2010-02-09 09:09 . 2010-02-09 08:59 24536384 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}NokiaSoftwareUpdaterSetup_ru.exe
2010-02-09 09:08 . 2010-02-09 09:08 3351812 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsmsxml6Exec.exe
2010-02-09 09:08 . 2010-02-09 09:08 36864 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsSleep.exe
2010-02-09 09:08 . 2010-02-09 09:08 3203453 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}InstallerCommonCustomActionsvcredistExec.exe
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesCommon FilesPCSuite
2010-02-09 09:01 . 2010-02-09 09:01
d
w- c:program filesPC Connectivity Solution
2010-02-09 09:01 . 2009-10-06 08:52 7936 —-a-w- c:windowssystem32driversusbser_lowerfltj.sys
2010-02-09 09:01 . 2009-10-06 08:52 7936 —-a-w- c:windowssystem32driversusbser_lowerflt.sys
2010-02-09 09:01 . 2009-10-06 08:52 22016 —-a-w- c:windowssystem32driversccdcmbo.sys
2010-02-09 09:01 . 2009-10-06 08:55 1112288 —-a-w- c:windowssystem32wdfcoinstaller01007.dll
2010-02-09 09:01 . 2009-10-06 08:52 660480 —-a-w- c:windowssystem32nmwcdcocls.dll
2010-02-09 09:01 . 2009-10-06 08:52 17664 —-a-w- c:windowssystem32driversccdcmb.sys
2010-02-09 08:59 . 2010-02-09 08:58 34864192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}Nokia_PC_Suite_rus_web.exe
2010-02-09 08:59 . 2010-02-09 08:59 95232 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionspcswpcsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 61440 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCSFEMsi.exe
2010-02-09 08:59 . 2010-02-09 08:59 8192 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstCCD.exe
2010-02-09 08:59 . 2010-02-09 08:59 10240 —-a-w- c:documents and settingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}InstallerCommonCustomActionsUninstPCS.exe
2010-02-09 08:13 . 2010-02-09 08:13
d
w- c:documents and settings??????
2010-02-03 20:04 . 2010-02-03 20:04
d
w- c:documents and settingsAll UsersApplication DataUbisoft.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-25 23:37 . 2009-05-21 18:40
d—a-w- c:documents and settingsAll UsersApplication DataTEMP
2010-02-16 09:11 . 2008-11-23 17:54
d—h—w- c:program filesInstallShield Installation Information
2010-02-13 07:44 . 2008-11-23 18:02
d
w- c:program filesESET
2010-02-09 09:10 . 2008-11-23 19:22
d
w- c:documents and settingsAll UsersApplication DataInstallations
2010-02-09 09:10 . 2009-01-08 22:41
d
w- c:program filesCommon FilesNokia
2010-02-09 09:10 . 2008-11-23 19:23
d
w- c:program filesNokia
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-09 09:07 . 2010-02-09 09:07 0 —ha-w- c:windowssystem32driversMsftWdf_user_01_07_00.Wdf
2010-01-17 08:50 . 2010-01-17 08:50
d
w- c:program filesStanza
2010-01-17 08:47 . 2010-01-17 08:47 41704 —ha-w- c:windowssystem32mlfcache.dat
2010-01-12 09:52 . 2010-01-12 09:52
d
w- c:program filesMalwarebytes’ Anti-Malware
2010-01-12 09:52 . 2010-01-12 09:52
d
w- c:documents and settingsAll UsersApplication DataMalwarebytes
2010-01-07 13:07 . 2010-01-12 09:52 38224 —-a-w- c:windowssystem32driversmbamswissarmy.sys
2010-01-07 13:07 . 2010-01-12 09:52 19160 —-a-w- c:windowssystem32driversmbam.sys
2010-01-03 11:06 . 2009-01-12 16:25
d
r- c:program filesSkype
2010-01-03 11:06 . 2010-01-03 11:06
d
w- c:program filesCommon FilesSkype
2010-01-03 11:06 . 2009-01-12 16:25
d
w- c:documents and settingsAll UsersApplication DataSkype
2009-12-30 05:17 . 2009-12-30 05:16
d
w- c:program filesiTunes
2009-12-30 05:17 . 2009-12-30 05:16
d
w- c:documents and settingsAll UsersApplication Data{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-12-30 05:16 . 2009-12-30 05:16
d
w- c:program filesiPod
2009-12-30 05:16 . 2008-12-02 13:09
d
w- c:program filesCommon FilesApple
2009-12-30 05:15 . 2009-12-30 05:15
d
w- c:program filesQuickTime
2009-12-30 05:11 . 2009-12-30 05:11 79144 —-a-w- c:documents and settingsAll UsersApplication DataApple ComputerInstaller CacheiTunes 9.0.2.25SetupAdmin.exe
2009-12-20 19:27 . 2009-12-20 19:27 1924200 —-a-w- c:documents and settingsAll UsersApplication DataNOSAdobe_Downloadsinstall_flash_player.exe
2009-08-31 13:55 . 2009-10-06 06:48 118000 —-a-w- c:program filesmozilla firefoxcomponentsqippipe.dll
.
Sigcheck
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32comctl32.dll
[-] 2008-04-15 . B2A2D80C9D3A3805DDECA6ED5A7556A0 . 652288 . . [5.82] . . c:windowssystem32dllcachecomctl32.dll[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32user32.dll
[-] 2008-04-14 . 884DE990C498D77C28F8608E09D4DFE1 . 581632 . . [5.1.2600.5512] . . c:windowssystem32dllcacheuser32.dll[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowsexplorer.exe
[-] 2008-04-15 . 04116AE3FA2461AE766D7BADB49E74F7 . 1520640 . . [6.00.2900.5512] . . c:windowssystem32dllcacheexplorer.exe[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32SfcFiles.dll
[-] 2008-11-23 . DD7B61794DA1338616FB3B971703185D . 1571840 . . [5.1.2600.5512] . . c:windowssystem32dllcacheSfcFiles.dll[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32ctfmon.exe
[-] 2008-04-15 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:windowssystem32dllcachectfmon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}»= «c:documents and settingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll» [2009-07-14 150768][HKEY_CLASSES_ROOTclsid{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOTqipbar.QIPBHO.1]
[HKEY_CLASSES_ROOTTypeLib{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[HKEY_CLASSES_ROOTqipbar.QIPBHO][HKEY_LOCAL_MACHINE~Browser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-07-14 09:08 150768 —-a-w- c:documents and settingsАндрейApplication DataMicrosoftInternet Explorerqipsearchbar.dll[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536]
«LDM»=»c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe» [2009-01-29 67128]
«Start WingMan Profiler»=»c:program filesLogitechProfilerlwemon.exe» [2006-07-05 60416]
«AlcoholAutomount»=»e:alcohol 120axcmd.exe» [2009-03-17 203928]
«Backup4all 3″=»c:program filesSoftlandBackup4all 3Backup4all.exe» [2007-11-05 3133080]
«Backup4all Scheduler»=»c:program filesSoftlandBackup4all 3b4aSched.Exe» [2007-11-05 478360]
«SJelite3Launch»=»c:documents and settingsАндрейApplication DataTranscendSJelite3SJelite3Launch.exe» [2009-09-18 176128]
«PC Suite Tray»=»c:program filesNokiaNokia PC Suite 7PCSuite.exe» [2009-11-11 1451520][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Bluetooth Connection Assistant»=»LBTWIZ.EXE -silent» [X]
«Kernel and Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«TaskSwitchXP»=»c:program filesTaskSwitchXPTaskSwitchXP.exe» [2007-03-09 62976]
«JMB36X IDE Setup»=»c:windowsRaidToolxInsIDE.exe» [2007-03-20 36864]
«36X Raid Configurer»=»c:windowssystem32xRaidSetup.exe» [2007-03-21 1953792]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«zBrowser Launcher»=»c:program filesLogitechiTouchiTouch.exe» [2002-11-22 631362]
«Logitech Hardware Abstraction Layer»=»KHALMNPR.EXE» [2008-12-18 76304]
«GrooveMonitor»=»c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe» [2008-10-25 31072]
«MAgent»=»c:program filesMail.RuAgentmagent.exe» [2009-07-27 7975608]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2008-08-18 1447168]
«SoundMAXPnP»=»c:program filesAnalog DevicesCoresmax4pnp.exe» [2006-12-18 868352]
«Ai Remote Help»=»c:program filesASUSAI RemoteAiRc.exe» [2007-09-03 3346432]
«ASUS UpdateChecker»=»c:program filesASUSUpdateCheckerUpdateChecker.exe» [2008-11-03 110592]
«Ai Nap»=»c:program filesASUSAI SuiteAiNapAiNap.exe» [2008-01-28 1413120]
«CPU Power Monitor»=»c:program filesASUSAI SuiteAiGear3CpuPowerMonitor.exe» [2008-01-09 627200]
«Cpu Level Up help»=»c:program filesASUSAI SuiteCpuLevelUpHelp.exe» [2007-11-30 881152]
«ASUS Energy Saving»=»c:program filesASUSAI SuiteEnergySavingPwSave.exe» [2008-01-28 1352704]
«BluetoothAuthenticationAgent»=»bthprops.cpl» [2008-04-15 110592]
«DiscWizardMonitor.exe»=»c:program filesSeagateDiscWizardDiscWizardMonitor.exe» [2007-09-04 1188864]
«AcronisTimounterMonitor»=»c:program filesSeagateDiscWizardTimounterMonitor.exe» [2007-09-04 1963768]
«Acronis Scheduler2 Service»=»c:program filesCommon FilesSeagateSchedule2schedhlp.exe» [2007-09-04 148760]
«Adobe Reader Speed Launcher»=»c:program filesAdobeReader 8.0ReaderReader_sl.exe» [2008-01-11 39792]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2009-07-14 98304]
«QuickTime Task»=»c:program filesQuickTimeQTTask.exe» [2009-11-10 417792]
«iTunesHelper»=»c:program filesiTunesiTunesHelper.exe» [2009-11-12 141600]
«UPSMON»=»c:program filesUPSMONUPSMON.exe» [2008-07-02 433664][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-04-15 37376]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096]
«VisualTaskTips»=»c:program filesVisualTaskTipsVisualTaskTips.exe» [2008-06-23 65536][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«IE7_012″=»advpack.dll» [2009-10-29 124928]
«IE7_013″=»rebuild.exe» [2007-11-01 114280]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Logitech Desktop Messenger.lnk — c:program filesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe [2009-1-29 67128]
Logitech SetPoint.lnk — c:program filesLogitechSetPointSetPoint.exe [2009-3-24 809488][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyLBTWlgn]
2009-02-18 21:30 72208 —-a-w- c:program filesCommon FilesLogitechBluetoothLBTWLgn.dll[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdfLoadGroup]
@=»»[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«DisableNotifications»= 1 (0x1)
«DisableUnicastResponsesToMulticastBroadcast»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE»=
«c:\Program Files\Microsoft Office\Office12\GROOVE.EXE»=
«c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE»=
«c:\Program Files\Starlink VideoLAN\vlc.exe»=
«e:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe»=
«e:\Rockstar Games\Grand Theft Auto IV\GTAIV.exe»=
«e:\Ventrilo\Ventrilo.exe»=
«c:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe»=
«e:\Gears of War\Binaries\WarGame-G4WLive.exe»=
«e:\uTorrent\uTorrent.exe»=
«e:\Race Driver GRID\GRID.exe»=
«e:\SREETFIGHTERIV\StreetFighterIV.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\xrEngine.exe»=
«e:\С.Т.А.Л.К.Е.Р. — Чистое Небо\bin\dedicated\xrEngine.exe»=
«c:\WINDOWS\system32\PnkBstrA.exe»=
«c:\WINDOWS\system32\PnkBstrB.exe»=
«e:\Call of Duty 4 — Modern Warfare\iw3mp.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\xrEngine.exe»=
«e:\S.T.A.L.K.E.R. — Зов Припяти\bin\dedicated\xrEngine.exe»=
«e:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe»=
«e:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe»=
«c:\Program Files\iTunes\iTunes.exe»=
«c:\Program Files\Skype\Plugin Manager\skypePM.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx9.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Dx10.exe»=
«e:\Assassin’s Creed\AssassinsCreed_Launcher.exe»=
«c:\Program Files\ICQ7.0\ICQ.exe»=
«c:\Program Files\ICQ7.0\aolload.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=
«d:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe»=[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«26689:TCP»= 26689:TCPR0 pe3ajtsc;Stalker (Pro) Environment Driver (pe3ajtsc);c:windowssystem32driverspe3ajtsc.sys [15.08.2007 15:11 64640]
R0 ps7ajtsc;Stalker (Pro) Synchronization Driver (ps7ajtsc);c:windowssystem32driversps7ajtsc.sys [15.08.2007 15:11 68744]
R0 sptd;sptd;c:windowssystem32driverssptd.sys [23.11.2008 20:22 721904]
R1 appdrv01;Application Driver (01);c:windowssystem32driversappdrv01.sys [08.10.2009 2:40 3069040]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [18.08.2008 13:27 34312]
R2 ekrn;Eset Service;c:program filesESETESET NOD32 Antivirusekrn.exe [18.08.2008 13:25 468224]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc —> c:windowsSystem32appdrvrem01.exe svc [?]
S2 pr2ajtsc;Stalker (Pro) Drivers Auto Removal (pr2ajtsc);c:windowssystem32pr2ajtsc.exe svc —> c:windowssystem32pr2ajtsc.exe svc [?]— Other Services/Drivers In Memory —
*NewlyCreated* — HELPSVC
*NewlyCreated* — UPSMONSERVICE[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
DcomLaunch REG_MULTI_SZ DcomLaunch TermService Netprotocol
.
Contents of the ‘Scheduled Tasks’ folder2010-02-25 c:windowsTasksb4a_bp6.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-02-25 c:windowsTasksb4a_Мои документы.job
— c:program filesSoftlandBackup4all 3b4aSchedStarter.exe [2009-05-21 11:24]2010-02-25 c:windowsTasksOGALogon.job
— c:windowssystem32OGAEXEC.exe [2009-08-03 11:07]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.lofisnet.ru/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master — d:download masterdmieall.htm
IE: Закачать при помощи Download Master — d:download masterdmie.htm
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} — c:program filesICQ7.0ICQ.exe
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — d:download masterdmaster.exe
TCP: {A80D0705-8D40-4C7D-AFE9-E8D841452343} = 80.79.176.2,80.79.176.3
Handler: bwfile-8876480 — {9462A756-7B47-47BC-8C80-C34B9B80B32B} — c:program filesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
FF — ProfilePath — c:documents and settingsАндрейApplication DataMozillaFirefoxProfiles1djs6yc0.default
FF — prefs.js: browser.search.selectedEngine — QIP Search
FF — prefs.js: browser.startup.homepage — hxxp://info.starlink.ru/
FF — prefs.js: keyword.URL — hxxp://search.qip.ru/search?from=FF&query=
FF — component: c:program filesMozilla Firefoxcomponentsqippipe.dll
FF — component: c:program filesMozilla Firefoxextensions{B13721C7-F507-4982-B2E5-502A71474FED}componentsNPComponent.dll
FF — component: c:program filesNokiaNokia PC Suite 7bkmrksynccomponentsBkMrkExt.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnprpjplug.dll
FF — plugin: c:program filesStarlink VideoLANnpvlc.dll
FF — HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} — c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension—- FIREFOX POLICIES —-
FF — user.js: general.useragent.extra.zencast — Creative ZENcast v2.01.01.
— — — — ORPHANS REMOVED — — — —URLSearchHooks-{83821C2B-32A8-4DD7-B6D4-44309A78E668} — c:program filesMail.RuAgentMradllnewmrasearch.dll
HKLM-Run-plugin — c:program filesplugin.exe**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-26 02:38
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spdm.sys >>UNKNOWN [0x8ADA7938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
DriverDisk -> CLASSPNP.SYS @ 0xba11cf28
DriverACPI -> ACPI.sys @ 0xb9e66cb8
Driveratapi -> atapi.sys @ 0xb9de5b40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
DeviceHarddisk0DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xb9cedbb0
PacketIndicateHandler -> NDIS.sys @ 0xb9cfab21
SendHandler -> NDIS.sys @ 0xb9cd887b
user & kernel MBR OK**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(936)
c:windowssystem32SETUPAPI.dll
c:windowssystem32Ati2evxx.dll
c:program filescommon fileslogitechbluetoothLBTWlgn.dll
c:program filescommon fileslogitechbluetoothLBTServ.dll
c:windowssystem32cscui.dll
c:windowssystem32COMRes.dll— — — — — — — > ‘lsass.exe'(1008)
c:windowssystem32setupapi.dll— — — — — — — > ‘explorer.exe'(6140)
c:windowssystem32WININET.dll
c:program filesLogitechSetPointIMHook.dll
c:program filesVisualTaskTipsVttHooks.dll
c:program filesLogitechSetPointlgscroll.dll
c:windowssystem32COMRes.dll
c:windowsSystem32cscui.dll
c:program filesLogitechiTouchiTchHk.dll
c:windowssystem32msi.dll
c:windowssystem32SETUPAPI.dll
c:windowssystem32WPDShServiceObj.dll
c:program filesNokiaNokia PC Suite 7PhoneBrowser.dll
c:program filesNokiaNokia PC Suite 7NGSCM.DLL
c:program filesNokiaNokia PC Suite 7LangPhoneBrowser_rus.nlr
c:program filesNokiaNokia PC Suite 7ResourcePhoneBrowser_Nokia.ngr
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
c:windowssystem32credui.dll
c:windowssystem32MSVCP60.dll
.
Other Running Processes
.
c:windowssystem32Ati2evxx.exe
c:program filesCommon FilesLogitechBluetoothLBTServ.exe
c:windowssystem32Ati2evxx.exe
c:program filesCommon FilesSeagateSchedule2schedul2.exe
c:program filesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
c:program filesBonjourmDNSResponder.exe
c:windowssystem32inetsrvinetinfo.exe
c:program filesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
c:windowssystem32PnkBstrA.exe
e:alcohol 120StarWindStarWindServiceAE.exe
c:windowssystem32dllhost.exe
c:windowsSystem32vssvc.exe
c:program filesLogitechSetPointLBTWiz.exe
c:windowssystem32rundll32.exe
c:program filesASUSAASP1.00.59aaCenter.exe
c:program filesASUSAI RemoteAiRemote.exe
c:program filesATI TechnologiesATI.ACECore-StaticMOM.exe
c:windowssystem32dllhost.exe
c:program filesUPSMONUPSMON_Service.Exe
c:program filesCommon FilesLogishrdKHAL2KHALMNPR.EXE
c:windowssystem32msdtc.exe
c:program filesUPSMONUPSUSBInt3.exe
c:program filesPC Connectivity SolutionServiceLayer.exe
c:program filesATI TechnologiesATI.ACECore-Staticccc.exe
c:program filesiPodbiniPodService.exe
c:program filesPC Connectivity SolutionTransportsNclUSBSrv.exe
c:program filesPC Connectivity SolutionTransportsNclRSSrv.exe
c:program filesPC Connectivity SolutionTransportsNclMSBTSrv.exe
.
**************************************************************************
.
Completion time: 2010-02-26 02:39:46 — machine was rebooted
ComboFix-quarantined-files.txt 2010-02-25 23:39Pre-Run: 13 538 328 576 байт свободно
Post-Run: 15 286 509 568 байт свободноWindowsXP-KB310994-SP2-Pro-BootDisk-RUS.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS
[operating systems]
c:cmdconsBOOTSECT.DAT=»Microsoft Windows Recovery Console» /cmdcons
multi(0)disk(0)rdisk(0)partition(1)WINDOWS=»Microsoft Windows XP Professional RU» /noexecute=optin /fastdetect— — End Of File — — DA5173FB72912EEE676FEE9F12DE47C5
info.txt logfile of random’s system information tool 1.06 2010-02-14 01:47:42
======Uninstall list======
—>»C:Program FilesCreative Installation InformationCREATIVE_SYNC_MANAGER_USetup.exe» /remove /l0x0009
—>»C:Program FilesCreative Installation InformationCREATIVE_VIDEO_CONVERTERSetup.exe» /remove /l0x0009
—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{11E83B33-972B-4512-A447-FF0FD0246EE9}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{21B6F79B-2286-4BB0-B1E3-BA6B9498D110}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{23EFDB58-0874-4883-9810-EDA510B19FAE}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{27B9131D-CEFA-42C5-8D7D-56EFD80BAA25}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2BFBC62A-3353-443D-93BE-7AC641D9F342}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{5D1A81AA-ED90-11D6-86D3-00055DF3561E}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B100B05B-E290-41EF-9366-8BC4C76D7769}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{BDFC3C8D-823E-4FCF-870B-E756B27CB57E}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{D3568156-59C3-42DF-A520-2C25B6706C91}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{E213C271-AEFA-481D-A9B4-914D88925B8D}setup.exe» -l0x9
—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}setup.exe» -l0x9
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ACDSee Pro 2—>MsiExec.exe /I{D7BE6116-C735-4E1A-AC4E-0CC671C182F7}
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Reader 8 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A81200000003}
Adobe Shockwave Player 11.5—>»C:WINDOWSsystem32AdobeShockwave 11uninstaller.exe»
AI Remote—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0AFF134D-A6B4-4669-9573-36665FFD1F50}Setup.exe» -l0x9
AI Suite—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{310BC5E2-31AF-49BB-904D-E71EB93645DC}Setup.exe» -l0x9
Apple Application Support—>MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support—>MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update—>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoImpression—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6C5D7191-140A-11D6-B5A0-0050DA208A93}SETUP.EXE» -l0x19 -uninst
Assassin’s Creed—>C:Program FilesInstallShield Installation Information{8CFA9151-6404-409A-AF22-4632D04582FD}setup.exe -runfromtemp -l0x0019 -removeonly
ATI — Software Uninstall Utility—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}setup.exe» -l0x0
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AviSynth 2.5—>»C:Program FilesAviSynth 2.5Uninstall.exe»
Backup4all 3—>»C:Program FilesSoftlandBackup4all 3unins000.exe»
Bonjour—>MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Bonjour—>MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Call of Duty(R) 4 — Modern Warfare(TM)—>C:Program FilesInstallShield Installation Information{E48469CC-635E-4FD5-A122-1497C286D217}setup.exe -runfromtemp -l0x0419
Catalyst Control Center — Branding—>MsiExec.exe /I{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}
CDDRV_Installer—>MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Command & Conquer™ Red Alert™ 3—>MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Counter-Strike: Source—>»C:WINDOWSunins000.exe»
Download Master version 5.5.10.1163—>»D:Download Masterunins000.exe»
EA Download Manager—>C:Program FilesElectronic ArtsEADMUninstall.exe
EPSON Copy Utility—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B69CC1A5-0404-11D6-ABCB-005004C21D30}setup.exe» -l0x9 ADDREMOVEDLG
EPSON Photo Print—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{9391F2BC-B6F3-4AAC-82CC-5A74A4ED388E}setup.exe» -l0x9 MyUninstall
EPSON Scan—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0E0131B2-CF18-40D9-A331-60A3746C1204}SETUP.EXE» -l0x19 UNINSTALL
EPSON Smart Panel—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6C11D561-620B-47DA-A693-4C597F3CDF40}SETUP.EXE» -l0x9 Uninstall
ESET NOD32 Antivirus—>MsiExec.exe /I{568EA1A6-E43E-4D0C-B5A0-F3D78E753D77}
Gears of War—>»C:Program FilesInstallShield Installation Information{1170D24F-42B7-40CF-AA1B-6395CE562354}Setup.exe» -runfromtemp -l0x0419 -removeonly
Gears of War—>MsiExec.exe /I{1170D24F-42B7-40CF-AA1B-6395CE562354}
Grand Theft Auto IV—>»C:Program FilesInstallShield Installation Information{579BA58C-F33D-4970-9953-B94B43768AC3}setup.exe» -runfromtemp -l0x0019 -removeonly
Half-Life 2: Lost Coast—>»D:Steamsteam.exe» steam://uninstall/340
HashTab 1.14—>C:WINDOWSsystem32htdel.bat
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=»»
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=»»
Hotfix for Windows Media Format 11 SDK (KB929399)—>»C:WINDOWS$NtUninstallKB929399$spuninstspuninst.exe»
ICQ6.5—>»C:Program FilesInstallShield Installation Information{60DE4033-9503-48D1-A483-7846BD217CA9}setup.exe» -runfromtemp -l0x0009 -removeonly
Img2Ozf Version 2—>E:топографияunins000.exe
iRedSoft Image Resizer 2.22a —>C:WINDOWSuninstalliRedSoft Image Resizersetup.exe
iTunes—>MsiExec.exe /I{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}
Java(TM) 6 Update 6—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
JMB36X Raid Configurer—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}setup.exe» -l0x19 -removeonly
KhalInstallWrapper—>MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
K-Lite Mega Codec Pack 4.7.0—>»C:Program FilesK-Lite Codec Packunins000.exe»
L&H TTS3000 Deutsch—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSGED.inf, Uninstall
L&H TTS3000 Espaсol—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSSPE.inf, Uninstall
L&H TTS3000 Franзais—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSFRF.inf, Uninstall
L&H TTS3000 Italiano—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSITI.inf, Uninstall
L&H TTS3000 Russian—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSRUR.inf, Uninstall
Left 4 Dead 2—>»D:Steamsteam.exe» steam://uninstall/550
Lernout & Hauspie TruVoice American English TTS Engine—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFtv_enua.inf, Uninstall
Logitech Desktop Messenger—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime100Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}SETUP.exe» -l0x9 UNINSTALL -removeonly
Logitech Gaming Software—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{13AA6556-BA96-4468-A8B4-1AD4A75AD5A0}setup.exe» -l0x9 -removeonly
Logitech iTouch Software—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{036AA4D4-6D32-11D4-9875-00105ACE7734}setup.exe» -l0x9 UNINSTALL
Logitech SetPoint—>»C:Program FilesInstallShield Installation Information{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}setup.exe» -runfromtemp -l0x0019 -removeonly
Mail.Ru Агент 5.5 (сборка 2842, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
Malwarebytes’ Anti-Malware—>»C:Program FilesMalwarebytes’ Anti-Malwareunins000.exe»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1 Security Update (KB953297)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WINDOWSMicrosoft.NETFrameworkv1.1.4322UpdatesM953297M953297Uninstall.msp»
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack — RUS—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0 Language Pack — RUSinstall.exe
Microsoft .NET Framework 2.0 Service Pack 2—>MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2—>MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1—>C:WINDOWSMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5 SP1setup.exe
Microsoft .NET Framework 3.5 SP1—>MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Games for Windows — LIVE —>MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
Microsoft Games for Windows — LIVE Redistributable—>MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5—>»C:WINDOWS$NtUninstallWdf01005$spuninstspuninst.exe»
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWdf01007$spuninstspuninst.exe»
Microsoft Office 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWudf01007$spuninstspuninst.exe»
Microsoft Visual C++ 2005 ATL Update kb973923 — x86 8.0.50727.4053—>MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual Studio 2005 Tools for Office Runtime—>MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
MioTransfer—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2F6DA398-707F-4D52-AE6A-7E812D1662D6}setup.exe» -l0x19
Monopoly by Parker Brothers—>E:Monopoly by Parker BrothersUNWISE.EXE /U E:Monopoly by Parker BrothersINSTALL.LOG
Mozilla Firefox (3.5.7)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSVC80_x86_v2—>MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86—>MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)—>MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MyAC 1.5.5—>»D:MyACunins000.exe»
Need for Speed™ Undercover—>MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}
Nero Suite—>C:Program FilesCommon FilesAheadUninstallSetupx.exe /uninstall ExtraUninstallID=»»
Nokia Connectivity Cable Driver—>MsiExec.exe /I{C50EF365-2898-489A-B6C7-30DAA466E9A2}
Nokia PC Suite—>C:Documents and SettingsAll UsersApplication DataInstallations{19DC9559-9C20-4A46-A67D-7ECBA52A2788}Nokia_PC_Suite_rus_web.exe
Nokia PC Suite—>MsiExec.exe /I{19DC9559-9C20-4A46-A67D-7ECBA52A2788}
Nokia Software Updater—>MsiExec.exe /X{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}
Norton PartitionMagic 8.0—>C:PROGRA~1COMMON~1INSTAL~1Driver9Intel 32IDriver.exe /M{21DBBDD6-93A5-4326-9A04-C9A5C9148502}
OGA Notifier 2.0.0048.0—>MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
OpenAL—>»C:Program FilesOpenALOpenALwEAX.exe» /U /S
Paint.NET v3.35—>rundll32.exe advpack.dll,LaunchINFSection PaintDN.inf,Uninstall
PC Connectivity Solution—>MsiExec.exe /I{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}
Pcsx2 0.9.4 Watermoose—>»E:эмулятор пс2пс2Pcsx2_0.9.4unins000.exe»
Portal—>»D:Steamsteam.exe» steam://uninstall/400
PROMT Expert 8 Giant Try-Buy—>MsiExec.exe /I{A4F761F7-FBC8-49BF-BC37-15550C3EAA85}
QIP 2005 Uninstall—>»C:Program FilesQIPunqip.exe»
QIP.Online—>C:Program FilesQIP.OnlineUninstall.exe
QuickTime—>MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Race Driver GRID—>C:Program FilesInstallShield Installation Information{70BC658C-C358-416D-B301-15433F33BD56}setup.exe -runfromtemp -l0x0019 -removeonly
Realtek High Definition Audio Driver—>RtkUpd.exe -r -m
Rockstar Games Social Club—>»C:Program FilesInstallShield Installation Information{08B3869E-D282-424C-9AFC-870E04A4BA14}setup.exe» -runfromtemp -l0x0019 -removeonly
S.T.A.L.K.E.R. — Зов Припяти [v1.6.00]—>»E:S.T.A.L.K.E.R. — Зов Припятиunins000.exe»
S.T.A.L.K.E.R. [v1.0004]—>»E:STALKERunins000.exe»
Samsung ML-1710 Series—>C:WINDOWSSamsungML-1710SETUP.EXE
ScanToWeb—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}setup.exe» ADDREMOVEDLG
Seagate DiscWizard—>MsiExec.exe /X{81A60A13-224D-4637-8203-3EAC03B121A4}
Security Update for 2007 Microsoft Office System (KB969559)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for CAPICOM (KB931906)—>MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)—>MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB973593)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB969604)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Skype web features—>MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1—>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoundMAX—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime100Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F0A37341-D692-11D4-A984-009027EC0A9C}Setup.exe» -l0x19 -removeonly
Stanza—>»C:Program FilesStanzauninstall.exe»
Starlink VideoLAN—>C:Program FilesStarlink VideoLANuninstal.exe
STREET FIGHTER IV—>MsiExec.exe /X{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}
Test Drive Unlimited Gold—>»D:Test Drive Unlimited Golduninstunins000.exe»
Update for 2007 Microsoft Office System (KB967642)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=»»
Update for Microsoft Office InfoPath 2007 (KB976416)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Outlook 2007 Junk Email Filter (kb976884)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FB60F280-C70F-4174-BADB-471412AA42F0}
Venta ZVoice 5.7 (удаление/восстановление)—>C:Program FilesVentaVenta ZVoice 5vfuninst.exe
Ventrilo Client—>MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Videora iPod Converter 3.08—>E:Video Converter 3uninstaller.exe
Vista Drive Icon—>rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFVistaDrv.inf,Uninstall
Visual Task Tips—>rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFVTTips3.inf,Uninstall
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Wolfenstein(TM) 1.1 Patch—>C:Program FilesInstallShield Installation Information{E03B44A3-9237-4B55-B7A5-DB1DD46920D3}setup.exe -runfromtemp -l0x0409
Wolfenstein—>C:Program FilesInstallShield Installation Information{F9B37992-968C-4264-8449-489032FC28DE}setup.exe -runfromtemp -l0x0419
ZENcast Organizer—>»C:Program FilesCreative Installation InformationZENCAST_ORGANIZERSetup.exe» /remove /l0x0009
ZyXEL NetFriend 1.3.58—>»C:Program FilesZyXELNetFriendunins000.exe»
ZyXEL OMNI 56K PCI Plus Rev.3—>C:Program FilesCONEXANTCNXT_MODEM_PCI_VEN_14F1&DEV_2F30&SUBSYS_200F14F1HXFSETUP.EXE -U -IZyx200F5.inf
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Вин Дизель Wheelman—>C:Program FilesInstallShield Installation Information{52612909-C9A1-4D4E-BFED-820B14119234}setup.exe -runfromtemp -l0x0019 -removeonly
Дополнительные аплеты панели управления—>rundll32.exe advpack.dll,LaunchINFSection CPLDAPU.inf,uninstall
еда выполнения Visual Studio 2005 Tools for Office, второй выпуск—>C:Program FilesCommon FilesMicrosoft SharedVSTO8.0Microsoft Visual Studio 2005 Tools for Office Runtimeinstall.exe
Исправление для Windows XP (KB961118)—>»C:WINDOWS$NtUninstallKB961118$spuninstspuninst.exe»
Исправление для Windows XP (KB970653-v3)—>»C:WINDOWS$NtUninstallKB970653-v3$spuninstspuninst.exe»
Исправление для Windows XP (KB976098-v2)—>»C:WINDOWS$NtUninstallKB976098-v2$spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB938127-v2)—>»C:WINDOWSie7updatesKB938127-v2-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB956390)—>»C:WINDOWSie7updatesKB956390-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB958215)—>»C:WINDOWSie7updatesKB958215-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB960714)—>»C:WINDOWSie7updatesKB960714-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB961260)—>»C:WINDOWSie7updatesKB961260-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB963027)—>»C:WINDOWSie7updatesKB963027-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB969897)—>»C:WINDOWSie7updatesKB969897-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB972260)—>»C:WINDOWSie7updatesKB972260-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB974455)—>»C:WINDOWSie7updatesKB974455-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB976325)—>»C:WINDOWSie7updatesKB976325-IE7spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB923561)—>»C:WINDOWS$NtUninstallKB923561$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952004)—>»C:WINDOWS$NtUninstallKB952004$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB953155)—>»C:WINDOWS$NtUninstallKB953155$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954211)—>»C:WINDOWS$NtUninstallKB954211$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954459)—>»C:WINDOWS$NtUninstallKB954459$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956391)—>»C:WINDOWS$NtUninstallKB956391$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956572)—>»C:WINDOWS$NtUninstallKB956572$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956744)—>»C:WINDOWS$NtUninstallKB956744$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956841)—>»C:WINDOWS$NtUninstallKB956841$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956844)—>»C:WINDOWS$NtUninstallKB956844$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957095)—>»C:WINDOWS$NtUninstallKB957095$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958690)—>»C:WINDOWS$NtUninstallKB958690$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958869)—>»C:WINDOWS$NtUninstallKB958869$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB959426)—>»C:WINDOWS$NtUninstallKB959426$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960225)—>»C:WINDOWS$NtUninstallKB960225$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960715)—>»C:WINDOWS$NtUninstallKB960715$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960803)—>»C:WINDOWS$NtUninstallKB960803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960859)—>»C:WINDOWS$NtUninstallKB960859$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961371)—>»C:WINDOWS$NtUninstallKB961371$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961373)—>»C:WINDOWS$NtUninstallKB961373$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961501)—>»C:WINDOWS$NtUninstallKB961501$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB968537)—>»C:WINDOWS$NtUninstallKB968537$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB969059)—>»C:WINDOWS$NtUninstallKB969059$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB969898)—>»C:WINDOWS$NtUninstallKB969898$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB969947)—>»C:WINDOWS$NtUninstallKB969947$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB970238)—>»C:WINDOWS$NtUninstallKB970238$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB970430)—>»C:WINDOWS$NtUninstallKB970430$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB970483)—>»C:WINDOWS$NtUninstallKB970483$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971486)—>»C:WINDOWS$NtUninstallKB971486$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971557)—>»C:WINDOWS$NtUninstallKB971557$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971633)—>»C:WINDOWS$NtUninstallKB971633$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971657)—>»C:WINDOWS$NtUninstallKB971657$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971961)—>»C:WINDOWS$NtUninstallKB971961$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973346)—>»C:WINDOWS$NtUninstallKB973346$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973354)—>»C:WINDOWS$NtUninstallKB973354$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973507)—>»C:WINDOWS$NtUninstallKB973507$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973525)—>»C:WINDOWS$NtUninstallKB973525$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973869)—>»C:WINDOWS$NtUninstallKB973869$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973904)—>»C:WINDOWS$NtUninstallKB973904$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB974112)—>»C:WINDOWS$NtUninstallKB974112$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB974318)—>»C:WINDOWS$NtUninstallKB974318$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB974392)—>»C:WINDOWS$NtUninstallKB974392$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB974571)—>»C:WINDOWS$NtUninstallKB974571$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB975025)—>»C:WINDOWS$NtUninstallKB975025$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB975467)—>»C:WINDOWS$NtUninstallKB975467$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB954155)—>»C:WINDOWS$NtUninstallKB954155_WM9$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB968816)—>»C:WINDOWS$NtUninstallKB968816_WM9$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB973540)—>»C:WINDOWS$NtUninstallKB973540_WM9$spuninstspuninst.exe»
Обновление для Windows Internet Explorer 7 (KB976749)—>»C:WINDOWSie7updatesKB976749-IE7spuninstspuninst.exe»
Обновление для Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
Обновление для Windows XP (KB967715)—>»C:WINDOWS$NtUninstallKB967715$spuninstspuninst.exe»
Обновление для Windows XP (KB968389)—>»C:WINDOWS$NtUninstallKB968389$spuninstspuninst.exe»
Обновление для Windows XP (KB971737)—>»C:WINDOWS$NtUninstallKB971737$spuninstspuninst.exe»
Обновление для Windows XP (KB973687)—>»C:WINDOWS$NtUninstallKB973687$spuninstspuninst.exe»
Обновление для Windows XP (KB973815)—>»C:WINDOWS$NtUninstallKB973815$spuninstspuninst.exe»
Пакет драйверов Windows — Nokia Modem (05/22/2008 3.8)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181Enokia_bluetooth.inf
Пакет драйверов Windows — Nokia Modem (05/22/2008 7.00.0.1)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9nokbtmdm.inf
Пакет драйверов Windows — Nokia Modem (06/01/2009 7.01.0.4)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_0777326F40B753DD4E385F058ADB286B70A301FEnokbtmdm.inf
Пакет драйверов Windows — Nokia Modem (10/05/2009 4.2)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokia_blue_AAB746D5658CCF4CAE7A35CED5F0ADA3C447A973nokia_bluetooth.inf
Пакет драйверов Windows — Nokia pccsmcfd (08/22/2008 7.0.0.0)—>C:PROGRA~1DIFXB4723E9A0713E5B1dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294pccsmcfd.inf
С.Т.А.Л.К.Е.Р. — Чистое Небо—>»E:С.Т.А.Л.К.Е.Р. — Чистое Небоunins000.exe»======Security center information======
AV: ESET NOD32 Antivirus 3.0
======System event log======
Computer Name: ANDREI
Event Code: 1
Message: Protection Synchronization Driver detected an internal error, contact the customer support service.Record Number: 21075
Source Name: ps7ajtsc
Time Written: 20100131113748.000000+180
Event Type: ошибка
User:Computer Name: ANDREI
Event Code: 1
Message: Protection Synchronization Driver detected an internal error, contact the customer support service.Record Number: 21074
Source Name: ps7ajtsc
Time Written: 20100131113748.000000+180
Event Type: ошибка
User:Computer Name: ANDREI
Event Code: 1
Message: Protection Synchronization Driver detected an internal error, contact the customer support service.Record Number: 21073
Source Name: ps7ajtsc
Time Written: 20100131113748.000000+180
Event Type: ошибка
User:Computer Name: ANDREI
Event Code: 1
Message: Protection Synchronization Driver detected an internal error, contact the customer support service.Record Number: 21072
Source Name: ps7ajtsc
Time Written: 20100131113748.000000+180
Event Type: ошибка
User:Computer Name: ANDREI
Event Code: 1
Message: Protection Synchronization Driver detected an internal error, contact the customer support service.Record Number: 21071
Source Name: ps7ajtsc
Time Written: 20100131113748.000000+180
Event Type: ошибка
User:=====Application event log=====
Computer Name: ANDREI
Event Code: 105
Message: The service was started.Record Number: 5341
Source Name: ATI Smart
Time Written: 20090822114250.000000+240
Event Type: информация
User:Computer Name: ANDREI
Event Code: 4
Message: Bluetooth Hub switched to HCI modeRecord Number: 5340
Source Name: LBTServ
Time Written: 20090822114243.000000+240
Event Type: информация
User:Computer Name: ANDREI
Event Code: 2444
Message: MS DTC запустился со следующими настройками:Настройка безопасности (OFF = 0 и ON = 1):
Сетевое администрирование транзакций = 0,
Сетевые клиенты = 0,
Входящие распределенные транзакции по протоколу Native MSDTC Protocol = 0,
Исходящие распределенные транзакции по протоколу Native MSDTC Protocol = 0,
Протокол TIP = 0,
Транзакции XA = 0
Record Number: 5339
Source Name: MSDTC
Time Written: 20090821174613.000000+240
Event Type: информация
User:Computer Name: ANDREI
Event Code: 0
Message:
Record Number: 5338
Source Name: ServiceLayer
Time Written: 20090821174607.000000+240
Event Type: информация
User:Computer Name: ANDREI
Event Code: 0
Message:
Record Number: 5337
Source Name: iPod Service
Time Written: 20090821174607.000000+240
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=C:Program FilesPC Connectivity Solution;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesATI TechnologiesATI.ACECore-Static;C:Program FilesQuickTimeQTSystem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 23 Stepping 10, GenuineIntel
«PROCESSOR_REVISION»=170a
«NUMBER_OF_PROCESSORS»=4
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«RGSCLauncher»=E:Rockstar GamesRockstar Games Social Club
«RGSC»=E:Rockstar GamesRockstar Games Social Club1_0_0_0
«CLASSPATH»=.;C:Program FilesJavajre1.6.0_06libextQTJava.zip
«QTJAVA»=C:Program FilesJavajre1.6.0_06libextQTJava.zip
EOF
