[EKo-rus]

LOG.TXT

Logfile of random’s system information tool 1.05 (written by random/random)
Run by Администратор at 2009-01-31 20:23:07
Microsoft Windows XP Professional Service Pack 3
System drive C: has 31 GB (41%) free of 76 GB
Total RAM: 511 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:23:19, on 31.01.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesESETESET Smart Securityegui.exe
C:Program FilesCommon FilesAcronisSchedule2schedul2.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesAcronisTrueImageHomeTimounterMonitor.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesAcronisTrueImageHomeTrueImageMonitor.exe
C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe
C:Program FilesESETESET Smart Securityekrn.exe
C:Program FilesVistaDriveIconVistaDrv.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe
C:Documents and SettingsАдминистраторРабочий столRSIT(3).exe
C:Program Filestrend microАдминистратор.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://forum.spark-media.ru/index.php?s=&showtopic=10450&view=findpost&p=123522
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O4 — HKLM..Run: [egui] «C:Program FilesESETESET Smart Securityegui.exe» /hide /waitservice
O4 — HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 — HKLM..Run: [AcronisTimounterMonitor] C:Program FilesAcronisTrueImageHomeTimounterMonitor.exe
O4 — HKLM..Run: [TrueImageMonitor.exe] C:Program FilesAcronisTrueImageHomeTrueImageMonitor.exe
O4 — HKLM..Run: [Acronis Scheduler2 Service] «C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe»
O4 — HKCU..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [Копия cftmon.exe] C:Program FilesToS TrialКопия cftmon.exe
O4 — HKCU..Run: [Lan_service] C:Documents and SettingsAll UsersApplication DataADMINsvchost.exe
O4 — HKCU..Run: [cftmon.exe] C:Program FilesToS Trialcftmon.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [IE7_011] regsvr32 /s /n /i:u shell32 (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [IE7_013] rebuild.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘Default user’)
O4 — Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~1Office10EXCEL.EXE/3000
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O23 — Service: Acronis Scheduler2 Service (AcrSch2Svc) — Acronis — C:Program FilesCommon FilesAcronisSchedule2schedul2.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) — Apple Computer, Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET Smart SecurityEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — C:Program FilesESETESET Smart Securityekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: StarWind iSCSI Service (StarWindService) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 7380 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2008-10-24 157696]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«egui»=C:Program FilesESETESET Smart Securityegui.exe [2008-03-13 1443072]
«Cmaudio»=RunDll32 cmicnfg.cpl []
«AcronisTimounterMonitor»=C:Program FilesAcronisTrueImageHomeTimounterMonitor.exe [2008-11-04 962136]
«TrueImageMonitor.exe»=C:Program FilesAcronisTrueImageHomeTrueImageMonitor.exe [2008-11-04 4382376]
«Acronis Scheduler2 Service»=C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe [2008-11-04 165144]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=C:Program FilesVistaDriveIconVistaDrv.exe [2008-01-02 132096]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-08-19 30208]
«Копия cftmon.exe»=C:Program FilesToS TrialКопия cftmon.exe []
«Lan_service»=C:Documents and SettingsAll UsersApplication DataADMINsvchost.exe []
«cftmon.exe»=C:Program FilesToS Trialcftmon.exe []

C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Microsoft Office.lnk — C:Program FilesMicrosoft OfficeOffice10OSA.EXE

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2006-05-03 61440]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalprocexp90.Sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkprocexp90.Sys]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=1
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«DisableStatusMessages»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoSMHelp»=1
«NoSMMyPictures»=1
«NoSMConfigurePrograms»=1
«StartMenuLogoff»=1
«ForceStartMenuLogoff»=0
«ForceClassicControlPanel»=1
«NoResolveTrack»=1
«NoResolveSearch»=1
«NoThumbnailCache»=1
«NoInstrumentation»=1
«NoStartMenuMFUprogramsList»=1
«NoUserNameInStartMenu»=1
«NoCommonGroups»=1
«GreyMSIAds»=1

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2E]
shellAutoRuncommand — E:autorun.exe

======List of files/folders created in the last 1 months======

2009-01-31 20:23:07 —-D—- C:rsit
2009-01-31 20:23:07 —-D—- C:Program Filestrend micro
2009-01-30 15:22:32 —-A—- C:Текстовый документ.txt
2009-01-26 20:16:03 —-D—- C:gtabttf2
2009-01-26 19:18:07 —-D—- C:GTA BTTF
2009-01-26 19:11:02 —-A—- C:WINDOWSsystem32tsccvid.dll
2009-01-26 19:11:01 —-D—- C:WINDOWSsystem32QuickTime
2009-01-26 19:10:53 —-D—- C:Documents and SettingsAll UsersApplication DataTechSmith
2009-01-26 19:10:39 —-D—- C:Program FilesCommon FilesTechSmith Shared
2009-01-26 19:10:37 —-D—- C:Program FilesTechSmith
2009-01-26 18:32:00 —-D—- C:Fraps2
2009-01-26 18:17:38 —-D—- C:Program FilesBattlejeep
2009-01-26 18:00:22 —-A—- C:WINDOWSzip.exe
2009-01-26 18:00:22 —-A—- C:WINDOWSVFIND.exe
2009-01-26 18:00:22 —-A—- C:WINDOWSSWREG.exe
2009-01-26 18:00:22 —-A—- C:WINDOWSsed.exe
2009-01-26 18:00:22 —-A—- C:WINDOWSNIRCMD.exe
2009-01-26 18:00:22 —-A—- C:WINDOWSgrep.exe
2009-01-26 18:00:22 —-A—- C:WINDOWSfdsv.exe
2009-01-26 18:00:21 —-A—- C:WINDOWSSWXCACLS.exe
2009-01-26 18:00:21 —-A—- C:WINDOWSSWSC.exe
2009-01-26 18:00:16 —-D—- C:WINDOWSERDNT
2009-01-26 18:00:16 —-D—- C:Qoobox
2009-01-26 18:00:09 —-D—- C:ComboFix
2009-01-25 19:35:34 —-D—- C:avz_upd
2009-01-25 19:33:46 —-D—- C:Program FilesUnlocker
2009-01-25 18:20:15 —-A—- C:WINDOWSsystem32svchost.exe
2009-01-25 15:29:41 —-A—- C:WINDOWSntbtlog.txt
2009-01-25 15:19:08 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-01-25 15:19:02 —-HD—- C:WINDOWS$hf_mig$
2009-01-25 15:11:46 —-D—- C:avz4
2009-01-25 14:46:27 —-D—- C:WINDOWSsystem32appmgmt
2009-01-24 23:10:54 —-D—- C:Car Models
2009-01-24 23:08:39 —-D—- C:KITT
2009-01-24 23:07:38 —-D—- C:Program FilesText
2009-01-24 23:07:38 —-D—- C:Program FilesModels
2009-01-24 23:07:37 —-D—- C:Program FilesData
2009-01-24 23:07:37 —-D—- C:Program FilesAudio
2009-01-24 23:03:18 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2009-01-24 23:03:16 —-D—- C:Fraps
2009-01-24 21:48:24 —-D—- C:Мои документы
2009-01-24 20:51:41 —-D—- C:Program FilesMoo Mapper 0.90 Rus
2009-01-24 18:57:37 —-D—- C:Program FilesMoo Mapper
2009-01-23 18:26:33 —-D—- C:Новая папка
2009-01-23 00:10:12 —-D—- C:GTA-Vice-City-Back-To-The-Future-Hill-Valley
2009-01-22 23:24:53 —-D—- C:Battlejeep
2009-01-22 20:36:20 —-D—- C:resb
2009-01-22 20:08:43 —-D—- C:QUQ
2009-01-22 20:06:57 —-D—- C:WINDOWSAoRE-UnPaCkTools
2009-01-22 20:06:57 —-D—- C:Program FilesAoRE-UnPaCkTools
2009-01-22 20:06:52 —-A—- C:WINDOWSAoRE-UnPaCkTools Setup Log.txt
2009-01-22 19:03:07 —-D—- C:Volf
2009-01-22 17:25:16 —-D—- C:unpack
2009-01-22 17:19:51 —-D—- C:Upack
2009-01-22 16:55:14 —-D—- C:ImpRec
2009-01-22 16:53:02 —-D—- C:lordpe
2009-01-22 16:00:42 —-D—- C:UPX
2009-01-22 14:42:36 —-A—- C:WINDOWSODBC.INI
2009-01-22 14:41:38 —-D—- C:Program FilesMicrosoft Visual Studio
2009-01-22 14:41:38 —-D—- C:Program FilesCommon FilesDesigner
2009-01-22 14:40:55 —-D—- C:WINDOWSMsagent
2009-01-22 14:40:52 —-D—- C:WINDOWSShellNew
2009-01-22 14:40:50 —-D—- C:Program FilesMicrosoft Office
2009-01-22 00:46:51 —-D—- C:Documents and SettingsАдминистраторApplication DataSPORE Creature Creator
2009-01-22 00:45:08 —-D—- C:Program FilesElectronic Arts
2009-01-21 23:21:32 —-A—- C:WINDOWSsystem32WintSys.dll
2009-01-21 23:21:24 —-D—- C:Documents and SettingsAll UsersApplication Datawinsys
2009-01-21 23:18:20 —-D—- C:Program FilesFree Keylogger
2009-01-21 20:13:16 —-A—- C:WINDOWSsystem32tumble.txt
2009-01-21 20:00:25 —-D—- C:Program FilesKGB Archiver
2009-01-21 18:22:07 —-D—- C:ol10xp
2009-01-21 18:20:18 —-A—- C:CmdBar.ini
2009-01-21 18:11:04 —-D—- C:Documents and SettingsАдминистраторApplication DataIdentities
2009-01-21 18:09:50 —-D—- C:AoRE_Unpacker_0.4
2009-01-21 18:09:37 —-D—- C:RLdePacker1.41
2009-01-21 18:09:28 —-D—- C:QuickUnpack_v2.1
2009-01-21 18:09:18 —-D—- C:VMUnpacker_v1.5
2009-01-21 18:06:49 —-D—- C:Набор распаковщиков 3
2009-01-21 16:44:18 —-D—- C:ArmadilloKiller_2.6
2009-01-21 16:25:33 —-D—- C:Program FilesTeleport Pro
2009-01-20 00:35:32 —-D—- C:Documents and SettingsAll UsersApplication DataFLEXnet
2009-01-20 00:32:54 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-01-20 00:32:09 —-D—- C:Program FilesBonjour
2009-01-20 00:24:23 —-D—- C:Program FilesAdobe
2009-01-20 00:23:39 —-D—- C:Program FilesCommon FilesMacrovision Shared
2009-01-20 00:22:00 —-D—- C:Program FilesCommon FilesAdobe
2009-01-19 22:07:39 —-D—- C:Documents and SettingsАдминистраторApplication DataCrayon Physics Deluxe
2009-01-19 22:07:15 —-D—- C:Program FilesCrayon Physics Deluxe
2009-01-19 21:49:55 —-D—- C:crayon
2009-01-19 21:19:16 —-D—- C:nod_upd
2009-01-19 21:19:16 —-D—- C:eset_upd
2009-01-19 20:24:27 —-D—- C:Program FilesWinHex
2009-01-19 20:23:56 —-D—- C:winhex
2009-01-19 20:23:36 —-D—- C:TRSHREG
2009-01-19 20:10:40 —-D—- C:Documents and SettingsAll UsersApplication DataAlawarWrapper
2009-01-19 20:10:12 —-D—- C:petools
2009-01-19 20:04:34 —-D—- C:Program FilesAlawar.ru
2009-01-19 20:03:51 —-D—- C:Игры
2009-01-19 19:21:27 —-D—- C:WINDOWSRegisteredPackages
2009-01-19 19:20:43 —-A—- C:WINDOWSsystem32psisdecd.dll
2009-01-19 19:20:41 —-A—- C:WINDOWSsystem32dxdllreg.exe
2009-01-19 19:20:38 —-D—- C:WINDOWSsystem32DirectX
2009-01-19 17:47:24 —-D—- C:Program FilesAvaLink DC++
2009-01-19 17:26:52 —-D—- C:Program FilesSMM
2009-01-19 16:19:28 —-A—- C:WINDOWSsystem32RestoratorContextMenu.dll
2009-01-19 16:19:20 —-D—- C:Program FilesRestorator 2007
2009-01-19 16:13:54 —-D—- C:Restorator 2007.3.70.1729.Rus
2009-01-19 16:05:16 —-A—- C:WINDOWSsystem32msvcr71.dll
2009-01-19 16:05:13 —-A—- C:WINDOWSmsvcr71.dll
2009-01-19 16:05:08 —-A—- C:Program Filesmsvcr71.dll
2009-01-19 16:04:36 —-A—- C:msvcr71.dll
2009-01-19 15:58:11 —-A—- C:Program Filesmsvcr70.dll
2009-01-19 15:58:01 —-A—- C:msvcr70.dll
2009-01-19 15:57:34 —-D—- C:заработок в интернете
2009-01-19 15:57:32 —-D—- C:Xilisoft_HD_Video_Converter_5.1.17.1114_Portable
2009-01-19 01:16:53 —-D—- C:Documents and SettingsАдминистраторApplication DataMedia Player Classic
2009-01-19 01:15:21 —-A—- C:WINDOWSsystem32unrar.dll
2009-01-19 01:15:12 —-D—- C:Program FilesK-Lite Codec Pack
2009-01-19 00:06:26 —-A—- C:PatchLanGrabber v1.0.EXE
2009-01-19 00:03:27 —-A—- C:SkyGrabber.exe
2009-01-18 23:50:30 —-A—- C:WINDOWSsystem32msvcr70.dll
2009-01-18 23:50:26 —-A—- C:WINDOWSmsvcr70.dll
2009-01-18 23:24:22 —-D—- C:OllyDBG
2009-01-18 23:23:53 —-D—- C:petit
2009-01-18 23:11:44 —-D—- C:PeId
2009-01-18 22:55:21 —-D—- C:ProgDVB
2009-01-18 22:52:20 —-D—- C:Program FilesMaCsKy 0.4
2009-01-18 22:47:55 —-D—- C:12
2009-01-18 22:44:45 —-A—- C:ProgDVB.ini
2009-01-18 22:42:21 —-D—- C:Program FilesSkyGrabber
2009-01-18 22:11:28 —-D—- C:Documents and SettingsАдминистраторApplication DataShareaza
2009-01-18 21:46:24 —-D—- C:Program FilesLanGrabber10
2009-01-18 21:45:12 —-D—- C:Program FilesTuner4PC
2009-01-18 16:52:39 —-A—- C:SPEED2.EXE
2009-01-18 16:28:12 —-N—- C:WINDOWSsystem32ati2sgag.exe
2009-01-18 14:56:22 —-D—- C:Games
2009-01-17 22:51:11 —-D—- C:Program FilespLan2
2009-01-17 22:40:24 —-D—- C:Program FilespLan
2009-01-17 22:23:45 —-D—- C:Program FilesOpenVPN
2009-01-17 22:14:08 —-D—- C:Program FilesDetectiveStory
2009-01-17 21:48:21 —-D—- C:Program FilesCommon FilesDirectX
2009-01-17 21:43:37 —-D—- C:Program FilesRivaTuner v2.11
2009-01-17 21:38:09 —-D—- C:Program FilesATI Technologies
2009-01-17 21:37:34 —-D—- C:ATI
2009-01-17 21:10:49 —-D—- C:Program FilesEA GAMES
2009-01-17 21:08:51 —-D—- C:Program FilesCommon FilesEasyInfo
2009-01-17 21:05:07 —-D—- C:Program FilesuTorrent
2009-01-17 20:57:43 —-D—- C:Program FilesAlcohol Soft
2009-01-17 20:55:20 —-D—- C:Alcohol_120_1.9.6.4629_Ret_www.maxhard.ru
2009-01-17 00:09:07 —-D—- C:Documents and SettingsАдминистраторApplication DatauTorrent
2009-01-17 00:01:11 —-D—- C:Documents and SettingsАдминистраторApplication DataTuneUp Software
2009-01-16 23:56:10 —-D—- C:PortableSoft
2009-01-16 23:50:35 —-D—- C:Темы
2009-01-16 23:08:24 —-D—- C:Program FilesMovie Maker
2009-01-16 22:55:31 —-D—- C:New Folder
2009-01-16 18:18:24 —-D—- C:EKo(copy please)
2009-01-16 18:08:00 —-D—- C:настя
2009-01-16 02:43:54 —-D—- C:WINLITE
2009-01-15 21:41:26 —-A—- C:WINDOWSsystem32AutoPartNt.exe
2009-01-15 21:37:27 —-D—- C:Documents and SettingsАдминистраторApplication DataAcronis
2009-01-15 21:28:04 —-D—- C:Documents and SettingsAll UsersApplication DataAcronis
2009-01-15 21:26:07 —-D—- C:Program FilesAcronis
2009-01-15 21:25:51 —-D—- C:Program FilesCommon FilesAcronis
2009-01-15 20:53:53 —-D—- C:TRueIm
2009-01-15 20:44:39 —-D—- C:WINDOWSpss
2009-01-15 19:04:32 —-D—- C:HD
2009-01-15 17:16:00 —-A—- C:WINDOWSsystem32setupnt.dll
2009-01-15 16:56:02 —-A—- C:WINDOWSwebica.ini
2009-01-15 16:50:53 —-D—- C:Documents and SettingsАдминистраторApplication DataICAClient
2009-01-15 16:44:23 —-D—- C:Program FilesIDAutomation.com Code 39 Font
2009-01-15 16:41:57 —-D—- C:WINDOWSDownloaded Installations
2009-01-15 16:40:53 —-D—- C:WINDOWSsystem32Resource
2009-01-15 16:40:45 —-D—- C:Program FilesCitrix
2009-01-14 22:47:06 —-D—- C:Downloads
2009-01-14 22:46:53 —-D—- C:Documents and SettingsАдминистраторApplication DataDownload Master
2009-01-14 22:46:30 —-D—- C:Program FilesDownload Master
2009-01-14 18:06:35 —-D—- C:FileZillaPortable
2009-01-14 16:30:20 —-HD—- C:Program FilesInstallShield Installation Information
2009-01-14 16:29:42 —-D—- C:Program FilesOntrack
2009-01-14 16:23:12 —-D—- C:Documents and SettingsАдминистраторApplication DataHelp

======List of files/folders modified in the last 1 months======

2009-01-31 20:23:19 —-D—- C:WINDOWS
2009-01-31 20:23:07 —-RD—- C:Program Files
2009-01-31 20:17:07 —-D—- C:Program FilesMinefield
2009-01-31 20:16:13 —-D—- C:WINDOWSsystem32
2009-01-26 19:10:58 —-SHD—- C:WINDOWSInstaller
2009-01-26 19:10:39 —-D—- C:Program FilesCommon Files
2009-01-25 23:21:17 —-ASH—- C:boot.ini
2009-01-25 23:21:17 —-A—- C:WINDOWSwin.ini
2009-01-25 23:21:17 —-A—- C:WINDOWSsystem.ini
2009-01-25 19:36:06 —-A—- C:NOD32view.ini
2009-01-25 19:35:56 —-D—- C:Temp
2009-01-25 18:26:42 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-25 17:45:20 —-D—- C:WINDOWSsystem32drivers
2009-01-25 15:19:10 —-D—- C:WINDOWSsystem32dllcache
2009-01-25 15:19:08 —-HD—- C:WINDOWSinf
2009-01-23 18:39:01 —-D—- C:Total Commander
2009-01-22 14:53:29 —-SD—- C:Documents and SettingsАдминистраторApplication DataMicrosoft
2009-01-22 14:42:39 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-01-22 14:41:47 —-D—- C:WINDOWSime
2009-01-22 14:41:45 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-01-22 14:41:23 —-D—- C:WINDOWSHelp
2009-01-22 14:41:10 —-D—- C:Program FilesCommon FilesSystem
2009-01-22 14:38:22 —-D—- C:WINDOWSsystem
2009-01-20 00:40:13 —-D—- C:Documents and SettingsАдминистраторApplication DataAdobe
2009-01-19 16:36:46 —-D—- C:Program FilesWinRAR
2009-01-17 22:25:41 —-D—- C:Program FilesWindows Media Connect 2
2009-01-17 21:52:09 —-D—- C:Program FilesC-Media 3D Audio
2009-01-17 21:37:50 —-D—- C:Program FilesCommon FilesInstallShield
2009-01-16 23:53:30 —-SHD—- C:RECYCLER
2009-01-16 23:26:39 —-RSD—- C:WINDOWSFonts
2009-01-16 23:20:35 —-RD—- C:WINDOWSWeb
2009-01-16 23:08:51 —-D—- C:Program FilesWindows Media Player
2009-01-16 02:51:42 —-D—- C:Documents and Settings
2009-01-14 19:05:24 —-A—- C:WINDOWSsystem32PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:WINDOWSsystem32DRIVERSeasdrv.sys [2008-03-13 29704]
R1 epfwtdi;epfwtdi; C:WINDOWSsystem32DRIVERSepfwtdi.sys [2008-03-13 54280]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 PQNTDrv;PQNTDrv; C:WINDOWSsystem32driversPQNTDrv.sys [2004-05-05 4228]
R2 eamon;EAMON; C:WINDOWSsystem32DRIVERSeamon.sys [2008-03-13 40456]
R2 epfw;epfw; C:WINDOWSsystem32DRIVERSepfw.sys [2008-03-13 71176]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2008-07-08 62848]
R2 tifsfilter;Acronis True Image FS Filter; C:WINDOWSsystem32DRIVERStifsfilt.sys [2009-01-15 44704]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2006-05-03 1540608]
R3 cmuda;C-Media WDM Audio Interface; C:WINDOWSsystem32driverscmuda.sys [2004-02-20 815296]
R3 Epfwndis;Eset Personal Firewall; C:WINDOWSsystem32DRIVERSEpfwndis.sys [2008-03-13 30728]
R3 ms_mpu401;Драйвер UART Microsoft MPU-401 MIDI; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-17 2944]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2008-04-13 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-15 20608]
S3 akjeyd6c;akjeyd6c; C:WINDOWSsystem32driversakjeyd6c.sys []
S3 nm;Драйвер сетевого монитора; C:WINDOWSsystem32DRIVERSNMnt.sys [2008-04-15 40320]
S3 PsSdk41;PsSdk41; ??C:WINDOWSsystem32Driverspssdk41.sys []
S3 RivaTuner32;RivaTuner32; ??C:Program FilesRivaTuner v2.11RivaTuner32.sys []
S3 rvtracer;rvtracer; C:WINDOWSsystem32driversrvtracer.sys []
S3 tap0801;TAP-Win32 Adapter V8; C:WINDOWSsystem32DRIVERStap0801.sys [2006-10-01 26624]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:Program FilesCommon FilesAcronisSchedule2schedul2.exe [2008-11-04 554264]
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2006-05-03 413696]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:Program FilesBonjourmDNSResponder.exe [2006-02-28 229376]
R2 ekrn;Eset Service; C:Program FilesESETESET Smart Securityekrn.exe [2008-03-13 472320]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe [2001-02-23 270336]
R2 StarWindService;StarWind iSCSI Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe [2005-04-02 217600]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2006-05-03 520192]
S3 EhttpSrv;Eset HTTP Server; C:Program FilesESETESET Smart SecurityEHttpSrv.exe [2008-03-13 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2009-01-20 654848]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]

---

EOF

---

INFO.TXT

info.txt logfile of random’s system information tool 1.05 2009-01-31 20:23:22

======Uninstall list======

.print Client Windows—>MsiExec.exe /X{FBB862E3-4F8F-4C7C-8D15-1A9FB16A3E41}
Acronis True Image Home—>MsiExec.exe /X{37C8899D-FD70-481F-94AA-1F1B08765E22}
Adobe Anchor Service CS3—>MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3—>MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3—>MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting—>MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0—>MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps—>MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color — Photoshop Specific—>MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings—>MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings—>MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings—>MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings—>MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Default Language CS3—>MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3—>MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2—>MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Fonts All—>MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3—>MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3—>MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files—>MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3—>C:Program FilesCommon FilesAdobeInstallersd5fe1f44895aadff2baacf24fe1402Setup.exe
Adobe Photoshop CS3—>MsiExec.exe /I{FD0399AC-A38B-4D4B-8164-D7B73AC24030}
Adobe Setup—>MsiExec.exe /I{30981FCD-4150-4AB4-BAC5-75C9E914347D}
Adobe Stock Photos CS3—>MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support—>MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3—>MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client—>MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin—>MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3—>MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AoRE-UnPaCkTools—>»C:WINDOWSAoRE-UnPaCkToolsuninstall.exe» «/U:C:Program FilesAoRE-UnPaCkToolsUninstalluninstall.xml»
ATI — Software Uninstall Utility—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AvaLink DC++ 1.55—>C:Program FilesAvaLink DC++Uninstall.exe
Battlejeep—>C:Program FilesBattlejeepuninstall.exe
Camtasia Studio 5—>MsiExec.exe /I{7BB40A22-8D98-43F9-A08A-E7EFF5AB1324}
C-Media 3D Audio—>C:WINDOWSCMIUnInstall.exe
Crayon Physics Deluxe — release 51—>»C:Program FilesCrayon Physics Deluxeunins000.exe»
Download Master version 5.5.7.1145—>»C:Program FilesDownload Masterunins000.exe»
EasyRecovery Professional—>C:PROGRA~1COMMON~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{268723B7-A994-4286-9F85-B974D5CAFC7B} /l1033
ESET Smart Security—>MsiExec.exe /I{C8D0BD52-A9A6-4AC0-8223-DB6CD7F1499C}
Fraps (remove only)—>»C:Fraps2uninstall.exe»
GTAVC Replays Manager 1.0—>»C:Мои документыGTA Vice City User FilesRepManRepManUninstall.exe»
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
IDAutomation.com Code 39 Font—>C:Program FilesIDAutomation.com Code 39 Fontuninstall.exe
KGB Archiver 1.2.1.24—>»C:Program FilesKGB Archiverunins000.exe»
K-Lite Codec Pack 4.5.3 (Standard)—>»C:Program FilesK-Lite Codec Packunins000.exe»
LanGrabber v1.0—>»C:Program FilesLanGrabber10unins000.exe»
MetaFrame Presentation Server Web Client for Win32—>C:WINDOWSsystem32ctxsetup.exe /uninst C:PROGRA~1Citrixicaweb32uninst.inf
Microsoft Office XP (профессиональный выпуск)—>MsiExec.exe /I{91110419-6000-11D3-8CFE-0050048383C9}
Minefield (3.2a1pre)—>C:Program FilesMinefielduninstallhelper.exe
Moo Mapper 0.90 Rus—>C:Program FilesMoo Mapper 0.90 Rusuninstall.exe
Moo Mapper Beta 0.72 — Uninstall—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUnInstall 132 C:WINDOWSINFmoomapperi.inf
MSXML 4.0 SP2 (KB941833)—>MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
NevoSoft Dead Planet (remove only)—>»C:ИгрыDead Planetuninstall.exe»
Norton PartitionMagic 8.0—>C:PROGRA~1COMMON~1INSTAL~1Driver9INTEL3~1IDriver.exe /M{21DBBDD6-93A5-4326-9A04-C9A5C9148502}
PDF Settings—>MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
pLan OpenVPN Edition—>C:PROGRA~1pLan2UNWISE.EXE C:PROGRA~1pLan2INSTALL.LOG
Restorator 2007—>»C:Program FilesRestorator 2007unins000.exe»
Simple Mail 7.1.365—>C:Program FilesSMMSimple Mail 7Uninstall.exe
SkyGrabber v2.8.6.4—>»C:Program FilesSkyGrabberunins000.exe»
Teleport Pro—>C:Program FilesTeleport ProUninstall.exe
Total Commander 7.03 PowerPack—>»C:Total Commanderuninstall.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
WinHex—>C:Program FilesWinHexWinHex.exe uninst
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Блоттергейст—>C:Program FilesAlawar.ruБлоттергейстUninstall.exe
Лаборатория существ SPORE™—>»C:Program FilesInstallShield Installation Information{8CC42289-E228-4A35-B8A9-015242283BB2}SCCSetup.exe» -runfromtemp -l0x0019 -removeonly
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Проигрыватель Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall

Securitycenter WMI appears to be broken

System event log

Computer Name: VISTA
Event Code: 6011
Message: NetBIOS-имя и имя DNS-узла этого компьютера были изменены с «MACHINENAME» на «VISTA».

Record Number: 5
Source Name: EventLog
Time Written: 20081230201501.000000+180
Event Type: информация
User:

Computer Name: MACHINENAME
Event Code: 2
Message: При проверке, что DeviceSerial0 является последовательным портом, обнаружена и будет использоваться прямая очередь.

Record Number: 4
Source Name: Serial
Time Written: 20081230230841.000000+180
Event Type: информация
User:

Computer Name: MACHINENAME
Event Code: 2
Message: При проверке, что DeviceSerial1 является последовательным портом, обнаружена и будет использоваться прямая очередь.

Record Number: 3
Source Name: Serial
Time Written: 20081230230841.000000+180
Event Type: информация
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Запущена служба журнала событий.

Record Number: 2
Source Name: EventLog
Time Written: 20081230230838.000000+180
Event Type: информация
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20081230230838.000000+180
Event Type: информация
User:

Application event log

Computer Name: VISTA
Event Code: 1000
Message: Счетчики производительности для службы WmiApRpl (WmiApRpl) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.

Record Number: 5
Source Name: LoadPerf
Time Written: 20081230201831.000000+180
Event Type: информация
User:

Computer Name: VISTA
Event Code: 1000
Message: Счетчики производительности для службы TermService (Службы терминалов) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.

Record Number: 4
Source Name: LoadPerf
Time Written: 20081230201824.000000+180
Event Type: информация
User:

Computer Name: VISTA
Event Code: 1000
Message: Счетчики производительности для службы RemoteAccess (Маршрутизация и удаленный доступ) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.

Record Number: 3
Source Name: LoadPerf
Time Written: 20081230201632.000000+180
Event Type: информация
User:

Computer Name: VISTA
Event Code: 1000
Message: Счетчики производительности для службы PSched (PSched) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.

Record Number: 2
Source Name: LoadPerf
Time Written: 20081230201548.000000+180
Event Type: информация
User:

Computer Name: VISTA
Event Code: 1000
Message: Счетчики производительности для службы RSVP (QoS RSVP) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.

Record Number: 1
Source Name: LoadPerf
Time Written: 20081230201517.000000+180
Event Type: информация
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 3 Stepping 4, GenuineIntel
«PROCESSOR_REVISION»=0304
«NUMBER_OF_PROCESSORS»=1
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

[EKo-rus]

@EKo-rus wrote:

Забыл сказать, в Диспетчере Задач найден неизвестный процесс mdm.exe

Спустя некоторое время файл пропал

[EKo-rus]

Забыл сказать, в Диспетчере Задач найден неизвестный процесс mdm.exe

[Автор]

Сообщения