Созданные ответы форума
-
Сообщения
-
ComboFix 09-05-19.08 — Core2Duo 20.05.2009 19:01.5 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.1022.547 [GMT 4:00]
Running from: c:documents and settingsCore2DuoРабочий столComboFix.exe
Command switches used :: c:documents and settingsCore2DuoРабочий столCFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090519-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Doctor Web Anti-Virus *On-access scanning disabled* (Updated) {3454C8F1-ECBC-4180-A6F4-04632FBA762B}WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE ::
c:windows119959orz795.bin
c:windows12005w9rm65z.bin
c:windows1d9dvir15z.bin
c:windows2c8aszar9e225.bin
c:windows2d695pyware9028z.bin
c:windows3b4bspar5z2964.bin
c:windows3z5ddownloader1795.bin
c:windows41c05hr9at2z933.bin
c:windows43035d9ware23z0.bin
c:windows4fd9spyz95e325.bin
c:windows50ceaddwarz595.bin
c:windows5569t5izf2626.bin
c:windows6992zpyware5257.bin
c:windows6a135tzal559.bin
c:windows7054thr9at1z229.bin
c:windows79a7downloader1959z.bin
c:windows7f9cba5kdooz2609.exe
c:windows9660s5yzb3.bin
c:windows99758szambo560b.bin
c:windows9f9as5arse299z.bin
c:windowssystem3212956spy5daz.bin
c:windowssystem3215e6tzreat9276.bin
c:windowssystem3226645not-azvir9s3e8.bin
c:windowssystem3227095n5t-a-9irusz75.bin
c:windowssystem3229522spzfe.bin
c:windowssystem3234azs5ars92628.bin
c:windowssystem32795atzief3098.bin
c:windowssystem327d9at5reat2z184.bin
c:windowssystem328505vi9uz7ae.bin
c:windowssystem32977159oj608z.bin
c:windowssystem3298259pamb5tz73.bin
c:windowssystem32DriversWindq36.sys
c:windowssystem32DriversWinok82.sys
c:windowssystem32DriversWinqh23.sys
c:windowssystem32DriversWinvb58.sys
c:windowssystem32DriversWinvx78.sys
c:windowssystem32setup2.exe
c:windowssystem32z1183w9rm435.bin
c:windowssystem32z85599acktool85.bin
d:мои прогиDr.WebMaxAntiSpySSS.sys
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
..
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
Service_MaxAntiSpyFilter
Service_Windq36
Service_Winok82
Service_Winqh23
Service_Winvb58
Service_Winvx78((((((((((((((((((((((((( Files Created from 2009-04-20 to 2009-05-20 )))))))))))))))))))))))))))))))
.2009-05-15 08:44 . 2009-05-15 08:44
dc—-w c:documents and settingsAll UsersApplication DataPROject MT
2009-05-15 07:48 . 2009-05-15 07:52
d
w c:program filesABBYY FineReader 8.0 Professional Edition
2009-05-14 18:17 . 2009-05-14 18:17
dc—-w c:documents and settingsCore2DuoApplication DataABBYY
2009-05-13 10:27 . 2009-05-13 10:27
dcsh—w c:documents and settingsCore2DuoUserData
2009-05-11 20:57 . 2009-05-11 20:57
d
w c:windowsSun
2009-05-11 09:42 . 2009-05-11 09:42
d-sh—w c:documents and settingsLocalServiceIETldCache
2009-05-10 19:09 . 2009-05-10 19:09 410984 —-a-w c:windowssystem32deploytk.dll
2009-05-10 19:09 . 2009-05-10 19:09
d
w c:program filesJava
2009-05-10 16:59 . 2008-05-09 10:56 180224
w c:windowssystem32dllcachescrobj.dll
2009-05-10 16:59 . 2008-05-09 10:56 172032
w c:windowssystem32dllcachescrrun.dll
2009-05-10 16:59 . 2008-05-09 10:56 90112
w c:windowssystem32dllcachewshext.dll
2009-05-10 16:59 . 2008-05-09 08:45 135168
w c:windowssystem32dllcachecscript.exe
2009-05-10 16:59 . 2008-05-08 11:24 155648
w c:windowssystem32dllcachewscript.exe
2009-05-10 16:31 . 2009-05-12 17:04
d
w c:program filestrend micro
2009-05-10 12:38 . 2008-04-14 17:17 86016
w c:windowssystem32dllcachemsxml6r.dll
2009-05-10 12:38 . 2008-09-10 01:15 1307648
w c:windowssystem32dllcachemsxml6.dll
2009-05-10 12:38 . 2008-04-14 17:39 102912
w c:windowssystem32dllcachedpcdll.dll
2009-05-10 12:38 . 2008-04-13 20:15 46592
w c:windowssystem32driversirbus.sys
2009-05-10 12:38 . 2008-04-13 20:13 9728
w c:windowssystem32comsdupd.exe
2009-05-10 12:38 . 2008-04-14 17:40 9728
w c:windowssystem32rwnh.dll
2009-05-10 12:38 . 2008-04-14 17:40 10752
w c:windowssystem32smtpapi.dll
2009-05-10 12:24 . 2009-05-10 12:38
d
w c:windowsServicePackFiles
2009-05-10 11:09 . 2009-05-11 07:10
dc—-w c:documents and settingsCore2DuoApplication DataGetRightToGo
2009-05-09 11:45 . 2009-02-03 19:58 56832
w c:windowssystem32dllcachesecur32.dll
2009-05-09 11:45 . 2009-03-21 14:09 995840
w c:windowssystem32dllcachekernel32.dll
2009-05-09 11:41 . 2008-06-12 14:23 956928
w c:windowssystem32dllcachemsdtctm.dll
2009-05-09 11:41 . 2008-06-12 14:23 66560
w c:windowssystem32dllcachemtxclu.dll
2009-05-09 11:41 . 2008-06-12 14:23 161792
w c:windowssystem32dllcachemsdtcuiu.dll
2009-05-09 11:41 . 2008-06-12 14:23 91648
w c:windowssystem32dllcachemtxoci.dll
2009-05-09 11:41 . 2008-06-12 14:23 58880
w c:windowssystem32dllcachemsdtclog.dll
2009-05-09 11:41 . 2008-10-24 11:21 455296
w c:windowssystem32dllcachemrxsmb.sys
2009-05-09 11:41 . 2008-12-11 10:57 333952
w c:windowssystem32dllcachesrv.sys
2009-05-09 11:41 . 2008-06-17 19:02 8478720
w c:windowssystem32dllcacheshell32.dll
2009-05-09 11:40 . 2009-02-09 14:07 1846912
w c:windowssystem32dllcachewin32k.sys
2009-05-09 11:39 . 2008-12-16 12:32 354304
w c:windowssystem32dllcachewinhttp.dll
2009-05-09 11:38 . 2008-10-15 16:37 337408
w c:windowssystem32dllcachenetapi32.dll
2009-05-09 11:38 . 2008-10-23 12:42 286720
w c:windowssystem32dllcachegdi32.dll
2009-05-09 11:31 . 2008-04-21 21:15 218624
w c:windowssystem32dllcachewordpad.exe
2009-05-09 10:14 . 2009-05-09 10:14
dc—-w c:documents and settingsCore2DuoApplication DataMalwarebytes
2009-05-09 10:14 . 2009-05-09 10:14
dc—-w c:documents and settingsAll UsersApplication DataMalwarebytes
2009-05-09 09:26 . 2009-05-09 09:26
d—h—w c:windowssystem32GroupPolicy
2009-05-07 06:54 . 2009-03-03 19:56 118784 —-a-w c:windowssystem32atibtmon.exe
2009-05-07 06:54 . 2009-03-16 20:04 11563008 —-a-w c:windowssystem32atioglxx.dll
2009-05-07 06:54 . 2009-03-16 19:40 49664 —-a-w c:windowssystem32atimpc32.dll
2009-05-07 06:54 . 2009-03-16 19:35 45056 —-a-w c:windowssystem32aticalrt.dll
2009-05-07 06:54 . 2009-03-16 19:33 3264512 —-a-w c:windowssystem32aticaldd.dll
2009-05-07 06:54 . 2009-03-16 19:34 45056 —-a-w c:windowssystem32aticalcl.dll
2009-05-07 06:54 . 2009-03-16 19:35 131072 —-a-w c:windowssystem32atiadlxx.dll
2009-05-07 06:54 . 2009-03-16 19:40 49664 —-a-w c:windowssystem32amdpcom32.dll
2009-05-06 19:26 . 2009-05-06 19:26
d
w c:program filesPunto Switcher
2009-05-03 07:58 . 2009-05-03 07:58
dc—-w c:documents and settingsAll UsersApplication DataPRMT
2009-04-30 13:52 . 2009-04-30 13:52
dc—-w c:documents and settingsCore2DuoApplication DataPRMT
2009-04-30 10:50 . 2009-05-03 08:02
d
w c:windowsspeech
2009-04-30 10:47 . 2009-05-15 15:06
d
w c:windowsLhsp
2009-04-30 10:43 . 2009-04-30 10:43
d
w c:program filesGSC World Publishing
2009-04-26 15:24 . 2009-04-26 15:24
dcsh—w c:documents and settingsCore2DuoIECompatCache
2009-04-26 15:23 . 2009-04-26 15:23
dcsh—w c:documents and settingsCore2DuoPrivacIE
2009-04-26 15:21 . 2009-04-26 15:21
dcsh—w c:documents and settingsCore2DuoIETldCache
2009-04-26 15:05 . 2009-04-26 15:06
d—h—w c:windowsmsdownld.tmp
2009-04-26 15:02 . 2009-04-26 15:05
dc-h—w c:windowsie8.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-19 12:20 . 2009-02-21 13:10
d
w c:program filesPokerStars.NET
2009-05-18 13:28 . 2008-03-23 19:01 77824 —-atw c:windowssystem32DRWEBSP.DLL
2009-05-15 11:39 . 2007-10-29 17:43
d
w c:program filesVideoLAN
2009-05-12 17:00 . 2007-10-29 15:43 25696 -c—a-w c:documents and settingsCore2DuoLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-05-10 16:21 . 2001-10-20 22:00 84550 —-a-w c:windowssystem32perfc019.dat
2009-05-10 16:21 . 2001-10-20 22:00 484154 —-a-w c:windowssystem32perfh019.dat
2009-05-07 07:01 . 2007-10-29 15:40
d
w c:program filesATI Technologies
2009-05-07 07:00 . 2007-11-09 19:54
d—h—w c:program filesInstallShield Installation Information
2009-04-28 16:08 . 2007-10-29 17:44
d
w c:program filesCommon FilesAdobe
2009-04-17 07:25 . 2007-10-29 12:42
d
w c:program filesCommon FilesInstallShield
2009-04-13 14:58 . 2009-04-13 14:58 223128 —-a-w c:windowssystem32driversdtscsi.sys
2009-03-30 12:35 . 2009-03-30 12:35
d
w c:program filesCaricature Studio Green 3.6
2009-03-17 17:05 . 2007-10-29 15:41 593920
w c:windowssystem32ati2sgag.exe
2009-03-16 21:33 . 2007-09-29 03:05 3597312 —-a-w c:windowssystem32driversati2mtag.sys
2009-03-16 20:27 . 2007-09-29 03:07 442368 —-a-w c:windowssystem32ATIDEMGX.dll
2009-03-16 20:26 . 2007-09-29 03:06 328704 —-a-w c:windowssystem32ati2dvag.dll
2009-03-16 20:17 . 2007-09-29 02:49 307200 —-a-w c:windowssystem32atiiiexx.dll
2009-03-16 20:17 . 2007-09-29 02:58 204800 —-a-w c:windowssystem32atipdlxx.dll
2009-03-16 20:16 . 2007-09-29 02:58 155648 —-a-w c:windowssystem32Oemdspif.dll
2009-03-16 20:16 . 2007-09-29 02:58 26112 —-a-w c:windowssystem32Ati2mdxx.exe
2009-03-16 20:16 . 2007-09-29 02:58 43520 —-a-w c:windowssystem32ati2edxx.dll
2009-03-16 20:16 . 2007-09-29 02:57 155648 —-a-w c:windowssystem32ati2evxx.dll
2009-03-16 20:15 . 2007-09-29 02:56 602112 —-a-w c:windowssystem32ati2evxx.exe
2009-03-16 20:13 . 2007-09-29 02:55 53248 —-a-w c:windowssystem32ATIDDC.DLL
2009-03-16 20:06 . 2007-09-29 02:47 3820736 —-a-w c:windowssystem32ati3duag.dll
2009-03-16 19:53 . 2007-09-29 02:36 2675328 —-a-w c:windowssystem32ativvaxx.dll
2009-03-16 19:53 . 2007-09-29 02:36 887724 —-a-w c:windowssystem32ativva6x.dat
2009-03-16 19:36 . 2007-09-29 02:22 475136 —-a-w c:windowssystem32atikvmag.dll
2009-03-16 19:35 . 2007-09-29 02:47 303104 —-a-w c:windowssystem32atiok3x2.dll
2009-03-16 19:34 . 2007-09-29 02:20 17408 —-a-w c:windowssystem32atitvo32.dll
2009-03-16 19:34 . 2007-09-29 02:19 53248 —-a-w c:windowssystem32driversati2erec.dll
2009-03-16 19:28 . 2007-09-29 02:14 630784 —-a-w c:windowssystem32ati2cqag.dll
2009-03-08 00:34 . 2004-08-17 12:04 914944 —-a-w c:windowssystem32wininet.dll
2009-03-08 00:34 . 2004-08-17 12:04 43008 —-a-w c:windowssystem32licmgr10.dll
2009-03-08 00:33 . 2004-08-17 12:04 18944 —-a-w c:windowssystem32corpol.dll
2009-03-08 00:33 . 2004-08-17 12:04 420352 —-a-w c:windowssystem32vbscript.dll
2009-03-08 00:32 . 2004-08-17 12:04 72704 —-a-w c:windowssystem32admparse.dll
2009-03-08 00:32 . 2004-08-17 12:04 71680 —-a-w c:windowssystem32iesetup.dll
2009-03-08 00:31 . 2004-08-17 12:04 34816 —-a-w c:windowssystem32imgutil.dll
2009-03-08 00:31 . 2004-08-17 12:02 48128 —-a-w c:windowssystem32mshtmler.dll
2009-03-08 00:31 . 2004-08-17 12:04 45568 —-a-w c:windowssystem32mshta.exe
2009-03-08 00:22 . 2001-10-20 22:00 156160 —-a-w c:windowssystem32msls31.dll
2009-03-06 14:23 . 2004-08-17 12:04 284672 —-a-w c:windowssystem32pdh.dll
2009-02-23 21:39 . 2007-08-14 21:11 184394 —-a-w c:windowssystem32atiicdxx.dat
.((((((((((((((((((((((((((((( SnapShot@2009-05-20_14.56.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-20 15:04 . 2009-05-20 15:04 16384 c:windowsTempPerflib_Perfdata_7e4.dat
+ 2009-05-20 15:04 . 2009-05-20 15:04 16384 c:windowsTempPerflib_Perfdata_5fc.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}»= «c:program filesWinamp Toolbarwinamptb.dll» [2008-03-19 1267040]
«{EEE6C35D-6118-11DC-9C72-001320C79847}»= «c:program filesSweetIMToolbarsInternet ExplorermgHelper.dll» [2008-10-08 173368][HKEY_CLASSES_ROOTclsid{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOTWINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOTTypeLib{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOTWINAMPTB.AOLTBSearch][HKEY_CLASSES_ROOTclsid{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOTSweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOTTypeLib{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOTSweetIM_URLSearchHook.ToolbarURLSearchHook][HKEY_LOCAL_MACHINE~Browser Helper Objects{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 09:22 1172792 —-a-w c:program filesSweetIMToolbarsInternet ExplorermgToolbarIE.dll[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{EEE6C35B-6118-11DC-9C72-001320C79847}»= «c:program filesSweetIMToolbarsInternet ExplorermgToolbarIE.dll» [2008-10-08 1172792][HKEY_CLASSES_ROOTclsid{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOTSWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOTTypeLib{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOTSWEETIE.SWEETIE][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«MSMSGS»=»c:program filesMessengermsmsgs.exe» [2008-04-14 1695232]
«Google Update»=»c:documents and settingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» [2008-09-03 133104]
«Punto Switcher»=»c:program filesPunto Switcherpunto.exe» [2008-10-16 735016]
«Tutor.exe»=»d:мои прогиAbbyyTutor.exe» [2007-04-04 992800][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«avast!»=»d:1f25~1(2)~1ashDisp.exe» [2009-02-05 81000]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2009-03-17 61440]
«SunJavaUpdateSched»=»c:program filesJavajre6binjusched.exe» [2009-05-10 148888][HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«FirewallOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«c:\Program Files\Winamp Remote\bin\Orb.exe»=
«c:\Program Files\Winamp Remote\bin\OrbTray.exe»=
«c:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe»=
«d:\Мои проги\Новая папка\StrongDC.exe»=
«d:\Мои проги\qip\QIP\qip.exe»=
«d:\аська\ICQ6.5\ICQ.exe»=R0 xfilt;VIA SATA IDE Hot-plug Driver;c:windowssystem32driversxfilt.sys [29.10.2007 16:43 11264]
R1 aswSP;avast! Self Protection;c:windowssystem32driversaswSP.sys [23.01.2009 1:52 114768]
R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [23.01.2009 1:52 20560]
S3 FXDrv32;FXDrv32;??e:fxdrv32.sys —> e:FXDrv32.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;??c:windowssystem32driversmbamswissarmy.sys —> c:windowssystem32driversmbamswissarmy.sys [?]
S4 ICQ Service;ICQ Service;c:program filesICQ6ToolbarICQ Service.exe [10.12.2008 19:13 222456]
.
Contents of the ‘Scheduled Tasks’ folder2009-05-20 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-1343024091-1284227242-839522115-1003.job
— c:documents and settingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2008-09-03 06:38]2009-05-20 c:windowsTasksUser_Feed_Synchronization-{B01EBC67-098F-41CF-933B-C1549F5E4BF9}.job
— c:windowssystem32msfeedssync.exe [2007-08-13 00:31]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.yandex.ru/?clid=40316
uInternet Connection Wizard,ShellNext = iexplore
IE: &Winamp Search — c:documents and settingsAll UsersApplication DataWinamp ToolbarieToolbarresourcesen-USlocalsearch.html
IE: &Перевести с помощью ABBYY Lingvo… — d:мои прогиAbbyyLingvo.exe/3000
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office10EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master — d:мои прогиdownloadDownload Masterdmieall.htm
IE: Закачать при помощи Download Master — d:мои прогиdownloadDownload Masterdmie.htm
IE: Найти с помощью Рамблера — c:program filesRambler AssistantramblertoolbarU0.dll/search.htm
IE: Перевести с помощью словарей Рамблера — c:program filesRambler AssistantramblertoolbarU0.dll/dic.htm
IE: Поиск@Mail.Ru — c:progra~1Mail.RuSputnikMAILRU~1.DLL/SEARCH.HTM
IE: Словари@Mail.Ru — c:progra~1Mail.RuSputnikMAILRU~1.DLL/TRANSLATE.HTM
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — d:мои прогиdownloadDownload Masterdmaster.exe
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} — c:program filesPokerStars.NETPokerStarsUpdate.exe
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-20 19:04
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(724)
c:windowssystem32Ati2evxx.dll— — — — — — — > ‘explorer.exe'(840)
c:windowssystem32ieframe.dll
c:windowssystem32msls31.dll
c:program filesPunto Switcherpshook.dll
c:windowssystem32webcheck.dll
c:windowssystem32WPDShServiceObj.dll
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
.
Other Running Processes
.
c:windowssystem32ati2evxx.exe
c:windowssystem32ati2evxx.exe
d:d:c:windowssystem32CF19129.exe
d:c:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe
c:program filesJavajre6binjqs.exe
c:program filesATI TechnologiesATI.ACECore-StaticCCC.exe
c:windowssystem32wbemwmiapsrv.exe
c:windowssystem32wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-05-20 19:06 — machine was rebooted
ComboFix-quarantined-files.txt 2009-05-20 15:06
ComboFix2.txt 2009-05-20 14:57
ComboFix3.txt 2009-05-17 21:18Pre-Run: 1 953 280 000 байт свободно
Post-Run: 1 924 034 560 байт свободно294 — E O F — 2009-05-10 21:39
zComboFix 09-05-17.03 — Core2Duo 18.05.2009 1:16.3 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.1022.526 [GMT 4:00]
Running from: D:ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090516-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Created a new restore pointWARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:windowssystem32mfc70.dll
.
((((((((((((((((((((((((( Files Created from 2009-04-17 to 2009-05-17 )))))))))))))))))))))))))))))))
.2009-12-23 12:08 . 2009-12-23 12:08 8271 —-a-w c:windows6a135tzal559.bin
2009-12-22 03:51 . 2009-12-22 03:51 4776 —-a-w c:windowssystem3226645not-azvir9s3e8.bin
2009-12-09 17:56 . 2009-12-09 17:56 4324 —-a-w c:windows41c05hr9at2z933.bin
2009-12-03 22:55 . 2009-12-03 22:55 17624 —-a-w c:windows9660s5yzb3.bin
2009-11-24 16:29 . 2009-11-24 16:29 5525 —-a-w c:windowssystem3234azs5ars92628.bin
2009-11-21 08:40 . 2009-11-21 08:40 16491 —-a-w c:windows7f9cba5kdooz2609.exe
2009-11-15 10:50 . 2009-11-15 10:50 16986 —-a-w c:windows50ceaddwarz595.bin
2009-11-11 17:21 . 2009-11-11 17:21 16903 —-a-w c:windowssystem327d9at5reat2z184.bin
2009-11-02 12:37 . 2009-11-02 12:37 5002 —-a-w c:windows9f9as5arse299z.bin
2009-10-23 20:04 . 2009-10-23 20:04 5585 —-a-w c:windowssystem3215e6tzreat9276.bin
2009-10-22 15:59 . 2009-10-22 15:59 4632 —-a-w c:windowssystem3298259pamb5tz73.bin
2009-10-07 21:51 . 2009-10-07 21:51 11464 —-a-w c:windowssystem3229522spzfe.bin
2009-10-02 02:30 . 2009-10-02 02:30 17035 —-a-w c:windows6992zpyware5257.bin
2009-09-26 04:04 . 2009-09-26 04:04 2892 —-a-w c:windows4fd9spyz95e325.bin
2009-08-25 14:49 . 2009-08-25 14:49 3115 —-a-w c:windows1d9dvir15z.bin
2009-08-21 03:08 . 2009-08-21 03:08 18089 —-a-w c:windowssystem32z85599acktool85.bin
2009-08-18 17:10 . 2009-08-18 17:10 15312 —-a-w c:windows2c8aszar9e225.bin
2009-08-14 04:59 . 2009-08-14 04:59 9088 —-a-w c:windows3z5ddownloader1795.bin
2009-08-09 14:20 . 2009-08-09 14:20 10405 —-a-w c:windows79a7downloader1959z.bin
2009-08-06 15:24 . 2009-08-06 15:24 15253 —-a-w c:windows3b4bspar5z2964.bin
2009-08-05 01:25 . 2009-08-05 01:25 11558 —-a-w c:windowssystem32z1183w9rm435.bin
2009-08-04 08:06 . 2009-08-04 08:06 7217 —-a-w c:windows5569t5izf2626.bin
2009-07-27 23:36 . 2009-07-27 23:36 7248 —-a-w c:windows12005w9rm65z.bin
2009-07-01 21:42 . 2009-07-01 21:42 11920 —-a-w c:windowssystem328505vi9uz7ae.bin
2009-06-25 00:10 . 2009-06-25 00:10 9547 —-a-w c:windowssystem3212956spy5daz.bin
2009-06-08 19:27 . 2009-06-08 19:27 8105 —-a-w c:windows7054thr9at1z229.bin
2009-06-08 09:12 . 2009-06-08 09:12 9825 —-a-w c:windowssystem32795atzief3098.bin
2009-06-02 21:17 . 2009-06-02 21:17 11313 —-a-w c:windows2d695pyware9028z.bin
2009-05-25 11:13 . 2009-05-25 11:13 12775 —-a-w c:windows43035d9ware23z0.bin
2009-05-22 16:18 . 2009-05-22 16:18 3055 —-a-w c:windowssystem3227095n5t-a-9irusz75.bin
2009-05-20 01:39 . 2009-05-20 01:39 4859 —-a-w c:windows119959orz795.bin
2009-05-18 02:27 . 2009-05-18 02:27 3807 —-a-w c:windowssystem32977159oj608z.bin
2009-05-15 08:44 . 2009-05-15 08:44
dc—-w c:documents and settingsAll UsersApplication DataPROject MT
2009-05-15 07:48 . 2009-05-15 07:52
d
w c:program filesABBYY FineReader 8.0 Professional Edition
2009-05-14 18:17 . 2009-05-14 18:17
dc—-w c:documents and settingsCore2DuoApplication DataABBYY
2009-05-13 10:27 . 2009-05-13 10:27
dcsh—w c:documents and settingsCore2DuoUserData
2009-05-12 18:13 . 2009-05-12 18:13 16067 —-a-w c:windows99758szambo560b.bin
2009-05-11 20:57 . 2009-05-11 20:57
d
w c:windowsSun
2009-05-11 09:42 . 2009-05-11 09:42
d-sh—w c:documents and settingsLocalServiceIETldCache
2009-05-11 09:41 . 2009-05-17 21:12
d
w c:program filesDrWeb AV-Desk
2009-05-10 19:09 . 2009-05-10 19:09 410984 —-a-w c:windowssystem32deploytk.dll
2009-05-10 19:09 . 2009-05-10 19:09
d
w c:program filesJava
2009-05-10 16:59 . 2008-05-09 10:56 180224
w c:windowssystem32dllcachescrobj.dll
2009-05-10 16:59 . 2008-05-09 10:56 172032
w c:windowssystem32dllcachescrrun.dll
2009-05-10 16:59 . 2008-05-09 10:56 90112
w c:windowssystem32dllcachewshext.dll
2009-05-10 16:59 . 2008-05-09 08:45 135168
w c:windowssystem32dllcachecscript.exe
2009-05-10 16:59 . 2008-05-08 11:24 155648
w c:windowssystem32dllcachewscript.exe
2009-05-10 16:31 . 2009-05-12 17:04
d
w c:program filestrend micro
2009-05-10 12:38 . 2008-04-14 17:17 86016
w c:windowssystem32dllcachemsxml6r.dll
2009-05-10 12:38 . 2008-09-10 01:15 1307648
w c:windowssystem32dllcachemsxml6.dll
2009-05-10 12:38 . 2008-04-14 17:39 102912
w c:windowssystem32dllcachedpcdll.dll
2009-05-10 12:38 . 2008-04-13 20:15 46592
w c:windowssystem32driversirbus.sys
2009-05-10 12:38 . 2008-04-13 20:13 9728
w c:windowssystem32comsdupd.exe
2009-05-10 12:38 . 2008-04-14 17:40 9728
w c:windowssystem32rwnh.dll
2009-05-10 12:38 . 2008-04-14 17:40 10752
w c:windowssystem32smtpapi.dll
2009-05-10 12:24 . 2009-05-10 12:38
d
w c:windowsServicePackFiles
2009-05-10 11:09 . 2009-05-11 07:10
dc—-w c:documents and settingsCore2DuoApplication DataGetRightToGo
2009-05-09 11:45 . 2009-02-03 19:58 56832
w c:windowssystem32dllcachesecur32.dll
2009-05-09 11:45 . 2009-03-21 14:09 995840
w c:windowssystem32dllcachekernel32.dll
2009-05-09 11:41 . 2008-06-12 14:23 956928
w c:windowssystem32dllcachemsdtctm.dll
2009-05-09 11:41 . 2008-06-12 14:23 66560
w c:windowssystem32dllcachemtxclu.dll
2009-05-09 11:41 . 2008-06-12 14:23 161792
w c:windowssystem32dllcachemsdtcuiu.dll
2009-05-09 11:41 . 2008-06-12 14:23 91648
w c:windowssystem32dllcachemtxoci.dll
2009-05-09 11:41 . 2008-06-12 14:23 58880
w c:windowssystem32dllcachemsdtclog.dll
2009-05-09 11:41 . 2008-10-24 11:21 455296
w c:windowssystem32dllcachemrxsmb.sys
2009-05-09 11:41 . 2008-12-11 10:57 333952
w c:windowssystem32dllcachesrv.sys
2009-05-09 11:41 . 2008-06-17 19:02 8478720
w c:windowssystem32dllcacheshell32.dll
2009-05-09 11:40 . 2009-02-09 14:07 1846912
w c:windowssystem32dllcachewin32k.sys
2009-05-09 11:39 . 2008-12-16 12:32 354304
w c:windowssystem32dllcachewinhttp.dll
2009-05-09 11:38 . 2008-10-15 16:37 337408
w c:windowssystem32dllcachenetapi32.dll
2009-05-09 11:38 . 2008-10-23 12:42 286720
w c:windowssystem32dllcachegdi32.dll
2009-05-09 11:31 . 2008-04-21 21:15 218624
w c:windowssystem32dllcachewordpad.exe
2009-05-09 10:14 . 2009-05-09 10:14
dc—-w c:documents and settingsCore2DuoApplication DataMalwarebytes
2009-05-09 10:14 . 2009-05-09 10:14
dc—-w c:documents and settingsAll UsersApplication DataMalwarebytes
2009-05-09 09:26 . 2009-05-09 09:26
d—h—w c:windowssystem32GroupPolicy
2009-05-09 07:10 . 2009-05-09 07:10 16421 —-a-w c:windows4bedownz9ader3256.bin
2009-05-09 07:10 . 2009-05-09 07:10 6923 —-a-w c:windows19294n59-azvirus31d.bin
2009-05-09 07:10 . 2009-05-09 07:10 14963 —-a-w c:windows9z750worm731.bin
2009-05-07 14:07 . 2009-05-07 14:07 11346 —-a-w c:windows55899spzmbot37c.bin
2009-05-07 06:54 . 2009-03-03 19:56 118784 —-a-w c:windowssystem32atibtmon.exe
2009-05-07 06:54 . 2009-03-16 20:04 11563008 —-a-w c:windowssystem32atioglxx.dll
2009-05-07 06:54 . 2009-03-16 19:40 49664 —-a-w c:windowssystem32atimpc32.dll
2009-05-07 06:54 . 2009-03-16 19:35 45056 —-a-w c:windowssystem32aticalrt.dll
2009-05-07 06:54 . 2009-03-16 19:33 3264512 —-a-w c:windowssystem32aticaldd.dll
2009-05-07 06:54 . 2009-03-16 19:34 45056 —-a-w c:windowssystem32aticalcl.dll
2009-05-07 06:54 . 2009-03-16 19:35 131072 —-a-w c:windowssystem32atiadlxx.dll
2009-05-07 06:54 . 2009-03-16 19:40 49664 —-a-w c:windowssystem32amdpcom32.dll
2009-05-06 19:26 . 2009-05-06 19:26
d
w c:program filesPunto Switcher
2009-05-06 02:48 . 2009-05-06 02:48 7365 —-a-w c:windows15929tzoj952.bin
2009-05-04 18:59 . 2009-05-04 18:59 16937 —-a-w c:windowssystem323393thiez2975.bin
2009-05-04 06:46 . 2009-05-04 06:46 10183 —-a-w c:windows7510tzoj794.bin
2009-05-03 07:58 . 2009-05-03 07:58
dc—-w c:documents and settingsAll UsersApplication DataPRMT
2009-04-30 13:52 . 2009-04-30 13:52
dc—-w c:documents and settingsCore2DuoApplication DataPRMT
2009-04-30 10:50 . 2009-05-03 08:02
d
w c:windowsspeech
2009-04-30 10:47 . 2009-05-15 15:06
d
w c:windowsLhsp
2009-04-30 10:43 . 2009-04-30 10:43
d
w c:program filesGSC World Publishing
2009-04-27 18:33 . 2009-04-27 18:33 15596 —-a-w c:windowssystem3229576zi9us12.dll
2009-04-26 15:24 . 2009-04-26 15:24
dcsh—w c:documents and settingsCore2DuoIECompatCache
2009-04-26 15:23 . 2009-04-26 15:23
dcsh—w c:documents and settingsCore2DuoPrivacIE
2009-04-26 15:21 . 2009-04-26 15:21
dcsh—w c:documents and settingsCore2DuoIETldCache
2009-04-26 15:05 . 2009-04-26 15:06
d—h—w c:windowsmsdownld.tmp
2009-04-26 15:02 . 2009-04-26 15:05
dc-h—w c:windowsie8
2009-04-24 17:26 . 2009-04-24 17:26 18213 —-a-w c:windows22dcvi954z.bin
2009-04-18 09:10 . 2009-04-18 09:10 4763 —-a-w c:windows6021s59al721z.bin.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-17 20:04 . 2009-02-21 13:10
d
w c:program filesPokerStars.NET
2009-05-15 11:39 . 2007-10-29 17:43
d
w c:program filesVideoLAN
2009-05-12 17:00 . 2007-10-29 15:43 25696 -c—a-w c:documents and settingsCore2DuoLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-05-11 09:42 . 2008-03-23 19:01 77824 —-atw c:windowssystem32DRWEBSP.DLL
2009-05-10 16:21 . 2001-10-20 22:00 84550 —-a-w c:windowssystem32perfc019.dat
2009-05-10 16:21 . 2001-10-20 22:00 484154 —-a-w c:windowssystem32perfh019.dat
2009-05-07 07:01 . 2007-10-29 15:40
d
w c:program filesATI Technologies
2009-05-07 07:00 . 2007-11-09 19:54
d—h—w c:program filesInstallShield Installation Information
2009-04-28 16:08 . 2007-10-29 17:44
d
w c:program filesCommon FilesAdobe
2009-04-17 07:25 . 2007-10-29 12:42
d
w c:program filesCommon FilesInstallShield
2009-04-16 07:36 . 2009-04-16 07:36 8032 —-a-w c:windowssystem3227690not-a-vi5uszb9.bin
2009-04-13 14:58 . 2009-04-13 14:58 223128 —-a-w c:windowssystem32driversdtscsi.sys
2009-04-10 06:54 . 2009-04-10 06:54 6184 —-a-w c:windowssystem3220576not-a-v9rzs33a.exe
2009-04-08 14:17 . 2009-04-08 14:17 7252 —-a-w c:windows11919trzj195.bin
2009-04-06 17:52 . 2009-04-06 17:52 7663 —-a-w c:windowssystem3223867not-a-5irusz59.exe
2009-04-04 18:30 . 2009-04-04 18:30 8493 —-a-w c:windowssystem325735sz5mbot391.exe
2009-04-02 04:45 . 2009-04-02 04:45 15039 —-a-w c:windows3255559azbot6df.dll
2009-04-01 08:56 . 2009-04-01 08:56 11417 —-a-w c:windows688aspy9are1511z.dll
2009-04-01 03:02 . 2009-04-01 03:02 16347 —-a-w c:windowssystem32916zs5ya9.exe
2009-03-30 12:35 . 2009-03-30 12:35
d
w c:program filesCaricature Studio Green 3.6
2009-03-26 12:01 . 2009-03-26 12:01 3621 —-a-w c:windowssystem3214z99not-9-virus485.bin
2009-03-23 09:48 . 2009-03-23 09:48 15340 —-a-w c:windowssystem3225845zp59bot57d.dll
2009-03-23 05:45 . 2009-03-23 05:45 13808 —-a-w c:windowssystem3251fzthre5t210289.bin
2009-03-22 20:39 . 2009-03-22 20:39 17800 —-a-w c:windowssystem322640zt59jd5.dll
2009-03-22 03:03 . 2009-03-22 03:03 15045 —-a-w c:windows1c9fspzrse335.bin
2009-03-20 19:28 . 2009-03-20 19:28 17124 —-a-w c:windows5b1dth5z9t18943.bin
2009-03-17 17:05 . 2007-10-29 15:41 593920
w c:windowssystem32ati2sgag.exe
2009-03-16 21:33 . 2007-09-29 03:05 3597312 —-a-w c:windowssystem32driversati2mtag.sys
2009-03-16 20:27 . 2007-09-29 03:07 442368 —-a-w c:windowssystem32ATIDEMGX.dll
2009-03-16 20:26 . 2007-09-29 03:06 328704 —-a-w c:windowssystem32ati2dvag.dll
2009-03-16 20:17 . 2007-09-29 02:49 307200 —-a-w c:windowssystem32atiiiexx.dll
2009-03-16 20:17 . 2007-09-29 02:58 204800 —-a-w c:windowssystem32atipdlxx.dll
2009-03-16 20:16 . 2007-09-29 02:58 155648 —-a-w c:windowssystem32Oemdspif.dll
2009-03-16 20:16 . 2007-09-29 02:58 26112 —-a-w c:windowssystem32Ati2mdxx.exe
2009-03-16 20:16 . 2007-09-29 02:58 43520 —-a-w c:windowssystem32ati2edxx.dll
2009-03-16 20:16 . 2007-09-29 02:57 155648 —-a-w c:windowssystem32ati2evxx.dll
2009-03-16 20:15 . 2007-09-29 02:56 602112 —-a-w c:windowssystem32ati2evxx.exe
2009-03-16 20:13 . 2007-09-29 02:55 53248 —-a-w c:windowssystem32ATIDDC.DLL
2009-03-16 20:06 . 2007-09-29 02:47 3820736 —-a-w c:windowssystem32ati3duag.dll
2009-03-16 19:53 . 2007-09-29 02:36 2675328 —-a-w c:windowssystem32ativvaxx.dll
2009-03-16 19:53 . 2007-09-29 02:36 887724 —-a-w c:windowssystem32ativva6x.dat
2009-03-16 19:36 . 2007-09-29 02:22 475136 —-a-w c:windowssystem32atikvmag.dll
2009-03-16 19:35 . 2007-09-29 02:47 303104 —-a-w c:windowssystem32atiok3x2.dll
2009-03-16 19:34 . 2007-09-29 02:20 17408 —-a-w c:windowssystem32atitvo32.dll
2009-03-16 19:34 . 2007-09-29 02:19 53248 —-a-w c:windowssystem32driversati2erec.dll
2009-03-16 19:28 . 2007-09-29 02:14 630784 —-a-w c:windowssystem32ati2cqag.dll
2009-03-16 08:35 . 2009-03-16 08:35 11771 —-a-w c:windowssystem323445szambot9ca.bin
2009-03-13 19:48 . 2009-03-13 19:48 6042 —-a-w c:windows2010znot-a-viru9656.bin
2009-03-13 05:38 . 2009-03-13 05:38 4021 —-a-w c:windowssystem32979csteal23z55.bin
2009-03-13 00:30 . 2009-03-13 00:30 13663 —-a-w c:windowsz6924not5a-9irus4a4.dll
2009-03-08 00:34 . 2004-08-17 12:04 914944 —-a-w c:windowssystem32wininet.dll
2009-03-08 00:34 . 2004-08-17 12:04 43008 —-a-w c:windowssystem32licmgr10.dll
2009-03-08 00:33 . 2004-08-17 12:04 18944 —-a-w c:windowssystem32corpol.dll
2009-03-08 00:33 . 2004-08-17 12:04 420352 —-a-w c:windowssystem32vbscript.dll
2009-03-08 00:32 . 2004-08-17 12:04 72704 —-a-w c:windowssystem32admparse.dll
2009-03-08 00:32 . 2004-08-17 12:04 71680 —-a-w c:windowssystem32iesetup.dll
2009-03-08 00:31 . 2004-08-17 12:04 34816 —-a-w c:windowssystem32imgutil.dll
2009-03-08 00:31 . 2004-08-17 12:02 48128 —-a-w c:windowssystem32mshtmler.dll
2009-03-08 00:31 . 2004-08-17 12:04 45568 —-a-w c:windowssystem32mshta.exe
2009-03-08 00:22 . 2001-10-20 22:00 156160 —-a-w c:windowssystem32msls31.dll
2009-03-07 20:44 . 2009-03-07 20:44 13038 —-a-w c:windowssystem329905sp5zbot295.dll
2009-03-07 15:25 . 2009-03-07 15:25 8060 —-a-w c:windowsze03spa95e877.dll
2009-03-06 14:23 . 2004-08-17 12:04 284672 —-a-w c:windowssystem32pdh.dll
2009-03-05 06:39 . 2009-03-05 06:39 11586 —-a-w c:windows229zwor56f3.bin
2009-03-01 15:00 . 2009-03-01 15:00 16156 —-a-w c:windows57daspazse139.bin
2009-03-01 02:06 . 2009-03-01 02:06 11520 —-a-w c:windows1586zt9oj6bd.bin
2009-02-27 19:27 . 2009-02-27 19:27 8180 —-a-w c:windowssystem3215375hac9tool78cz.exe
2009-02-25 16:33 . 2009-02-25 16:33 10172 —-a-w c:windowssystem3225750s9y2d1z.dll
2009-02-23 21:39 . 2007-08-14 21:11 184394 —-a-w c:windowssystem32atiicdxx.dat
2009-02-22 03:16 . 2009-02-22 03:16 15266 —-a-w c:windowssystem32253bbacz9oor3111.bin
2009-02-21 04:27 . 2009-02-21 04:27 7620 —-a-w c:windows26752spz9bot95.exe
2009-02-18 17:55 . 2007-07-20 02:19 294912 —-a-w c:windowssystem32ATIODE.exe
2009-02-17 08:05 . 2009-02-17 08:05 8372 —-a-w c:windows2385159zus647.bin
.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}»= «c:program filesWinamp Toolbarwinamptb.dll» [2008-03-19 1267040]
«{EEE6C35D-6118-11DC-9C72-001320C79847}»= «c:program filesSweetIMToolbarsInternet ExplorermgHelper.dll» [2008-10-08 173368][HKEY_CLASSES_ROOTclsid{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOTWINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOTTypeLib{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOTWINAMPTB.AOLTBSearch][HKEY_CLASSES_ROOTclsid{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOTSweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOTTypeLib{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOTSweetIM_URLSearchHook.ToolbarURLSearchHook][HKEY_LOCAL_MACHINE~Browser Helper Objects{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 09:22 1172792 —-a-w c:program filesSweetIMToolbarsInternet ExplorermgToolbarIE.dll[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{EEE6C35B-6118-11DC-9C72-001320C79847}»= «c:program filesSweetIMToolbarsInternet ExplorermgToolbarIE.dll» [2008-10-08 1172792][HKEY_CLASSES_ROOTclsid{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOTSWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOTTypeLib{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOTSWEETIE.SWEETIE][HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«MSMSGS»=»c:program filesMessengermsmsgs.exe» [2008-04-14 1695232]
«Google Update»=»c:documents and settingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» [2008-09-03 133104]
«Punto Switcher»=»c:program filesPunto Switcherpunto.exe» [2008-10-16 735016]
«setup2.exe»=»c:windowssystem32setup2.exe» [2009-05-09 1097216]
«Tutor.exe»=»d:мои прогиAbbyyTutor.exe» [2007-04-04 992800][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«avast!»=»d:1f25~1(2)~1ashDisp.exe» [2009-02-05 81000]
«StartCCC»=»c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe» [2009-03-17 61440]
«SunJavaUpdateSched»=»c:program filesJavajre6binjusched.exe» [2009-05-10 148888]
«SpIDerMail»=»c:program filesDrWeb AV-Deskspiderml.exe» [2009-05-11 501080][HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«FirewallOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«c:\Program Files\Winamp Remote\bin\Orb.exe»=
«c:\Program Files\Winamp Remote\bin\OrbTray.exe»=
«c:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe»=
«d:\Мои проги\Новая папка\StrongDC.exe»=
«d:\Мои проги\qip\QIP\qip.exe»=
«d:\аська\ICQ6.5\ICQ.exe»=R0 xfilt;VIA SATA IDE Hot-plug Driver;c:windowssystem32driversxfilt.sys [29.10.2007 16:43 11264]
R1 aswSP;avast! Self Protection;c:windowssystem32driversaswSP.sys [23.01.2009 1:52 114768]
R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [23.01.2009 1:52 20560]
S0 Windq36;Windq36;c:windowssystem32DriversWindq36.sys —> c:windowssystem32DriversWindq36.sys [?]
S0 Winok82;Winok82;c:windowssystem32DriversWinok82.sys —> c:windowssystem32DriversWinok82.sys [?]
S0 Winqh23;Winqh23;c:windowssystem32DriversWinqh23.sys —> c:windowssystem32DriversWinqh23.sys [?]
S0 Winvb58;Winvb58;c:windowssystem32DriversWinvb58.sys —> c:windowssystem32DriversWinvb58.sys [?]
S0 Winvx78;Winvx78;c:windowssystem32DriversWinvx78.sys —> c:windowssystem32DriversWinvx78.sys [?]
S3 FXDrv32;FXDrv32;??e:fxdrv32.sys —> e:FXDrv32.sys [?]
S3 MaxAntiSpyFilter;10.09.20089:50;??d:мои прогиDr.WebMaxAntiSpySSS.sys —> d:мои прогиDr.WebMaxAntiSpySSS.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;??c:windowssystem32driversmbamswissarmy.sys —> c:windowssystem32driversmbamswissarmy.sys [?]
S4 ICQ Service;ICQ Service;c:program filesICQ6ToolbarICQ Service.exe [10.12.2008 19:13 222456]
.
Contents of the ‘Scheduled Tasks’ folder2009-05-17 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-1343024091-1284227242-839522115-1003.job
— c:documents and settingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2008-09-03 06:38]2009-05-17 c:windowsTasksUser_Feed_Synchronization-{B01EBC67-098F-41CF-933B-C1549F5E4BF9}.job
— c:windowssystem32msfeedssync.exe [2007-08-13 00:31]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.yandex.ru/?clid=40316
uInternet Connection Wizard,ShellNext = iexplore
IE: &Winamp Search — c:documents and settingsAll UsersApplication DataWinamp ToolbarieToolbarresourcesen-USlocalsearch.html
IE: &Перевести с помощью ABBYY Lingvo… — d:мои прогиAbbyyLingvo.exe/3000
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office10EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master — d:мои прогиdownloadDownload Masterdmieall.htm
IE: Закачать при помощи Download Master — d:мои прогиdownloadDownload Masterdmie.htm
IE: Найти с помощью Рамблера — c:program filesRambler AssistantramblertoolbarU0.dll/search.htm
IE: Перевести с помощью словарей Рамблера — c:program filesRambler AssistantramblertoolbarU0.dll/dic.htm
IE: Поиск@Mail.Ru — c:progra~1Mail.RuSputnikMAILRU~1.DLL/SEARCH.HTM
IE: Словари@Mail.Ru — c:progra~1Mail.RuSputnikMAILRU~1.DLL/TRANSLATE.HTM
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — d:мои прогиdownloadDownload Masterdmaster.exe
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} — c:program filesPokerStars.NETPokerStarsUpdate.exe
LSP: c:windowssystem32DRWEBSP.DLL
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-18 01:17
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(724)
c:windowssystem32Ati2evxx.dll— — — — — — — > ‘lsass.exe'(780)
c:windowssystem32DRWEBSP.DLL
.
Completion time: 2009-05-17 1:18
ComboFix-quarantined-files.txt 2009-05-17 21:18Pre-Run: 1 404 510 208 байт свободно
Post-Run: 1 420 529 664 байт свободно301 — E O F — 2009-05-10 21:39
info.txt logfile of random’s system information tool 1.06 2009-05-11 01:53:35
======Uninstall list======
##CAMERADRIVERNAME##—>»C:Program FilesCommon FilesLogitechQCDRVBINSETUP.EXE» UNINSTALL REMOVEPROMPT
—>MsiExec /X{27DC856A-0916-4988-8198-8714DDD3183D}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ABBYY Lingvo 12 First Step Spanish Edition—>MsiExec.exe /I{A120000F-0005-0000-0000-074957833700}
ABBYY Lingvo 12 Multilingual Edition—>MsiExec.exe /I{A1200000-0004-0000-0000-074957833700}
ACE Mega CoDecS Pack—>»C:Program FilesACE Mega CoDecS Packunins000.exe»
Adobe Acrobat 5.0—>C:WINDOWSISUNINST.EXE -f»C:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.isu» -c»C:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.dll»
Adobe Anchor Service CS3—>MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3—>MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3—>MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting—>MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0—>MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps—>MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color — Photoshop Specific—>MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings—>MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings—>MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings—>MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings—>MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3—>MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3—>MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2—>MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Fonts All—>MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3—>MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3—>MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files—>MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3—>C:Program FilesCommon FilesAdobeInstallers719d6f144d0c086a0dfa7ff76bb9ac1Setup.exe
Adobe Photoshop CS3—>MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Reader 9.1 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A91000000001}
Adobe Setup—>MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Shockwave Player 11—>C:WINDOWSsystem32adobeSHOCKW~1UNWISE.EXE C:WINDOWSsystem32AdobeSHOCKW~1Install.log
Adobe Stock Photos CS3—>MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support—>MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3—>MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client—>MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin—>MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3—>MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AGEIA PhysX v7.05.17—>MsiExec.exe /X{27DC856A-0916-4988-8198-8714DDD3183D}
ATI — Software Uninstall Utility—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}setup.exe» -l0x1000
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus—>D:Мои прогиНовая папка (2)aswRunDll.exe «D:Мои прогиНовая папка (2)Setupsetiface.dll»,RunSetup
Caricature Studio Green 3.6—>MsiExec.exe /I{AC5019DA-5DC2-44E6-808A-1A68F3CCA79D}
Catalyst Control Center — Branding—>MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)—>»D:Мои прогиУборщикCCleaneruninst.exe»
DiRT—>D:GamesDiRTunwise.exe
DiRT—>D:GamesDiRTUNWISE.EXE D:GamesDiRTINSTALL.LOG
DivX Pro Codec—>C:WINDOWSunvise32.exe C:Program FilesDivXDivX Pro Bundle.log
Download Master version 5.5.7.1145—>»D:Мои прогиdownloadDownload Masterunins000.exe»
Dr.Web (R)AV-Desk Agent—>»C:Program FilesDrWeb AV-Deskdrwinst.exe» -uninstall -interactive
Driver — Parallel Lines—>D:GamesDriverPLUNWISE.EXE D:GamesDriverPLINSTALL.LOG
Driver: Parallel Lines—>D:GamesDriverPLunwise.exe
eMusic — 50 Free MP3 offer—>»D:КлипыWinampeMusicUninst-eMusic-promotion.exe»
FIFA08—>C:Program FilesInstallShield Installation Information{F7399AF3-822B-4D80-92C8-D88B22A76A52}setup.exe -runfromtemp -l0x0419
FLV Player 2.0, build 24—>D:Мои прогиНовая папка (3)FLV Playeruninst.exe
Free Games Offer, Desktop Shortcut—>MsiExec.exe /X{31DABA20-10A1-4746-9D9F-57955B8DFF66}
GTA San Andreas—>D:GamesGTA_SA~1UNWISE.EXE D:GamesGTA_SA~1INSTALL.LOG
Halflife2 Episode 1—>D:GamesHL2EP1UNWISE.EXE D:GamesHL2EP1INSTALL.LOG
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)—>»C:WINDOWS$NtUninstallKB929399$spuninstspuninst.exe»
HP Customer Participation Program 7.0—>D:Digital ImagingExtCapUninstallhpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0—>D:Digital ImagingDocumentViewerhpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0—>D:Digital ImagingDeviceManagementhpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0 Software (rus)—>D:Digital Imaging{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}setuphpzscr01.exe -datfile hphscr12.dat -showdisconnect -forcereboot
HP Photosmart Premier Software 6.5—>D:Digital Imaginguninstallhpzscr01.exe -datfile hpqscr01.dat
HP Scanjet G3010 7.0—>D:Digital Imaging{F64D55C1-734C-4249-886E-4C41A9889A36}setuphpzscr01.exe -datfile hpgscr15.dat
HP Software Update—>MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0—>D:Digital ImagingeSupporthpzscr01.exe -datfile hpqbud05.dat
ICQ Toolbar—>C:Program FilesICQ6ToolbarICQUnToolbar.exe
ICQ6.5—>»C:Program FilesInstallShield Installation Information{60DE4033-9503-48D1-A483-7846BD217CA9}setup.exe» -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 13—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
L&H TTS3000 Deutsch—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSGED.inf, Uninstall
L&H TTS3000 Espaсol—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSSPE.inf, Uninstall
L&H TTS3000 Franзais—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSFRF.inf, Uninstall
L&H TTS3000 Italiano—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSITI.inf, Uninstall
L&H TTS3000 Russian—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSRUR.inf, Uninstall
Labtec WebCam Software—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime90Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{C43048A9-742C-4DAD-90D2-E3B53C9DB825}setup.exe» -l0x9
Lernout & Hauspie TruVoice American English TTS Engine—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFtv_enua.inf, Uninstall
MAGIX mp3 maker 2004 diamond—>C:MAGIXmp3maker_2004_diamondunwise.exe
Mail.Ru Спутник 2.0—>C:Program FilesMail.RuSputnikSputnikInstaller.exe -uninstall
Microsoft .NET Framework 1.1 Hotfix (KB928366)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WINDOWSMicrosoft.NETFrameworkv1.1.4322UpdatesM928366M928366Uninstall.msp»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1—>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1—>MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5—>C:WINDOWSMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5setup.exe
Microsoft .NET Framework 3.5—>MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Compression Client Pack 1.0 for Windows XP—>»C:WINDOWS$NtUninstallMSCompPackV1$spuninstspuninst.exe»
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft Media Producer Runtime 1.0—>RunDll32 advpack.dll,LaunchINFSection C:Program FilesCommon FilesMicrosoft SharedMedia Producer RuntimeSetupRT.inf, UnInstall
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office XP (профессиональный выпуск)—>MsiExec.exe /I{91110419-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight—>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0—>»C:WINDOWS$NtUninstallWudf01000$spuninstspuninst.exe»
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual Studio 2005 Tools for Office Runtime—>MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)—>MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Need For Speed Hot Pursuit 2—>D:Мои прогиNSPEEDEAUninstall.exe
Need for Speed™ Carbon—>D:GamesNFSCAR~1UNWISE.EXE D:GamesNFSCAR~1INSTALL.LOG
Need for Speed™ Carbon—>D:GamesNFSCarbonunwise.exe
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OCR Software by I.R.I.S 7.0—>D:Digital ImagingOCRhpzscr01.exe -datfile hpqbud11.dat
OpenAL—>»C:Program FilesOpenALoalinst.exe» /U
PDF Settings—>MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PokerStars.net—>»C:Program FilesPokerStars.NETPokerStarsUninstall.exe» /u:PokerStars.net
PROMT Professional 8 Giant Try-Buy—>MsiExec.exe /I{04F4FE29-515E-4B5B-9CF9-2DAB1065FBE1}
Punto Switcher 3.0—>C:Program FilesPunto Switcheruninstall.exe
QIP 2005 8090—>»D:Мои прогиqipQIPunins000.exe»
Rambler-Ассистент—>»C:Program FilesRambler Assistantuninstall.exe»
REALTEK GbE & FE Ethernet PCI NIC Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}Setup.exe» -l0x19 -removeonly
Realtek High Definition Audio Driver—>RtlUpd.exe -r -m
Reproductor de Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
S.T.A.L.K.E.R. — Новая война—>D:GamesSTALKERUNWISE.EXE D:GamesSTALKERINSTALL.LOG
Shop for HP Supplies—>D:Digital ImagingHPSSupplyhpzscr01.exe -datfile hpqbud16.dat
Steam—>MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SweetIM for Messenger 2.6—>MsiExec.exe /X{04A6A912-A6DB-4EF2-99FF-6D6199BA3C8C}
SweetIM Toolbar for Internet Explorer 3.3—>MsiExec.exe /X{266C7330-C0F4-49E5-8F20-A56F9F822875}
VCRedistSetup—>MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VIA Platform Device Manager—>C:PROGRA~1COMMON~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VideoLAN VLC media player 0.8.6b—>C:Program FilesVideoLANVLCuninstall.exe
Winamp Remote—>»C:Program FilesWinamp Remoteuninstall.exe»
Winamp Toolbar for Firefox—>»C:Documents and SettingsCore2DuoApplication DataMozillaFirefoxProfiles9vf96daw.defaultextensions{0b38152b-1b20-484d-a11f-5e04a9b0661f}uninstall.exe»
Winamp Toolbar for Internet Explorer—>»C:Program FilesWinamp Toolbaruninstall.exe»
Winamp—>»D:КлипыWinampUninstWA.exe»
Windows Imaging Component—>»C:WINDOWS$NtUninstallWIC$spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»C:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
Windows XP Service Pack 3—>»C:WINDOWS$NtServicePackUninstall$spuninstspuninst.exe»
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
еда выполнения Visual Studio 2005 Tools for Office, второй выпуск—>C:Program FilesCommon FilesMicrosoft SharedVSTO8.0Microsoft Visual Studio 2005 Tools for Office Runtimeinstall.exe
Интернет помощник MyCentria—>C:Program FilesMyCentriaMyCentriaUninstall.exe
Исправление для Windows Internet Explorer 7 (KB947864)—>»C:WINDOWSie7updatesKB947864-IE7spuninstspuninst.exe»
Исправление для Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Исправление для проигрывателя Windows Media 11 — (KB939683)—>»C:WINDOWS$NtUninstallKB939683$spuninstspuninst.exe»
Критическое обновление для проигрывателя Windows Media 11 — (KB959772)—>»C:WINDOWS$NtUninstallKB959772_WM11$spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB938127)—>»C:WINDOWSie7updatesKB938127-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB942615)—>»C:WINDOWSie7updatesKB942615-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB944533)—>»C:WINDOWSie7updatesKB944533-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB953838)—>»C:WINDOWSie7updatesKB953838-IE7spuninstspuninst.exe»
Обновление безопасности для Windows XP — (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB923561)—>»C:WINDOWS$NtUninstallKB923561$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB938464-v2)—>»C:WINDOWS$NtUninstallKB938464-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952004)—>»C:WINDOWS$NtUninstallKB952004$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954459)—>»C:WINDOWS$NtUninstallKB954459$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956572)—>»C:WINDOWS$NtUninstallKB956572$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958690)—>»C:WINDOWS$NtUninstallKB958690$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB959426)—>»C:WINDOWS$NtUninstallKB959426$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960225)—>»C:WINDOWS$NtUninstallKB960225$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960803)—>»C:WINDOWS$NtUninstallKB960803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961373)—>»C:WINDOWS$NtUninstallKB961373$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 10 — (KB936782)—>»C:WINDOWS$NtUninstallKB936782_WMP10$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 11 — (KB936782)—>»C:WINDOWS$NtUninstallKB936782_WMP11$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 11 — (KB954154)—>»C:WINDOWS$NtUninstallKB954154_WM11$spuninstspuninst.exe»
Обновление для Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
Обновление для Windows XP (KB951978)—>»C:WINDOWS$NtUninstallKB951978$spuninstspuninst.exe»
Обновление для Windows XP (KB967715)—>»C:WINDOWS$NtUninstallKB967715$spuninstspuninst.exe»======Security center information======
AV: Doctor Web Anti-Virus
AV: avast! antivirus 4.8.1335 [VPS 090510-0]======System event log======
Computer Name: MASTERWI-A0F801
Event Code: 7036
Message: Служба «Служба обнаружения SSDP» перешла в состояние Работает.Record Number: 8576
Source Name: Service Control Manager
Time Written: 20090427112818.000000+240
Event Type: информация
User:Computer Name: MASTERWI-A0F801
Event Code: 7036
Message: Служба «Служба COM записи компакт-дисков IMAPI» перешла в состояние Работает.Record Number: 8575
Source Name: Service Control Manager
Time Written: 20090427112818.000000+240
Event Type: информация
User:Computer Name: MASTERWI-A0F801
Event Code: 7035
Message: Служба «Служба обнаружения SSDP» успешно отправила управляющий элемент «запустить».Record Number: 8574
Source Name: Service Control Manager
Time Written: 20090427112818.000000+240
Event Type: информация
User: MASTERWI-A0F801Core2DuoComputer Name: MASTERWI-A0F801
Event Code: 7035
Message: Служба «Служба COM записи компакт-дисков IMAPI» успешно отправила управляющий элемент «запустить».Record Number: 8573
Source Name: Service Control Manager
Time Written: 20090427112818.000000+240
Event Type: информация
User: NT AUTHORITYSYSTEMComputer Name: MASTERWI-A0F801
Event Code: 7035
Message: Служба «Диспетчер подключений удаленного доступа» успешно отправила управляющий элемент «запустить».Record Number: 8572
Source Name: Service Control Manager
Time Written: 20090427112818.000000+240
Event Type: информация
User: MASTERWI-A0F801Core2Duo=====Application event log=====
Computer Name: MASTERWI-A0F801
Event Code: 20
Message:
Record Number: 2034
Source Name: Google Update
Time Written: 20090302212532.000000+180
Event Type: ошибка
User: MASTERWI-A0F801Core2DuoComputer Name: MASTERWI-A0F801
Event Code: 13
Message: SpIDer Guard started OK.Record Number: 2033
Source Name: SPIDERNT
Time Written: 20090302210522.000000+180
Event Type: информация
User:Computer Name: MASTERWI-A0F801
Event Code: 0
Message:
Record Number: 2032
Source Name: ICQ Service
Time Written: 20090302210519.000000+180
Event Type: информация
User:Computer Name: MASTERWI-A0F801
Event Code: 1
Message:
Record Number: 2031
Source Name: Bonjour Service
Time Written: 20090302210518.000000+180
Event Type: информация
User:Computer Name: MASTERWI-A0F801
Event Code: 105
Message: The service was started.Record Number: 2030
Source Name: ATI Smart
Time Written: 20090302210517.000000+180
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%systemroot%system32;%systemroot%;%systemroot%system32wbem;C:Program FilesATI TechnologiesATI.ACECore-Static
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 13, GenuineIntel
«PROCESSOR_REVISION»=0f0d
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Core2Duo at 2009-05-12 21:03:50
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (21%) free of 10 GB
Total RAM: 1022 MB (34% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:15, on 12.05.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
D:Мои прогиНовая папка (2)aswUpdSv.exe
D:Мои прогиНовая папка (2)ashServ.exe
C:WINDOWSExplorer.EXE
C:WINDOWSnotepad.exe
C:WINDOWSsystem32spoolsv.exe
D:1F25~1(2)~1ashDisp.exe
C:Program FilesJavajre6binjusched.exe
C:Program FilesDrWeb AV-Deskdrwagnui.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe
C:Program FilesDrWeb AV-Deskspiderml.exe
C:PROGRA~1DRWEBA~1spiderui.exe
C:Program FilesMessengermsmsgs.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesPunto Switcherpunto.exe
C:WINDOWSsystem32setup2.exe
D:Мои прогиAbbyyTutor.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesATI TechnologiesATI.ACECore-Staticccc.exe
C:PROGRA~1DRWEBA~1spidernt.exe
C:WINDOWSsystem32svchost.exe
D:Мои прогиНовая папка (2)ashMaiSv.exe
D:Мои прогиНовая папка (2)ashWebSv.exe
C:Program FilesDrWeb AV-Deskdrwagntd.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
D:Мои прогиdownloadDownload Masterdmaster.exe
D:RSIT.exe
C:Program Filestrend microCore2Duo.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: Winamp Search Class — {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} — C:Program FilesWinamp Toolbarwinamptb.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL
R3 — URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} — — (no file)
R3 — URLSearchHook: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
R3 — URLSearchHook: SweetIM ToolbarURLSearchHook Class — {EEE6C35D-6118-11DC-9C72-001320C79847} — C:Program FilesSweetIMToolbarsInternet ExplorermgHelper.dll
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Winamp Toolbar Loader — {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} — C:Program FilesWinamp Toolbarwinamptb.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — D:1F25~1downloadDOWNLO~1dmiehlp.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O2 — BHO: SWEETIE — {EEE6C35C-6118-11DC-9C72-001320C79847} — C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL
O3 — Toolbar: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll (file missing)
O3 — Toolbar: Winamp Toolbar — {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} — C:Program FilesWinamp Toolbarwinamptb.dll
O3 — Toolbar: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — D:Мои прогиdownloadDownload Masterdmbar.dll
O3 — Toolbar: SweetIM Toolbar for Internet Explorer — {EEE6C35B-6118-11DC-9C72-001320C79847} — C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O4 — HKLM..Run: [avast!] D:1F25~1(2)~1ashDisp.exe
O4 — HKLM..Run: [StartCCC] «C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe» MSRun
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [DrWebAgentUI] «C:Program FilesDrWeb AV-Deskdrwagnui.exe»
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWeb AV-Deskspiderml.exe»
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DRWEBA~1spiderui.exe /agent
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [Google Update] «C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» /c
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [setup2.exe] C:WINDOWSsystem32setup2.exe
O4 — HKCU..Run: [Tutor.exe] «D:Мои прогиAbbyyTutor.exe» /AS
O8 — Extra context menu item: &Winamp Search — C:Documents and SettingsAll UsersApplication DataWinamp ToolbarieToolbarresourcesen-USlocalsearch.html
O8 — Extra context menu item: &Перевести с помощью ABBYY Lingvo… — res://D:Мои прогиAbbyyLingvo.exe/3000
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — D:Мои прогиdownloadDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — D:Мои прогиdownloadDownload Masterdmie.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O8 — Extra context menu item: Поиск@Mail.Ru — res://C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL/SEARCH.HTM
O8 — Extra context menu item: Словари@Mail.Ru — res://C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL/TRANSLATE.HTM
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Мои прогиdownloadDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Мои прогиdownloadDownload Masterdmaster.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — D:аськаICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — D:аськаICQ6.5ICQ.exe
O9 — Extra button: PokerStars.net — {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} — C:Program FilesPokerStars.NETPokerStarsUpdate.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O17 — HKLMSystemCCSServicesTcpip..{3166CED4-F5D7-4F9F-82F7-D0020E97E372}: NameServer = 85.255.114.39 85.255.112.99
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — D:Мои прогиНовая папка (2)aswUpdSv.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: avast! Antivirus — ALWIL Software — D:Мои прогиНовая папка (2)ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — D:Мои прогиНовая папка (2)ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — D:Мои прогиНовая папка (2)ashWebSv.exe
O23 — Service: Dr.Web(R) AV-Desk Agent (drwagntd) — Doctor Web, Ltd. — C:Program FilesDrWeb AV-Deskdrwagntd.exe
O23 — Service: Dr.Web(R) AV-Desk Upgrade Service (drwupgrade) — Doctor Web, Ltd. — C:Program FilesDrWeb AV-Desk1drwupgrade.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DRWEBA~1spidernt.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe
O24 — Desktop Component 0: (no name) — file:///C:/DOCUME~1/Core2Duo/LOCALS~1/Temp/msohtml1/01/clip_image002.gif—
End of file — 10424 bytes======Scheduled tasks folder======
C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-1343024091-1284227242-839522115-1003.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader — C:Program FilesWinamp Toolbarwinamptb.dll [2008-03-20 1267040][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL [2008-03-05 534016][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — D:1F25~1downloadDOWNLO~1dmiehlp.dll [2008-10-24 157696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-05-10 35840][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-05-10 73728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper — C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll [2008-10-08 1172792][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL [2008-03-05 534016]
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll []
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} — Winamp Toolbar — C:Program FilesWinamp Toolbarwinamptb.dll [2008-03-20 1267040]
{855F3B16-6D32-4fe6-8A56-BBB695989046} — ICQToolBar — C:Program FilesICQ6ToolbarICQToolBar.dll [2008-06-12 958712]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — D:Мои прогиdownloadDownload Masterdmbar.dll [2007-11-26 180224]
{EEE6C35B-6118-11DC-9C72-001320C79847} — SweetIM Toolbar for Internet Explorer — C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll [2008-10-08 1172792][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«avast!»=D:1F25~1(2)~1ashDisp.exe [2009-02-06 81000]
«StartCCC»=C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe [2009-03-17 61440]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-05-10 148888]
«DrWebAgentUI»=C:Program FilesDrWeb AV-Deskdrwagnui.exe [2009-05-11 812336]
«SpIDerMail»=C:Program FilesDrWeb AV-Deskspiderml.exe [2009-05-11 501080]
«SpIDerNT»=C:PROGRA~1DRWEBA~1spiderui.exe [2009-05-11 197896][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232]
«Google Update»=C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2008-09-03 133104]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-16 735016]
«setup2.exe»=C:WINDOWSsystem32setup2.exe [2009-05-09 1097216]
«Tutor.exe»=D:Мои прогиAbbyyTutor.exe [2007-04-05 992800][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2009-03-17 155648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor — {e57ce738-33e8-4c51-8354-bb4de9d215d1} — C:WINDOWSsystem32upnpui.dll [2008-04-14 239616][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=FFFFFFFF
«NoDriveTypeAutoRun»=36
«NoDrives»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=
«NoDriveTypeAutoRun»=
«NoDrives»=
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesWinamp RemotebinOrb.exe»=»C:Program FilesWinamp RemotebinOrb.exe:*:Enabled:Orb»
«C:Program FilesWinamp RemotebinOrbTray.exe»=»C:Program FilesWinamp RemotebinOrbTray.exe:*:Enabled:OrbTray»
«C:Program FilesWinamp RemotebinOrbStreamerClient.exe»=»C:Program FilesWinamp RemotebinOrbStreamerClient.exe:*:Enabled:Orb Stream Client»
«D:Мои прогиНовая папкаStrongDC.exe»=»D:Мои прогиНовая папкаStrongDC.exe:*:Enabled:StrongDC++»
«D:Мои прогиqipQIPqip.exe»=»D:Мои прогиqipQIPqip.exe:*:Enabled:Quiet Internet Pager»
«D:аськаICQ6.5ICQ.exe»=»D:аськаICQ6.5ICQ.exe:*:Enabled:ICQ6»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»======List of files/folders created in the last 1 months======
2009-11-21 12:40:08 —-A—- C:WINDOWS7f9cba5kdooz2609.exe
2009-05-12 20:35:02 —-RASHD—- C:autorun.inf
2009-05-12 00:57:09 —-D—- C:WINDOWSSun
2009-05-11 23:59:38 —-D—- C:Avenger
2009-05-11 23:59:38 —-A—- C:avenger.txt
2009-05-11 13:41:03 —-D—- C:Program FilesDrWeb AV-Desk
2009-05-11 11:09:45 —-SHD—- C:RECYCLER
2009-05-11 01:53:27 —-D—- C:rsit
2009-05-11 01:39:35 —-HDC—- C:WINDOWS$NtUninstallKB951978$
2009-05-11 01:39:20 —-HDC—- C:WINDOWS$NtUninstallKB938464-v2$
2009-05-11 01:38:55 —-HDC—- C:WINDOWS$NtUninstallKB954459$
2009-05-10 23:09:39 —-A—- C:WINDOWSsystem32javaws.exe
2009-05-10 23:09:39 —-A—- C:WINDOWSsystem32javaw.exe
2009-05-10 23:09:39 —-A—- C:WINDOWSsystem32java.exe
2009-05-10 23:09:39 —-A—- C:WINDOWSsystem32deploytk.dll
2009-05-10 23:09:28 —-D—- C:Program FilesJava
2009-05-10 23:08:21 —-DC—- C:Documents and SettingsCore2DuoApplication DataSun
2009-05-10 20:31:32 —-D—- C:Program Filestrend micro
2009-05-10 20:19:51 —-D—- C:WINDOWSPrefetch
2009-05-10 17:18:10 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2009-05-10 17:16:13 —-HDC—- C:WINDOWS$NtUninstallKB961373$
2009-05-10 17:14:12 —-HDC—- C:WINDOWS$NtUninstallKB960803$
2009-05-10 17:12:23 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-05-10 17:11:04 —-HDC—- C:WINDOWS$NtUninstallKB959426$
2009-05-10 17:09:30 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-05-10 17:07:54 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-05-10 17:06:24 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-05-10 17:04:55 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-05-10 17:03:33 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-05-10 17:02:06 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-05-10 17:00:01 —-HDC—- C:WINDOWS$NtUninstallKB956572$
2009-05-10 16:57:55 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-05-10 16:56:57 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-05-10 16:55:43 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2009-05-10 16:54:11 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2009-05-10 16:52:52 —-HDC—- C:WINDOWS$NtUninstallKB952004$
2009-05-10 16:51:29 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-05-10 16:50:10 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2009-05-10 16:48:57 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2009-05-10 16:47:46 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2009-05-10 16:46:33 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-05-10 16:45:17 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2009-05-10 16:43:55 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2009-05-10 16:43:05 —-HDC—- C:WINDOWS$NtUninstallKB938464$
2009-05-10 16:41:47 —-HDC—- C:WINDOWS$NtUninstallKB923561$
2009-05-10 16:38:09 —-N—- C:WINDOWSsystem32rwnh.dll
2009-05-10 16:38:09 —-N—- C:WINDOWSsystem32comsdupd.exe
2009-05-10 16:38:08 —-N—- C:WINDOWSsystem32smtpapi.dll
2009-05-10 16:36:54 —-N—- C:WINDOWSsystem32ati2dvaa.dll
2009-05-10 16:36:54 —-N—- C:WINDOWSsystem32aaclient.dll
2009-05-10 16:36:53 —-N—- C:WINDOWSsystem32azroles.dll
2009-05-10 16:36:53 —-N—- C:WINDOWSsystem32ativtmxx.dll
2009-05-10 16:36:53 —-N—- C:WINDOWSsystem32ati3d1ag.dll
2009-05-10 16:36:52 —-N—- C:WINDOWSsystem32bitsprx4.dll
2009-05-10 16:36:51 —-N—- C:WINDOWSsystem32credssp.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dot3dlg.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dot3cfg.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dot3api.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dimsroam.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dimsntfy.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dhcpqec.dll
2009-05-10 16:36:49 —-N—- C:WINDOWSsystem32dot3ui.dll
2009-05-10 16:36:49 —-N—- C:WINDOWSsystem32dot3svc.dll
2009-05-10 16:36:49 —-N—- C:WINDOWSsystem32dot3msm.dll
2009-05-10 16:36:49 —-N—- C:WINDOWSsystem32dot3gpclnt.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eapqec.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eappprxy.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eapphost.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eappgnui.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eappcfg.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eapp3hst.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eapolqec.dll
2009-05-10 16:36:47 —-N—- C:WINDOWSsystem32eapsvc.dll
2009-05-10 16:36:46 —-N—- C:WINDOWSsystem32ieencode.dll
2009-05-10 16:36:46 —-N—- C:WINDOWSsystem32hsfcisp2.dll
2009-05-10 16:36:43 —-N—- C:WINDOWSsystem32kbdpash.dll
2009-05-10 16:36:43 —-N—- C:WINDOWSsystem32kbdnepr.dll
2009-05-10 16:36:43 —-N—- C:WINDOWSsystem32kbdiultn.dll
2009-05-10 16:36:43 —-N—- C:WINDOWSsystem32kbdbhc.dll
2009-05-10 16:36:42 —-N—- C:WINDOWSsystem32l2gpstore.dll
2009-05-10 16:36:42 —-N—- C:WINDOWSsystem32kmsvc.dll
2009-05-10 16:36:41 —-N—- C:WINDOWSsystem32microsoft.managementconsole.dll
2009-05-10 16:36:41 —-N—- C:WINDOWSsystem32mdmxsdk.dll
2009-05-10 16:36:40 —-N—- C:WINDOWSsystem32mmcperf.exe
2009-05-10 16:36:40 —-N—- C:WINDOWSsystem32mmcfxcommon.dll
2009-05-10 16:36:40 —-N—- C:WINDOWSsystem32mmcex.dll
2009-05-10 16:36:39 —-N—- C:WINDOWSsystem32msshavmsg.dll
2009-05-10 16:36:39 —-N—- C:WINDOWSsystem32mssha.dll
2009-05-10 16:36:38 —-N—- C:WINDOWSsystem32napstat.exe
2009-05-10 16:36:38 —-N—- C:WINDOWSsystem32napmontr.dll
2009-05-10 16:36:38 —-N—- C:WINDOWSsystem32napipsec.dll
2009-05-10 16:36:38 —-N—- C:WINDOWSsystem32mtxparhd.dll
2009-05-10 16:36:37 —-N—- C:WINDOWSsystem32nv4_disp.dll
2009-05-10 16:36:36 —-N—- C:WINDOWSsystem32onex.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32s3gnb.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32rhttpaa.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32rasqec.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32qutil.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32qcliprov.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32qagentrt.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32qagent.dll
2009-05-10 16:36:33 —-N—- C:WINDOWSsystem32slextspk.dll
2009-05-10 16:36:33 —-N—- C:WINDOWSsystem32slcoinst.dll
2009-05-10 16:36:33 —-N—- C:WINDOWSsystem32setupn.exe
2009-05-10 16:36:32 —-N—- C:WINDOWSsystem32slserv.exe
2009-05-10 16:36:32 —-N—- C:WINDOWSsystem32slrundll.exe
2009-05-10 16:36:32 —-N—- C:WINDOWSsystem32slgen.dll
2009-05-10 16:36:29 —-N—- C:WINDOWSsystem32tspkg.dll
2009-05-10 16:36:29 —-N—- C:WINDOWSsystem32tsgqec.dll
2009-05-10 16:36:26 —-N—- C:WINDOWSsystem32wlanapi.dll
2009-05-10 16:36:24 —-N—- C:WINDOWSslrundll.exe
2009-05-10 16:36:20 —-D—- C:WINDOWSl2schemas
2009-05-10 16:36:19 —-D—- C:WINDOWSsystem32ru
2009-05-10 16:36:18 —-D—- C:WINDOWSsystem32bits
2009-05-10 16:24:41 —-D—- C:WINDOWSServicePackFiles
2009-05-10 16:19:52 —-A—- C:WINDOWS02840_.tmp
2009-05-10 16:15:49 —-HDC—- C:WINDOWS$NtServicePackUninstall$
2009-05-10 15:09:32 —-DC—- C:Documents and SettingsCore2DuoApplication DataGetRightToGo
2009-05-09 16:05:30 —-HDC—- C:WINDOWS$NtUninstallKB959426_0$
2009-05-09 16:05:13 —-HDC—- C:WINDOWS$NtUninstallKB961373_0$
2009-05-09 16:05:01 —-HDC—- C:WINDOWS$NtUninstallKB956803_0$
2009-05-09 16:04:50 —-HDC—- C:WINDOWS$NtUninstallKB960225_0$
2009-05-09 16:04:00 —-HDC—- C:WINDOWS$NtUninstallKB956572_0$
2009-05-09 16:03:39 —-HDC—- C:WINDOWS$NtUninstallKB925720$
2009-05-09 16:03:29 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-05-09 16:03:17 —-HDC—- C:WINDOWS$NtUninstallKB952004_0$
2009-05-09 16:02:49 —-HDC—- C:WINDOWS$NtUninstallKB957097_0$
2009-05-09 16:02:36 —-HDC—- C:WINDOWS$NtUninstallKB958687_0$
2009-05-09 16:02:23 —-HDC—- C:WINDOWS$NtUninstallKB967715_0$
2009-05-09 16:02:08 —-HDC—- C:WINDOWS$NtUninstallKB958690_0$
2009-05-09 16:01:57 —-HDC—- C:WINDOWS$NtUninstallKB959772_WM11$
2009-05-09 16:01:49 —-HDC—- C:WINDOWS$NtUninstallKB960803_0$
2009-05-09 16:01:32 —-HDC—- C:WINDOWS$NtUninstallKB954600_0$
2009-05-09 16:01:24 —-HDC—- C:WINDOWS$NtUninstallKB958644_0$
2009-05-09 16:01:12 —-HDC—- C:WINDOWS$NtUninstallKB955069_0$
2009-05-09 16:01:02 —-HDC—- C:WINDOWS$NtUninstallKB956802_0$
2009-05-09 15:35:35 —-HDC—- C:WINDOWS$NtUninstallKB923561_0$
2009-05-09 14:14:39 —-DC—- C:Documents and SettingsCore2DuoApplication DataMalwarebytes
2009-05-09 14:14:33 —-DC—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2009-05-09 14:03:42 —-D—- C:WINDOWSERDNT
2009-05-09 13:26:50 —-HD—- C:WINDOWSsystem32GroupPolicy
2009-05-09 11:09:50 —-N—- C:WINDOWSsystem32setup2.exe
2009-05-07 10:59:27 —-A—- C:WINDOWSATICIM.INI
2009-05-07 10:54:57 —-A—- C:WINDOWSsystem32atibtmon.exe
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32atioglxx.dll
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32atimpc32.dll
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32aticalrt.dll
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32aticaldd.dll
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32aticalcl.dll
2009-05-07 10:54:54 —-A—- C:WINDOWSsystem32atiadlxx.dll
2009-05-07 10:54:54 —-A—- C:WINDOWSsystem32amdpcom32.dll
2009-05-07 10:18:24 —-DC—- C:Documents and SettingsCore2DuoApplication DataWinRAR
2009-05-06 23:26:20 —-D—- C:Program FilesPunto Switcher
2009-05-03 11:58:22 —-DC—- C:Documents and SettingsAll UsersApplication DataPRMT
2009-05-02 18:31:35 —-A—- C:WINDOWSpdf2word.INI
2009-04-30 17:52:34 —-DC—- C:Documents and SettingsCore2DuoApplication DataPRMT
2009-04-30 14:50:59 —-D—- C:WINDOWSspeech
2009-04-30 14:47:16 —-D—- C:WINDOWSLhsp
2009-04-30 14:43:11 —-D—- C:Program FilesGSC World Publishing
2009-04-27 22:33:34 —-A—- C:WINDOWSsystem3229576zi9us12.dll
2009-04-26 19:05:49 —-D—- C:Program FilesYandex
2009-04-26 19:05:43 —-HD—- C:WINDOWSmsdownld.tmp
2009-04-26 19:02:29 —-HDC—- C:WINDOWSie8
2009-04-25 09:28:58 —-A—- C:WINDOWSwsparser.ini
2009-04-17 11:26:50 —-DC—- C:Documents and SettingsCore2DuoApplication DataНовый Диск======List of files/folders modified in the last 1 months======
2009-05-12 21:01:47 —-D—- C:WINDOWSTemp
2009-05-12 20:59:10 —-A—- C:WINDOWSSchedLgU.Txt
2009-05-12 20:58:14 —-D—- C:WINDOWSsystem32
2009-05-12 20:58:13 —-D—- C:WINDOWS
2009-05-12 20:27:25 —-SHD—- C:WINDOWSInstaller
2009-05-12 20:27:25 —-HDC—- C:Config.Msi
2009-05-12 20:21:38 —-D—- C:WINDOWSsystem32CatRoot2
2009-05-12 20:01:40 —-D—- C:WINDOWSsystem32config
2009-05-12 16:19:33 —-D—- C:Program FilesPokerStars.NET
2009-05-12 13:50:22 —-D—- C:WINDOWSDebug
2009-05-11 23:59:38 —-D—- C:WINDOWSsystem32drivers
2009-05-11 16:05:26 —-HD—- C:WINDOWSinf
2009-05-11 13:42:48 —-AT—- C:WINDOWSsystem32DRWEBSP.DLL
2009-05-11 13:41:03 —-RD—- C:Program Files
2009-05-11 13:37:59 —-DC—- C:Documents and SettingsCore2DuoApplication DatauTorrent
2009-05-11 11:23:42 —-SHD—- C:System Volume Information
2009-05-11 11:23:42 —-D—- C:WINDOWSsystem32Restore
2009-05-11 11:23:14 —-D—- C:Program FilesCommon Files
2009-05-11 11:21:44 —-ADC—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-05-11 10:55:18 —-A—- C:WINDOWSsystem.ini
2009-05-11 10:54:51 —-D—- C:WINDOWSAppPatch
2009-05-11 01:39:39 —-RSHD—- C:WINDOWSsystem32dllcache
2009-05-11 01:39:34 —-HD—- C:WINDOWS$hf_mig$
2009-05-11 01:39:20 —-D—- C:WINDOWSWinSxS
2009-05-10 20:21:24 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-05-10 20:19:03 —-D—- C:WINDOWSsystem32Setup
2009-05-10 20:19:01 —-D—- C:WINDOWSsystem32wbem
2009-05-10 20:18:58 —-RSD—- C:WINDOWSFonts
2009-05-10 18:05:14 —-D—- C:WINDOWSsecurity
2009-05-10 17:20:41 —-D—- C:WINDOWSsystem32CatRoot
2009-05-10 16:44:28 —-D—- C:Program FilesMessenger
2009-05-10 16:38:11 —-D—- C:WINDOWSehome
2009-05-10 16:38:08 —-D—- C:WINDOWSsystem32inetsrv
2009-05-10 16:38:07 —-D—- C:WINDOWSnetwork diagnostic
2009-05-10 16:38:07 —-D—- C:WINDOWSHelp
2009-05-10 16:38:06 —-D—- C:WINDOWSime
2009-05-10 16:36:23 —-D—- C:WINDOWSsystem32usmt
2009-05-10 16:36:23 —-D—- C:WINDOWSsystem32ru-ru
2009-05-10 16:36:18 —-D—- C:WINDOWSPeerNet
2009-05-10 16:36:17 —-D—- C:Program FilesMovie Maker
2009-05-10 16:24:26 —-D—- C:WINDOWSsystem32npp
2009-05-10 16:24:24 —-D—- C:WINDOWSmsagent
2009-05-10 16:24:23 —-D—- C:WINDOWSsrchasst
2009-05-10 16:24:21 —-D—- C:Program FilesNetMeeting
2009-05-10 16:24:19 —-D—- C:WINDOWSsystem32Com
2009-05-10 16:24:15 —-D—- C:Program FilesWindows NT
2009-05-10 16:24:15 —-D—- C:Program FilesWindows Media Player
2009-05-10 16:24:15 —-D—- C:Program FilesOutlook Express
2009-05-10 16:23:59 —-D—- C:Program FilesCommon FilesSystem
2009-05-10 16:23:38 —-D—- C:WINDOWSsystem32oobe
2009-05-10 16:23:35 —-D—- C:WINDOWSsystem
2009-05-10 16:19:43 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-05-08 01:16:08 —-AC—- C:WINDOWShpfccopy.INI
2009-05-07 11:29:39 —-RSD—- C:WINDOWSassembly
2009-05-07 11:29:02 —-D—- C:WINDOWSsystem32DirectX
2009-05-07 11:03:51 —-D—- C:Program FilesWinRAR
2009-05-07 11:01:46 —-D—- C:Program FilesATI Technologies
2009-05-07 11:00:30 —-HD—- C:Program FilesInstallShield Installation Information
2009-05-07 09:56:22 —-SD—- C:WINDOWSTasks
2009-05-06 23:26:20 —-DC—- C:Documents and SettingsCore2DuoApplication DataYandex
2009-05-03 10:34:16 —-D—- C:WINDOWSMinidump
2009-04-30 19:12:17 —-DC—- C:Documents and SettingsCore2DuoApplication DataICQ
2009-04-30 18:09:36 —-D—- C:WINDOWSMicrosoft.NET
2009-04-30 14:46:01 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-04-28 20:08:26 —-DC—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-04-28 20:08:08 —-D—- C:Program FilesCommon FilesAdobe
2009-04-26 19:21:25 —-D—- C:WINDOWSMedia
2009-04-26 19:21:24 —-D—- C:Program FilesInternet Explorer
2009-04-22 01:17:11 —-D—- C:WINDOWSsystem32Adobe
2009-04-21 12:59:26 —-DC—- C:Documents and SettingsCore2DuoApplication Datadvdcss
2009-04-20 22:54:36 —-SDC—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-04-19 13:51:36 —-SD—- C:WINDOWSDownloaded Program Files
2009-04-17 11:25:35 —-D—- C:Program FilesCommon FilesInstallShield======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2009-02-06 26944]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2009-02-06 114768]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2009-02-06 51376]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-14 40704]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-21 12032]
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2009-02-06 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2009-02-06 94032]
R2 spider;SpIDer Guard File System Monitor; ??C:PROGRA~1DRWEBA~1spider.sys []
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2009-02-06 23152]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2009-03-17 3597312]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-13 144384]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2006-05-16 49664]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2006-05-16 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2006-05-16 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-12-21 4405248]
R3 LVUSBSta;Logitech USB Monitor Filter; C:WINDOWSsystem32driverslvusbsta.sys [2004-10-11 22016]
R3 PID_0928;Labtec WebCam(PID_0928); C:WINDOWSsystem32DRIVERSLV561AV.SYS [2004-10-11 211712]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtnicxp.sys [2006-08-31 81280]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-14 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-14 59520]
R3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
R3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
R3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
S3 atikmdag;atikmdag; C:WINDOWSsystem32DRIVERSatikmdag.sys [2007-05-18 2608640]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-14 17024]
S3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2009-04-13 223128]
S3 FXDrv32;FXDrv32; ??E:FXDrv32.sys []
S3 MaxAntiSpyFilter;10.09.20089:50:31; ??D:Мои прогиDr.WebMaxAntiSpySSS.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; ??C:WINDOWSsystem32driversmbamswissarmy.sys []
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-14 15232]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; D:Мои прогиНовая папка (2)aswUpdSv.exe [2009-02-06 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2009-03-17 602112]
R2 avast! Antivirus;avast! Antivirus; D:Мои прогиНовая папка (2)ashServ.exe [2009-02-06 138680]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-05-10 152984]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DRWEBA~1spidernt.exe [2009-05-11 197896]
R3 avast! Mail Scanner;avast! Mail Scanner; D:Мои прогиНовая папка (2)ashMaiSv.exe [2009-02-06 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:Мои прогиНовая папка (2)ashWebSv.exe [2009-02-06 352920]
R3 drwagntd;Dr.Web(R) AV-Desk Agent; C:Program FilesDrWeb AV-Deskdrwagntd.exe [2009-05-11 1860912]
S2 drwupgrade;Dr.Web(R) AV-Desk Upgrade Service; C:Program FilesDrWeb AV-Desk1drwupgrade.exe [2009-05-11 410928]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2007-10-11 864256]
S4 Ati External Event Utility;Ati External Event Utility; C:WINDOWSsystem32Ati2evxx.exe [2009-03-17 602112]
S4 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2009-03-17 593920]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:Program FilesBonjourmDNSResponder.exe [2006-02-28 229376]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2007-10-29 654848]
S4 ICQ Service;ICQ Service; C:Program FilesICQ6ToolbarICQ Service.exe [2008-06-10 222456]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2007-10-11 122880]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSsystem32HPZipm12.exe [2007-08-09 73728]
S4 WMPNetworkSvc;Servicio de uso compartido de red del Reproductor de Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-03 916480]
S4 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
EOF
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Core2Duo at 2009-05-12 21:03:50
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (21%) free of 10 GB
Total RAM: 1022 MB (34% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:15, on 12.05.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
D:Мои прогиНовая папка (2)aswUpdSv.exe
D:Мои прогиНовая папка (2)ashServ.exe
C:WINDOWSExplorer.EXE
C:WINDOWSnotepad.exe
C:WINDOWSsystem32spoolsv.exe
D:1F25~1(2)~1ashDisp.exe
C:Program FilesJavajre6binjusched.exe
C:Program FilesDrWeb AV-Deskdrwagnui.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe
C:Program FilesDrWeb AV-Deskspiderml.exe
C:PROGRA~1DRWEBA~1spiderui.exe
C:Program FilesMessengermsmsgs.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesPunto Switcherpunto.exe
C:WINDOWSsystem32setup2.exe
D:Мои прогиAbbyyTutor.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesATI TechnologiesATI.ACECore-Staticccc.exe
C:PROGRA~1DRWEBA~1spidernt.exe
C:WINDOWSsystem32svchost.exe
D:Мои прогиНовая папка (2)ashMaiSv.exe
D:Мои прогиНовая папка (2)ashWebSv.exe
C:Program FilesDrWeb AV-Deskdrwagntd.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
D:Мои прогиdownloadDownload Masterdmaster.exe
D:RSIT.exe
C:Program Filestrend microCore2Duo.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: Winamp Search Class — {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} — C:Program FilesWinamp Toolbarwinamptb.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL
R3 — URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} — — (no file)
R3 — URLSearchHook: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
R3 — URLSearchHook: SweetIM ToolbarURLSearchHook Class — {EEE6C35D-6118-11DC-9C72-001320C79847} — C:Program FilesSweetIMToolbarsInternet ExplorermgHelper.dll
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Winamp Toolbar Loader — {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} — C:Program FilesWinamp Toolbarwinamptb.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — D:1F25~1downloadDOWNLO~1dmiehlp.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O2 — BHO: SWEETIE — {EEE6C35C-6118-11DC-9C72-001320C79847} — C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL
O3 — Toolbar: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll (file missing)
O3 — Toolbar: Winamp Toolbar — {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} — C:Program FilesWinamp Toolbarwinamptb.dll
O3 — Toolbar: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — D:Мои прогиdownloadDownload Masterdmbar.dll
O3 — Toolbar: SweetIM Toolbar for Internet Explorer — {EEE6C35B-6118-11DC-9C72-001320C79847} — C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O4 — HKLM..Run: [avast!] D:1F25~1(2)~1ashDisp.exe
O4 — HKLM..Run: [StartCCC] «C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe» MSRun
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKLM..Run: [DrWebAgentUI] «C:Program FilesDrWeb AV-Deskdrwagnui.exe»
O4 — HKLM..Run: [SpIDerMail] «C:Program FilesDrWeb AV-Deskspiderml.exe»
O4 — HKLM..Run: [SpIDerNT] C:PROGRA~1DRWEBA~1spiderui.exe /agent
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [Google Update] «C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» /c
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [setup2.exe] C:WINDOWSsystem32setup2.exe
O4 — HKCU..Run: [Tutor.exe] «D:Мои прогиAbbyyTutor.exe» /AS
O8 — Extra context menu item: &Winamp Search — C:Documents and SettingsAll UsersApplication DataWinamp ToolbarieToolbarresourcesen-USlocalsearch.html
O8 — Extra context menu item: &Перевести с помощью ABBYY Lingvo… — res://D:Мои прогиAbbyyLingvo.exe/3000
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — D:Мои прогиdownloadDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — D:Мои прогиdownloadDownload Masterdmie.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O8 — Extra context menu item: Поиск@Mail.Ru — res://C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL/SEARCH.HTM
O8 — Extra context menu item: Словари@Mail.Ru — res://C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL/TRANSLATE.HTM
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Мои прогиdownloadDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Мои прогиdownloadDownload Masterdmaster.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — D:аськаICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — D:аськаICQ6.5ICQ.exe
O9 — Extra button: PokerStars.net — {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} — C:Program FilesPokerStars.NETPokerStarsUpdate.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O17 — HKLMSystemCCSServicesTcpip..{3166CED4-F5D7-4F9F-82F7-D0020E97E372}: NameServer = 85.255.114.39 85.255.112.99
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — D:Мои прогиНовая папка (2)aswUpdSv.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: avast! Antivirus — ALWIL Software — D:Мои прогиНовая папка (2)ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — D:Мои прогиНовая папка (2)ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — D:Мои прогиНовая папка (2)ashWebSv.exe
O23 — Service: Dr.Web(R) AV-Desk Agent (drwagntd) — Doctor Web, Ltd. — C:Program FilesDrWeb AV-Deskdrwagntd.exe
O23 — Service: Dr.Web(R) AV-Desk Upgrade Service (drwupgrade) — Doctor Web, Ltd. — C:Program FilesDrWeb AV-Desk1drwupgrade.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DRWEBA~1spidernt.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe
O24 — Desktop Component 0: (no name) — file:///C:/DOCUME~1/Core2Duo/LOCALS~1/Temp/msohtml1/01/clip_image002.gif—
End of file — 10424 bytes======Scheduled tasks folder======
C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-1343024091-1284227242-839522115-1003.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader — C:Program FilesWinamp Toolbarwinamptb.dll [2008-03-20 1267040][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL [2008-03-05 534016][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — D:1F25~1downloadDOWNLO~1dmiehlp.dll [2008-10-24 157696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-05-10 35840][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-05-10 73728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper — C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll [2008-10-08 1172792][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL [2008-03-05 534016]
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll []
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} — Winamp Toolbar — C:Program FilesWinamp Toolbarwinamptb.dll [2008-03-20 1267040]
{855F3B16-6D32-4fe6-8A56-BBB695989046} — ICQToolBar — C:Program FilesICQ6ToolbarICQToolBar.dll [2008-06-12 958712]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — D:Мои прогиdownloadDownload Masterdmbar.dll [2007-11-26 180224]
{EEE6C35B-6118-11DC-9C72-001320C79847} — SweetIM Toolbar for Internet Explorer — C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll [2008-10-08 1172792][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«avast!»=D:1F25~1(2)~1ashDisp.exe [2009-02-06 81000]
«StartCCC»=C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe [2009-03-17 61440]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-05-10 148888]
«DrWebAgentUI»=C:Program FilesDrWeb AV-Deskdrwagnui.exe [2009-05-11 812336]
«SpIDerMail»=C:Program FilesDrWeb AV-Deskspiderml.exe [2009-05-11 501080]
«SpIDerNT»=C:PROGRA~1DRWEBA~1spiderui.exe [2009-05-11 197896][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232]
«Google Update»=C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2008-09-03 133104]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-16 735016]
«setup2.exe»=C:WINDOWSsystem32setup2.exe [2009-05-09 1097216]
«Tutor.exe»=D:Мои прогиAbbyyTutor.exe [2007-04-05 992800][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2009-03-17 155648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor — {e57ce738-33e8-4c51-8354-bb4de9d215d1} — C:WINDOWSsystem32upnpui.dll [2008-04-14 239616][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=FFFFFFFF
«NoDriveTypeAutoRun»=36
«NoDrives»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=
«NoDriveTypeAutoRun»=
«NoDrives»=
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesWinamp RemotebinOrb.exe»=»C:Program FilesWinamp RemotebinOrb.exe:*:Enabled:Orb»
«C:Program FilesWinamp RemotebinOrbTray.exe»=»C:Program FilesWinamp RemotebinOrbTray.exe:*:Enabled:OrbTray»
«C:Program FilesWinamp RemotebinOrbStreamerClient.exe»=»C:Program FilesWinamp RemotebinOrbStreamerClient.exe:*:Enabled:Orb Stream Client»
«D:Мои прогиНовая папкаStrongDC.exe»=»D:Мои прогиНовая папкаStrongDC.exe:*:Enabled:StrongDC++»
«D:Мои прогиqipQIPqip.exe»=»D:Мои прогиqipQIPqip.exe:*:Enabled:Quiet Internet Pager»
«D:аськаICQ6.5ICQ.exe»=»D:аськаICQ6.5ICQ.exe:*:Enabled:ICQ6»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»======List of files/folders created in the last 1 months======
2009-11-21 12:40:08 —-A—- C:WINDOWS7f9cba5kdooz2609.exe
2009-05-12 20:35:02 —-RASHD—- C:autorun.inf
2009-05-12 00:57:09 —-D—- C:WINDOWSSun
2009-05-11 23:59:38 —-D—- C:Avenger
2009-05-11 23:59:38 —-A—- C:avenger.txt
2009-05-11 13:41:03 —-D—- C:Program FilesDrWeb AV-Desk
2009-05-11 11:09:45 —-SHD—- C:RECYCLER
2009-05-11 01:53:27 —-D—- C:rsit
2009-05-11 01:39:35 —-HDC—- C:WINDOWS$NtUninstallKB951978$
2009-05-11 01:39:20 —-HDC—- C:WINDOWS$NtUninstallKB938464-v2$
2009-05-11 01:38:55 —-HDC—- C:WINDOWS$NtUninstallKB954459$
2009-05-10 23:09:39 —-A—- C:WINDOWSsystem32javaws.exe
2009-05-10 23:09:39 —-A—- C:WINDOWSsystem32javaw.exe
2009-05-10 23:09:39 —-A—- C:WINDOWSsystem32java.exe
2009-05-10 23:09:39 —-A—- C:WINDOWSsystem32deploytk.dll
2009-05-10 23:09:28 —-D—- C:Program FilesJava
2009-05-10 23:08:21 —-DC—- C:Documents and SettingsCore2DuoApplication DataSun
2009-05-10 20:31:32 —-D—- C:Program Filestrend micro
2009-05-10 20:19:51 —-D—- C:WINDOWSPrefetch
2009-05-10 17:18:10 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2009-05-10 17:16:13 —-HDC—- C:WINDOWS$NtUninstallKB961373$
2009-05-10 17:14:12 —-HDC—- C:WINDOWS$NtUninstallKB960803$
2009-05-10 17:12:23 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-05-10 17:11:04 —-HDC—- C:WINDOWS$NtUninstallKB959426$
2009-05-10 17:09:30 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-05-10 17:07:54 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-05-10 17:06:24 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-05-10 17:04:55 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-05-10 17:03:33 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-05-10 17:02:06 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-05-10 17:00:01 —-HDC—- C:WINDOWS$NtUninstallKB956572$
2009-05-10 16:57:55 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-05-10 16:56:57 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-05-10 16:55:43 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2009-05-10 16:54:11 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2009-05-10 16:52:52 —-HDC—- C:WINDOWS$NtUninstallKB952004$
2009-05-10 16:51:29 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-05-10 16:50:10 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2009-05-10 16:48:57 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2009-05-10 16:47:46 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2009-05-10 16:46:33 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-05-10 16:45:17 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2009-05-10 16:43:55 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2009-05-10 16:43:05 —-HDC—- C:WINDOWS$NtUninstallKB938464$
2009-05-10 16:41:47 —-HDC—- C:WINDOWS$NtUninstallKB923561$
2009-05-10 16:38:09 —-N—- C:WINDOWSsystem32rwnh.dll
2009-05-10 16:38:09 —-N—- C:WINDOWSsystem32comsdupd.exe
2009-05-10 16:38:08 —-N—- C:WINDOWSsystem32smtpapi.dll
2009-05-10 16:36:54 —-N—- C:WINDOWSsystem32ati2dvaa.dll
2009-05-10 16:36:54 —-N—- C:WINDOWSsystem32aaclient.dll
2009-05-10 16:36:53 —-N—- C:WINDOWSsystem32azroles.dll
2009-05-10 16:36:53 —-N—- C:WINDOWSsystem32ativtmxx.dll
2009-05-10 16:36:53 —-N—- C:WINDOWSsystem32ati3d1ag.dll
2009-05-10 16:36:52 —-N—- C:WINDOWSsystem32bitsprx4.dll
2009-05-10 16:36:51 —-N—- C:WINDOWSsystem32credssp.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dot3dlg.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dot3cfg.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dot3api.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dimsroam.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dimsntfy.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dhcpqec.dll
2009-05-10 16:36:49 —-N—- C:WINDOWSsystem32dot3ui.dll
2009-05-10 16:36:49 —-N—- C:WINDOWSsystem32dot3svc.dll
2009-05-10 16:36:49 —-N—- C:WINDOWSsystem32dot3msm.dll
2009-05-10 16:36:49 —-N—- C:WINDOWSsystem32dot3gpclnt.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eapqec.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eappprxy.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eapphost.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eappgnui.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eappcfg.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eapp3hst.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eapolqec.dll
2009-05-10 16:36:47 —-N—- C:WINDOWSsystem32eapsvc.dll
2009-05-10 16:36:46 —-N—- C:WINDOWSsystem32ieencode.dll
2009-05-10 16:36:46 —-N—- C:WINDOWSsystem32hsfcisp2.dll
2009-05-10 16:36:43 —-N—- C:WINDOWSsystem32kbdpash.dll
2009-05-10 16:36:43 —-N—- C:WINDOWSsystem32kbdnepr.dll
2009-05-10 16:36:43 —-N—- C:WINDOWSsystem32kbdiultn.dll
2009-05-10 16:36:43 —-N—- C:WINDOWSsystem32kbdbhc.dll
2009-05-10 16:36:42 —-N—- C:WINDOWSsystem32l2gpstore.dll
2009-05-10 16:36:42 —-N—- C:WINDOWSsystem32kmsvc.dll
2009-05-10 16:36:41 —-N—- C:WINDOWSsystem32microsoft.managementconsole.dll
2009-05-10 16:36:41 —-N—- C:WINDOWSsystem32mdmxsdk.dll
2009-05-10 16:36:40 —-N—- C:WINDOWSsystem32mmcperf.exe
2009-05-10 16:36:40 —-N—- C:WINDOWSsystem32mmcfxcommon.dll
2009-05-10 16:36:40 —-N—- C:WINDOWSsystem32mmcex.dll
2009-05-10 16:36:39 —-N—- C:WINDOWSsystem32msshavmsg.dll
2009-05-10 16:36:39 —-N—- C:WINDOWSsystem32mssha.dll
2009-05-10 16:36:38 —-N—- C:WINDOWSsystem32napstat.exe
2009-05-10 16:36:38 —-N—- C:WINDOWSsystem32napmontr.dll
2009-05-10 16:36:38 —-N—- C:WINDOWSsystem32napipsec.dll
2009-05-10 16:36:38 —-N—- C:WINDOWSsystem32mtxparhd.dll
2009-05-10 16:36:37 —-N—- C:WINDOWSsystem32nv4_disp.dll
2009-05-10 16:36:36 —-N—- C:WINDOWSsystem32onex.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32s3gnb.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32rhttpaa.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32rasqec.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32qutil.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32qcliprov.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32qagentrt.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32qagent.dll
2009-05-10 16:36:33 —-N—- C:WINDOWSsystem32slextspk.dll
2009-05-10 16:36:33 —-N—- C:WINDOWSsystem32slcoinst.dll
2009-05-10 16:36:33 —-N—- C:WINDOWSsystem32setupn.exe
2009-05-10 16:36:32 —-N—- C:WINDOWSsystem32slserv.exe
2009-05-10 16:36:32 —-N—- C:WINDOWSsystem32slrundll.exe
2009-05-10 16:36:32 —-N—- C:WINDOWSsystem32slgen.dll
2009-05-10 16:36:29 —-N—- C:WINDOWSsystem32tspkg.dll
2009-05-10 16:36:29 —-N—- C:WINDOWSsystem32tsgqec.dll
2009-05-10 16:36:26 —-N—- C:WINDOWSsystem32wlanapi.dll
2009-05-10 16:36:24 —-N—- C:WINDOWSslrundll.exe
2009-05-10 16:36:20 —-D—- C:WINDOWSl2schemas
2009-05-10 16:36:19 —-D—- C:WINDOWSsystem32ru
2009-05-10 16:36:18 —-D—- C:WINDOWSsystem32bits
2009-05-10 16:24:41 —-D—- C:WINDOWSServicePackFiles
2009-05-10 16:19:52 —-A—- C:WINDOWS02840_.tmp
2009-05-10 16:15:49 —-HDC—- C:WINDOWS$NtServicePackUninstall$
2009-05-10 15:09:32 —-DC—- C:Documents and SettingsCore2DuoApplication DataGetRightToGo
2009-05-09 16:05:30 —-HDC—- C:WINDOWS$NtUninstallKB959426_0$
2009-05-09 16:05:13 —-HDC—- C:WINDOWS$NtUninstallKB961373_0$
2009-05-09 16:05:01 —-HDC—- C:WINDOWS$NtUninstallKB956803_0$
2009-05-09 16:04:50 —-HDC—- C:WINDOWS$NtUninstallKB960225_0$
2009-05-09 16:04:00 —-HDC—- C:WINDOWS$NtUninstallKB956572_0$
2009-05-09 16:03:39 —-HDC—- C:WINDOWS$NtUninstallKB925720$
2009-05-09 16:03:29 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-05-09 16:03:17 —-HDC—- C:WINDOWS$NtUninstallKB952004_0$
2009-05-09 16:02:49 —-HDC—- C:WINDOWS$NtUninstallKB957097_0$
2009-05-09 16:02:36 —-HDC—- C:WINDOWS$NtUninstallKB958687_0$
2009-05-09 16:02:23 —-HDC—- C:WINDOWS$NtUninstallKB967715_0$
2009-05-09 16:02:08 —-HDC—- C:WINDOWS$NtUninstallKB958690_0$
2009-05-09 16:01:57 —-HDC—- C:WINDOWS$NtUninstallKB959772_WM11$
2009-05-09 16:01:49 —-HDC—- C:WINDOWS$NtUninstallKB960803_0$
2009-05-09 16:01:32 —-HDC—- C:WINDOWS$NtUninstallKB954600_0$
2009-05-09 16:01:24 —-HDC—- C:WINDOWS$NtUninstallKB958644_0$
2009-05-09 16:01:12 —-HDC—- C:WINDOWS$NtUninstallKB955069_0$
2009-05-09 16:01:02 —-HDC—- C:WINDOWS$NtUninstallKB956802_0$
2009-05-09 15:35:35 —-HDC—- C:WINDOWS$NtUninstallKB923561_0$
2009-05-09 14:14:39 —-DC—- C:Documents and SettingsCore2DuoApplication DataMalwarebytes
2009-05-09 14:14:33 —-DC—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2009-05-09 14:03:42 —-D—- C:WINDOWSERDNT
2009-05-09 13:26:50 —-HD—- C:WINDOWSsystem32GroupPolicy
2009-05-09 11:09:50 —-N—- C:WINDOWSsystem32setup2.exe
2009-05-07 10:59:27 —-A—- C:WINDOWSATICIM.INI
2009-05-07 10:54:57 —-A—- C:WINDOWSsystem32atibtmon.exe
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32atioglxx.dll
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32atimpc32.dll
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32aticalrt.dll
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32aticaldd.dll
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32aticalcl.dll
2009-05-07 10:54:54 —-A—- C:WINDOWSsystem32atiadlxx.dll
2009-05-07 10:54:54 —-A—- C:WINDOWSsystem32amdpcom32.dll
2009-05-07 10:18:24 —-DC—- C:Documents and SettingsCore2DuoApplication DataWinRAR
2009-05-06 23:26:20 —-D—- C:Program FilesPunto Switcher
2009-05-03 11:58:22 —-DC—- C:Documents and SettingsAll UsersApplication DataPRMT
2009-05-02 18:31:35 —-A—- C:WINDOWSpdf2word.INI
2009-04-30 17:52:34 —-DC—- C:Documents and SettingsCore2DuoApplication DataPRMT
2009-04-30 14:50:59 —-D—- C:WINDOWSspeech
2009-04-30 14:47:16 —-D—- C:WINDOWSLhsp
2009-04-30 14:43:11 —-D—- C:Program FilesGSC World Publishing
2009-04-27 22:33:34 —-A—- C:WINDOWSsystem3229576zi9us12.dll
2009-04-26 19:05:49 —-D—- C:Program FilesYandex
2009-04-26 19:05:43 —-HD—- C:WINDOWSmsdownld.tmp
2009-04-26 19:02:29 —-HDC—- C:WINDOWSie8
2009-04-25 09:28:58 —-A—- C:WINDOWSwsparser.ini
2009-04-17 11:26:50 —-DC—- C:Documents and SettingsCore2DuoApplication DataНовый Диск======List of files/folders modified in the last 1 months======
2009-05-12 21:01:47 —-D—- C:WINDOWSTemp
2009-05-12 20:59:10 —-A—- C:WINDOWSSchedLgU.Txt
2009-05-12 20:58:14 —-D—- C:WINDOWSsystem32
2009-05-12 20:58:13 —-D—- C:WINDOWS
2009-05-12 20:27:25 —-SHD—- C:WINDOWSInstaller
2009-05-12 20:27:25 —-HDC—- C:Config.Msi
2009-05-12 20:21:38 —-D—- C:WINDOWSsystem32CatRoot2
2009-05-12 20:01:40 —-D—- C:WINDOWSsystem32config
2009-05-12 16:19:33 —-D—- C:Program FilesPokerStars.NET
2009-05-12 13:50:22 —-D—- C:WINDOWSDebug
2009-05-11 23:59:38 —-D—- C:WINDOWSsystem32drivers
2009-05-11 16:05:26 —-HD—- C:WINDOWSinf
2009-05-11 13:42:48 —-AT—- C:WINDOWSsystem32DRWEBSP.DLL
2009-05-11 13:41:03 —-RD—- C:Program Files
2009-05-11 13:37:59 —-DC—- C:Documents and SettingsCore2DuoApplication DatauTorrent
2009-05-11 11:23:42 —-SHD—- C:System Volume Information
2009-05-11 11:23:42 —-D—- C:WINDOWSsystem32Restore
2009-05-11 11:23:14 —-D—- C:Program FilesCommon Files
2009-05-11 11:21:44 —-ADC—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-05-11 10:55:18 —-A—- C:WINDOWSsystem.ini
2009-05-11 10:54:51 —-D—- C:WINDOWSAppPatch
2009-05-11 01:39:39 —-RSHD—- C:WINDOWSsystem32dllcache
2009-05-11 01:39:34 —-HD—- C:WINDOWS$hf_mig$
2009-05-11 01:39:20 —-D—- C:WINDOWSWinSxS
2009-05-10 20:21:24 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-05-10 20:19:03 —-D—- C:WINDOWSsystem32Setup
2009-05-10 20:19:01 —-D—- C:WINDOWSsystem32wbem
2009-05-10 20:18:58 —-RSD—- C:WINDOWSFonts
2009-05-10 18:05:14 —-D—- C:WINDOWSsecurity
2009-05-10 17:20:41 —-D—- C:WINDOWSsystem32CatRoot
2009-05-10 16:44:28 —-D—- C:Program FilesMessenger
2009-05-10 16:38:11 —-D—- C:WINDOWSehome
2009-05-10 16:38:08 —-D—- C:WINDOWSsystem32inetsrv
2009-05-10 16:38:07 —-D—- C:WINDOWSnetwork diagnostic
2009-05-10 16:38:07 —-D—- C:WINDOWSHelp
2009-05-10 16:38:06 —-D—- C:WINDOWSime
2009-05-10 16:36:23 —-D—- C:WINDOWSsystem32usmt
2009-05-10 16:36:23 —-D—- C:WINDOWSsystem32ru-ru
2009-05-10 16:36:18 —-D—- C:WINDOWSPeerNet
2009-05-10 16:36:17 —-D—- C:Program FilesMovie Maker
2009-05-10 16:24:26 —-D—- C:WINDOWSsystem32npp
2009-05-10 16:24:24 —-D—- C:WINDOWSmsagent
2009-05-10 16:24:23 —-D—- C:WINDOWSsrchasst
2009-05-10 16:24:21 —-D—- C:Program FilesNetMeeting
2009-05-10 16:24:19 —-D—- C:WINDOWSsystem32Com
2009-05-10 16:24:15 —-D—- C:Program FilesWindows NT
2009-05-10 16:24:15 —-D—- C:Program FilesWindows Media Player
2009-05-10 16:24:15 —-D—- C:Program FilesOutlook Express
2009-05-10 16:23:59 —-D—- C:Program FilesCommon FilesSystem
2009-05-10 16:23:38 —-D—- C:WINDOWSsystem32oobe
2009-05-10 16:23:35 —-D—- C:WINDOWSsystem
2009-05-10 16:19:43 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-05-08 01:16:08 —-AC—- C:WINDOWShpfccopy.INI
2009-05-07 11:29:39 —-RSD—- C:WINDOWSassembly
2009-05-07 11:29:02 —-D—- C:WINDOWSsystem32DirectX
2009-05-07 11:03:51 —-D—- C:Program FilesWinRAR
2009-05-07 11:01:46 —-D—- C:Program FilesATI Technologies
2009-05-07 11:00:30 —-HD—- C:Program FilesInstallShield Installation Information
2009-05-07 09:56:22 —-SD—- C:WINDOWSTasks
2009-05-06 23:26:20 —-DC—- C:Documents and SettingsCore2DuoApplication DataYandex
2009-05-03 10:34:16 —-D—- C:WINDOWSMinidump
2009-04-30 19:12:17 —-DC—- C:Documents and SettingsCore2DuoApplication DataICQ
2009-04-30 18:09:36 —-D—- C:WINDOWSMicrosoft.NET
2009-04-30 14:46:01 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-04-28 20:08:26 —-DC—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-04-28 20:08:08 —-D—- C:Program FilesCommon FilesAdobe
2009-04-26 19:21:25 —-D—- C:WINDOWSMedia
2009-04-26 19:21:24 —-D—- C:Program FilesInternet Explorer
2009-04-22 01:17:11 —-D—- C:WINDOWSsystem32Adobe
2009-04-21 12:59:26 —-DC—- C:Documents and SettingsCore2DuoApplication Datadvdcss
2009-04-20 22:54:36 —-SDC—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-04-19 13:51:36 —-SD—- C:WINDOWSDownloaded Program Files
2009-04-17 11:25:35 —-D—- C:Program FilesCommon FilesInstallShield======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2009-02-06 26944]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2009-02-06 114768]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2009-02-06 51376]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-14 40704]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-21 12032]
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2009-02-06 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2009-02-06 94032]
R2 spider;SpIDer Guard File System Monitor; ??C:PROGRA~1DRWEBA~1spider.sys []
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2009-02-06 23152]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2009-03-17 3597312]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-13 144384]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2006-05-16 49664]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2006-05-16 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2006-05-16 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-12-21 4405248]
R3 LVUSBSta;Logitech USB Monitor Filter; C:WINDOWSsystem32driverslvusbsta.sys [2004-10-11 22016]
R3 PID_0928;Labtec WebCam(PID_0928); C:WINDOWSsystem32DRIVERSLV561AV.SYS [2004-10-11 211712]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtnicxp.sys [2006-08-31 81280]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-14 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-14 59520]
R3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
R3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
R3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
S3 atikmdag;atikmdag; C:WINDOWSsystem32DRIVERSatikmdag.sys [2007-05-18 2608640]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-14 17024]
S3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2009-04-13 223128]
S3 FXDrv32;FXDrv32; ??E:FXDrv32.sys []
S3 MaxAntiSpyFilter;10.09.20089:50:31; ??D:Мои прогиDr.WebMaxAntiSpySSS.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; ??C:WINDOWSsystem32driversmbamswissarmy.sys []
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-14 15232]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; D:Мои прогиНовая папка (2)aswUpdSv.exe [2009-02-06 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2009-03-17 602112]
R2 avast! Antivirus;avast! Antivirus; D:Мои прогиНовая папка (2)ashServ.exe [2009-02-06 138680]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-05-10 152984]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DRWEBA~1spidernt.exe [2009-05-11 197896]
R3 avast! Mail Scanner;avast! Mail Scanner; D:Мои прогиНовая папка (2)ashMaiSv.exe [2009-02-06 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:Мои прогиНовая папка (2)ashWebSv.exe [2009-02-06 352920]
R3 drwagntd;Dr.Web(R) AV-Desk Agent; C:Program FilesDrWeb AV-Deskdrwagntd.exe [2009-05-11 1860912]
S2 drwupgrade;Dr.Web(R) AV-Desk Upgrade Service; C:Program FilesDrWeb AV-Desk1drwupgrade.exe [2009-05-11 410928]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2007-10-11 864256]
S4 Ati External Event Utility;Ati External Event Utility; C:WINDOWSsystem32Ati2evxx.exe [2009-03-17 602112]
S4 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2009-03-17 593920]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:Program FilesBonjourmDNSResponder.exe [2006-02-28 229376]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2007-10-29 654848]
S4 ICQ Service;ICQ Service; C:Program FilesICQ6ToolbarICQ Service.exe [2008-06-10 222456]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2007-10-11 122880]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSsystem32HPZipm12.exe [2007-08-09 73728]
S4 WMPNetworkSvc;Servicio de uso compartido de red del Reproductor de Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-03 916480]
S4 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
EOF
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
ServiceDriver dwshd not found.
ServiceDriver dwshd not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\WiniBlueSoft not found.
Registry value HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun\setup2.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWindq36.sys\ not found.
Registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinok82.sys\ not found.
Registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinqh23.sys\ not found.
Registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinvb58.sys\ not found.
Registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinvx78.sys\ not found.
Registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWindq36.sys\ not found.
Registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinok82.sys\ not found.
Registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinqh23.sys\ not found.
Registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinvb58.sys\ not found.
Registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinvx78.sys\ not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{d2d18677-eb69-11dc-a2de-001558915b90}\ not found.
========== FILES ==========
File/Folder J:h.cmd not found.
File/Folder C:Program FilesWiniBlueSoft SoftwareWiniBlueSoft not found.
File/Folder C:WINDOWSsystem3279dst5az9230.dll not found.
File/Folder C:WINDOWS5539zro95e1.exe not found.
File/Folder C:WINDOWSsystem329454s5azse2575.exe not found.
File/Folder C:WINDOWSz5599pyware2093.exe not found.
File/Folder C:WINDOWSsystem325bf3bac5doo9z118.dll not found.
File/Folder C:WINDOWSsystem321560t9zj6a6.exe not found.
File/Folder C:WINDOWSz0107vi9u555.exe not found.
File/Folder C:WINDOWSsystem325010down9oa5erz59.exe not found.
File/Folder C:WINDOWSsystem329901zi5us9c6.exe not found.
File/Folder C:WINDOWSsystem32z539tr592a6.dll not found.
File/Folder C:WINDOWSsystem325fz9back9o5r2949.exe not found.
File/Folder C:WINDOWSsystem32154fbackdzo91659.dll not found.
File/Folder C:WINDOWSsystem3249499t5al965z.dll not found.
File/Folder C:WINDOWSsystem326483zp5rse659.dll not found.
File/Folder C:WINDOWSza5cbackd9o5575.exe not found.
File/Folder 2C:WINDOWS7f9cba5kdooz2609.exe not found.
File/Folder C:WINDOWSsystem323z178vir9s534.exe not found.
File/Folder C:WINDOWSsystem323182spars92815z.exe not found.
File/Folder C:WINDOWSsystem3212905viz9s4f7.exe not found.
File/Folder C:WINDOWS1z098virus205.exe not found.
File/Folder C:WINDOWSsystem325998tzoj1025.exe not found.
File/Folder C:WINDOWSsystem321ez8bac95oor2575.dll not found.
File/Folder C:WINDOWS95593hackzool50e.exe not found.
File/Folder C:WINDOWSsystem3212690woz512f.exe not found.
File/Folder C:WINDOWS485c5irz89.exe not found.
File/Folder C:WINDOWSsystem329c9bszeal5905.dll not found.
File/Folder C:WINDOWS8459nzt-9-virus639.dll not found.
File/Folder C:WINDOWS7efdzteal9345.exe not found.
File/Folder C:WINDOWSc969parsz32385.dll not found.
File/Folder C:WINDOWSsystem3255azspars92261.exe not found.
File/Folder C:WINDOWSsystem323785zpy393.exe not found.
File/Folder C:WINDOWS14bz5a9se2740.exe not found.
File/Folder C:WINDOWSsystem3247e9zdware556.dll not found.
File/Folder C:WINDOWSsystem323999not-z-5irus5ae.exe not found.
File/Folder C:WINDOWS26945hac5zool752.dll not found.
File/Folder C:WINDOWSsystem329125zvir5s192.exe not found.
File/Folder C:WINDOWSz154do5nload9r2633.dll not found.
File/Folder C:WINDOWSsystem327112doznl5ade9668.exe not found.
File/Folder C:WINDOWS278ct5i9fz046.dll not found.
File/Folder C:WINDOWSsystem324159s5y5z1.exe not found.
File/Folder C:WINDOWS966z3hacktool645.dll not found.
File/Folder C:WINDOWSsystem3218598tr9j5z2.exe not found.
LoadLibrary failed for C:WINDOWS569virz44.dll
C:WINDOWS569virz44.dll NOT unregistered.
C:WINDOWS569virz44.dll moved successfully.
C:WINDOWS291329acktooz54c.exe moved successfully.
C:WINDOWS148565zc9tool438.exe moved successfully.
LoadLibrary failed for C:WINDOWS25941troj47dz.dll
C:WINDOWS25941troj47dz.dll NOT unregistered.
C:WINDOWS25941troj47dz.dll moved successfully.
C:WINDOWSsystem329987tzoj25a.exe moved successfully.
LoadLibrary failed for C:WINDOWSsystem325373do95loaderz691.dll
C:WINDOWSsystem325373do95loaderz691.dll NOT unregistered.
C:WINDOWSsystem325373do95loaderz691.dll moved successfully.
C:WINDOWS21f9st9al83z5.exe moved successfully.
LoadLibrary failed for C:WINDOWS2ffathrea559z3.dll
C:WINDOWS2ffathrea559z3.dll NOT unregistered.
C:WINDOWS2ffathrea559z3.dll moved successfully.
C:WINDOWS25983hazkto9l578.exe moved successfully.
C:WINDOWSsystem3214z10t5o95cd.exe moved successfully.
LoadLibrary failed for C:WINDOWS45z09pambo5e.dll
C:WINDOWS45z09pambo5e.dll NOT unregistered.
C:WINDOWS45z09pambo5e.dll moved successfully.
C:WINDOWS2d0fsp9ware5110z.exe moved successfully.
C:WINDOWSzd55s9eal234.exe moved successfully.
LoadLibrary failed for C:WINDOWS516z3spamb9tf.dll
C:WINDOWS516z3spamb9tf.dll NOT unregistered.
C:WINDOWS516z3spamb9tf.dll moved successfully.
LoadLibrary failed for C:WINDOWSsystem322z145s5y569.dll
C:WINDOWSsystem322z145s5y569.dll NOT unregistered.
C:WINDOWSsystem322z145s5y569.dll moved successfully.
LoadLibrary failed for C:WINDOWS539esteal55z4.dll
C:WINDOWS539esteal55z4.dll NOT unregistered.
C:WINDOWS539esteal55z4.dll moved successfully.
C:WINDOWS36fb9hie5189z.exe moved successfully.
C:WINDOWSsystem322dz0addware9559.exe moved successfully.
LoadLibrary failed for C:WINDOWS6c7dspy5z9e1957.dll
C:WINDOWS6c7dspy5z9e1957.dll NOT unregistered.
C:WINDOWS6c7dspy5z9e1957.dll moved successfully.
LoadLibrary failed for C:WINDOWS69ddth5eat273z5.dll
C:WINDOWS69ddth5eat273z5.dll NOT unregistered.
C:WINDOWS69ddth5eat273z5.dll moved successfully.
C:WINDOWSsystem3294029s5y43z.exe moved successfully.
LoadLibrary failed for C:WINDOWS1b95t5ie987z.dll
C:WINDOWS1b95t5ie987z.dll NOT unregistered.
C:WINDOWS1b95t5ie987z.dll moved successfully.
C:WINDOWSsystem325c89adzwa5e2839.exe moved successfully.
LoadLibrary failed for C:WINDOWSsystem32962005acktoolz5e.dll
C:WINDOWSsystem32962005acktoolz5e.dll NOT unregistered.
C:WINDOWSsystem32962005acktoolz5e.dll moved successfully.
LoadLibrary failed for C:WINDOWS974fthreat5z805.dll
C:WINDOWS974fthreat5z805.dll NOT unregistered.
C:WINDOWS974fthreat5z805.dll moved successfully.
LoadLibrary failed for C:WINDOWS21581hazktool1f9.dll
C:WINDOWS21581hazktool1f9.dll NOT unregistered.
C:WINDOWS21581hazktool1f9.dll moved successfully.
LoadLibrary failed for C:WINDOWSsystem3231995spy73z.dll
C:WINDOWSsystem3231995spy73z.dll NOT unregistered.
C:WINDOWSsystem3231995spy73z.dll moved successfully.
LoadLibrary failed for C:WINDOWS5z8359orm683.dll
C:WINDOWS5z8359orm683.dll NOT unregistered.
C:WINDOWS5z8359orm683.dll moved successfully.
C:WINDOWSsystem3274cazown5oade936.exe moved successfully.
LoadLibrary failed for C:WINDOWS3ze5st9al26135.dll
C:WINDOWS3ze5st9al26135.dll NOT unregistered.
C:WINDOWS3ze5st9al26135.dll moved successfully.
LoadLibrary failed for C:WINDOWS26f3zddwar95620.dll
C:WINDOWS26f3zddwar95620.dll NOT unregistered.
C:WINDOWS26f3zddwar95620.dll moved successfully.
C:WINDOWSsystem324d6zdo9nlo5der1289.exe moved successfully.
C:WINDOWSsystem322395a5dwarz2221.exe moved successfully.
LoadLibrary failed for C:WINDOWS2bbcspyw5rez399.dll
C:WINDOWS2bbcspyw5rez399.dll NOT unregistered.
C:WINDOWS2bbcspyw5rez399.dll moved successfully.
C:WINDOWSsystem322f00s9yw5rez927.exe moved successfully.
LoadLibrary failed for C:WINDOWSsystem32684zha5ktoo9164.dll
C:WINDOWSsystem32684zha5ktoo9164.dll NOT unregistered.
C:WINDOWSsystem32684zha5ktoo9164.dll moved successfully.
LoadLibrary failed for C:WINDOWSsystem3214869ack5ozr2521.dll
C:WINDOWSsystem3214869ack5ozr2521.dll NOT unregistered.
C:WINDOWSsystem3214869ack5ozr2521.dll moved successfully.
C:WINDOWS43d8s59al260z.exe moved successfully.
LoadLibrary failed for C:WINDOWS495zste952252.dll
C:WINDOWS495zste952252.dll NOT unregistered.
C:WINDOWS495zste952252.dll moved successfully.
LoadLibrary failed for C:WINDOWSsystem329395backdoorz529.dll
C:WINDOWSsystem329395backdoorz529.dll NOT unregistered.
C:WINDOWSsystem329395backdoorz529.dll moved successfully.
C:WINDOWS11639not-a-v5rzs991.exe moved successfully.
C:WINDOWSsystem3259655zpy3b29.exe moved successfully.
C:WINDOWSsystem3230493noz-a-virus3945.exe moved successfully.
C:WINDOWSsystem324525tzi592896.exe moved successfully.
C:WINDOWS4894thiz95343.exe moved successfully.
LoadLibrary failed for C:WINDOWSsystem32451csparze20289.dll
C:WINDOWSsystem32451csparze20289.dll NOT unregistered.
C:WINDOWSsystem32451csparze20289.dll moved successfully.
C:WINDOWSsystem3235549hizf95.exe moved successfully.
C:WINDOWSsystem32zd57stea93511.exe moved successfully.
C:WINDOWSsystem322059spazse495.exe moved successfully.
LoadLibrary failed for C:WINDOWSsystem321bz9v5r2966.dll
C:WINDOWSsystem321bz9v5r2966.dll NOT unregistered.
C:WINDOWSsystem321bz9v5r2966.dll moved successfully.
C:WINDOWS97eezhief1058.exe moved successfully.
LoadLibrary failed for C:WINDOWS163cbzc5do9r975.dll
C:WINDOWS163cbzc5do9r975.dll NOT unregistered.
C:WINDOWS163cbzc5do9r975.dll moved successfully.
C:WINDOWS15d5thi9f153z.exe moved successfully.
LoadLibrary failed for C:WINDOWS6065threat1689z.dll
C:WINDOWS6065threat1689z.dll NOT unregistered.
C:WINDOWS6065threat1689z.dll moved successfully.
C:WINDOWS5293s5eaz1263.exe moved successfully.
LoadLibrary failed for C:WINDOWS346thrzat52993.dll
C:WINDOWS346thrzat52993.dll NOT unregistered.
C:WINDOWS346thrzat52993.dll moved successfully.
LoadLibrary failed for C:WINDOWS23583zorm2619.dll
C:WINDOWS23583zorm2619.dll NOT unregistered.
C:WINDOWS23583zorm2619.dll moved successfully.
C:WINDOWSsystem3275destealz199.exe moved successfully.
C:WINDOWS59399hacktool4bz.exe moved successfully.
LoadLibrary failed for C:WINDOWSsystem3277f2zi5595.dll
C:WINDOWSsystem3277f2zi5595.dll NOT unregistered.
C:WINDOWSsystem3277f2zi5595.dll moved successfully.
C:WINDOWSsystem3220939s9y4z5.exe moved successfully.
LoadLibrary failed for C:WINDOWS5z58addware1941.dll
C:WINDOWS5z58addware1941.dll NOT unregistered.
C:WINDOWS5z58addware1941.dll moved successfully.
LoadLibrary failed for C:WINDOWS5503not5a9zirus560.dll
C:WINDOWS5503not5a9zirus560.dll NOT unregistered.
C:WINDOWS5503not5a9zirus560.dll moved successfully.
C:WINDOWSsystem325a68ad59aze1610.exe moved successfully.
LoadLibrary failed for C:WINDOWSsystem32161985ot-a-virzs14b.dll
C:WINDOWSsystem32161985ot-a-virzs14b.dll NOT unregistered.
C:WINDOWSsystem32161985ot-a-virzs14b.dll moved successfully.
C:WINDOWS3551downlozd9r1615.exe moved successfully.
LoadLibrary failed for C:WINDOWS2f39zi56509.dll
C:WINDOWS2f39zi56509.dll NOT unregistered.
C:WINDOWS2f39zi56509.dll moved successfully.
C:WINDOWS228z9spa9bot55c.exe moved successfully.
LoadLibrary failed for C:WINDOWS11852viz9s585.dll
C:WINDOWS11852viz9s585.dll NOT unregistered.
C:WINDOWS11852viz9s585.dll moved successfully.
LoadLibrary failed for C:WINDOWSzad65teal3292.dll
C:WINDOWSzad65teal3292.dll NOT unregistered.
C:WINDOWSzad65teal3292.dll moved successfully.
C:WINDOWSz0f9ba95door1375.exe moved successfully.
C:WINDOWS689azddwar51777.exe moved successfully.
C:WINDOWS5e73vi959z1.exe moved successfully.
LoadLibrary failed for C:WINDOWS421esp5rsez976.dll
C:WINDOWS421esp5rsez976.dll NOT unregistered.
C:WINDOWS421esp5rsez976.dll moved successfully.
LoadLibrary failed for C:WINDOWS39fzs5arse2592.dll
C:WINDOWS39fzs5arse2592.dll NOT unregistered.
C:WINDOWS39fzs5arse2592.dll moved successfully.
LoadLibrary failed for C:WINDOWS13660zac9to5l6f7.dll
C:WINDOWS13660zac9to5l6f7.dll NOT unregistered.
C:WINDOWS13660zac9to5l6f7.dll moved successfully.
C:WINDOWS578619acktozl3c9.exe moved successfully.
LoadLibrary failed for C:WINDOWS4dbdspyw59z750.dll
C:WINDOWS4dbdspyw59z750.dll NOT unregistered.
C:WINDOWS4dbdspyw59z750.dll moved successfully.
C:WINDOWS298075zojdb.exe moved successfully.
LoadLibrary failed for C:WINDOWSsystem326299thie5176z.dll
C:WINDOWSsystem326299thie5176z.dll NOT unregistered.
C:WINDOWSsystem326299thie5176z.dll moved successfully.
LoadLibrary failed for C:WINDOWSsystem325f99thiez575.dll
C:WINDOWSsystem325f99thiez575.dll NOT unregistered.
C:WINDOWSsystem325f99thiez575.dll moved successfully.
C:WINDOWSsystem3219501not-a-v59us55z.exe moved successfully.
C:WINDOWS5cc69ddwzre1995.exe moved successfully.
LoadLibrary failed for C:WINDOWS4136add9zre5924.dll
C:WINDOWS4136add9zre5924.dll NOT unregistered.
C:WINDOWS4136add9zre5924.dll moved successfully.
LoadLibrary failed for C:WINDOWS3ba8spz5se19619.dll
C:WINDOWS3ba8spz5se19619.dll NOT unregistered.
C:WINDOWS3ba8spz5se19619.dll moved successfully.
C:WINDOWS25092nz9-a-virus405.exe moved successfully.
LoadLibrary failed for C:WINDOWS14975ddwarez0689.dll
C:WINDOWS14975ddwarez0689.dll NOT unregistered.
C:WINDOWS14975ddwarez0689.dll moved successfully.
C:WINDOWSsystem32234z2troj3259.exe moved successfully.
C:WINDOWSsystem321c59hiefz8835.exe moved successfully.
C:WINDOWS7092addwarz1459.exe moved successfully.
LoadLibrary failed for C:WINDOWS1472zspy95.dll
C:WINDOWS1472zspy95.dll NOT unregistered.
C:WINDOWS1472zspy95.dll moved successfully.
C:WINDOWSz6299worm5af.exe moved successfully.
C:WINDOWSsystem329658troj91z.exe moved successfully.
LoadLibrary failed for C:WINDOWSsystem3210z93no5-a-virus39e.dll
C:WINDOWSsystem3210z93no5-a-virus39e.dll NOT unregistered.
C:WINDOWSsystem3210z93no5-a-virus39e.dll moved successfully.
C:WINDOWS7548downzoade91038.exe moved successfully.
C:WINDOWSsystem32setup2.exe moved successfully.
LoadLibrary failed for C:WINDOWS32502not-a-zirus978.dll
C:WINDOWS32502not-a-zirus978.dll NOT unregistered.
C:WINDOWS32502not-a-zirus978.dll moved successfully.
C:WINDOWS3509stzal1079.exe moved successfully.
C:WINDOWSsystem323f95thrzat24375.exe moved successfully.
LoadLibrary failed for C:WINDOWSsystem3295z16spyed.dll
C:WINDOWSsystem3295z16spyed.dll NOT unregistered.
C:WINDOWSsystem3295z16spyed.dll moved successfully.
LoadLibrary failed for C:WINDOWSsystem3296z95no5-a-virus23b.dll
C:WINDOWSsystem3296z95no5-a-virus23b.dll NOT unregistered.
C:WINDOWSsystem3296z95no5-a-virus23b.dll moved successfully.
C:WINDOWS173dadzwa9e30445.exe moved successfully.
LoadLibrary failed for C:WINDOWSsystem3215493z5ru9358.dll
C:WINDOWSsystem3215493z5ru9358.dll NOT unregistered.
C:WINDOWSsystem3215493z5ru9358.dll moved successfully.
C:WINDOWSsystem327499bac5d9or178z.exe moved successfully.
C:WINDOWSsystem32596fviz19115.exe moved successfully.
File/Folder C:WINDOWSSystem32driversdwshd.sys not found.
========== COMMANDS ==========
File delete failed. C:DOCUME~1Core2DuoLOCALS~1Tempetilqs_QAcxh20p3hC18Qs scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Internet Explorer cache folder emptied.
File delete failed. C:Documents and SettingsCore2DuoLocal SettingsTemporary Internet FilesContent.IE5AMEAUFB0index[10].htm scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsCore2DuoLocal SettingsTemporary Internet FilesContent.IE57PLKIMQRid20107632[4].htm scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsCore2DuoLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsCore2DuoLocal SettingsTemporary Internet FilesAntiPhishing2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat scheduled to be deleted on reboot.
User’s Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:WINDOWStemp_avast4_unp38074891.tmp scheduled to be deleted on reboot.
File delete failed. C:WINDOWStemp_avast4_Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:WINDOWStempPerflib_Perfdata_1e4.dat scheduled to be deleted on reboot.
File delete failed. C:WINDOWStempPerflib_Perfdata_644.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Opera cache emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.11.0 log created on 05122009_205605
Files moved on Reboot…
File C:DOCUME~1Core2DuoLOCALS~1Tempetilqs_QAcxh20p3hC18Qs not found!
C:Documents and SettingsCore2DuoLocal SettingsTemporary Internet FilesContent.IE5AMEAUFB0index[10].htm moved successfully.
C:Documents and SettingsCore2DuoLocal SettingsTemporary Internet FilesContent.IE57PLKIMQRid20107632[4].htm moved successfully.
C:Documents and SettingsCore2DuoLocal SettingsTemporary Internet FilesAntiPhishing2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File C:WINDOWStemp_avast4_unp38074891.tmp not found!
File C:WINDOWStemp_avast4_Webshlock.txt not found!
File C:WINDOWStempPerflib_Perfdata_1e4.dat not found!
File C:WINDOWStempPerflib_Perfdata_644.dat not found!Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.comPlatform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.Backups directory opened successfully at C:Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!Completed script processing.
*******************
Finished! Terminate.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:06:46, on 10.05.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
D:Мои прогиНовая папка (2)aswUpdSv.exe
D:Мои прогиНовая папка (2)ashServ.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1DRWEBA~1spidernt.exe
C:WINDOWSsystem32svchost.exe
D:Мои прогиНовая папка (2)ashMaiSv.exe
D:Мои прогиНовая папка (2)ashWebSv.exe
C:Program FilesDrWeb AV-Deskdrwagntd.exe
D:1F25~1(2)~1ashDisp.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe
C:Program FilesMessengermsmsgs.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesPunto Switcherpunto.exe
C:WINDOWSsystem32setup2.exe
D:Мои прогиAbbyyTutor.exe
C:Program FilesATI TechnologiesATI.ACECore-Staticccc.exe
D:Мои прогиdownloadDownload Masterdmaster.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleChromeApplicationchrome.exe
D:RSIT.exe
C:Program Filestrend microCore2Duo.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yandex.ru/?clid=40316
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: Winamp Search Class — {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} — C:Program FilesWinamp Toolbarwinamptb.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL
R3 — URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} — — (no file)
R3 — URLSearchHook: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
R3 — URLSearchHook: SweetIM ToolbarURLSearchHook Class — {EEE6C35D-6118-11DC-9C72-001320C79847} — C:Program FilesSweetIMToolbarsInternet ExplorermgHelper.dll
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Winamp Toolbar Loader — {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} — C:Program FilesWinamp Toolbarwinamptb.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — D:1F25~1downloadDOWNLO~1dmiehlp.dll
O2 — BHO: SWEETIE — {EEE6C35C-6118-11DC-9C72-001320C79847} — C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL
O3 — Toolbar: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll (file missing)
O3 — Toolbar: Winamp Toolbar — {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} — C:Program FilesWinamp Toolbarwinamptb.dll
O3 — Toolbar: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — D:Мои прогиdownloadDownload Masterdmbar.dll
O3 — Toolbar: SweetIM Toolbar for Internet Explorer — {EEE6C35B-6118-11DC-9C72-001320C79847} — C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll
O4 — HKLM..Run: [avast!] D:1F25~1(2)~1ashDisp.exe
O4 — HKLM..Run: [StartCCC] «C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe» MSRun
O4 — HKLM..Run: [WiniBlueSoft] C:Program FilesWiniBlueSoft SoftwareWiniBlueSoftWiniBlueSoft.exe -min
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [Google Update] «C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» /c
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [setup2.exe] C:WINDOWSsystem32setup2.exe
O4 — HKCU..Run: [Tutor.exe] «D:Мои прогиAbbyyTutor.exe» /AS
O8 — Extra context menu item: &Winamp Search — C:Documents and SettingsAll UsersApplication DataWinamp ToolbarieToolbarresourcesen-USlocalsearch.html
O8 — Extra context menu item: &Перевести с помощью ABBYY Lingvo… — res://D:Мои прогиAbbyyLingvo.exe/3000
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — D:Мои прогиdownloadDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — D:Мои прогиdownloadDownload Masterdmie.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O8 — Extra context menu item: Поиск@Mail.Ru — res://C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL/SEARCH.HTM
O8 — Extra context menu item: Словари@Mail.Ru — res://C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL/TRANSLATE.HTM
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Мои прогиdownloadDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Мои прогиdownloadDownload Masterdmaster.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — D:аськаICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — D:аськаICQ6.5ICQ.exe
O9 — Extra button: PokerStars.net — {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} — C:Program FilesPokerStars.NETPokerStarsUpdate.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O17 — HKLMSystemCCSServicesTcpip..{3166CED4-F5D7-4F9F-82F7-D0020E97E372}: NameServer = 85.255.114.39 85.255.112.99
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — D:Мои прогиНовая папка (2)aswUpdSv.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: avast! Antivirus — ALWIL Software — D:Мои прогиНовая папка (2)ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — D:Мои прогиНовая папка (2)ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — D:Мои прогиНовая папка (2)ashWebSv.exe
O23 — Service: Dr.Web(R) AV-Desk Agent (drwagntd) — Doctor Web, Ltd. — C:Program FilesDrWeb AV-Deskdrwagntd.exe
O23 — Service: Dr.Web(R) AV-Desk Upgrade Service (drwupgrade) — Doctor Web, Ltd. — C:Program FilesDrWeb AV-Desk1drwupgrade.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: SpIDer Guard for Windows (SPIDERNT) — Doctor Web, Ltd. — C:PROGRA~1DRWEBA~1spidernt.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe
O24 — Desktop Component 0: (no name) — file:///C:/DOCUME~1/Core2Duo/LOCALS~1/Temp/msohtml1/01/clip_image002.gif—
End of file — 9556 bytes======Scheduled tasks folder======
C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-1343024091-1284227242-839522115-1003.job
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader — C:Program FilesWinamp Toolbarwinamptb.dll [2008-03-20 1267040][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL [2008-03-05 534016][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — D:1F25~1downloadDOWNLO~1dmiehlp.dll [2008-10-24 157696][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper — C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll [2008-10-08 1172792][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:PROGRA~1Mail.RuSputnikMAILRU~1.DLL [2008-03-05 534016]
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll []
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} — Winamp Toolbar — C:Program FilesWinamp Toolbarwinamptb.dll [2008-03-20 1267040]
{855F3B16-6D32-4fe6-8A56-BBB695989046} — ICQToolBar — C:Program FilesICQ6ToolbarICQToolBar.dll [2008-06-12 958712]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — D:Мои прогиdownloadDownload Masterdmbar.dll [2007-11-26 180224]
{EEE6C35B-6118-11DC-9C72-001320C79847} — SweetIM Toolbar for Internet Explorer — C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll [2008-10-08 1172792][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«avast!»=D:1F25~1(2)~1ashDisp.exe [2009-02-06 81000]
«StartCCC»=C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe [2009-03-17 61440]
«WiniBlueSoft»=C:Program FilesWiniBlueSoft SoftwareWiniBlueSoftWiniBlueSoft.exe -min [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2008-04-14 1695232]
«Google Update»=C:Documents and SettingsCore2DuoLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2008-09-03 133104]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-16 735016]
«setup2.exe»=C:WINDOWSsystem32setup2.exe [2009-05-09 1097216]
«Tutor.exe»=D:Мои прогиAbbyyTutor.exe [2007-04-05 992800][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2009-03-17 155648][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor — {e57ce738-33e8-4c51-8354-bb4de9d215d1} — C:WINDOWSsystem32upnpui.dll [2008-04-14 239616][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPSEXESVC]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWindq36.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinok82.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinqh23.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinvb58.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinvx78.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPSEXESVC]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWindq36.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinok82.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinqh23.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinvb58.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWinvx78.sys]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=67108863
«NoDriveTypeAutoRun»=323
«NoDrives»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=
«NoDriveTypeAutoRun»=
«NoDrives»=
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«D:Ea GamesNeed For Speed Undergroundspeed.exe»=»D:Ea GamesNeed For Speed Undergroundspeed.exe:*:Disabled:speed»
«D:GamesMedal of Honor — Pacific Assaultmohpa.exe»=»D:GamesMedal of Honor — Pacific Assaultmohpa.exe:*:Disabled:Medal of Honor Pacific Assault(tm)»
«C:Program FilesICQ6ICQ.exe»=»C:Program FilesICQ6ICQ.exe:*:Enabled:ICQ6»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«D:QIPqip.exe»=»D:QIPqip.exe:*:Enabled:Quiet Internet Pager»
«C:Program FilesuTorrent [tfile.ru]utorrent.exe»=»C:Program FilesuTorrent [tfile.ru]utorrent.exe:*:Enabled:µTorrent»
«D:cinemauTorrent [tfile.ru]utorrent.exe»=»D:cinemauTorrent [tfile.ru]utorrent.exe:*:Enabled:µTorrent»
«C:Program FilesWinamp RemotebinOrb.exe»=»C:Program FilesWinamp RemotebinOrb.exe:*:Enabled:Orb»
«C:Program FilesWinamp RemotebinOrbTray.exe»=»C:Program FilesWinamp RemotebinOrbTray.exe:*:Enabled:OrbTray»
«C:Program FilesWinamp RemotebinOrbStreamerClient.exe»=»C:Program FilesWinamp RemotebinOrbStreamerClient.exe:*:Enabled:Orb Stream Client»
«C:Program FilesQIPqip.exe»=»C:Program FilesQIPqip.exe:*:Enabled:Quiet Internet Pager»
«D:Gameshl.exe»=»D:Gameshl.exe:*:Disabled:Half-Life Launcher»
«D:setup.exe»=»D:setup.exe:*:Enabled:Программа установки Kaspersky Internet Security 7.0»
«D:uTorrent [tfile.ru]utorrent.exe»=»D:uTorrent [tfile.ru]utorrent.exe:*:Enabled:µTorrent»
«D:CorbinaStrongDCStrongDC.exe»=»D:CorbinaStrongDCStrongDC.exe:*:Enabled:StrongDC++»
«D:мОИ ПРОГРАММЫMOHAA-BFoxMOHAA.EXE»=»D:мОИ ПРОГРАММЫMOHAA-BFoxMOHAA.EXE:*:Enabled:Medal of Honor Allied Assault»
«D:Мои прогиMOHAA-BFoxMOHAA.EXE»=»D:Мои прогиMOHAA-BFoxMOHAA.EXE:*:Enabled:Medal of Honor Allied Assault»
«D:Мои прогиqipqip.exe»=»D:Мои прогиqipqip.exe:*:Enabled:Quiet Internet Pager»
«D:GamesGhost Recon Advanced Warfighter 2graw2.exe»=»D:GamesGhost Recon Advanced Warfighter 2graw2.exe:*:Disabled:Ghost Recon Advanced Warfighter® 2»
«D:Мои прогихабыCorbinaShadowDCCorbinaShadowDC.exe»=»D:Мои прогихабыCorbinaShadowDCCorbinaShadowDC.exe:*:Enabled:CorbinaShadowDC++»
«D:utorrent.exe»=»D:utorrent.exe:*:Enabled:µTorrent»
«D:аськаICQ6ICQ.exe»=»D:аськаICQ6ICQ.exe:*:Enabled:ICQ6»
«D:Мои прогиНовая папкаStrongDC.exe»=»D:Мои прогиНовая папкаStrongDC.exe:*:Enabled:StrongDC++»
«D:Мои прогиqipQIPqip.exe»=»D:Мои прогиqipQIPqip.exe:*:Enabled:Quiet Internet Pager»
«D:аськаICQ6.5ICQ.exe»=»D:аськаICQ6.5ICQ.exe:*:Enabled:ICQ6»
«D:Мои прогиTorrentuTorrent.exe»=»D:Мои прогиTorrentuTorrent.exe:*:Enabled:µTorrent»
«D:Мои прогиquakeTrackMania Nations ESWCTmNationsESWC.exe»=»D:Мои прогиquakeTrackMania Nations ESWCTmNationsESWC.exe:*:Enabled:TmNationsESWC»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{d2d18677-eb69-11dc-a2de-001558915b90}]
shellAutoRuncommand — J:h.cmd
shellexplorecommand — J:h.cmd
shellopencommand — J:h.cmd======List of files/folders created in the last 1 months======
2009-12-27 03:18:53 —-A—- C:WINDOWSsystem3279dst5az9230.dll
2009-12-25 03:16:55 —-A—- C:WINDOWS5539zro95e1.exe
2009-12-15 22:29:04 —-A—- C:WINDOWSsystem329454s5azse2575.exe
2009-12-15 16:40:32 —-A—- C:WINDOWSz5599pyware2093.exe
2009-12-14 03:37:28 —-A—- C:WINDOWSsystem325bf3bac5doo9z118.dll
2009-12-08 14:33:21 —-A—- C:WINDOWSsystem321560t9zj6a6.exe
2009-12-06 16:42:38 —-A—- C:WINDOWSz0107vi9u555.exe
2009-12-05 23:20:23 —-A—- C:WINDOWSsystem325010down9oa5erz59.exe
2009-12-03 04:41:16 —-A—- C:WINDOWSsystem329901zi5us9c6.exe
2009-12-02 23:34:27 —-A—- C:WINDOWSsystem32z539tr592a6.dll
2009-11-29 03:19:45 —-A—- C:WINDOWSsystem325fz9back9o5r2949.exe
2009-11-28 14:38:15 —-A—- C:WINDOWSsystem32154fbackdzo91659.dll
2009-11-24 22:10:53 —-A—- C:WINDOWSsystem3249499t5al965z.dll
2009-11-24 19:30:20 —-A—- C:WINDOWSsystem326483zp5rse659.dll
2009-11-22 16:16:42 —-A—- C:WINDOWSza5cbackd9o5575.exe
2009-11-21 12:40:08 —-A—- C:WINDOWS7f9cba5kdooz2609.exe
2009-11-19 23:57:28 —-A—- C:WINDOWSsystem323z178vir9s534.exe
2009-11-19 16:50:49 —-A—- C:WINDOWSsystem323182spars92815z.exe
2009-11-18 21:37:47 —-A—- C:WINDOWSsystem3212905viz9s4f7.exe
2009-11-17 19:01:08 —-A—- C:WINDOWS1z098virus205.exe
2009-11-09 15:13:45 —-A—- C:WINDOWSsystem325998tzoj1025.exe
2009-11-09 03:33:20 —-A—- C:WINDOWSsystem321ez8bac95oor2575.dll
2009-11-07 23:09:41 —-A—- C:WINDOWS95593hackzool50e.exe
2009-11-02 08:54:07 —-A—- C:WINDOWSsystem3212690woz512f.exe
2009-11-01 22:22:46 —-A—- C:WINDOWS485c5irz89.exe
2009-10-24 12:22:33 —-A—- C:WINDOWSsystem329c9bszeal5905.dll
2009-10-23 08:17:25 —-A—- C:WINDOWS8459nzt-9-virus639.dll
2009-10-18 05:57:47 —-A—- C:WINDOWS7efdzteal9345.exe
2009-10-17 19:02:10 —-A—- C:WINDOWSc969parsz32385.dll
2009-10-13 16:54:41 —-A—- C:WINDOWSsystem3255azspars92261.exe
2009-10-12 23:20:31 —-A—- C:WINDOWSsystem323785zpy393.exe
2009-10-12 16:14:57 —-A—- C:WINDOWS14bz5a9se2740.exe
2009-10-11 18:41:49 —-A—- C:WINDOWSsystem3247e9zdware556.dll
2009-10-10 22:14:00 —-A—- C:WINDOWSsystem323999not-z-5irus5ae.exe
2009-10-08 17:58:26 —-A—- C:WINDOWS26945hac5zool752.dll
2009-10-07 17:20:11 —-A—- C:WINDOWSsystem329125zvir5s192.exe
2009-10-03 19:48:21 —-A—- C:WINDOWSz154do5nload9r2633.dll
2009-10-03 08:25:18 —-A—- C:WINDOWSsystem327112doznl5ade9668.exe
2009-09-24 23:00:56 —-A—- C:WINDOWS278ct5i9fz046.dll
2009-09-24 04:38:46 —-A—- C:WINDOWSsystem324159s5y5z1.exe
2009-09-19 18:36:20 —-A—- C:WINDOWS966z3hacktool645.dll
2009-09-18 08:54:28 —-A—- C:WINDOWSsystem3218598tr9j5z2.exe
2009-09-16 01:45:25 —-A—- C:WINDOWS569virz44.dll
2009-09-15 21:46:39 —-A—- C:WINDOWS291329acktooz54c.exe
2009-09-11 17:50:26 —-A—- C:WINDOWS148565zc9tool438.exe
2009-08-27 19:09:49 —-A—- C:WINDOWS25941troj47dz.dll
2009-08-23 14:22:26 —-A—- C:WINDOWSsystem329987tzoj25a.exe
2009-08-18 19:31:53 —-A—- C:WINDOWSsystem325373do95loaderz691.dll
2009-08-17 14:44:34 —-A—- C:WINDOWS21f9st9al83z5.exe
2009-08-16 18:37:00 —-A—- C:WINDOWS2ffathrea559z3.dll
2009-08-16 16:35:34 —-A—- C:WINDOWS25983hazkto9l578.exe
2009-08-13 07:37:42 —-A—- C:WINDOWSsystem3214z10t5o95cd.exe
2009-08-12 01:00:28 —-A—- C:WINDOWS45z09pambo5e.dll
2009-08-10 13:21:17 —-A—- C:WINDOWS2d0fsp9ware5110z.exe
2009-08-10 08:04:57 —-A—- C:WINDOWSzd55s9eal234.exe
2009-08-10 06:01:28 —-A—- C:WINDOWS516z3spamb9tf.dll
2009-08-09 18:54:48 —-A—- C:WINDOWSsystem322z145s5y569.dll
2009-08-08 19:40:03 —-A—- C:WINDOWS539esteal55z4.dll
2009-08-06 04:23:32 —-A—- C:WINDOWS36fb9hie5189z.exe
2009-08-02 10:32:38 —-A—- C:WINDOWSsystem322dz0addware9559.exe
2009-08-02 05:31:00 —-A—- C:WINDOWS6c7dspy5z9e1957.dll
2009-08-01 07:19:01 —-A—- C:WINDOWS69ddth5eat273z5.dll
2009-08-01 07:00:45 —-A—- C:WINDOWSsystem3294029s5y43z.exe
2009-07-26 12:17:25 —-A—- C:WINDOWS1b95t5ie987z.dll
2009-07-26 03:14:07 —-A—- C:WINDOWSsystem325c89adzwa5e2839.exe
2009-07-20 09:09:34 —-A—- C:WINDOWSsystem32962005acktoolz5e.dll
2009-07-09 00:48:53 —-A—- C:WINDOWS974fthreat5z805.dll
2009-07-08 05:02:18 —-A—- C:WINDOWS21581hazktool1f9.dll
2009-07-03 06:42:54 —-A—- C:WINDOWSsystem3231995spy73z.dll
2009-07-02 21:33:56 —-A—- C:WINDOWS5z8359orm683.dll
2009-06-25 05:04:19 —-A—- C:WINDOWSsystem3274cazown5oade936.exe
2009-06-21 12:29:43 —-A—- C:WINDOWS3ze5st9al26135.dll
2009-06-21 05:50:41 —-A—- C:WINDOWS26f3zddwar95620.dll
2009-06-15 03:24:46 —-A—- C:WINDOWSsystem324d6zdo9nlo5der1289.exe
2009-06-10 23:15:42 —-A—- C:WINDOWSsystem322395a5dwarz2221.exe
2009-06-10 12:47:15 —-A—- C:WINDOWS2bbcspyw5rez399.dll
2009-06-10 03:00:54 —-A—- C:WINDOWSsystem322f00s9yw5rez927.exe
2009-06-09 12:23:04 —-A—- C:WINDOWSsystem32684zha5ktoo9164.dll
2009-06-08 14:51:31 —-A—- C:WINDOWSsystem3214869ack5ozr2521.dll
2009-05-29 03:52:53 —-A—- C:WINDOWS43d8s59al260z.exe
2009-05-26 12:23:05 —-A—- C:WINDOWS495zste952252.dll
2009-05-25 03:07:51 —-A—- C:WINDOWSsystem329395backdoorz529.dll
2009-05-24 00:07:26 —-A—- C:WINDOWS11639not-a-v5rzs991.exe
2009-05-23 17:26:33 —-A—- C:WINDOWSsystem3259655zpy3b29.exe
2009-05-21 19:37:55 —-A—- C:WINDOWSsystem3230493noz-a-virus3945.exe
2009-05-20 23:27:19 —-A—- C:WINDOWSsystem324525tzi592896.exe
2009-05-19 14:22:09 —-A—- C:WINDOWS4894thiz95343.exe
2009-05-17 19:08:56 —-A—- C:WINDOWSsystem32451csparze20289.dll
2009-05-10 20:31:32 —-D—- C:rsit
2009-05-10 20:31:32 —-D—- C:Program Filestrend micro
2009-05-10 20:19:51 —-D—- C:WINDOWSPrefetch
2009-05-10 20:19:49 —-A—- C:WINDOWSOEWABLog.txt
2009-05-10 17:18:10 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2009-05-10 17:16:13 —-HDC—- C:WINDOWS$NtUninstallKB961373$
2009-05-10 17:14:12 —-HDC—- C:WINDOWS$NtUninstallKB960803$
2009-05-10 17:12:23 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-05-10 17:11:04 —-HDC—- C:WINDOWS$NtUninstallKB959426$
2009-05-10 17:09:30 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-05-10 17:07:54 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-05-10 17:06:24 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-05-10 17:04:55 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-05-10 17:03:33 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-05-10 17:02:06 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-05-10 17:00:01 —-HDC—- C:WINDOWS$NtUninstallKB956572$
2009-05-10 16:57:55 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-05-10 16:56:57 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-05-10 16:55:43 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2009-05-10 16:54:11 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2009-05-10 16:52:52 —-HDC—- C:WINDOWS$NtUninstallKB952004$
2009-05-10 16:51:29 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-05-10 16:50:10 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2009-05-10 16:48:57 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2009-05-10 16:47:46 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2009-05-10 16:46:33 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-05-10 16:45:17 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2009-05-10 16:43:55 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2009-05-10 16:43:05 —-HDC—- C:WINDOWS$NtUninstallKB938464$
2009-05-10 16:41:47 —-HDC—- C:WINDOWS$NtUninstallKB923561$
2009-05-10 16:41:21 —-D—- C:WINDOWSLastGood.Tmp
2009-05-10 16:39:13 —-A—- C:WINDOWSsetuplog.txt
2009-05-10 16:38:09 —-N—- C:WINDOWSsystem32rwnh.dll
2009-05-10 16:38:09 —-N—- C:WINDOWSsystem32comsdupd.exe
2009-05-10 16:38:08 —-N—- C:WINDOWSsystem32smtpapi.dll
2009-05-10 16:36:54 —-N—- C:WINDOWSsystem32ati2dvaa.dll
2009-05-10 16:36:54 —-N—- C:WINDOWSsystem32aaclient.dll
2009-05-10 16:36:53 —-N—- C:WINDOWSsystem32azroles.dll
2009-05-10 16:36:53 —-N—- C:WINDOWSsystem32ativtmxx.dll
2009-05-10 16:36:53 —-N—- C:WINDOWSsystem32ati3d1ag.dll
2009-05-10 16:36:52 —-N—- C:WINDOWSsystem32bitsprx4.dll
2009-05-10 16:36:51 —-N—- C:WINDOWSsystem32credssp.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dot3dlg.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dot3cfg.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dot3api.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dimsroam.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dimsntfy.dll
2009-05-10 16:36:50 —-N—- C:WINDOWSsystem32dhcpqec.dll
2009-05-10 16:36:49 —-N—- C:WINDOWSsystem32dot3ui.dll
2009-05-10 16:36:49 —-N—- C:WINDOWSsystem32dot3svc.dll
2009-05-10 16:36:49 —-N—- C:WINDOWSsystem32dot3msm.dll
2009-05-10 16:36:49 —-N—- C:WINDOWSsystem32dot3gpclnt.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eapqec.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eappprxy.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eapphost.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eappgnui.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eappcfg.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eapp3hst.dll
2009-05-10 16:36:48 —-N—- C:WINDOWSsystem32eapolqec.dll
2009-05-10 16:36:47 —-N—- C:WINDOWSsystem32eapsvc.dll
2009-05-10 16:36:46 —-N—- C:WINDOWSsystem32ieencode.dll
2009-05-10 16:36:46 —-N—- C:WINDOWSsystem32hsfcisp2.dll
2009-05-10 16:36:43 —-N—- C:WINDOWSsystem32kbdpash.dll
2009-05-10 16:36:43 —-N—- C:WINDOWSsystem32kbdnepr.dll
2009-05-10 16:36:43 —-N—- C:WINDOWSsystem32kbdiultn.dll
2009-05-10 16:36:43 —-N—- C:WINDOWSsystem32kbdbhc.dll
2009-05-10 16:36:42 —-N—- C:WINDOWSsystem32l2gpstore.dll
2009-05-10 16:36:42 —-N—- C:WINDOWSsystem32kmsvc.dll
2009-05-10 16:36:41 —-N—- C:WINDOWSsystem32microsoft.managementconsole.dll
2009-05-10 16:36:41 —-N—- C:WINDOWSsystem32mdmxsdk.dll
2009-05-10 16:36:40 —-N—- C:WINDOWSsystem32mmcperf.exe
2009-05-10 16:36:40 —-N—- C:WINDOWSsystem32mmcfxcommon.dll
2009-05-10 16:36:40 —-N—- C:WINDOWSsystem32mmcex.dll
2009-05-10 16:36:39 —-N—- C:WINDOWSsystem32msshavmsg.dll
2009-05-10 16:36:39 —-N—- C:WINDOWSsystem32mssha.dll
2009-05-10 16:36:38 —-N—- C:WINDOWSsystem32napstat.exe
2009-05-10 16:36:38 —-N—- C:WINDOWSsystem32napmontr.dll
2009-05-10 16:36:38 —-N—- C:WINDOWSsystem32napipsec.dll
2009-05-10 16:36:38 —-N—- C:WINDOWSsystem32mtxparhd.dll
2009-05-10 16:36:37 —-N—- C:WINDOWSsystem32nv4_disp.dll
2009-05-10 16:36:36 —-N—- C:WINDOWSsystem32onex.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32s3gnb.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32rhttpaa.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32rasqec.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32qutil.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32qcliprov.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32qagentrt.dll
2009-05-10 16:36:34 —-N—- C:WINDOWSsystem32qagent.dll
2009-05-10 16:36:33 —-N—- C:WINDOWSsystem32slextspk.dll
2009-05-10 16:36:33 —-N—- C:WINDOWSsystem32slcoinst.dll
2009-05-10 16:36:33 —-N—- C:WINDOWSsystem32setupn.exe
2009-05-10 16:36:32 —-N—- C:WINDOWSsystem32slserv.exe
2009-05-10 16:36:32 —-N—- C:WINDOWSsystem32slrundll.exe
2009-05-10 16:36:32 —-N—- C:WINDOWSsystem32slgen.dll
2009-05-10 16:36:29 —-N—- C:WINDOWSsystem32tspkg.dll
2009-05-10 16:36:29 —-N—- C:WINDOWSsystem32tsgqec.dll
2009-05-10 16:36:26 —-N—- C:WINDOWSsystem32wlanapi.dll
2009-05-10 16:36:24 —-N—- C:WINDOWSslrundll.exe
2009-05-10 16:36:20 —-D—- C:WINDOWSl2schemas
2009-05-10 16:36:19 —-D—- C:WINDOWSsystem32ru
2009-05-10 16:36:18 —-D—- C:WINDOWSsystem32bits
2009-05-10 16:24:41 —-D—- C:WINDOWSServicePackFiles
2009-05-10 16:19:52 —-A—- C:WINDOWS02840_.tmp
2009-05-10 16:15:49 —-HDC—- C:WINDOWS$NtServicePackUninstall$
2009-05-10 15:09:32 —-DC—- C:Documents and SettingsCore2DuoApplication DataGetRightToGo
2009-05-09 16:05:30 —-HDC—- C:WINDOWS$NtUninstallKB959426_0$
2009-05-09 16:05:13 —-HDC—- C:WINDOWS$NtUninstallKB961373_0$
2009-05-09 16:05:01 —-HDC—- C:WINDOWS$NtUninstallKB956803_0$
2009-05-09 16:04:50 —-HDC—- C:WINDOWS$NtUninstallKB960225_0$
2009-05-09 16:04:00 —-HDC—- C:WINDOWS$NtUninstallKB956572_0$
2009-05-09 16:03:39 —-HDC—- C:WINDOWS$NtUninstallKB925720$
2009-05-09 16:03:29 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-05-09 16:03:17 —-HDC—- C:WINDOWS$NtUninstallKB952004_0$
2009-05-09 16:02:49 —-HDC—- C:WINDOWS$NtUninstallKB957097_0$
2009-05-09 16:02:36 —-HDC—- C:WINDOWS$NtUninstallKB958687_0$
2009-05-09 16:02:23 —-HDC—- C:WINDOWS$NtUninstallKB967715_0$
2009-05-09 16:02:08 —-HDC—- C:WINDOWS$NtUninstallKB958690_0$
2009-05-09 16:01:57 —-HDC—- C:WINDOWS$NtUninstallKB959772_WM11$
2009-05-09 16:01:49 —-HDC—- C:WINDOWS$NtUninstallKB960803_0$
2009-05-09 16:01:32 —-HDC—- C:WINDOWS$NtUninstallKB954600_0$
2009-05-09 16:01:24 —-HDC—- C:WINDOWS$NtUninstallKB958644_0$
2009-05-09 16:01:12 —-HDC—- C:WINDOWS$NtUninstallKB955069_0$
2009-05-09 16:01:02 —-HDC—- C:WINDOWS$NtUninstallKB956802_0$
2009-05-09 15:35:35 —-HDC—- C:WINDOWS$NtUninstallKB923561_0$
2009-05-09 14:14:39 —-DC—- C:Documents and SettingsCore2DuoApplication DataMalwarebytes
2009-05-09 14:14:33 —-DC—- C:Documents and SettingsAll UsersApplication DataMalwarebytes
2009-05-09 14:03:49 —-A—- C:WINDOWSzip.exe
2009-05-09 14:03:49 —-A—- C:WINDOWSvFind.exe
2009-05-09 14:03:49 —-A—- C:WINDOWSSWXCACLS.exe
2009-05-09 14:03:49 —-A—- C:WINDOWSSWSC.exe
2009-05-09 14:03:49 —-A—- C:WINDOWSSWREG.exe
2009-05-09 14:03:49 —-A—- C:WINDOWSsed.exe
2009-05-09 14:03:49 —-A—- C:WINDOWSNIRCMD.exe
2009-05-09 14:03:49 —-A—- C:WINDOWSgrep.exe
2009-05-09 14:03:42 —-D—- C:WINDOWSERDNT
2009-05-09 14:03:40 —-D—- C:ComboFix
2009-05-09 14:03:39 —-A—- C:WINDOWSsystem32CF2682.exe
2009-05-09 14:02:14 —-D—- C:Qoobox
2009-05-09 13:26:50 —-HD—- C:WINDOWSsystem32GroupPolicy
2009-05-09 11:10:01 —-A—- C:WINDOWSsystem3235549hizf95.exe
2009-05-09 11:10:00 —-A—- C:WINDOWSsystem32zd57stea93511.exe
2009-05-09 11:10:00 —-A—- C:WINDOWSsystem322059spazse495.exe
2009-05-09 11:10:00 —-A—- C:WINDOWSsystem321bz9v5r2966.dll
2009-05-09 11:10:00 —-A—- C:WINDOWS97eezhief1058.exe
2009-05-09 11:10:00 —-A—- C:WINDOWS163cbzc5do9r975.dll
2009-05-09 11:10:00 —-A—- C:WINDOWS15d5thi9f153z.exe
2009-05-09 11:09:59 —-A—- C:WINDOWS6065threat1689z.dll
2009-05-09 11:09:59 —-A—- C:WINDOWS5293s5eaz1263.exe
2009-05-09 11:09:59 —-A—- C:WINDOWS346thrzat52993.dll
2009-05-09 11:09:59 —-A—- C:WINDOWS23583zorm2619.dll
2009-05-09 11:09:58 —-A—- C:WINDOWSsystem3275destealz199.exe
2009-05-09 11:09:58 —-A—- C:WINDOWS59399hacktool4bz.exe
2009-05-09 11:09:57 —-A—- C:WINDOWSsystem3277f2zi5595.dll
2009-05-09 11:09:57 —-A—- C:WINDOWSsystem3220939s9y4z5.exe
2009-05-09 11:09:57 —-A—- C:WINDOWS5z58addware1941.dll
2009-05-09 11:09:57 —-A—- C:WINDOWS5503not5a9zirus560.dll
2009-05-09 11:09:56 —-A—- C:WINDOWSsystem325a68ad59aze1610.exe
2009-05-09 11:09:56 —-A—- C:WINDOWSsystem32161985ot-a-virzs14b.dll
2009-05-09 11:09:56 —-A—- C:WINDOWS3551downlozd9r1615.exe
2009-05-09 11:09:56 —-A—- C:WINDOWS2f39zi56509.dll
2009-05-09 11:09:56 —-A—- C:WINDOWS228z9spa9bot55c.exe
2009-05-09 11:09:56 —-A—- C:WINDOWS11852viz9s585.dll
2009-05-09 11:09:55 —-A—- C:WINDOWSzad65teal3292.dll
2009-05-09 11:09:55 —-A—- C:WINDOWSz0f9ba95door1375.exe
2009-05-09 11:09:55 —-A—- C:WINDOWS689azddwar51777.exe
2009-05-09 11:09:55 —-A—- C:WINDOWS5e73vi959z1.exe
2009-05-09 11:09:55 —-A—- C:WINDOWS421esp5rsez976.dll
2009-05-09 11:09:55 —-A—- C:WINDOWS39fzs5arse2592.dll
2009-05-09 11:09:55 —-A—- C:WINDOWS13660zac9to5l6f7.dll
2009-05-09 11:09:54 —-A—- C:WINDOWS578619acktozl3c9.exe
2009-05-09 11:09:54 —-A—- C:WINDOWS4dbdspyw59z750.dll
2009-05-09 11:09:54 —-A—- C:WINDOWS298075zojdb.exe
2009-05-09 11:09:53 —-A—- C:WINDOWSsystem326299thie5176z.dll
2009-05-09 11:09:53 —-A—- C:WINDOWSsystem325f99thiez575.dll
2009-05-09 11:09:53 —-A—- C:WINDOWSsystem3219501not-a-v59us55z.exe
2009-05-09 11:09:53 —-A—- C:WINDOWS5cc69ddwzre1995.exe
2009-05-09 11:09:53 —-A—- C:WINDOWS4136add9zre5924.dll
2009-05-09 11:09:53 —-A—- C:WINDOWS3ba8spz5se19619.dll
2009-05-09 11:09:53 —-A—- C:WINDOWS25092nz9-a-virus405.exe
2009-05-09 11:09:53 —-A—- C:WINDOWS14975ddwarez0689.dll
2009-05-09 11:09:52 —-A—- C:WINDOWSsystem32234z2troj3259.exe
2009-05-09 11:09:52 —-A—- C:WINDOWSsystem321c59hiefz8835.exe
2009-05-09 11:09:52 —-A—- C:WINDOWS7092addwarz1459.exe
2009-05-09 11:09:52 —-A—- C:WINDOWS1472zspy95.dll
2009-05-09 11:09:51 —-A—- C:WINDOWSz6299worm5af.exe
2009-05-09 11:09:51 —-A—- C:WINDOWSsystem329658troj91z.exe
2009-05-09 11:09:51 —-A—- C:WINDOWSsystem3210z93no5-a-virus39e.dll
2009-05-09 11:09:51 —-A—- C:WINDOWS7548downzoade91038.exe
2009-05-09 11:09:50 —-A—- C:WINDOWSsystem32setup2.exe
2009-05-07 10:59:27 —-A—- C:WINDOWSATICIM.INI
2009-05-07 10:54:57 —-A—- C:WINDOWSsystem32atibtmon.exe
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32atioglxx.dll
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32atimpc32.dll
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32aticalrt.dll
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32aticaldd.dll
2009-05-07 10:54:55 —-A—- C:WINDOWSsystem32aticalcl.dll
2009-05-07 10:54:54 —-A—- C:WINDOWSsystem32atiadlxx.dll
2009-05-07 10:54:54 —-A—- C:WINDOWSsystem32amdpcom32.dll
2009-05-07 10:18:24 —-DC—- C:Documents and SettingsCore2DuoApplication DataWinRAR
2009-05-06 23:26:20 —-D—- C:Program FilesPunto Switcher
2009-05-05 08:49:28 —-A—- C:WINDOWS32502not-a-zirus978.dll
2009-05-03 16:31:07 —-A—- C:WINDOWS3509stzal1079.exe
2009-05-03 11:58:22 —-DC—- C:Documents and SettingsAll UsersApplication DataPRMT
2009-05-02 18:31:35 —-A—- C:WINDOWSpdf2word.INI
2009-05-02 14:29:28 —-A—- C:WINDOWSsystem323f95thrzat24375.exe
2009-05-01 18:47:25 —-A—- C:WINDOWSsystem3295z16spyed.dll
2009-04-30 17:52:34 —-DC—- C:Documents and SettingsCore2DuoApplication DataPRMT
2009-04-30 14:50:59 —-D—- C:WINDOWSspeech
2009-04-30 14:47:16 —-D—- C:WINDOWSLhsp
2009-04-30 14:43:11 —-D—- C:Program FilesGSC World Publishing
2009-04-27 22:33:34 —-A—- C:WINDOWSsystem3229576zi9us12.dll
2009-04-26 19:05:49 —-D—- C:Program FilesYandex
2009-04-26 19:05:43 —-HD—- C:WINDOWSmsdownld.tmp
2009-04-26 19:02:29 —-HDC—- C:WINDOWSie8
2009-04-25 09:28:58 —-A—- C:WINDOWSwsparser.ini
2009-04-22 09:03:22 —-A—- C:WINDOWSsystem3296z95no5-a-virus23b.dll
2009-04-20 19:27:58 —-A—- C:WINDOWS173dadzwa9e30445.exe
2009-04-19 19:26:49 —-A—- C:WINDOWSsystem3215493z5ru9358.dll
2009-04-17 11:26:50 —-DC—- C:Documents and SettingsCore2DuoApplication DataНовый Диск
2009-04-15 21:05:09 —-A—- C:WINDOWSsystem327499bac5d9or178z.exe
2009-04-12 03:43:08 —-A—- C:WINDOWSsystem32596fviz19115.exe======List of files/folders modified in the last 1 months======
2009-05-10 20:31:32 —-RD—- C:Program Files
2009-05-10 20:27:06 —-D—- C:WINDOWSTemp
2009-05-10 20:21:24 —-D—- C:WINDOWSsystem32
2009-05-10 20:21:24 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-05-10 20:20:21 —-D—- C:WINDOWSDebug
2009-05-10 20:20:21 —-D—- C:WINDOWS
2009-05-10 20:20:17 —-D—- C:Program FilesDrWeb AV-Desk
2009-05-10 20:20:08 —-D—- C:WINDOWSsystem32CatRoot2
2009-05-10 20:19:03 —-D—- C:WINDOWSsystem32Setup
2009-05-10 20:19:03 —-D—- C:WINDOWSAppPatch
2009-05-10 20:19:01 —-D—- C:WINDOWSsystem32wbem
2009-05-10 20:18:58 —-RSD—- C:WINDOWSFonts
2009-05-10 20:18:50 —-D—- C:Program FilesCommon Files
2009-05-10 20:18:49 —-D—- C:WINDOWSsystem32drivers
2009-05-10 18:05:14 —-D—- C:WINDOWSsecurity
2009-05-10 18:05:11 —-A—- C:WINDOWSSchedLgU.Txt
2009-05-10 17:19:40 —-HD—- C:WINDOWSinf
2009-05-10 17:19:01 —-D—- C:WINDOWSsystem32CatRoot
2009-05-10 17:19:00 —-RSHD—- C:WINDOWSsystem32dllcache
2009-05-10 16:44:28 —-D—- C:Program FilesMessenger
2009-05-10 16:38:40 —-D—- C:WINDOWSWinSxS
2009-05-10 16:38:11 —-D—- C:WINDOWSehome
2009-05-10 16:38:08 —-D—- C:WINDOWSsystem32inetsrv
2009-05-10 16:38:07 —-D—- C:WINDOWSnetwork diagnostic
2009-05-10 16:38:07 —-D—- C:WINDOWSHelp
2009-05-10 16:38:06 —-D—- C:WINDOWSime
2009-05-10 16:36:23 —-D—- C:WINDOWSsystem32usmt
2009-05-10 16:36:23 —-D—- C:WINDOWSsystem32ru-ru
2009-05-10 16:36:19 —-SHD—- C:WINDOWSInstaller
2009-05-10 16:36:18 —-D—- C:WINDOWSPeerNet
2009-05-10 16:36:17 —-D—- C:Program FilesMovie Maker
2009-05-10 16:25:06 —-ADC—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-05-10 16:24:26 —-D—- C:WINDOWSsystem32Restore
2009-05-10 16:24:26 —-D—- C:WINDOWSsystem32npp
2009-05-10 16:24:24 —-D—- C:WINDOWSmsagent
2009-05-10 16:24:23 —-D—- C:WINDOWSsrchasst
2009-05-10 16:24:21 —-D—- C:Program FilesNetMeeting
2009-05-10 16:24:19 —-D—- C:WINDOWSsystem32Com
2009-05-10 16:24:15 —-D—- C:Program FilesWindows NT
2009-05-10 16:24:15 —-D—- C:Program FilesWindows Media Player
2009-05-10 16:24:15 —-D—- C:Program FilesOutlook Express
2009-05-10 16:23:59 —-D—- C:Program FilesCommon FilesSystem
2009-05-10 16:23:38 —-D—- C:WINDOWSsystem32oobe
2009-05-10 16:23:35 —-D—- C:WINDOWSsystem
2009-05-10 16:19:43 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-05-09 16:05:29 —-HD—- C:WINDOWS$hf_mig$
2009-05-09 16:03:56 —-HDC—- C:Config.Msi
2009-05-09 14:06:08 —-D—- C:WINDOWSsystem32config
2009-05-09 11:48:49 —-D—- C:Program FilesPokerStars.NET
2009-05-08 01:16:08 —-AC—- C:WINDOWShpfccopy.INI
2009-05-07 11:29:39 —-RSD—- C:WINDOWSassembly
2009-05-07 11:29:02 —-D—- C:WINDOWSsystem32DirectX
2009-05-07 11:03:51 —-D—- C:Program FilesWinRAR
2009-05-07 11:01:46 —-D—- C:Program FilesATI Technologies
2009-05-07 11:00:30 —-HD—- C:Program FilesInstallShield Installation Information
2009-05-07 09:56:22 —-SD—- C:WINDOWSTasks
2009-05-06 23:26:20 —-DC—- C:Documents and SettingsCore2DuoApplication DataYandex
2009-05-03 10:34:16 —-D—- C:WINDOWSMinidump
2009-04-30 19:12:17 —-DC—- C:Documents and SettingsCore2DuoApplication DataICQ
2009-04-30 18:09:36 —-D—- C:WINDOWSMicrosoft.NET
2009-04-30 14:46:01 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-04-28 20:08:26 —-DC—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-04-28 20:08:08 —-D—- C:Program FilesCommon FilesAdobe
2009-04-26 19:21:25 —-D—- C:WINDOWSMedia
2009-04-26 19:21:24 —-D—- C:Program FilesInternet Explorer
2009-04-22 01:17:11 —-D—- C:WINDOWSsystem32Adobe
2009-04-21 12:59:26 —-DC—- C:Documents and SettingsCore2DuoApplication Datadvdcss
2009-04-20 22:54:36 —-SDC—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-04-19 13:51:36 —-SD—- C:WINDOWSDownloaded Program Files
2009-04-17 16:13:50 —-DC—- C:Documents and SettingsCore2DuoApplication DatauTorrent
2009-04-17 11:25:35 —-D—- C:Program FilesCommon FilesInstallShield======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2009-02-06 26944]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2009-02-06 114768]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2009-02-06 51376]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-14 40704]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-21 12032]
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2009-02-06 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2009-02-06 94032]
R2 spider;SpIDer Guard File System Monitor; ??C:PROGRA~1DRWEBA~1spider.sys []
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2009-02-06 23152]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2009-03-17 3597312]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-13 144384]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2006-05-16 49664]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2006-05-16 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2006-05-16 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-12-21 4405248]
R3 LVUSBSta;Logitech USB Monitor Filter; C:WINDOWSsystem32driverslvusbsta.sys [2004-10-11 22016]
R3 PID_0928;Labtec WebCam(PID_0928); C:WINDOWSsystem32DRIVERSLV561AV.SYS [2004-10-11 211712]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtnicxp.sys [2006-08-31 81280]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-14 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-14 59520]
R3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
R3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
S3 atikmdag;atikmdag; C:WINDOWSsystem32DRIVERSatikmdag.sys [2007-05-18 2608640]
S3 catchme;catchme; ??C:DOCUME~1Core2DuoLOCALS~1Tempcatchme.sys []
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-14 17024]
S3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2009-04-13 223128]
S3 FXDrv32;FXDrv32; ??E:FXDrv32.sys []
S3 MaxAntiSpyFilter;10.09.20089:50:31; ??D:Мои прогиDr.WebMaxAntiSpySSS.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; ??C:WINDOWSsystem32driversmbamswissarmy.sys []
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-14 15232]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-04-14 15104]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 dwshd;dwshd; C:WINDOWSSystem32driversdwshd.sys []
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; D:Мои прогиНовая папка (2)aswUpdSv.exe [2009-02-06 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2009-03-17 602112]
R2 avast! Antivirus;avast! Antivirus; D:Мои прогиНовая папка (2)ashServ.exe [2009-02-06 138680]
R2 SPIDERNT;SpIDer Guard for Windows; C:PROGRA~1DRWEBA~1spidernt.exe [2009-01-15 197896]
R3 avast! Mail Scanner;avast! Mail Scanner; D:Мои прогиНовая папка (2)ashMaiSv.exe [2009-02-06 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:Мои прогиНовая папка (2)ashWebSv.exe [2009-02-06 352920]
R3 drwagntd;Dr.Web(R) AV-Desk Agent; C:Program FilesDrWeb AV-Deskdrwagntd.exe [2009-01-15 1860912]
S2 drwupgrade;Dr.Web(R) AV-Desk Upgrade Service; C:Program FilesDrWeb AV-Desk1drwupgrade.exe [2009-01-15 410928]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2007-10-11 864256]
S4 Ati External Event Utility;Ati External Event Utility; C:WINDOWSsystem32Ati2evxx.exe [2009-03-17 602112]
S4 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2009-03-17 593920]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:Program FilesBonjourmDNSResponder.exe [2006-02-28 229376]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2007-10-29 654848]
S4 ICQ Service;ICQ Service; C:Program FilesICQ6ToolbarICQ Service.exe [2008-06-10 222456]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2007-10-11 122880]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSsystem32HPZipm12.exe [2007-08-09 73728]
S4 WMPNetworkSvc;Servicio de uso compartido de red del Reproductor de Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-03 916480]
S4 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
EOF
nfo.txt logfile of random’s system information tool 1.06 2009-05-10 20:31:52
======Uninstall list======
##CAMERADRIVERNAME##—>»C:Program FilesCommon FilesLogitechQCDRVBINSETUP.EXE» UNINSTALL REMOVEPROMPT
—>MsiExec /X{27DC856A-0916-4988-8198-8714DDD3183D}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ABBYY Lingvo 12 First Step Spanish Edition—>MsiExec.exe /I{A120000F-0005-0000-0000-074957833700}
ABBYY Lingvo 12 Multilingual Edition—>MsiExec.exe /I{A1200000-0004-0000-0000-074957833700}
ACE Mega CoDecS Pack—>»C:Program FilesACE Mega CoDecS Packunins000.exe»
Adobe Acrobat 5.0—>C:WINDOWSISUNINST.EXE -f»C:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.isu» -c»C:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.dll»
Adobe Anchor Service CS3—>MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3—>MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3—>MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting—>MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0—>MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps—>MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color — Photoshop Specific—>MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings—>MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings—>MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings—>MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings—>MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3—>MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3—>MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2—>MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Fonts All—>MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3—>MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3—>MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files—>MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3—>C:Program FilesCommon FilesAdobeInstallers719d6f144d0c086a0dfa7ff76bb9ac1Setup.exe
Adobe Photoshop CS3—>MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Reader 9.1 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A91000000001}
Adobe Setup—>MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Shockwave Player 11—>C:WINDOWSsystem32adobeSHOCKW~1UNWISE.EXE C:WINDOWSsystem32AdobeSHOCKW~1Install.log
Adobe Stock Photos CS3—>MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support—>MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3—>MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client—>MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin—>MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3—>MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AGEIA PhysX v7.05.17—>MsiExec.exe /X{27DC856A-0916-4988-8198-8714DDD3183D}
ATI — Software Uninstall Utility—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Catalyst Control Center—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}setup.exe» -l0x1000
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus—>D:Мои прогиНовая папка (2)aswRunDll.exe «D:Мои прогиНовая папка (2)Setupsetiface.dll»,RunSetup
Caricature Studio Green 3.6—>MsiExec.exe /I{AC5019DA-5DC2-44E6-808A-1A68F3CCA79D}
Catalyst Control Center — Branding—>MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)—>»D:Мои прогиУборщикCCleaneruninst.exe»
DiRT—>D:GamesDiRTunwise.exe
DiRT—>D:GamesDiRTUNWISE.EXE D:GamesDiRTINSTALL.LOG
DivX Pro Codec—>C:WINDOWSunvise32.exe C:Program FilesDivXDivX Pro Bundle.log
Download Master version 5.5.7.1145—>»D:Мои прогиdownloadDownload Masterunins000.exe»
Dr.Web (R)AV-Desk Agent—>»C:Program FilesDrWeb AV-Deskdrwinst.exe» -uninstall -interactive
Driver — Parallel Lines—>D:GamesDriverPLUNWISE.EXE D:GamesDriverPLINSTALL.LOG
Driver: Parallel Lines—>D:GamesDriverPLunwise.exe
eMusic — 50 Free MP3 offer—>»D:КлипыWinampeMusicUninst-eMusic-promotion.exe»
FIFA08—>C:Program FilesInstallShield Installation Information{F7399AF3-822B-4D80-92C8-D88B22A76A52}setup.exe -runfromtemp -l0x0419
FLV Player 2.0, build 24—>D:Мои прогиНовая папка (3)FLV Playeruninst.exe
Free Games Offer, Desktop Shortcut—>MsiExec.exe /X{31DABA20-10A1-4746-9D9F-57955B8DFF66}
GTA San Andreas—>D:GamesGTA_SA~1UNWISE.EXE D:GamesGTA_SA~1INSTALL.LOG
Halflife2 Episode 1—>D:GamesHL2EP1UNWISE.EXE D:GamesHL2EP1INSTALL.LOG
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)—>»C:WINDOWS$NtUninstallKB929399$spuninstspuninst.exe»
HP Customer Participation Program 7.0—>D:Digital ImagingExtCapUninstallhpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0—>D:Digital ImagingDocumentViewerhpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0—>D:Digital ImagingDeviceManagementhpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0 Software (rus)—>D:Digital Imaging{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}setuphpzscr01.exe -datfile hphscr12.dat -showdisconnect -forcereboot
HP Photosmart Premier Software 6.5—>D:Digital Imaginguninstallhpzscr01.exe -datfile hpqscr01.dat
HP Scanjet G3010 7.0—>D:Digital Imaging{F64D55C1-734C-4249-886E-4C41A9889A36}setuphpzscr01.exe -datfile hpgscr15.dat
HP Software Update—>MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0—>D:Digital ImagingeSupporthpzscr01.exe -datfile hpqbud05.dat
ICQ Toolbar—>C:Program FilesICQ6ToolbarICQUnToolbar.exe
ICQ6.5—>»C:Program FilesInstallShield Installation Information{60DE4033-9503-48D1-A483-7846BD217CA9}setup.exe» -runfromtemp -l0x0009 -removeonly
L&H TTS3000 Deutsch—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSGED.inf, Uninstall
L&H TTS3000 Espaсol—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSSPE.inf, Uninstall
L&H TTS3000 Franзais—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSFRF.inf, Uninstall
L&H TTS3000 Italiano—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSITI.inf, Uninstall
L&H TTS3000 Russian—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSRUR.inf, Uninstall
Labtec WebCam Software—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime90Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{C43048A9-742C-4DAD-90D2-E3B53C9DB825}setup.exe» -l0x9
Lernout & Hauspie TruVoice American English TTS Engine—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFtv_enua.inf, Uninstall
MAGIX mp3 maker 2004 diamond—>C:MAGIXmp3maker_2004_diamondunwise.exe
Mail.Ru Спутник 2.0—>C:Program FilesMail.RuSputnikSputnikInstaller.exe -uninstall
Microsoft .NET Framework 1.1 Hotfix (KB928366)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WINDOWSMicrosoft.NETFrameworkv1.1.4322UpdatesM928366M928366Uninstall.msp»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1—>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1—>MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5—>C:WINDOWSMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5setup.exe
Microsoft .NET Framework 3.5—>MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Compression Client Pack 1.0 for Windows XP—>»C:WINDOWS$NtUninstallMSCompPackV1$spuninstspuninst.exe»
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft Media Producer Runtime 1.0—>RunDll32 advpack.dll,LaunchINFSection C:Program FilesCommon FilesMicrosoft SharedMedia Producer RuntimeSetupRT.inf, UnInstall
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office XP (профессиональный выпуск)—>MsiExec.exe /I{91110419-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight—>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0—>»C:WINDOWS$NtUninstallWudf01000$spuninstspuninst.exe»
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual Studio 2005 Tools for Office Runtime—>MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)—>MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Need For Speed Hot Pursuit 2—>D:Мои прогиNSPEEDEAUninstall.exe
Need for Speed™ Carbon—>D:GamesNFSCAR~1UNWISE.EXE D:GamesNFSCAR~1INSTALL.LOG
Need for Speed™ Carbon—>D:GamesNFSCarbonunwise.exe
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OCR Software by I.R.I.S 7.0—>D:Digital ImagingOCRhpzscr01.exe -datfile hpqbud11.dat
OpenAL—>»C:Program FilesOpenALoalinst.exe» /U
PDF Settings—>MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PokerStars.net—>»C:Program FilesPokerStars.NETPokerStarsUninstall.exe» /u:PokerStars.net
PROMT Professional 8 Giant Try-Buy—>MsiExec.exe /I{04F4FE29-515E-4B5B-9CF9-2DAB1065FBE1}
Punto Switcher 3.0—>C:Program FilesPunto Switcheruninstall.exe
QIP 2005 8090—>»D:Мои прогиqipQIPunins000.exe»
Rambler-Ассистент—>»C:Program FilesRambler Assistantuninstall.exe»
REALTEK GbE & FE Ethernet PCI NIC Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}Setup.exe» -l0x19 -removeonly
Realtek High Definition Audio Driver—>RtlUpd.exe -r -m
Reproductor de Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
S.T.A.L.K.E.R. — Новая война—>D:GamesSTALKERUNWISE.EXE D:GamesSTALKERINSTALL.LOG
Shop for HP Supplies—>D:Digital ImagingHPSSupplyhpzscr01.exe -datfile hpqbud16.dat
Steam—>MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SweetIM for Messenger 2.6—>MsiExec.exe /X{04A6A912-A6DB-4EF2-99FF-6D6199BA3C8C}
SweetIM Toolbar for Internet Explorer 3.3—>MsiExec.exe /X{266C7330-C0F4-49E5-8F20-A56F9F822875}
VCRedistSetup—>MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VIA Platform Device Manager—>C:PROGRA~1COMMON~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VideoLAN VLC media player 0.8.6b—>C:Program FilesVideoLANVLCuninstall.exe
Winamp Remote—>»C:Program FilesWinamp Remoteuninstall.exe»
Winamp Toolbar for Firefox—>»C:Documents and SettingsCore2DuoApplication DataMozillaFirefoxProfiles9vf96daw.defaultextensions{0b38152b-1b20-484d-a11f-5e04a9b0661f}uninstall.exe»
Winamp Toolbar for Internet Explorer—>»C:Program FilesWinamp Toolbaruninstall.exe»
Winamp—>»D:КлипыWinampUninstWA.exe»
Windows Imaging Component—>»C:WINDOWS$NtUninstallWIC$spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»C:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
Windows XP Service Pack 3—>»C:WINDOWS$NtServicePackUninstall$spuninstspuninst.exe»
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
еда выполнения Visual Studio 2005 Tools for Office, второй выпуск—>C:Program FilesCommon FilesMicrosoft SharedVSTO8.0Microsoft Visual Studio 2005 Tools for Office Runtimeinstall.exe
Интернет помощник MyCentria—>C:Program FilesMyCentriaMyCentriaUninstall.exe
Исправление для Windows Internet Explorer 7 (KB947864)—>»C:WINDOWSie7updatesKB947864-IE7spuninstspuninst.exe»
Исправление для Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Исправление для проигрывателя Windows Media 11 — (KB939683)—>»C:WINDOWS$NtUninstallKB939683$spuninstspuninst.exe»
Критическое обновление для проигрывателя Windows Media 11 — (KB959772)—>»C:WINDOWS$NtUninstallKB959772_WM11$spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB938127)—>»C:WINDOWSie7updatesKB938127-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB942615)—>»C:WINDOWSie7updatesKB942615-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB944533)—>»C:WINDOWSie7updatesKB944533-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB953838)—>»C:WINDOWSie7updatesKB953838-IE7spuninstspuninst.exe»
Обновление безопасности для Windows XP — (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB923561)—>»C:WINDOWS$NtUninstallKB923561$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952004)—>»C:WINDOWS$NtUninstallKB952004$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956572)—>»C:WINDOWS$NtUninstallKB956572$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958690)—>»C:WINDOWS$NtUninstallKB958690$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB959426)—>»C:WINDOWS$NtUninstallKB959426$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960225)—>»C:WINDOWS$NtUninstallKB960225$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960803)—>»C:WINDOWS$NtUninstallKB960803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961373)—>»C:WINDOWS$NtUninstallKB961373$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 10 — (KB936782)—>»C:WINDOWS$NtUninstallKB936782_WMP10$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 11 — (KB936782)—>»C:WINDOWS$NtUninstallKB936782_WMP11$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 11 — (KB954154)—>»C:WINDOWS$NtUninstallKB954154_WM11$spuninstspuninst.exe»
Обновление для Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
Обновление для Windows XP (KB967715)—>»C:WINDOWS$NtUninstallKB967715$spuninstspuninst.exe»======Security center information======
AV: Doctor Web Anti-Virus
AV: avast! antivirus 4.8.1335 [VPS 090509-0]======System event log======
Computer Name: MASTERWI-A0F801
Event Code: 7036
Message: Служба «Служба COM записи компакт-дисков IMAPI» перешла в состояние Работает.Record Number: 8480
Source Name: Service Control Manager
Time Written: 20090426202704.000000+240
Event Type: информация
User:Computer Name: MASTERWI-A0F801
Event Code: 7035
Message: Служба «Служба COM записи компакт-дисков IMAPI» успешно отправила управляющий элемент «запустить».Record Number: 8479
Source Name: Service Control Manager
Time Written: 20090426202704.000000+240
Event Type: информация
User: NT AUTHORITYSYSTEMComputer Name: MASTERWI-A0F801
Event Code: 7035
Message: Служба «Диспетчер подключений удаленного доступа» успешно отправила управляющий элемент «запустить».Record Number: 8478
Source Name: Service Control Manager
Time Written: 20090426202704.000000+240
Event Type: информация
User: MASTERWI-A0F801Core2DuoComputer Name: MASTERWI-A0F801
Event Code: 7036
Message: Служба «Телефония» перешла в состояние Работает.Record Number: 8477
Source Name: Service Control Manager
Time Written: 20090426202704.000000+240
Event Type: информация
User:Computer Name: MASTERWI-A0F801
Event Code: 7036
Message: Служба «Совместимость быстрого переключения пользователей» перешла в состояние Работает.Record Number: 8476
Source Name: Service Control Manager
Time Written: 20090426202704.000000+240
Event Type: информация
User:=====Application event log=====
Computer Name: MASTERWI-A0F801
Event Code: 20
Message:
Record Number: 2034
Source Name: Google Update
Time Written: 20090302212532.000000+180
Event Type: ошибка
User: MASTERWI-A0F801Core2DuoComputer Name: MASTERWI-A0F801
Event Code: 13
Message: SpIDer Guard started OK.Record Number: 2033
Source Name: SPIDERNT
Time Written: 20090302210522.000000+180
Event Type: информация
User:Computer Name: MASTERWI-A0F801
Event Code: 0
Message:
Record Number: 2032
Source Name: ICQ Service
Time Written: 20090302210519.000000+180
Event Type: информация
User:Computer Name: MASTERWI-A0F801
Event Code: 1
Message:
Record Number: 2031
Source Name: Bonjour Service
Time Written: 20090302210518.000000+180
Event Type: информация
User:Computer Name: MASTERWI-A0F801
Event Code: 105
Message: The service was started.Record Number: 2030
Source Name: ATI Smart
Time Written: 20090302210517.000000+180
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%systemroot%system32;%systemroot%;%systemroot%system32wbem;C:Program FilesATI TechnologiesATI.ACECore-Static
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 13, GenuineIntel
«PROCESSOR_REVISION»=0f0d
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
