Созданные ответы форума
-
Сообщения
-
ДА — он зависает. и соединение обрывается.Жму *сетевые подключения* — пишет что всё подключено. Но интернета нет.
Жму *исправить* появляется табличка -*исправление-подключение по локальной сети*
( завершается исправление подключения.можно
( повторить попытку подключения…….)
и тогда Интернет ПРОПАДАЕТ окончательно. и табличку не зарыть. приходится пере запускать компьютер.вы говорите нод не последняя инстанция — а что может попробовать КАСПЕРа установить ???
.спасибо.
Перезагрузил компьютер и ВСЁ СТАЛО по прежнему только теперь NOD молчит… и инет всё так же горит и виснет.
спасибо.пока работает нормально. Но я повторю — ВИРУС атакует не всегда. когда он есть а бывает его нет. поэтому точно сказать нельзя. ❗
ВОТ ЛОГ — HiJack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:23:07, on 21.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: NormalRunning processes:
D:WINDOWSSystem32smss.exe
D:WINDOWSSYSTEM32winlogon.exe
D:WINDOWSsystem32services.exe
D:WINDOWSsystem32lsass.exe
D:WINDOWSsystem32Ati2evxx.exe
D:WINDOWSsystem32svchost.exe
D:WINDOWSSystem32svchost.exe
D:WINDOWSsystem32spoolsv.exe
D:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
D:Program FilesESETESET NOD32 Antivirusekrn.exe
D:Program FilesJavajre6binjqs.exe
D:WINDOWSsystem32svchost.exe
D:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
D:WINDOWSsystem32wbemwmiapsrv.exe
D:Program FilesCommon FilesStardockSDMCP.exe
D:WINDOWSSYSTEM32Ati2evxx.exe
D:WINDOWSExplorer.EXE
D:Program FilesStardockObject DesktopIconXIconX.exe
D:Program FilesATI TechnologiesATI.ACEcli.exe
D:WINDOWSRTHDCPL.EXE
D:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe
D:Program FilesWinampWinampa.exe
D:Program FilesESETESET NOD32 Antivirusegui.exe
D:Program FilesJavajre6binjusched.exe
D:WINDOWSsystem32ctfmon.exe
D:Program FilesLavalysEVEREST Ultimate Editioneverest.bin
D:Program FilesATI TechnologiesATI.ACEcli.exe
D:Program FilesMozilla Firefoxfirefox.exe
D:WINDOWSnotepad.exe
D:WINDOWSsystem32NOTEPAD.EXE
C:интернетHiJackThisHijackThis.exeO2 — BHO: Java(tm) Plug-In SSV Helper — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — D:Program FilesJavajre6binssv.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — D:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — D:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O4 — HKLM..Run: [ATICCC] «D:Program FilesATI TechnologiesATI.ACEcli.exe» runtime -Delay
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [NeroFilterCheck] D:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [ISUSPM Startup] «D:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe» -startup
O4 — HKLM..Run: [ISUSScheduler] «D:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe» -start
O4 — HKLM..Run: [Transparent] D:Program FilesTweakNow Accelerator XPTransparent.exe 49
O4 — HKLM..Run: [WinampAgent] «D:Program FilesWinampWinampa.exe»
O4 — HKLM..Run: [egui] «D:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKLM..Run: [OutpostFeedBack] «D:Program FilesAgnitumOutpost Firewall Profeedback.exe» /dump:os_startup
O4 — HKLM..Run: [OutpostMonitor] D:Program FilesAgnitumOutpost Firewall Proop_mon.exe /tray /noservice
O4 — HKLM..Run: [SunJavaUpdateSched] «D:Program FilesJavajre6binjusched.exe»
O4 — HKCU..Run: [CTFMON.EXE] D:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [EVEREST AutoStart] D:Program FilesLavalysEVEREST Ultimate Editioneverest.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O9 — Extra button: Быстрая настройка Outpost Firewall Pro — {44627E97-789B-40d4-B5C2-58BD171129A1} — D:Program FilesAgnitumOutpost Firewall Proie_bar.dll
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — D:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — D:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — D:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — D:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — D:Program FilesMessengermsmsgs.exe
O16 — DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} —
O16 — DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) — http://www.eset.eu/buxus/docs/OnlineScanner.cab
O17 — HKLMSystemCCSServicesTcpip..{A7D7745F-29B7-44D0-A42B-55B9658D4A4C}: NameServer = 192.168.248.21
O20 — AppInit_DLLs: d:progra~1agnitumoutpos~1wl_hook.dll
O23 — Service: Adobe LM Service — Adobe Systems — D:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — D:WINDOWSsystem32Ati2evxx.exe
O23 — Service: Automatic LiveUpdate Scheduler — Symantec Corporation — D:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 — Service: Symantec Lic NetConnect service (CLTNetCnService) — Unknown owner — D:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file missing)
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — D:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — D:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — D:WINDOWSsystem32services.exe
O23 — Service: Fdmau0p — VSO Software — D:WINDOWSsystem32driversezplay.sys
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — D:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — D:WINDOWSsystem32imapi.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — D:Program FilesJavajre6binjqs.exe
O23 — Service: LiveUpdate — Symantec Corporation — D:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — D:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NBService — Nero AG — D:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: ODBC Administration Service (odbcasvc) — Unknown owner — D:WINDOWSSYSTEM32odbcasvc.EXE (file missing)
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — D:WINDOWSsystem32services.exe
O23 — Service: PsViatau (PTsup5) — Trident Software — D:Program FilesTrident SoftwarePragmaptsup5.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — D:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — D:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — D:WINDOWSsystem32smlogsvc.exe
O23 — Service: Ulead Burning Helper (UleadBurningHelper) — Ulead Systems, Inc. — D:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — D:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — D:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 7361 bytes
помогите. он меня ДОСТАЛ.вот EXTRA LOG
OTViewIt Extras logfile created on: 21.11.2008 11:14:57 — Run 8
OTViewIt by OldTimer — Version 1.0.20.0 Folder = C:интернет
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) — Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy511,11 Mb Total Physical Memory | 84,61 Mb Available Physical Memory | 16,55% Memory free
1,22 Gb Paging File | 0,80 Gb Available in Paging File | 65,72% Paging File free
Paging file location(s): D:pagefile.sys 768 1536;%SystemDrive% = D: | %SystemRoot% = D:WINDOWS | %ProgramFiles% = D:Program Files
Drive C: | 82,49 Gb Total Space | 8,45 Gb Free Space | 10,25% Space Free | Partition Type: NTFS
Drive D: | 29,30 Gb Total Space | 2,83 Gb Free Space | 9,67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 659,87 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 3,80 Gb Total Space | 0,98 Gb Free Space | 25,81% Space Free | Partition Type: FAT32Computer Name: 505F4963FCC942D
Current User Name: пппп
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 90 Days========== File Associations ==========
[HKEY_LOCAL_MACHINESOFTWAREClasses
]
.html [@ = FirefoxHTML] — D:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] — D:WINDOWSsystem32ieframe.dll (Microsoft Corporation)
.js [@ = JSFile] — Reg Error: Key does not exist or could not be opened. File not found========== Security Center Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
«FirstRunDisabled»=1
«AntiVirusDisableNotify»=0
«FirewallDisableNotify»=0
«UpdatesDisableNotify»=0
«AntiVirusOverride»=0
«FirewallOverride»=0
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]
«DisableMonitoring»=1
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringAhnlabAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaAntiVirus]
«DisableMonitoring»=1
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaFirewall]
«DisableMonitoring»=1
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSophosAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecAntiVirus]
«DisableMonitoring»=1
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecFirewall]
«DisableMonitoring»=1
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTinyFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendAntiVirus]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendFirewall]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringZoneLabsFirewall]HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile
«EnableFirewall»=1
«DoNotAllowExceptions»=1
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplications]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPorts]========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList]
[2008.04.14 19:11:08 | 00,141,824 | —- | M] (Корпорация Майкрософт) — %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008.04.13 21:53:32 | 00,558,080 | —- | M] (Microsoft Corporation) — %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]
[2008.04.14 19:11:08 | 00,141,824 | —- | M] (Корпорация Майкрософт) — %windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2006.08.22 09:52:40 | 00,147,456 | —- | M] (Nero AG) — D:Program FilesNeroNero 7Nero HomeNeroHome.exe:*:Enabled:Nero Home
[2003.05.11 08:52:06 | 00,864,313 | —- | M] () — C:ИГРЫQ3Ademoquake3.exe:*:Enabled:quake3
[2004.06.04 08:58:10 | 00,196,608 | —- | M] (InterVideo Inc.) — D:Program FilesInterVideoDVD6WinDVD.exe:*:Enabled:WinDVD
File not found — D:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour
File not found — C:Program FilesnfsHL2 — Return of the Resistance Chapter 1SteamAppsUserHalf-Life 2hl2.exe:*:Enabled:hl2
File not found — C:GAMESRThltv.exe:*:Enabled:hltv
File not found — D:GAMESSIERRAHalf-Lifehl.exe:*:Enabled:Half-Life Launcher
File not found — D:GAMESSIERRAHalf-Lifehlds.exe:*:Enabled:hlds
File not found — C:GAMESKOTTTemplar.exe:*:Enabled:Templar
File not found — C:GAMESHL2 — Return of the Resistance Chapter 1SteamAppsUserHalf-Life 2hl2.exe:*:Enabled:hl2
File not found — C:GAMESEF2EF2.exe:*:Enabled:Elite Force II
[2006.03.14 03:41:56 | 00,081,920 | —- | M] (Valve) — D:Program FilesCounter-Strike 1.6hl.exe:*:Enabled:Half-Life Launcher
File not found — D:Program FilesiView MediaPro3IVIEW_MP.exe:*:Enabled:iView Multimedia
[2008.11.11 02:19:57 | 00,270,128 | —- | M] (BitTorrent, Inc.) — D:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent
[2006.03.14 03:41:56 | 00,221,184 | —- | M] (Valve) — D:Program FilesCounter-Strike 1.6hltv.exe:*:Enabled:HLTV Launcher
File not found — C:ИГРЫKOTTTemplar.exe:*:Enabled:Templar
File not found — D:Program FilesValvehl.exe:*:Enabled:Half-Life Launcher
File not found — D:Program FilesValveукажите путь до hl.exehl.exe:*:Enabled:Half-Life Launcher
File not found — D:Program FilesCS16hl.exe:*:Enabled:Half-Life Launcher
File not found — C:ИГРЫHL2 — Return of the Resistance Chapter 1SteamAppsUserHalf-Life 2hl2.exe:*:Enabled:hl2
[2008.11.13 14:34:18 | 00,114,840 | —- | M] () — D:Program FilesVideoLANVLCvlc.exe:*:Enabled:VLC media player
File not found — D:Program FilesStrongDC++ InterZet EditionStrongDC.exe:*:Enabled:StrongDC++
[2008.04.13 21:53:32 | 00,558,080 | —- | M] (Microsoft Corporation) — %windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008.11.05 16:02:01 | 00,208,896 | —- | M] () — C:Program FilesUnreal Tournament 2004SystemUT2004.exe:*:Enabled:UT2004========== (O10) Winsock2 Catalogs ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWinSock2Parameters]
NameSpace_Catalog5Catalog_Entries�00000000001 [TCP/IP] — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
NameSpace_Catalog5Catalog_Entries�00000000003 [Пространство имен службы сетевого расположения (NLA)] — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries�00000000001 — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries�00000000002 — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries�00000000003 — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries�00000000004 — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries�00000000005 — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries�00000000006 — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries�00000000007 — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries�00000000008 — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries�00000000009 — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries�00000000010 — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)
Protocol_Catalog9Catalog_Entries�00000000011 — D:WINDOWSsystem32mswsock.dll (Корпорация Майкрософт)========== (O18) Protocol Handlers ==========
[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2008.04.14 19:10:41 | 01,431,552 | —- | M] (Корпорация Майкрософт) D:WINDOWSsystem32msvidctl.dll (dvd:{12D51199-0DB5-46FE-A120-47A3D7D937CC} (HKLM) [DVD: подключаемый протокол])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
ipp: [HKLM — No CLSID value][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler] — Protocol Handlers
[2005.05.19 17:53:38 | 00,838,144 | —- | M] (Microsoft Corporation) D:Program FilesCommon FilesSystemOle DBmsdaipp.dll ipp�x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM — Microsoft OLE DB Moniker Binder for Internet Publishing][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
msdaipp: [HKLM — No CLSID value][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler] — Protocol Handlers
[2005.05.19 17:53:38 | 00,838,144 | —- | M] (Microsoft Corporation) D:Program FilesCommon FilesSystemOle DBmsdaipp.dll msdaipp�x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM — Microsoft OLE DB Moniker Binder for Internet Publishing][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler] — Protocol Handlers
[2005.05.19 17:53:38 | 00,838,144 | —- | M] (Microsoft Corporation) D:Program FilesCommon FilesSystemOle DBmsdaipp.dll msdaippoledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM — MSDAIPP.BINDER][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2000.04.19 18:47:36 | 00,520,117 | —- | M] (Microsoft Corporation) D:Program FilesCommon FilesMicrosoft SharedInformation RetrievalMSITSS.DLL (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2003.08.04 21:19:34 | 07,330,360 | —- | M] (Microsoft Corporation) D:Program FilesCommon FilesMicrosoft SharedWeb Components10OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2003.08.01 23:09:04 | 08,086,072 | —- | M] (Microsoft Corporation) D:Program FilesCommon FilesMicrosoft SharedWeb Components11OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandler]
[2008.04.14 19:10:41 | 01,431,552 | —- | M] (Корпорация Майкрософт) D:WINDOWSsystem32msvidctl.dll (tv:{CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} (HKLM) [ТВ: подключаемый протокол])========== (O18) Protocol Filters ==========
[HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSFilter] — Protocol Filters
[2008.04.14 19:10:44 | 08,478,208 | —- | M] (Корпорация Майкрософт) D:WINDOWSsystem32shell32.dll text/webviewhtml:{733AC4CB-F1A4-11d0-B951-00A0C90312E1} (HKLM) [WebView MIME Filter][HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSFilter] — Protocol Filters
[2003.07.15 06:45:12 | 00,039,488 | —- | M] (Microsoft Corporation) D:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«{01AE68B4-C785-4865-BC7E-78456372BB75}»=RU
«{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}»=Adobe Audition 2.0
«{0E8A4742-880F-4C30-B5C8-425160EA9D73}»=Kodak DIGITAL GEM Professional Plug-In 1.0.1
«{236BB7C4-4419-42FD-0419-1E257A25E34D}»=Adobe Photoshop CS2
«{26A24AE4-039D-4CA4-87B4-2F83216010FF}»=Java(TM) 6 Update 10
«{28D3AE17-7FD1-4F81-821C-7E930C906F70}»=HT Video Splitter & Joiner 2.0
«{350C9419-3D7C-4EE8-BAA9-00BCB3D54227}»=WebFldrs XP
«{38E0C491-5230-4373-B62E-F1A6E94B1049}»=Nero 7 Ultra Edition
«{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}»=DAEMON Tools
«{48EB9208-593D-4DC7-B613-9C5A210D87BA}»=Sony Sound Forge 8.0b
«{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}»=SmartSound Quicktracks Plugin
«{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}»=FontNav
«{4F1DA6BF-3614-48A1-9970-9E90F646789E}»=Ulead VideoStudio 8.0
«{5081528F-5DD5-49BA-8213-9A6A13502497}»=Sentinel System Driver 5.41.1 (32-bit)
«{5FD281D7-3EBF-47DF-ACE3-40D6FB0C220D}»=Kodak DIGITAL ROC Professional Plug-In 1.0.2
«{6ACA2FD2-4C4A-42F3-AFB5-7B433BBDF6DB}»=InterVideo WinDVD 6
«{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}»=Microsoft .NET Framework 2.0
«{7299052b-02a4-4627-81f2-1818da5d550d}»=Microsoft Visual C++ 2005 Redistributable
«{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}»=CorelDRAW Graphics Suite X3
«{7C515D87-2DCD-422B-B993-3FE8A71B3DDB}»=Noiseware Professional Plug-in
«{7E5B4758-346B-4D77-BB1A-1BC878ED7498}»=Kodak DIGITAL GEM Airbrush Professional Plug-In 1.0.1
«{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}»=Adobe Audition 1.5
«{8795CBED-55E2-4693-9F14-84EC446935BE}»=SpeechRedist
«{90110419-6000-11D3-8CFE-0150048383C9}»=Microsoft Office — профессиональный выпуск версии 2003
«{9ED38F62-7A50-4145-8C5D-0FCFFBF10A7B}»=Visual C++ CRT 9.0
«{AA44A771-8350-4A83-AEA4-412849A5CDC6}»=KnobMan
«{AC76BA86-7AD7-1033-7B44-A80000000002}»=Adobe Reader 8
«{B21D407F-709E-499D-A7C4-17A76B7D9D68}»=Kodak DIGITAL SHO Professional Plug-In 1.0.2
«{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}»=QuickTime
«{C8F4800F-52F4-4115-BE64-FF1C23604E86}_is1″=Sothink SWF Easy
«{C94E45B0-6AA6-4FB9-9AAE-22085F631880}»=VBA
«{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1″=Sothink FLV Player
«{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}»=Microsoft .NET Framework 1.1
«{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}»=Microsoft Games for Windows — LIVE Redistributable
«{D799CA10-F7D5-46FF-97D7-06195C9EDA70}»=BBE Sonic Maximizer 2.0 Full
«{DE5BEF08-B744-457C-99CD-B8D1596154FD}»=ATI Catalyst Control Center
«{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}»=jetAudio Basic
«{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}»=Realtek High Definition Audio Driver
«{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}»=Update Manager
«{FAC088DD-FE02-430D-85AD-7CF5AD669619}»=ESET NOD32 Antivirus
«{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}»=Microsoft Visual C++ 2008 Redistributable — x86 9.0.21022
«>ARP Protocol Monitor»=ARP Monitor
«3D Maker by Lokas Software»=3D Maker by Lokas Software
«3D Shadow by Lokas Software»=3D Shadow by Lokas Software
«Absolute Sound Recorder_is1″=Absolute Sound Recorder version 3.0.0
«ActiveX Manager v1.4 (SPB)»=ActiveX Manager v1.4 (SPB)
«Adobe Audition 1.5 Russian Version»=Adobe Audition 1.5 Russian Version
«Adobe Audition 2.0″=Adobe Audition 2.0
«Adobe Flash Player ActiveX»=Adobe Flash Player ActiveX
«Adobe Flash Player Plugin»=Adobe Flash Player 10 Plugin
«Adobe Photoshop CS2 — {236BB7C4-4419-42FD-0419-1E257A25E34D}»=Adobe Photoshop CS2
«Adobe Shockwave Player»=Adobe Shockwave Player
«Agnitum Outpost Firewall Pro_is1″=Agnitum Outpost Firewall Pro
«All ATI Software»=ATI — Software Uninstall Utility
«Allok AVI MPEG Converter_is1″=Allok AVI MPEG Converter 3.4.0730
«ARP Protocol Monitor»=ARP Monitor
«Arturia Arp2600 V v1.0″=Arturia Arp2600 V v1.0
«Ashampoo WinOptimizer Platinum Suite»=Ashampoo WinOptimizer Platinum Suite
«ASIO4ALL»=ASIO4ALL
«ATI Display Driver»=ATI Display Driver
«AudioRealism Bassline v1.504″=AudioRealism Bassline v1.504
«BSPlayer1″=BSPlayer
«BSPlayerp»=BS.Player PRO
«CCleaner»=CCleaner (remove only)
«CheMax Rus_is1″=CheMax Rus 5.3
«Chessmaster 8000″=Chessmaster 8000
«Counter-Strike 1.6″=Counter-Strike 1.6
«CTDVDAudio Plugin»=Creative DVD Audio Plugin for Audigy Series
«DVD Ripper Platinum 4″=DVD Ripper Platinum 4
«EsetOnlineScanner»=ESET Online Scanner
«EVEREST Ultimate Edition_is1″=EVEREST Ultimate Edition v2.80
«FabFilter One 3.05″=FabFilter One 3.05
«FabFilter Pro-C 1.10″=FabFilter Pro-C 1.10
«FabFilter Timeless 1.01″=FabFilter Timeless 1.01
«FL Studio 8″=FL Studio 8
«Flash Designer 5″=Flash Designer 5 (5.0.20.6)
«Futureaudioworkshop Circle VSTi RTAS_is1″=Futureaudioworkshop Circle VSTi RTAS v1.02
«High Quality Photo Resizer_is1″=High Quality Photo Resizer 4.20
«HijackThis»=HijackThis 2.0.2
«IconX»=IconX
«IDNMitigationAPIs»=Microsoft Internationalized Domain Names Mitigation APIs
«ie7″=Windows Internet Explorer 7
«IL Download Manager»=IL Download Manager
«Image Doctor»=Alien Skin Image Doctor 1.0
«InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}»=SmartSound Quicktracks Plugin
«InstallShield_{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}»=QuickTime
«iZotope Ozone 3_is1″=iZotope Ozone 3
«iZotope Spectron_is1″=iZotope Spectron
«KLiteCodecPack_is1″=K-Lite Codec Pack 2.33 Full
«KoolMoves_is1″=KoolMoves 4.5.2
«LHTTSENG»=L&H TTS3000 British English
«LHTTSRUR»=L&H TTS3000 Russian
«Linplug Albino v2.1″=Linplug Albino v2.1
«Linplug Alpha VSTi v2.2.2″=Linplug Alpha VSTi v2.2.2
«Linplug RM IV v4.1.2″=Linplug RM IV v4.1.2
«LiveUpdate»=LiveUpdate 3.1 (Symantec Corporation)
«Microsoft .NET Framework 1.1 (1033)»=Microsoft .NET Framework 1.1
«Microsoft .NET Framework 2.0″=Microsoft .NET Framework 2.0
«Modern Skinmaker Studio»=Modern Skinmaker Studio 1.1
«Morphine»=Morphine
«Mouse Off-road 2.12″=Mouse Off-road 2.12
«Mozilla Firefox (3.0.4)»=Mozilla Firefox (3.0.4)
«MyCentria»=Интернет помощник MyCentria
«Native Instruments Absynth v3.0″=Native Instruments Absynth v3.0
«NLSDownlevelMapping»=Microsoft National Language Support Downlevel APIs
«Novation Bass-Station VSTi v1.10″=Novation Bass-Station VSTi v1.10
«Octopus»=Octopus
«Panopticum Digitalizer 1.1_is1″=Panopticum Digitalizer 1.1
«PhatBuzzFree_is1″=PhatBuzz Freeware Version
«PoiZone»=PoiZone
«Pragma»=Pragma
«Predator_is1″=Rob Papen Predator V1.1 b
«qPicSort_is1″=qPicSort v1.02b
«Registry Mechanic_is1″=Registry Mechanic 5.2
«Robin Hood: The Legend Of Sherwood»=Robin Hood: The Legend Of Sherwood
«Roger Nichols Digital UNIQUEL-IZER VST RTAS_is1″=Roger Nichols Digital UNIQUEL-IZER VST RTAS v1.2
«ShockwaveFlash»=Adobe Flash Player 9 ActiveX
«Silent Hill 2 Director’s Cut»=Silent Hill 2 Director’s Cut
«Skinner»=Winamp Skin Maker
«SkinStudio»=SkinStudio
«Starplugs-SuperSizer Mono»=Starplugs-SuperSizer Mono 1.0
«Stereo Pictures 1.0″=Stereo Pictures 1.0
«Superwave Bundle VSTi v2.0″=Superwave Bundle VSTi v2.0
«Synapse Junglist VSTi v3.2″=Synapse Junglist VSTi v3.2
«Syncrosoft’s License Control»=Syncrosoft’s License Control
«TEKKEN-3″=TEKKEN-3
«Teleport Pro»=Teleport Pro
«TweakNow Accelerator XP_is1″=TweakNow Accelerator XP
«Unreal Tournament 2004_is1″=Unreal Tournament 2004
«VertusFluidMask3″=Vertus Fluid Mask 3 3.0.8
«Video Converter_is1″=#1 Video Converter 4.1.15
«VirtualNetwork»=VirtualNetwork
«VLC media player»=VLC media player 0.9.6
«VN_VUIns_Rhine_D-Link»=D-Link PCI Fast Ethernet Adapter
«Voxengo GlissEQ VST»=Voxengo GlissEQ VST 2.9.1
«Voxengo HarmoniEQ VST»=Voxengo HarmoniEQ VST 1.5
«Voxengo Voxformer VST»=Voxengo Voxformer VST 1.7
«Wave Arts Master Restoration»=Wave Arts Master Restoration
«Wave Arts Power Suite»=Wave Arts Power Suite
«Waves Diamond Bundle v5.0″=Waves Diamond Bundle v5.0
«Winamp»=Winamp (remove only)
«Windows Media Format Runtime»=Windows Media Format Runtime
«Windows Media Player»=Проигрыватель Windows Media 10
«Windows XP Service Pack»=Windows XP Service Pack 3
«WinRAR archiver»=Архиватор WinRAR
«WinZip»=WinZip
«WWAYM — NWBass V1.1″=WWAYM — NWBass V1.1
«WWAYM — NWEQ V1.21″=WWAYM — NWEQ V1.21
«XnView_is1″=XnView 1.82.4
«Говорилка 2_is1″=Говорилка========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«uTorrent»=µTorrent========== HKEY_USERS Uninstall List ==========
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SOFTWAREMicrosoftWindowsCurrentVersionUninstall]
«uTorrent»=µTorrent========== Last 10 Event Log Errors ==========
[ Application Events ]
Error — 12.11.2008 14:44:46 | Computer Name = 505F4963FCC942D | Source = Application Error | ID = 1000
Description = Ошибка приложения vlc.exe, версия 0.9.4.0, модуль libvlccore.dll,
версия 0.9.4.0, адрес 0x00073e37.Error — 14.11.2008 4:22:29 | Computer Name = 505F4963FCC942D | Source = Application Hang | ID = 1002
Description = Зависшее приложение JetAudio.exe, версия 7.1.1.3101, зависший модуль
hungapp, версия 0.0.0.0, адрес 0x00000000.Error — 14.11.2008 14:13:40 | Computer Name = 505F4963FCC942D | Source = Application Error | ID = 1000
Description = Ошибка приложения iexplore.exe, версия 6.0.2900.2180, модуль unknown,
версия 0.0.0.0, адрес 0x00000000.Error — 14.11.2008 14:19:33 | Computer Name = 505F4963FCC942D | Source = Application Error | ID = 1000
Description = Ошибка приложения iexplore.exe, версия 6.0.2900.2180, модуль unknown,
версия 0.0.0.0, адрес 0x00000000.Error — 14.11.2008 19:18:59 | Computer Name = 505F4963FCC942D | Source = Application Hang | ID = 1002
Description = Зависшее приложение iesetup.exe, версия 7.0.5730.13, зависший модуль
hungapp, версия 0.0.0.0, адрес 0x00000000.Error — 15.11.2008 6:04:41 | Computer Name = 505F4963FCC942D | Source = Application Hang | ID = 1002
Description = Зависшее приложение iexplore.exe, версия 7.0.5730.13, зависший модуль
hungapp, версия 0.0.0.0, адрес 0x00000000.Error — 16.11.2008 20:50:56 | Computer Name = 505F4963FCC942D | Source = Application Error | ID = 1000
Description = Ошибка приложения set1c9.tmp, версия 7.1.100.1248, модуль , версия
0.0.0.0, адрес 0x00000000.Error — 16.11.2008 21:03:34 | Computer Name = 505F4963FCC942D | Source = Application Hang | ID = 1002
Description = Зависшее приложение WinRAR.exe, версия 3.50.0.0, зависший модуль hungapp,
версия 0.0.0.0, адрес 0x00000000.Error — 19.11.2008 16:25:46 | Computer Name = 505F4963FCC942D | Source = Application Error | ID = 1000
Description = Ошибка приложения fl.exe, версия 0.0.0.0, модуль kernel32.dll, версия
5.1.2600.5512, адрес 0x00012aeb.Error — 19.11.2008 16:25:51 | Computer Name = 505F4963FCC942D | Source = Application Hang | ID = 1002
Description = Зависшее приложение FL.exe, версия 0.0.0.0, зависший модуль hungapp,
версия 0.0.0.0, адрес 0x00000000.[ System Events ]
Error — 20.11.2008 5:03:09 | Computer Name = 505F4963FCC942D | Source = Service Control Manager | ID = 7000
Description = Сбой при запуске службы «ODBC Administration Service» из-за ошибки
%%2Error — 20.11.2008 13:10:29 | Computer Name = 505F4963FCC942D | Source = Service Control Manager | ID = 7000
Description = Сбой при запуске службы «ODBC Administration Service» из-за ошибки
%%2Error — 20.11.2008 15:14:44 | Computer Name = 505F4963FCC942D | Source = DCOM | ID = 10005
Description = Ошибка DCOM «%1084» при попытке запуска службы EventSystem с аргументами
«» для запуска сервера: {1BE1F766-5536-11D1-B726-00C04FB926AF}Error — 20.11.2008 15:15:01 | Computer Name = 505F4963FCC942D | Source = DCOM | ID = 10005
Description = Ошибка DCOM «%1084» при попытке запуска службы StiSvc с аргументами
«» для запуска сервера: {A1F4E726-8CF1-11D1-BF92-0060081ED811}Error — 20.11.2008 15:15:28 | Computer Name = 505F4963FCC942D | Source = Service Control Manager | ID = 7026
Description = Сбой при загрузке драйвера(ов) перезагрузки или запуска системы: easdrv
Fips
intelppm
prodrv06
SandBoxError — 20.11.2008 15:16:51 | Computer Name = 505F4963FCC942D | Source = DCOM | ID = 10005
Description = Ошибка DCOM «%1084» при попытке запуска службы StiSvc с аргументами
«» для запуска сервера: {A1F4E726-8CF1-11D1-BF92-0060081ED811}Error — 20.11.2008 15:17:33 | Computer Name = 505F4963FCC942D | Source = DCOM | ID = 10005
Description = Ошибка DCOM «%1084» при попытке запуска службы EventSystem с аргументами
«» для запуска сервера: {1BE1F766-5536-11D1-B726-00C04FB926AF}Error — 20.11.2008 15:18:49 | Computer Name = 505F4963FCC942D | Source = Service Control Manager | ID = 7000
Description = Сбой при запуске службы «ODBC Administration Service» из-за ошибки
%%2Error — 20.11.2008 21:14:07 | Computer Name = 505F4963FCC942D | Source = Service Control Manager | ID = 7000
Description = Сбой при запуске службы «ODBC Administration Service» из-за ошибки
%%2Error — 21.11.2008 3:58:33 | Computer Name = 505F4963FCC942D | Source = Service Control Manager | ID = 7000
Description = Сбой при запуске службы «ODBC Administration Service» из-за ошибки
%%2< End of report >
ВОТ Третья часть
========== Files — Modified Within 90 Days ==========
[1 D:WINDOWSSystem32*.tmp files]
[3 D:WINDOWS*.tmp files]
[2008.11.21 11:03:56 | 00,002,278 | —- | M] () — D:WINDOWSSystem32wpa.dbl
[2008.11.21 10:58:23 | 00,000,006 | -H— | M] () — D:WINDOWStasksSA.DAT
[2008.11.21 10:58:19 | 00,002,048 | —S- | M] () — D:WINDOWSbootstat.dat
[2008.11.20 23:51:42 | 00,000,116 | —- | M] () — D:WINDOWSNeroDigital.ini
[2008.11.20 13:44:31 | 00,001,640 | —- | M] () — D:WINDOWSwin.ini
[2008.11.19 04:30:39 | 00,003,222 | —- | M] () — D:WINDOWSSystem32tmp.reg
[2008.11.19 03:58:29 | 00,001,393 | —- | M] () — D:WINDOWSimsins.BAK
[2008.11.18 17:57:39 | 00,218,112 | —- | M] () — D:Documents and SettingsппппLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.18 06:04:09 | 00,000,011 | —- | M] () — D:WINDOWS3DShadow.INI
[2008.11.18 01:03:36 | 00,002,463 | —- | M] () — D:Documents and SettingsппппРабочий столWord.lnk
[2008.11.18 01:00:08 | 00,336,896 | —- | M] () — D:Documents and SettingsппппLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
[2008.11.18 00:59:57 | 00,447,064 | —- | M] () — D:WINDOWSSystem32perfh019.dat
[2008.11.18 00:59:57 | 00,404,992 | —- | M] () — D:WINDOWSSystem32perfh009.dat
[2008.11.18 00:59:57 | 00,076,372 | —- | M] () — D:WINDOWSSystem32perfc019.dat
[2008.11.18 00:59:57 | 00,063,828 | —- | M] () — D:WINDOWSSystem32perfc009.dat
[2008.11.18 00:59:55 | 01,004,278 | —- | M] () — D:WINDOWSSystem32PerfStringBackup.INI
[2008.11.18 00:58:30 | 02,248,648 | —- | M] () — D:WINDOWSSystem32FNTCACHE.DAT
[2008.11.18 00:58:07 | 00,316,640 | —- | M] () — D:WINDOWSWMSysPr9.prx
[2008.11.17 13:46:05 | 00,077,824 | —- | M] (Doctor Web, Ltd.) — D:WINDOWSSystem32DRWEBSP.DLL
[2008.11.17 07:00:46 | 00,000,719 | —- | M] () — D:Documents and SettingsAll Users.WINDOWSРабочий столVLC media player.lnk
[2008.11.17 02:37:34 | 01,568,656 | -H— | M] () — D:Documents and SettingsппппLocal SettingsApplication DataIconCache.db
[2008.11.17 01:10:41 | 00,000,552 | —- | M] () — D:WINDOWSSystem32d3d8caps.dat
[2008.11.15 12:54:24 | 00,054,156 | -H— | M] () — D:WINDOWSQTFont.qfn
[2008.11.15 02:30:37 | 00,000,233 | -HS- | M] () — D:Documents and SettingsппппМои документыdesktop.ini
[2008.11.13 02:07:15 | 00,001,602 | —- | M] () — D:Documents and SettingsAll Users.WINDOWSРабочий столMozilla Firefox.lnk
[2008.11.13 01:04:32 | 00,000,013 | —- | M] () — D:WINDOWSSystem32WinSys32.crc
[2008.11.10 19:08:08 | 00,007,168 | -HS- | M] () — D:Documents and SettingsппппМои документыThumbs.db
@Alternate Data Stream — 0 bytes -> D:Documents and SettingsппппМои документыThumbs.db:encryptable
[2008.11.10 18:53:41 | 00,000,759 | —- | M] () — D:Documents and SettingsAll Users.WINDOWSРабочий столSothink SWF Easy.lnk
[2008.11.03 16:10:26 | 17,318,336 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32MRT.exe
[2008.11.03 09:17:40 | 00,000,066 | —- | M] () — D:WINDOWS#1 Video Converter.INI
[2008.11.01 19:51:37 | 00,001,409 | —- | M] () — D:WINDOWSQTFont.for
[2008.11.01 07:49:32 | 00,034,308 | —- | M] () — D:WINDOWSSystem32BASSMOD.dll
[2008.10.31 19:35:55 | 00,000,016 | —- | M] () — D:WINDOWSSystem32w3data.vss
[2008.10.31 19:35:54 | 00,000,016 | —- | M] () — D:WINDOWSmsocreg32.dat
[2008.10.30 07:30:20 | 00,044,544 | —- | M] () — D:WINDOWSAWuninstall.exe
[2008.10.30 06:08:45 | 00,001,024 | —- | M] () — D:WINDOWSSystem32grcauth2.dll
[2008.10.30 06:08:45 | 00,001,024 | —- | M] () — D:WINDOWSSystem32grcauth1.dll
[2008.10.30 06:08:45 | 00,001,024 | —- | M] () — D:WINDOWSSystem32bpxw4kb.tgz
[2008.10.30 06:08:45 | 00,001,024 | —- | M] () — D:WINDOWSSystem32bpxw4kb.dll
[2008.10.30 06:08:45 | 00,000,218 | —- | M] () — D:WINDOWSSystem32tej1k7c.tgz
[2008.10.30 06:08:45 | 00,000,204 | —- | M] () — D:WINDOWSSystem32tej1k7c.dll
[2008.10.30 06:08:45 | 00,000,114 | —- | M] () — D:WINDOWSSystem32prsgrc.tgz
[2008.10.30 06:08:45 | 00,000,100 | —- | M] () — D:WINDOWSSystem32prsgrc.dll
[2008.10.28 19:56:27 | 00,000,000 | —- | M] () — D:WINDOWSnsreg.dat
[2008.10.25 03:51:48 | 00,000,588 | —- | M] () — D:WINDOWSsam7_E.INI
[2008.10.24 14:21:09 | 00,455,296 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32driversmrxsmb.sys
[2008.10.24 14:21:09 | 00,455,296 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemrxsmb.sys
[2008.10.23 21:34:00 | 00,000,049 | —- | M] () — D:WINDOWSiltwain.ini
[2008.10.21 11:43:01 | 00,000,016 | —- | M] () — D:WINDOWSSystem32msvcsv60.dll
[2008.10.16 14:13:40 | 01,809,944 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wuaueng.dll
[2008.10.16 14:13:40 | 01,809,944 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachewuaueng.dll
[2008.10.16 14:13:40 | 00,202,776 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wuweb.dll
[2008.10.16 14:13:40 | 00,202,776 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachewuweb.dll
[2008.10.16 14:12:22 | 00,323,608 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wucltui.dll
[2008.10.16 14:12:22 | 00,323,608 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachewucltui.dll
[2008.10.16 14:12:20 | 00,561,688 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wuapi.dll
[2008.10.16 14:12:20 | 00,561,688 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachewuapi.dll
[2008.10.16 14:12:20 | 00,213,528 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wuaucpl.cpl
[2008.10.16 14:12:20 | 00,213,528 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachewuaucpl.cpl
[2008.10.16 14:09:44 | 00,092,696 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachecdm.dll
[2008.10.16 14:09:44 | 00,092,696 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32cdm.dll
[2008.10.16 14:09:44 | 00,051,224 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wuauclt.exe
[2008.10.16 14:09:44 | 00,051,224 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachewuauclt.exe
[2008.10.16 14:09:44 | 00,043,544 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wups2.dll
[2008.10.16 14:08:58 | 00,034,328 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wups.dll
[2008.10.16 14:08:58 | 00,034,328 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachewups.dll
[2008.10.16 14:08:56 | 00,031,768 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wucltui.dll.mui
[2008.10.16 14:08:12 | 00,027,672 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wuapi.dll.mui
[2008.10.16 14:07:50 | 00,023,576 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wuaucpl.cpl.mui
[2008.10.16 14:07:32 | 00,018,968 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wuaueng.dll.mui
[2008.10.15 20:00:42 | 00,332,800 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32netapi32(4).dll
[2008.10.15 20:00:42 | 00,332,800 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32netapi32(3).dll
[2008.10.15 19:37:44 | 00,337,408 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32netapi32.dll
[2008.10.15 19:37:44 | 00,337,408 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachenetapi32.dll
[2008.10.14 21:24:32 | 00,000,747 | —- | M] () — D:Documents and SettingsAll Users.WINDOWSРабочий столCounter-Strike 1.6.lnk
[2008.10.10 18:21:50 | 00,007,680 | -HS- | M] () — D:WINDOWSThumbs.db
@Alternate Data Stream — 0 bytes -> D:WINDOWSThumbs.db:encryptable
[2008.10.10 07:58:08 | 00,082,944 | —- | M] (S!Ri.URZ) — D:WINDOWSSystem32o4Patch.exe
[2008.10.10 07:58:08 | 00,082,944 | —- | M] (S!Ri.URZ) — D:WINDOWSSystem32IEDFix.C.exe
[2008.10.07 03:42:38 | 00,000,000 | —- | M] () — D:WINDOWSPlayList.Fpl
[2008.10.07 03:38:33 | 00,389,120 | —- | M] () — D:WINDOWSSystem32ACTSKN43.OCX
[2008.10.07 03:38:18 | 00,000,173 | —- | M] () — D:WINDOWSSystem32FOLESVR.DLL
[2008.10.04 05:12:56 | 03,086,049 | —- | M] () — D:Documents and SettingsппппМои документыMEGA GIF.gif
[2008.10.03 20:26:32 | 06,066,176 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32ieframe.dll
[2008.10.03 20:26:32 | 06,066,176 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieframe.dll
[2008.10.01 14:51:40 | 00,087,552 | —- | M] (S!Ri.URZ) — D:WINDOWSSystem32VACFix.exe
[2008.09.30 16:43:34 | 01,286,152 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32msxml4.dll
[2008.09.22 16:07:14 | 00,000,005 | —- | M] () — D:WINDOWSffmbinaa.ini
[2008.09.22 15:38:33 | 00,000,005 | —- | M] () — D:WINDOWSffmbingd.ini
[2008.09.22 15:32:28 | 00,000,005 | —- | M] () — D:WINDOWSffmbindc.ini
[2008.09.22 15:32:15 | 00,000,005 | —- | M] () — D:WINDOWSffmbinik.ini
[2008.09.22 15:32:10 | 00,000,005 | —- | M] () — D:WINDOWSffmbinhb.ini
[2008.09.20 00:03:54 | 00,000,132 | —- | M] () — D:Documents and SettingsппппМои документыSkinTune History 1.dat
[2008.09.17 11:40:23 | 00,000,000 | —- | M] () — D:WINDOWSMEMORY.DMP
[2008.09.15 18:27:56 | 01,846,528 | —- | M] (Корпорация Майкрософт) — D:WINDOWSSystem32win32k.sys
[2008.09.15 18:27:56 | 01,846,528 | —- | M] (Корпорация Майкрософт) — D:WINDOWSSystem32dllcachewin32k.sys
[2008.09.10 04:15:25 | 01,307,648 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32msxml6.dll
[2008.09.10 04:15:25 | 01,307,648 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsxml6.dll
[2008.09.08 13:41:42 | 00,333,824 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32driverssrv.sys
[2008.09.08 13:41:42 | 00,333,824 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachesrv.sys
[2008.09.04 20:17:16 | 01,106,944 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32msxml3.dll
[2008.09.04 20:17:16 | 01,106,944 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsxml3.dll
[2008.08.27 12:26:56 | 03,593,216 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32mshtml.dll
[2008.08.27 12:26:56 | 03,593,216 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemshtml.dll
[2008.08.26 11:26:57 | 01,159,680 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32urlmon.dll
[2008.08.26 11:26:57 | 01,159,680 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheurlmon.dll
[2008.08.26 11:26:57 | 00,826,368 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32wininet.dll
[2008.08.26 11:26:57 | 00,826,368 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachewininet.dll
[2008.08.26 11:26:57 | 00,233,472 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32webcheck.dll
[2008.08.26 11:26:57 | 00,233,472 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachewebcheck.dll
[2008.08.26 11:26:56 | 00,671,232 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32mstime.dll
[2008.08.26 11:26:56 | 00,671,232 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemstime.dll
[2008.08.26 11:26:56 | 00,477,696 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32mshtmled.dll
[2008.08.26 11:26:56 | 00,477,696 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemshtmled.dll
[2008.08.26 11:26:56 | 00,193,024 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32msrating.dll
[2008.08.26 11:26:56 | 00,193,024 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsrating.dll
[2008.08.26 11:26:56 | 00,105,984 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32url.dll
[2008.08.26 11:26:56 | 00,105,984 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheurl.dll
[2008.08.26 11:26:56 | 00,102,912 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32occache.dll
[2008.08.26 11:26:56 | 00,102,912 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheoccache.dll
[2008.08.26 11:26:56 | 00,044,544 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32pngfilt.dll
[2008.08.26 11:26:56 | 00,044,544 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachepngfilt.dll
[2008.08.26 11:26:55 | 00,459,264 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32msfeeds.dll
[2008.08.26 11:26:55 | 00,459,264 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsfeeds.dll
[2008.08.26 11:26:55 | 00,052,224 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32msfeedsbs.dll
[2008.08.26 11:26:55 | 00,052,224 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsfeedsbs.dll
[2008.08.26 11:26:54 | 01,831,424 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32inetcpl.cpl
[2008.08.26 11:26:54 | 01,831,424 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheinetcpl.cpl
[2008.08.26 11:26:54 | 00,384,512 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32iedkcs32.dll
[2008.08.26 11:26:54 | 00,384,512 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheiedkcs32.dll
[2008.08.26 11:26:54 | 00,383,488 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32ieapfltr.dll
[2008.08.26 11:26:54 | 00,383,488 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieapfltr.dll
[2008.08.26 11:26:54 | 00,267,776 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32iertutil.dll
[2008.08.26 11:26:54 | 00,267,776 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheiertutil.dll
[2008.08.26 11:26:54 | 00,230,400 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32ieaksie.dll
[2008.08.26 11:26:54 | 00,230,400 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieaksie.dll
[2008.08.26 11:26:54 | 00,044,544 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32iernonce.dll
[2008.08.26 11:26:54 | 00,044,544 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheiernonce.dll
[2008.08.26 11:26:54 | 00,027,648 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32jsproxy.dll
[2008.08.26 11:26:54 | 00,027,648 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachejsproxy.dll
[2008.08.26 11:26:53 | 00,347,136 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dxtmsft.dll
[2008.08.26 11:26:53 | 00,347,136 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachedxtmsft.dll
[2008.08.26 11:26:53 | 00,214,528 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dxtrans.dll
[2008.08.26 11:26:53 | 00,214,528 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcachedxtrans.dll
[2008.08.26 11:26:53 | 00,153,088 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32ieakeng.dll
[2008.08.26 11:26:53 | 00,153,088 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieakeng.dll
[2008.08.26 11:26:53 | 00,133,120 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32extmgr.dll
[2008.08.26 11:26:53 | 00,133,120 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheextmgr.dll
[2008.08.26 11:26:53 | 00,124,928 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheadvpack.dll
[2008.08.26 11:26:53 | 00,124,928 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32advpack.dll
[2008.08.26 11:26:53 | 00,063,488 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32icardie.dll
[2008.08.26 11:26:53 | 00,063,488 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheicardie.dll
[2008.08.25 11:42:17 | 00,070,656 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32ie4uinit.exe
[2008.08.25 11:42:17 | 00,070,656 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheie4uinit.exe
[2008.08.25 11:38:00 | 00,013,824 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32ieudinit.exe
[2008.08.25 11:38:00 | 00,013,824 | —- | M] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieudinit.exe
[2008.08.24 10:37:28 | 00,000,009 | —- | M] () — D:WINDOWSCrypkey.ini
[2008.08.24 10:36:55 | 00,002,240 | —- | M] () — D:WINDOWSSystem32esnecil.ind
< End of report >пришлось разделить лог на 3 части — поскольку он не хотел создавать сообщение- слишком много знаков -более 60000
-вот вторая часть.
========== (R ) Internet Explorer ==========[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMain]
«Default_Page_URL»=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
«Default_Search_URL»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Default_Secondary_Page_URL»=
«Extensions Off Page»=about:NoAdd-ons
«Local Page»=D:windowssystem32blank.htm
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Security Risk Page»=about:SecurityRisk
«Start Page»=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearch]
«CustomizeSearch»=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
«Default_Search_URL»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«SearchAssistant»=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm[HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerMain]
«Default_Search_URL»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Local Page»=D:windowssystem32blank.htm
«Page_Transitions»=
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Start Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchURL]
«»=http://home.microsoft.com/access/autosearch.asp?p=%s[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{CFBFAE00-17A6-11D0-99CB-00C04FD64497}» (HKLM) — D:WINDOWSsystem32ieframe.dll (Microsoft Corporation)[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERS.DEFAULTSOFTWAREMicrosoftInternet ExplorerMain]
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch[HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{EF99BD32-C1FB-11D2-892F-0090271D4F88}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-18SOFTWAREMicrosoftInternet ExplorerMain]
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch[HKEY_USERSS-1-5-18SoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{EF99BD32-C1FB-11D2-892F-0090271D4F88}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-19SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-20SOFTWAREMicrosoftInternet ExplorerMain]
[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SOFTWAREMicrosoftInternet ExplorerMain]
«Default_Search_URL»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Local Page»=D:windowssystem32blank.htm
«Page_Transitions»=
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Start Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerSearchURL]
«»=http://home.microsoft.com/access/autosearch.asp?p=%s[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{CFBFAE00-17A6-11D0-99CB-00C04FD64497}» (HKLM) — D:WINDOWSsystem32ieframe.dll (Microsoft Corporation)[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0========== (O1) Hosts File ==========
HOSTS File = (769 bytes) — D:WINDOWSSystem32driversetcHosts
First 25 entries…
127.0.0.1 localhost========== (O2) BHO’s ==========
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) — D:Program FilesJavajre6binssv.dll (Sun Microsystems, Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) — D:Program FilesJavajre6binjp2ssv.dll (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) — D:Program FilesJavajre6libdeployjqsiejqs_plugin.dll (Sun Microsystems, Inc.)========== (O3) Toolbars ==========
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — D:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{2318C2B1-4965-11D4-9B18-009027A5CD4F}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — D:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{0E5CBF21-D15F-11D0-8301-00AA005B4383}» (HKLM) — D:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{2318C2B1-4965-11D4-9B18-009027A5CD4F}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{EF99BD32-C1FB-11D2-892F-0090271D4F88}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — D:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{2318C2B1-4965-11D4-9B18-009027A5CD4F}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — D:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{0E5CBF21-D15F-11D0-8301-00AA005B4383}» (HKLM) — D:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{2318C2B1-4965-11D4-9B18-009027A5CD4F}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser]
«{EF99BD32-C1FB-11D2-892F-0090271D4F88}» (HKLM) — Reg Error: Key does not exist or could not be opened. File not found========== (O4) Run Keys ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«Alcmtr»=ALCMTR.EXE (Realtek Semiconductor Corp.)
«ATICCC»=»D:Program FilesATI TechnologiesATI.ACEcli.exe» runtime -Delay (ATI Technologies Inc.)
«egui»=»D:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice (ESET)
«ISUSPM Startup»=»D:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe» -startup (Macrovision Corporation)
«ISUSScheduler»=»D:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe» -start (Macrovision Corporation)
«NeroFilterCheck»=D:Program FilesCommon FilesAheadLibNeroCheck.exe (Nero AG)
«OutpostFeedBack»=»D:Program FilesAgnitumOutpost Firewall Profeedback.exe» /dump:os_startup (Agnitum Ltd.)
«OutpostMonitor»=D:Program FilesAgnitumOutpost Firewall Proop_mon.exe /tray /noservice (Agnitum Ltd.)
«RTHDCPL»=RTHDCPL.EXE (Realtek Semiconductor Corp.)
«SkyTel»=SkyTel.EXE (Realtek Semiconductor Corp.)
«SunJavaUpdateSched»=»D:Program FilesJavajre6binjusched.exe» (Sun Microsystems, Inc.)
«Transparent»=D:Program FilesTweakNow Accelerator XPTransparent.exe 49 ()
«WinampAgent»=»D:Program FilesWinampWinampa.exe» ()[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«EVEREST AutoStart»=D:Program FilesLavalysEVEREST Ultimate Editioneverest.exe ()[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SOFTWAREMicrosoftWindowsCurrentVersionRun]
«EVEREST AutoStart»=D:Program FilesLavalysEVEREST Ultimate Editioneverest.exe ()========== (O4) Startup Folders ==========
[2006.03.02 15:00:00 | 00,047,104 | —- | M] (Корпорация Майкрософт) — D:Documents and SettingsDefault UserГлавное менюПрограммыАвтозагрузкаssmypics.scr
[2006.03.02 15:00:00 | 00,047,104 | —- | M] (Корпорация Майкрософт) — D:Documents and SettingsАдминистраторГлавное менюПрограммыАвтозагрузкаssmypics.scr
[2006.03.02 15:00:00 | 00,047,104 | —- | M] (Корпорация Майкрософт) — D:Documents and SettingsГостьГлавное менюПрограммыАвтозагрузкаssmypics.scr========== (O6 & O7) Current Version Policies ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoCDBurning»=0
«NoDriveTypeAutoRun»=28[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=157
«NoSharedDocuments»= [binary data]
«NoChangeStartMenu»=0
«ClearRecentDocsOnExit»=0
«NoRecentDocsHistory»=0
«MaxRecentDocs»=11
«NoStartMenuMFUprogramsList»=0
«NoViewOnDrive»=0[HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145[HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145[HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145[HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=157
«NoSharedDocuments»= [binary data]
«NoChangeStartMenu»=0
«ClearRecentDocsOnExit»=0
«NoRecentDocsHistory»=0
«MaxRecentDocs»=11
«NoStartMenuMFUprogramsList»=0
«NoViewOnDrive»=0========== (O9) IE Extensions ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions]
{44627E97-789B-40d4-B5C2-58BD171129A1}: Button: Быстрая настройка Outpost Firewall Pro — %ProgramFiles%AgnitumOutpost Firewall Proie_bar.dll [2008.07.15 13:37:56 | 00,644,424 | —- | M] (Agnitum Ltd.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Справочные материалы — %ProgramFiles%Microsoft OfficeOFFICE11REFIEBAR.DLL [2003.07.15 06:57:08 | 00,040,512 | —- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 — %SystemRoot%network diagnosticxpnetdiag.exe [2008.04.13 21:53:32 | 00,558,080 | —- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger — %ProgramFiles%Messengermsmsgs.exe [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger — %ProgramFiles%Messengermsmsgs.exe [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)[HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{44627E97-789B-40d4-B5C2-58BD171129A1} [HKLM] -> %ProgramFiles%AgnitumOutpost Firewall Proie_bar.dll [Быстрая настройка Outpost Firewall Pro] -> [2008.07.15 13:37:56 | 00,644,424 | —- | M] (Agnitum Ltd.)
CmdMapping\{5E638779-1818-4754-A595-EF1C63B87A56} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{7558B7E5-7B26-4201-BEDB-00D5FF534523} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%Microsoft OfficeOFFICE11REFIEBAR.DLL [Справочные материалы] -> [2003.07.15 06:57:08 | 00,040,512 | —- | M] (Microsoft Corporation)
CmdMapping\{E59EB121-F339-4851-A3BA-FE49C35617C2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)[HKEY_USERS.DEFAULTSOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)[HKEY_USERSS-1-5-18SOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)[HKEY_USERSS-1-5-21-1177238915-1645522239-682003330-1003SOFTWAREMicrosoftInternet ExplorerExtensions]
CmdMapping\{44627E97-789B-40d4-B5C2-58BD171129A1} [HKLM] -> %ProgramFiles%AgnitumOutpost Firewall Proie_bar.dll [Быстрая настройка Outpost Firewall Pro] -> [2008.07.15 13:37:56 | 00,644,424 | —- | M] (Agnitum Ltd.)
CmdMapping\{5E638779-1818-4754-A595-EF1C63B87A56} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{7558B7E5-7B26-4201-BEDB-00D5FF534523} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%Microsoft OfficeOFFICE11REFIEBAR.DLL [Справочные материалы] -> [2003.07.15 06:57:08 | 00,040,512 | —- | M] (Microsoft Corporation)
CmdMapping\{E59EB121-F339-4851-A3BA-FE49C35617C2} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%Messengermsmsgs.exe [Messenger] -> [2008.04.14 19:11:03 | 01,695,232 | —- | M] (Microsoft Corporation)========== (O12) Internet Explorer Plugins ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerPlugins]
PluginsPage: «» = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: «» = Microsoft ActiveX Gallery========== (O13) Default Prefixes ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionURLDefaultPrefix]
«»=http://========== (O15) Trusted Sites ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomains]
1 domain(s) and sub-domain(s) not assigned to a zone.========== (O16) DPF ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}: — Reg Error: Key does not exist or could not be opened.
{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}: http://www.eset.eu/buxus/docs/OnlineScanner.cab — OnlineScanner Control
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab — Java Plug-in 1.6.0_10
{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab — Java Plug-in 1.6.0_10
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab — Java Plug-in 1.6.0_10========== (O17) DNS Name Servers ==========
{A7D7745F-29B7-44D0-A42B-55B9658D4A4C} (Servers: 192.168.248.21 | Description: D-Link DFE-520TX PCI Fast Ethernet Adapter)
========== (O20) AppInit_DLLs ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_Dlls»=d:progra~1agnitumoutpos~1wl_hook.dll
>[2008.07.15 13:38:06 | 00,722,248 | —- | M] (Agnitum Ltd.) — d:Program FilesAgnitumOutpost Firewall Prowl_hook.dll========== (O20) HKLM Winlogon Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]
«Shell»=Explorer.exe
>[2008.04.14 19:10:56 | 01,034,240 | —- | M] (Корпорация Майкрософт) — D:WINDOWSexplorer.exe«UserInit»=D:WINDOWSsystem32userinit.exe,
>[2008.04.14 19:11:12 | 00,026,624 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32userinit.exe«UIHost»=logonui.exe
>[2008.04.14 19:10:59 | 00,515,072 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32logonui.exe«VMApplet»=rundll32 shell32,Control_RunDLL «sysdm.cpl»
>[2008.04.14 19:10:44 | 08,478,208 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32shell32.dll
>[2008.04.14 19:11:14 | 00,302,080 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32sysdm.cpl========== (O20) Winlogon Notify Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify]
AtiExtEvent: «DllName» = Ati2evxx.dll — D:WINDOWSsystem32ati2evxx.dll (ATI Technologies Inc.)
avldr: «DllName» = avldr.dll — File not found
crypt32chain: «DllName» = crypt32.dll — D:WINDOWSsystem32crypt32.dll (Корпорация Майкрософт)
cscdll: «DllName» = cscdll.dll — D:WINDOWSsystem32cscdll.dll (Корпорация Майкрософт)
MCPClient: «DllName» = D:Program FilesCommon FilesStardockmcpstub.dll — D:Program FilesCommon FilesStardockMCPStub.dll (Stardock)
ScCertProp: «DllName» = wlnotify.dll — D:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
Schedule: «DllName» = wlnotify.dll — D:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
sclgntfy: «DllName» = sclgntfy.dll — D:WINDOWSsystem32sclgntfy.dll (Корпорация Майкрософт)
SensLogn: «DllName» = WlNotify.dll — D:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
termsrv: «DllName» = wlnotify.dll — D:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
wlballoon: «DllName» = wlnotify.dll — D:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)========== (O21) SSODL Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«0aMCPClient»={F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} (HKLM) — D:Program FilesCommon FilesStardockMCPCore.dll (Stardock)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«CDBurn»={fbeb8a05-beee-4442-804e-409d6c4515e9} (HKLM) — D:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«PostBootReminder»={7849596a-48ea-486e-8937-a2a3009f31a9} (HKLM) — D:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«SysTray»={35CEC8A3-2BE6-11D2-8773-92E220524153} (HKLM) — D:WINDOWSsystem32stobject.dll (Корпорация Майкрософт)========== (O22) Shared Task Scheduler ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerSharedTaskScheduler]
«{438755C2-A8BA-11D1-B96B-00A0C90312E1}» (HKLM) = Предзагрузчик Browseui — D:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerSharedTaskScheduler]
«{8C7461EF-2B13-11d2-BE35-3078302C2030}» (HKLM) = Демон кэша категорий компонентов — D:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)========== Shell Execute Hooks ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{AEB6717E-7E19-11d0-97EE-00C04FD91972}» (HKLM) — D:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)========== HKLM *SecurityProviders* ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
>[2008.04.14 19:10:35 | 00,068,608 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32digest.dll
>[2008.04.14 19:10:40 | 00,290,816 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32msnsspc.dll========== Safeboot Options ==========
«AlternateShell»=cmd.exe
========== CDRom AutoRun Settings ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCdrom]
«AutoRun» = 1========== Autorun Files on Drives ==========
AUTOEXEC.BAT []
[2007.12.17 06:13:28 | 00,000,000 | —- | M] () — C:AUTOEXEC.BAT — [ NTFS ]AUTOEXEC.BAT []
[2008.06.15 23:02:57 | 00,000,000 | —- | M] () — D:AUTOEXEC.BAT — [ NTFS ]AUTORUN.INF [[AutoRun] | OPEN=menumenu.exe | ICON=menumenu.ico | ]
[2002.12.22 15:05:14 | 00,000,051 | R— | M] () — F:AUTORUN.INF — [ CDFS ]========== MountPoints2 ==========
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{51bb51b2-b17d-11dc-aefd-806d6172696f}Shell]
«»=AutoRun[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{51bb51b2-b17d-11dc-aefd-806d6172696f}ShellAutoRuncommand]
«»=F:menumenu.exe — [2002.12.16 18:39:48 | 00,953,344 | R— | M] ((c) Mike Space)[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{aaf36693-f596-11dc-afb9-fa4264221197}Shell]
«»=AutoRun[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{aaf36693-f596-11dc-afb9-fa4264221197}Shell1Command]
«»=.recycledinfo.exe[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2{aaf36693-f596-11dc-afb9-fa4264221197}ShellAutoRuncommand]
«»=D:WINDOWSsystem32shell32.dll — [2008.04.14 19:10:44 | 08,478,208 | —- | M] (Корпорация Майкрософт)[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2FShell]
«»=AutoRun[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2FShellAutoRuncommand]
«»=F:menumenu.exe — [2002.12.16 18:39:48 | 00,953,344 | R— | M] ((c) Mike Space)[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2GShellAutoRuncommand]
«»=G:autorun.exe — File not found========== Files/Folders — Created Within 90 Days ==========
[1 D:WINDOWSSystem32*.tmp files]
[3 D:WINDOWS*.tmp files]
[2008.11.20 22:59:09 | 00,000,000 | —D | C] — D:WINDOWSSun
[2008.11.20 22:55:36 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataMalwarebytes
[2008.11.20 22:55:29 | 00,000,000 | —D | C] — D:Documents and SettingsAll Users.WINDOWSApplication DataMalwarebytes
[2008.11.20 22:37:19 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataSun
[2008.11.19 04:30:21 | 00,289,144 | —- | C] (S!Ri) — D:WINDOWSSystem32VCCLSID.exe
[2008.11.19 04:30:21 | 00,288,417 | —- | C] (S!Ri) — D:WINDOWSSystem32SrchSTS.exe
[2008.11.19 04:30:21 | 00,135,168 | —- | C] (SteelWerX) — D:WINDOWSSystem32swreg.exe
[2008.11.19 04:30:21 | 00,087,552 | —- | C] (S!Ri.URZ) — D:WINDOWSSystem32VACFix.exe
[2008.11.19 04:30:21 | 00,082,944 | —- | C] (S!Ri.URZ) — D:WINDOWSSystem32o4Patch.exe
[2008.11.19 04:30:21 | 00,082,944 | —- | C] (S!Ri.URZ) — D:WINDOWSSystem32IEDFix.exe
[2008.11.19 04:30:21 | 00,082,944 | —- | C] (S!Ri.URZ) — D:WINDOWSSystem32IEDFix.C.exe
[2008.11.19 04:30:21 | 00,082,432 | —- | C] (S!Ri.URZ) — D:WINDOWSSystem32404Fix.exe
[2008.11.19 04:30:21 | 00,079,360 | —- | C] (SteelWerX) — D:WINDOWSSystem32swxcacls.exe
[2008.11.19 04:30:21 | 00,051,200 | —- | C] () — D:WINDOWSSystem32dumphive.exe
[2008.11.19 04:30:21 | 00,040,960 | —- | C] () — D:WINDOWSSystem32swsc.exe
[2008.11.19 04:30:21 | 00,025,600 | —- | C] () — D:WINDOWSSystem32WS2Fix.exe
[2008.11.19 04:26:09 | 00,003,222 | —- | C] () — D:WINDOWSSystem32tmp.reg
[2008.11.19 03:58:25 | 00,001,393 | —- | C] () — D:WINDOWSimsins.BAK
[2008.11.18 06:28:11 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataMacromedia
[2008.11.18 06:04:09 | 00,000,011 | —- | C] () — D:WINDOWS3DShadow.INI
[2008.11.18 03:10:23 | 00,000,000 | —D | C] — D:Program FilesCommon FilesWise Installation Wizard
[2008.11.18 00:57:39 | 00,000,000 | —D | C] — D:WINDOWSPrefetch
[2008.11.18 00:49:44 | 00,000,000 | —D | C] — D:WINDOWSSystem32bits
[2008.11.18 00:31:32 | 00,000,000 | —D | C] — D:Documents and SettingsппппМои документыкакаято лабудень
[2008.11.17 13:46:05 | 00,077,824 | —- | C] (Doctor Web, Ltd.) — D:WINDOWSSystem32DRWEBSP.DLL
[2008.11.17 07:01:48 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication Datavlc
[2008.11.17 07:00:46 | 00,000,719 | —- | C] () — D:Documents and SettingsAll Users.WINDOWSРабочий столVLC media player.lnk
[2008.11.17 03:32:29 | 00,000,000 | —D | C] — D:Program Filesxerox
[2008.11.17 03:06:07 | 00,000,000 | —D | C] — D:Documents and SettingsппппМои документыМои Тексты
[2008.11.17 02:39:15 | 00,000,000 | -HSD | C] — D:WINDOWSCSC
[2008.11.17 01:10:41 | 00,000,552 | —- | C] () — D:WINDOWSSystem32d3d8caps.dat
[2008.11.16 01:00:35 | 00,000,000 | —D | C] — D:WINDOWSie7updates
[2008.11.16 00:32:32 | 00,000,000 | —D | C] — D:Documents and SettingsппппМои документыDownloaded Program Updates
[2008.11.15 19:22:44 | 06,066,176 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieframe.dll
[2008.11.15 19:22:44 | 01,060,864 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieframe.dll.mui
[2008.11.15 19:22:44 | 00,459,264 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsfeeds.dll
[2008.11.15 19:22:44 | 00,267,776 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheiertutil.dll
[2008.11.15 19:22:44 | 00,052,224 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsfeedsbs.dll
[2008.11.15 19:22:44 | 00,013,824 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieudinit.exe
[2008.11.15 19:22:43 | 02,455,488 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieapfltr.dat
[2008.11.15 19:22:43 | 00,383,488 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheieapfltr.dll
[2008.11.15 19:22:43 | 00,063,488 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheicardie.dll
[2008.11.15 19:18:02 | 00,276,992 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32wmphoto.dll
[2008.11.15 19:18:00 | 00,069,120 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32wlanapi.dll
[2008.11.15 19:17:59 | 00,712,704 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32windowscodecs.dll
[2008.11.15 19:17:59 | 00,346,112 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32windowscodecsext.dll
[2008.11.15 19:17:57 | 00,014,208 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driverswacompen.sys
[2008.11.15 19:17:56 | 00,042,240 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversviaagp.sys
[2008.11.15 19:17:56 | 00,028,672 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32vidcap.ax
[2008.11.15 19:17:56 | 00,028,672 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32verclsid.exe
[2008.11.15 19:17:55 | 00,121,984 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversusbvideo.sys
[2008.11.15 19:17:55 | 00,012,800 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversusb8023x.sys
[2008.11.15 19:17:53 | 00,053,248 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32tsgqec.dll
[2008.11.15 19:17:53 | 00,050,688 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32tspkg.dll
[2008.11.15 19:17:53 | 00,044,672 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversuagp35.sys
[2008.11.15 19:17:46 | 00,020,992 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32spupdwxp.exe
[2008.11.15 19:17:45 | 00,007,680 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32spdwnwxp.exe
[2008.11.15 19:17:44 | 00,005,888 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driverssmbali.sys
[2008.11.15 19:17:42 | 00,032,768 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32setupn.exe
[2008.11.15 19:17:42 | 00,010,240 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driverssffp_mmc.sys
[2008.11.15 19:17:39 | 00,290,304 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32rhttpaa.dll
[2008.11.15 19:17:39 | 00,059,136 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversrfcomm.sys
[2008.11.15 19:17:39 | 00,030,592 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversrndismpx.sys
[2008.11.15 19:17:38 | 00,061,952 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32rasqec.dll
[2008.11.15 19:17:37 | 00,076,800 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32qutil.dll
[2008.11.15 19:17:36 | 00,293,376 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32qagentrt.dll
[2008.11.15 19:17:36 | 00,150,528 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32qagent.dll
[2008.11.15 19:17:36 | 00,062,464 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32qcliprov.dll
[2008.11.15 19:17:35 | 00,412,160 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32photometadatahandler.dll
[2008.11.15 19:17:33 | 00,144,896 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32onex.dll
[2008.11.15 19:17:27 | 00,196,608 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32napmontr.dll
[2008.11.15 19:17:27 | 00,176,640 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32napstat.exe
[2008.11.15 19:17:27 | 00,030,720 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32napipsec.dll
[2008.11.15 19:17:26 | 01,307,648 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32msxml6.dll
[2008.11.15 19:17:26 | 01,307,648 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsxml6.dll
[2008.11.15 19:17:26 | 00,086,016 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32msxml6r.dll
[2008.11.15 19:17:26 | 00,086,016 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemsxml6r.dll
[2008.11.15 19:17:25 | 00,080,896 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32msshavmsg.dll
[2008.11.15 19:17:24 | 00,155,136 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32mssha.dll
[2008.11.15 19:17:15 | 00,397,312 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32mmcex.dll
[2008.11.15 19:17:15 | 00,184,320 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32microsoft.managementconsole.dll
[2008.11.15 19:17:15 | 00,106,496 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32mmcfxcommon.dll
[2008.11.15 19:17:15 | 00,033,792 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32mmcperf.exe
[2008.11.15 19:17:07 | 00,037,376 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32l2gpstore.dll
[2008.11.15 19:17:06 | 00,061,440 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32kmsvc.dll
[2008.11.15 19:17:06 | 00,006,144 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32kbdpash.dll
[2008.11.15 19:17:06 | 00,006,144 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32kbdnepr.dll
[2008.11.15 19:17:06 | 00,006,144 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32kbdiultn.dll
[2008.11.15 19:17:05 | 00,006,144 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32kbdbhc.dll
[2008.11.15 19:17:02 | 00,010,752 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32smtpapi.dll
[2008.11.15 19:17:02 | 00,009,728 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32rwnh.dll
[2008.11.15 19:17:02 | 00,001,950 | —- | C] () — D:WINDOWSSystem32pid.inf
[2008.11.15 19:17:00 | 00,046,592 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversirbus.sys
[2008.11.15 19:16:57 | 00,009,728 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32comsdupd.exe
[2008.11.15 19:16:49 | 00,025,728 | —- | C] (Корпорация Майкрософт) — D:WINDOWSSystem32drivershidbth.sys
[2008.11.15 19:16:49 | 00,019,200 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32drivershidir.sys
[2008.11.15 19:16:47 | 00,046,464 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversgagp30kx.sys
[2008.11.15 19:16:45 | 00,020,992 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32faxpatch.exe
[2008.11.15 19:16:43 | 00,184,832 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eapp3hst.dll
[2008.11.15 19:16:43 | 00,180,736 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eapphost.dll
[2008.11.15 19:16:43 | 00,126,976 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eappcfg.dll
[2008.11.15 19:16:43 | 00,094,208 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eappgnui.dll
[2008.11.15 19:16:43 | 00,059,392 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eapqec.dll
[2008.11.15 19:16:43 | 00,040,960 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eappprxy.dll
[2008.11.15 19:16:43 | 00,033,792 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eapsvc.dll
[2008.11.15 19:16:43 | 00,031,232 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32eapolqec.dll
[2008.11.15 19:16:41 | 00,651,264 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3ui.dll
[2008.11.15 19:16:41 | 00,132,608 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3svc.dll
[2008.11.15 19:16:41 | 00,059,904 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3cfg.dll
[2008.11.15 19:16:41 | 00,056,832 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3msm.dll
[2008.11.15 19:16:41 | 00,039,936 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3gpclnt.dll
[2008.11.15 19:16:41 | 00,026,112 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3api.dll
[2008.11.15 19:16:41 | 00,009,216 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dot3dlg.dll
[2008.11.15 19:16:40 | 00,049,152 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dhcpqec.dll
[2008.11.15 19:16:40 | 00,039,936 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dimsroam.dll
[2008.11.15 19:16:40 | 00,019,456 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dimsntfy.dll
[2008.11.15 19:16:39 | 00,129,045 | —- | C] () — D:WINDOWSSystem32driverscxthsfs2.cty
[2008.11.15 19:16:38 | 00,012,800 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32credssp.dll
[2008.11.15 19:16:33 | 00,037,888 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversbthmodem.sys
[2008.11.15 19:16:33 | 00,018,944 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversbthusb.sys
[2008.11.15 19:16:33 | 00,017,024 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversbthenum.sys
[2008.11.15 19:16:33 | 00,007,168 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32bitsprx4.dll
[2008.11.15 19:16:32 | 00,233,472 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32azroles.dll
[2008.11.15 19:16:28 | 00,042,752 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversalim1541.sys
[2008.11.15 19:16:27 | 00,044,928 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversagpcpq.sys
[2008.11.15 19:16:27 | 00,042,368 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32driversagp440.sys
[2008.11.15 19:16:25 | 00,136,192 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32aaclient.dll
[2008.11.15 07:52:03 | 00,000,000 | —D | C] — D:WINDOWSWBEM
[2008.11.15 07:50:56 | 00,000,000 | —D | C] — D:Program FilesuTorrent
[2008.11.15 07:50:55 | 00,000,000 | —D | C] — D:Documents and SettingsAll Users.WINDOWSApplication DataTEMP
@Alternate Data Stream — 181 bytes -> D:Documents and SettingsAll Users.WINDOWSApplication DataTEMP:8E7C96FD
[2008.11.15 02:25:25 | 00,121,856 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32xmllite.dll
[2008.11.15 00:42:14 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataLavasoft
[2008.11.15 00:19:33 | 00,455,296 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachemrxsmb.sys
[2008.11.15 00:16:10 | 00,000,000 | —D | C] — D:Documents and SettingsAll Users.WINDOWSApplication DataWindows Genuine Advantage
[2008.11.14 21:09:53 | 00,000,000 | —D | C] — D:Program FilesEsetOnlineScanner
[2008.11.13 02:07:14 | 00,001,602 | —- | C] () — D:Documents and SettingsAll Users.WINDOWSРабочий столMozilla Firefox.lnk
[2008.11.11 02:19:38 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DatauTorrent
[2008.11.10 18:53:41 | 00,000,759 | —- | C] () — D:Documents and SettingsAll Users.WINDOWSРабочий столSothink SWF Easy.lnk
[2008.11.10 18:53:40 | 00,044,544 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32msxml4a.dll
[2008.11.10 18:53:15 | 00,000,000 | —D | C] — D:Program FilesSourceTec
[2008.11.10 11:41:39 | 00,000,000 | —D | C] — D:Program FilesStereo Pictures 1.0
[2008.11.02 06:19:43 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataThinstall
[2008.11.01 19:51:37 | 00,054,156 | -H— | C] () — D:WINDOWSQTFont.qfn
[2008.11.01 19:51:37 | 00,001,409 | —- | C] () — D:WINDOWSQTFont.for
[2008.11.01 09:30:22 | 00,234,640 | —- | C] (Agnitum Ltd.) — D:WINDOWSSystem32driversafwcore.sys
[2008.11.01 09:29:27 | 00,000,049 | —- | C] () — D:WINDOWStransp.gif
[2008.11.01 09:29:26 | 00,673,920 | —- | C] (Agnitum Ltd.) — D:WINDOWSSystem32driversSandBox.sys
[2008.11.01 09:29:23 | 00,030,864 | —- | C] (Agnitum Ltd.) — D:WINDOWSSystem32driversafw.sys
[2008.11.01 09:28:49 | 00,000,000 | —D | C] — D:WINDOWSSystem32Filt
[2008.11.01 09:28:49 | 00,000,000 | —D | C] — D:Program FilesAgnitum
[2008.11.01 09:28:02 | 00,000,000 | —D | C] — D:Documents and SettingsAll Users.WINDOWSApplication DataAgnitum
[2008.11.01 03:40:41 | 00,000,000 | —D | C] — D:Program FilesVideoLAN
[2008.10.31 22:25:08 | 00,000,000 | —D | C] — D:WINDOWSl2schemas
[2008.10.31 22:21:17 | 00,000,000 | —D | C] — D:WINDOWSServicePackFiles
[2008.10.31 22:13:43 | 00,000,000 | -H-D | C] — D:WINDOWS$NtServicePackUninstall$
[2008.10.31 20:40:47 | 00,000,000 | —D | C] — D:WINDOWSSystem32ru-ru
[2008.10.31 20:38:20 | 00,000,000 | -H-D | C] — D:WINDOWSie7
[2008.10.31 20:37:53 | 00,000,000 | -H-D | C] — D:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
[2008.10.31 20:37:15 | 00,000,000 | -H-D | C] — D:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
[2008.10.31 18:38:44 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataSendSpace Wizard
[2008.10.30 20:59:12 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication Datavlc(2)
[2008.10.30 12:21:45 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataYaChatData
[2008.10.30 12:20:11 | 00,000,000 | —D | C] — D:Documents and SettingsппппLocal SettingsApplication DataYandex
[2008.10.30 12:20:10 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataYandex
[2008.10.30 12:20:06 | 00,000,000 | —D | C] — D:Program FilesYandex
[2008.10.30 07:11:31 | 00,044,544 | —- | C] () — D:WINDOWSAWuninstall.exe
[2008.10.30 07:11:22 | 00,000,000 | —D | C] — D:Program FilesLokas
[2008.10.30 06:40:24 | 00,000,000 | —D | C] — D:Documents and SettingsппппLocal SettingsApplication DataLiveCraft
[2008.10.30 06:08:45 | 00,001,024 | —- | C] () — D:WINDOWSSystem32bpxw4kb.tgz
[2008.10.30 06:08:29 | 00,000,000 | —D | C] — D:Documents and SettingsAll Users.WINDOWSApplication DataVertusTech
[2008.10.30 06:08:27 | 00,000,000 | —D | C] — D:Program FilesVertus Fluid Mask 3
[2008.10.30 06:06:41 | 00,000,000 | —D | C] — D:Program FilesImage Doctor
[2008.10.29 07:45:03 | 00,000,000 | —D | C] — D:Program FilesTeleport Pro
[2008.10.29 07:15:30 | 00,067,866 | —- | C] () — D:WINDOWSSystem32driversnetwlan5.img
[2008.10.29 07:12:53 | 00,064,352 | —- | C] () — D:WINDOWSSystem32driversativmc20.cod
[2008.10.29 03:02:17 | 00,000,000 | —D | C] — D:Program FilesMSXML 4.0
[2008.10.29 00:54:13 | 00,138,496 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheafd.sys
[2008.10.29 00:54:01 | 00,333,824 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachesrv.sys
[2008.10.29 00:53:50 | 01,846,528 | —- | C] (Корпорация Майкрософт) — D:WINDOWSSystem32dllcachewin32k.sys
[2008.10.29 00:53:46 | 02,147,328 | —- | C] (Корпорация Майкрософт) — D:WINDOWSSystem32dllcachentkrnlmp.exe
[2008.10.29 00:53:45 | 02,190,976 | —- | C] (Корпорация Майкрософт) — D:WINDOWSSystem32dllcachentoskrnl.exe
[2008.10.29 00:53:45 | 02,067,840 | —- | C] (Корпорация Майкрософт) — D:WINDOWSSystem32dllcachentkrnlpa.exe
[2008.10.29 00:53:45 | 02,025,984 | —- | C] (Корпорация Майкрософт) — D:WINDOWSSystem32dllcachentkrpamp.exe
[2008.10.29 00:52:25 | 00,203,136 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachermcast.sys
[2008.10.29 00:51:47 | 00,691,712 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcacheinetcomm.dll
[2008.10.29 00:49:00 | 00,337,408 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32dllcachenetapi32.dll
[2008.10.29 00:46:27 | 00,000,000 | —D | C] — D:WINDOWSSystem32SoftwareDistribution
[2008.10.28 21:05:48 | 00,000,000 | —D | C] — D:Documents and SettingsппппLocal SettingsApplication DataApple Computer
[2008.10.28 19:56:27 | 00,000,000 | —- | C] () — D:WINDOWSnsreg.dat
[2008.10.28 19:56:22 | 00,000,000 | —D | C] — D:Documents and SettingsппппLocal SettingsApplication DataMozilla
[2008.10.28 19:56:22 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataMozilla
[2008.10.28 19:55:48 | 00,000,000 | —D | C] — D:Program FilesMozilla Firefox
[2008.10.28 19:44:24 | 00,337,320 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32difxapi.dll
[2008.10.28 19:44:24 | 00,043,008 | —- | C] (D-Link ) — D:WINDOWSSystem32driversdlkfet5b.sys
[2008.10.21 04:21:04 | 00,000,000 | —D | C] — D:WINDOWSuninstall
[2008.10.21 04:04:45 | 00,000,000 | —D | C] — D:Program FilesRoger Nichols Digital, Inc
[2008.10.21 03:09:27 | 00,000,016 | —- | C] () — D:WINDOWSSystem32w3data.vss
[2008.10.21 03:09:27 | 00,000,016 | —- | C] () — D:WINDOWSSystem32msvcsv60.dll
[2008.10.21 03:09:27 | 00,000,016 | —- | C] () — D:WINDOWSmsocreg32.dat
[2008.10.18 17:35:31 | 00,000,000 | —D | C] — D:Program FilesWWAYM
[2008.10.14 21:24:32 | 00,000,747 | —- | C] () — D:Documents and SettingsAll Users.WINDOWSРабочий столCounter-Strike 1.6.lnk
[2008.10.11 13:56:25 | 00,000,000 | —D | C] — D:Program FilesCounter-Strike 1.6
[2008.10.07 08:09:57 | 00,000,000 | —D | C] — D:WINDOWSpss
[2008.10.07 03:38:21 | 00,000,000 | —- | C] () — D:WINDOWSPlayList.Fpl
[2008.10.07 03:38:18 | 00,000,173 | —- | C] () — D:WINDOWSSystem32FOLESVR.DLL
[2008.10.07 03:34:11 | 00,389,120 | —- | C] () — D:WINDOWSSystem32ACTSKN43.OCX
[2008.10.07 03:34:11 | 00,000,000 | —D | C] — D:WINDOWStmp
[2008.10.04 05:12:56 | 03,086,049 | —- | C] () — D:Documents and SettingsппппМои документыMEGA GIF.gif
[2008.10.01 18:00:43 | 00,000,000 | —D | C] — D:Documents and SettingsппппМои документыUpdater5
[2008.09.30 16:43:34 | 01,286,152 | —- | C] (Microsoft Corporation) — D:WINDOWSSystem32msxml4.dll
[2008.09.22 15:40:48 | 00,000,000 | —D | C] — D:Program FilesWave Arts
[2008.09.22 13:33:09 | 00,000,000 | —D | C] — D:Documents and SettingsппппМои документыFabFilter
[2008.09.22 13:33:09 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataFabFilter
[2008.09.22 13:33:03 | 00,000,000 | —D | C] — D:Program FilesFabFilter
[2008.09.20 00:03:54 | 00,000,132 | —- | C] () — D:Documents and SettingsппппМои документыSkinTune History 1.dat
[2008.08.24 10:36:56 | 00,000,000 | —D | C] — D:WINDOWSSystem32²
** — D:WINDOWSSystem32??
[2008.08.24 10:31:22 | 00,000,000 | —D | C] — D:Documents and SettingsппппМои документыiZotope Spectron Presets
[2008.08.24 10:20:18 | 00,000,000 | —D | C] — D:Documents and SettingsппппApplication DataWaves AudioБольшое спасибо что откликнулись.
всё сделал — НЕ ПОМОГЛО.
вот лог файлы. — OTviewIt,
OTViewIt logfile created on: 21.11.2008 11:14:57 — Run 8
OTViewIt by OldTimer — Version 1.0.20.0 Folder = C:интернет
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) — Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy511,11 Mb Total Physical Memory | 84,61 Mb Available Physical Memory | 16,55% Memory free
1,22 Gb Paging File | 0,80 Gb Available in Paging File | 65,72% Paging File free
Paging file location(s): D:pagefile.sys 768 1536;%SystemDrive% = D: | %SystemRoot% = D:WINDOWS | %ProgramFiles% = D:Program Files
Drive C: | 82,49 Gb Total Space | 8,45 Gb Free Space | 10,25% Space Free | Partition Type: NTFS
Drive D: | 29,30 Gb Total Space | 2,83 Gb Free Space | 9,67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 659,87 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 3,80 Gb Total Space | 0,98 Gb Free Space | 25,81% Space Free | Partition Type: FAT32Computer Name: 505F4963FCC942D
Current User Name: пппп
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 90 Days========== Processes ==========
[2008.04.14 19:11:09 | 00,050,688 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32smss.exe
[2008.04.14 19:11:13 | 00,509,440 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32winlogon.exe
[2008.04.14 19:11:08 | 00,109,056 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32services.exe
[2006.01.04 22:39:48 | 00,405,504 | —- | M] (ATI Technologies Inc.) — D:WINDOWSsystem32ati2evxx.exe
[2006.09.02 15:36:33 | 00,198,336 | —- | M] (Symantec Corporation) — D:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe
[2008.07.01 09:02:28 | 00,468,224 | —- | M] (ESET) — D:Program FilesEsetESET NOD32 Antivirusekrn.exe
[2008.11.20 22:38:17 | 00,152,984 | —- | M] (Sun Microsystems, Inc.) — D:Program FilesJavajre6binjqs.exe
[2004.02.26 09:52:00 | 00,049,152 | —- | M] (Ulead Systems, Inc.) — D:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
[2004.08.11 00:45:04 | 00,038,912 | —- | M] (Microsoft Corporation) — D:WINDOWSsystem32wdfmgr.exe
[2008.04.14 19:11:13 | 00,126,464 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32wbemwmiapsrv.exe
[2003.11.13 17:51:56 | 00,253,952 | —- | M] (Stardock) — D:Program FilesCommon FilesStardocksdmcp.exe
[2006.01.04 22:39:48 | 00,405,504 | —- | M] (ATI Technologies Inc.) — D:WINDOWSsystem32ati2evxx.exe
[2008.04.14 19:10:56 | 01,034,240 | —- | M] (Корпорация Майкрософт) — D:WINDOWSexplorer.exe
[2004.08.19 19:29:50 | 00,054,272 | —- | M] () — D:Program FilesStardockObject DesktopIconXIconX.exe
[2005.08.12 13:43:58 | 00,045,056 | —- | M] (ATI Technologies Inc.) — D:Program FilesATI TechnologiesATI.ACECLI.exe
[2006.08.01 14:10:18 | 16,049,664 | —- | M] (Realtek Semiconductor Corp.) — D:WINDOWSRTHDCPL.EXE
[2005.08.11 15:30:30 | 00,081,920 | —- | M] (Macrovision Corporation) — D:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe
[2006.09.01 18:07:34 | 00,035,328 | —- | M] () — D:Program FilesWinampwinampa.exe
[2008.07.01 09:01:04 | 01,447,168 | —- | M] (ESET) — D:Program FilesEsetESET NOD32 Antivirusegui.exe
[2008.11.20 22:38:17 | 00,136,600 | —- | M] (Sun Microsystems, Inc.) — D:Program FilesJavajre6binjusched.exe
[2006.02.21 00:00:00 | 01,376,768 | —- | M] (Lavalys, Inc.) — D:Program FilesLavalysEVEREST Ultimate Editioneverest.bin
[2005.08.12 13:43:58 | 00,045,056 | —- | M] (ATI Technologies Inc.) — D:Program FilesATI TechnologiesATI.ACECLI.exe
[2008.11.13 20:58:35 | 00,307,712 | —- | M] (Mozilla Corporation) — D:Program FilesMozilla Firefoxfirefox.exe
[2008.11.21 10:55:43 | 00,422,400 | —- | M] (OldTimer Tools) — C:интернетOTViewIt.exe========== (O23) Win32 Services ==========
[2007.12.17 01:03:44 | 00,072,704 | —- | M] (Adobe Systems) — D:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe — (Adobe LM Service [On_Demand | Stopped])
[2005.09.23 07:28:32 | 00,029,896 | —- | M] (Microsoft Corporation) — D:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe — (aspnet_state [On_Demand | Stopped])
[2006.01.04 22:39:48 | 00,405,504 | —- | M] (ATI Technologies Inc.) — D:WINDOWSsystem32ati2evxx.exe — (Ati HotKey Poller [Auto | Running])
[2006.01.04 21:05:00 | 00,520,192 | —- | M] () — D:WINDOWSsystem32ati2sgag.exe — (ATI Smart [Disabled | Stopped])
[2006.09.02 15:36:33 | 00,198,336 | —- | M] (Symantec Corporation) — D:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe — (Automatic LiveUpdate Scheduler [Auto | Running])
[2005.09.23 07:28:56 | 00,066,240 | —- | M] (Microsoft Corporation) — D:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
File not found — — (CLTNetCnService [Auto | Stopped])
[2008.07.01 09:08:00 | 00,019,200 | —- | M] (ESET) — D:Program FilesEsetESET NOD32 AntivirusEHttpSrv.exe — (EhttpSrv [On_Demand | Stopped])
[2008.07.01 09:02:28 | 00,468,224 | —- | M] (ESET) — D:Program FilesEsetESET NOD32 Antivirusekrn.exe — (ekrn [Auto | Running])
[2008.04.14 19:11:08 | 00,109,056 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32services.exe — (Eventlog [Auto | Running])
[2005.04.03 23:41:10 | 00,069,632 | —- | M] (Macrovision Corporation) — D:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe — (IDriverT [On_Demand | Stopped])
[2008.04.14 19:10:58 | 00,150,528 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32imapi.exe — (ImapiService [On_Demand | Stopped])
[2008.11.20 22:38:17 | 00,152,984 | —- | M] (Sun Microsystems, Inc.) — D:Program FilesJavajre6binjqs.exe — (JavaQuickStarterService [Auto | Running])
[2006.09.02 15:36:33 | 02,528,960 | —- | M] (Symantec Corporation) — D:Program FilesSymantecLiveUpdateLuComServer_3_1.EXE — (LiveUpdate [On_Demand | Stopped])
[2008.04.14 19:11:00 | 00,032,768 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32mnmsrvc.exe — (mnmsrvc [On_Demand | Stopped])
[2006.08.08 21:15:50 | 00,208,896 | —- | M] (Nero AG) — D:Program FilesNeroNero 7Nero BackItUpNBService.exe — (NBService [On_Demand | Stopped])
[2008.04.14 19:11:04 | 00,113,664 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32netdde.exe — (NetDDE [Disabled | Stopped])
[2008.04.14 19:11:04 | 00,113,664 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32netdde.exe — (NetDDEdsdm [Disabled | Stopped])
File not found — — (odbcasvc [Auto | Stopped])
[2003.07.28 20:28:22 | 00,089,136 | —- | M] (Microsoft Corporation) — D:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE — (ose [On_Demand | Stopped])
[2008.04.14 19:11:08 | 00,109,056 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32services.exe — (PlugPlay [Auto | Running])
[2008.03.26 15:42:01 | 00,077,824 | —- | M] (Trident Software) — D:Program FilesTrident SoftwarePragmaPTsup5.exe — (PTsup5 [Auto | Stopped])
[2008.04.14 19:11:08 | 00,141,824 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32sessmgr.exe — (RDSessMgr [On_Demand | Stopped])
[2008.04.14 19:11:07 | 00,096,768 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32scardsvr.exe — (SCardSvr [On_Demand | Stopped])
[2008.04.14 19:11:09 | 00,091,648 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32smlogsvc.exe — (SysmonLog [On_Demand | Stopped])
[2008.04.14 19:11:11 | 00,073,216 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32tlntsvr.exe — (TlntSvr [Disabled | Stopped])
[2004.02.26 09:52:00 | 00,049,152 | —- | M] (Ulead Systems, Inc.) — D:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe — (UleadBurningHelper [Auto | Running])
[2004.08.11 00:45:04 | 00,038,912 | —- | M] (Microsoft Corporation) — D:WINDOWSsystem32wdfmgr.exe — (UMWdf [Auto | Running])
[2008.04.14 19:11:12 | 00,290,304 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32vssvc.exe — (VSS [On_Demand | Stopped])
[2008.04.14 19:11:13 | 00,126,464 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32wbemwmiapsrv.exe — (WmiApSrv [On_Demand | Running])========== Driver Services ==========
[2008.04.14 18:37:38 | 00,188,288 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32driversacpi.sys — (ACPI [Boot | Running])
[2001.10.20 14:00:00 | 00,011,776 | —- | M] (Корпорация Майкрософт) — D:WINDOWSSystem32driversacpiec.sys — (ACPIEC [Disabled | Stopped])
[2008.06.30 17:16:14 | 00,234,640 | —- | M] (Agnitum Ltd.) — D:WINDOWSsystem32driversafwcore.sys — (afwcore [On_Demand | Stopped])
[2005.11.21 08:48:21 | 00,016,512 | —- | M] (Adaptec) — D:WINDOWSsystem32driversASPI32.SYS — (Aspi32 [Auto | Running])
[2008.07.11 15:42:08 | 00,033,408 | —- | M] (Agnitum Ltd.) — D:WINDOWSsystem32FiltASWFilt.dll — (ASWFilt [On_Demand | Stopped])
[2006.01.04 22:46:42 | 01,420,288 | —- | M] (ATI Technologies Inc.) — D:WINDOWSsystem32driversati2mtag.sys — (ati2mtag [On_Demand | Running])
[2005.05.09 19:08:40 | 00,033,792 | —- | M] (Team H2O) — D:WINDOWSsystem32driverscledx.sys — (CLEDX [On_Demand | Running])
[2004.08.22 16:31:10 | 00,155,136 | —- | M] ( ) — D:WINDOWSsystem32driversd347bus.sys — (d347bus [Boot | Running])
[2004.08.22 16:31:48 | 00,005,248 | —- | M] ( ) — D:WINDOWSsystem32driversd347prt.sys — (d347prt [Boot | Running])
[2008.07.01 08:56:22 | 00,039,944 | —- | M] (ESET) — D:WINDOWSsystem32driverseamon.sys — (eamon [Auto | Running])
[2008.07.01 08:57:14 | 00,053,256 | —- | M] (ESET) — D:WINDOWSsystem32driverseasdrv.sys — (easdrv [System | Running])
[2003.03.02 17:44:26 | 00,007,552 | —- | M] () — D:WINDOWSsystem32driversenodpl.sys — (enodpl [Auto | Running])
[2008.07.01 09:04:40 | 00,034,312 | —- | M] () — D:WINDOWSsystem32driversepfwtdir.sys — (epfwtdir [System | Running])
[2008.01.13 21:05:28 | 00,094,080 | —- | M] (VSO Software) — D:WINDOWSsystem32driversezplay.sys — (ezplay [On_Demand | Stopped])
[2007.05.16 11:20:32 | 00,043,008 | —- | M] (D-Link ) — D:WINDOWSsystem32driversdlkfet5b.sys — (FETNDISB [On_Demand | Running])
[2008.04.14 18:41:12 | 00,044,544 | —- | M] (Корпорация Майкрософт) — D:WINDOWSSystem32driversfips.sys — (Fips [System | Running])
[2001.10.20 14:00:00 | 00,125,440 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32driversftdisk.sys — (Ftdisk [Boot | Running])
[2008.04.13 19:36:06 | 00,144,384 | —- | M] (Windows (R) Server 2003 DDK provider) — D:WINDOWSsystem32drivershdaudbus.sys — (HDAudBus [On_Demand | Running])
[2008.04.14 18:44:08 | 00,053,120 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32driversi8042prt.sys — (i8042prt [System | Running])
[2006.08.01 14:07:02 | 04,356,608 | —- | M] (Realtek Semiconductor Corp.) — D:WINDOWSsystem32driversRtkHDAud.sys — (IntcAzAudAddService [On_Demand | Running])
[2008.04.14 18:47:16 | 00,037,504 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32driversisapnp.sys — (isapnp [Boot | Running])
[2008.04.14 18:47:56 | 00,024,832 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32driverskbdclass.sys — (Kbdclass [System | Running])
[2002.10.13 19:17:00 | 00,004,736 | —- | M] () — D:WINDOWSsystem32driverslitdpl.sys — (litdpl [Auto | Running])
[2008.04.14 18:37:38 | 00,030,208 | —- | M] (Корпорация Майкрософт) — D:WINDOWSSystem32driversmodem.sys — (Modem [On_Demand | Stopped])
[2008.04.14 18:37:44 | 00,023,296 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32driversmouclass.sys — (Mouclass [System | Running])
[2008.04.13 21:53:09 | 00,040,320 | —- | M] (Microsoft Corporation) — D:WINDOWSsystem32driversnmnt.sys — (nm [On_Demand | Stopped])
[2008.04.14 18:52:22 | 00,080,128 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32driversparport.sys — (Parport [On_Demand | Running])
[2001.10.20 14:00:00 | 00,006,912 | —- | M] (Корпорация Майкрософт) — D:WINDOWSSystem32driversparvdm.sys — (ParVdm [Auto | Running])
[2008.04.14 18:52:28 | 00,068,480 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32driverspci.sys — (PCI [Boot | Running])
[2001.10.20 14:00:00 | 00,003,328 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32driverspciide.sys — (PCIIde [Boot | Running])
[2008.04.14 18:52:30 | 00,120,192 | —- | M] (Корпорация Майкрософт) — D:WINDOWSSystem32driverspcmcia.sys — (Pcmcia [Disabled | Stopped])
[2004.04.01 16:30:46 | 00,010,368 | —- | M] (Padus, Inc.) — D:WINDOWSsystem32driverspfc.sys — (pfc [On_Demand | Running])
[2003.04.28 12:16:07 | 00,050,816 | —- | M] (StarForce Technologies, Inc.) — D:WINDOWSsystem32driversprodrv06.sys — (prodrv06 [System | Running])
[2003.04.28 13:12:21 | 00,094,464 | —- | M] (StarForce Technologies, Inc.) — D:WINDOWSsystem32driversprohlp02.sys — (prohlp02 [Boot | Running])
[2003.04.04 10:41:46 | 00,006,848 | —- | M] (StarForce Technologies, Inc.) — D:WINDOWSsystem32driversprosync1.sys — (prosync1 [Boot | Running])
[2001.10.20 14:00:00 | 00,017,792 | —- | M] (Parallel Technologies, Inc.) — D:WINDOWSsystem32driversptilink.sys — (Ptilink [On_Demand | Running])
[2006.08.25 06:47:00 | 00,036,528 | —- | M] (Sonic Solutions) — D:WINDOWSsystem32driversPxHelp20.sys — (PxHelp20 [Boot | Running])
[2008.04.14 18:41:48 | 00,058,368 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32driversredbook.sys — (redbook [System | Running])
[2008.07.11 15:41:28 | 00,673,920 | —- | M] (Agnitum Ltd.) — D:WINDOWSsystem32driversSandBox.sys — (SandBox [System | Running])
[2008.04.13 19:39:17 | 00,020,480 | —- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) — D:WINDOWSsystem32driverssecdrv.sys — (Secdrv [On_Demand | Stopped])
[2002.12.17 04:41:10 | 00,076,288 | —- | M] (Rainbow Technologies, Inc.) — D:WINDOWSsystem32driverssentinel.sys — (Sentinel [Auto | Running])
[2008.04.14 18:44:00 | 00,065,024 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32driversserial.sys — (Serial [System | Running])
[2003.04.29 14:10:40 | 00,004,448 | —- | M] (StarForce Technologies, Inc.) — D:WINDOWSsystem32driverssfhlp01.sys — (sfhlp01 [Boot | Running])
[2008.04.14 18:52:45 | 00,073,472 | —- | M] (Корпорация Майкрософт) — D:WINDOWSsystem32driverssr.sys — (sr [Boot | Running])
[2008.07.31 00:28:00 | 00,000,169 | —- | M] () — D:WINDOWSultra.INI — (ultra [Disabled | Stopped])
[2008.04.14 18:40:08 | 00,051,968 | —- | M] (Корпорация Майкрософт) — D:WINDOWSSystem32driversvolsnap.sys — (VolSnap [Boot | Running])
[2001.10.20 14:00:00 | 00,012,032 | —- | M] (Microsoft Corporation) — D:WINDOWSsystem32driversws2ifsl.sys — (WS2IFSL [System | Running])
[2006.02.21 00:00:00 | 00,011,776 | —- | M] () — D:Program FilesLavalysEVEREST Ultimate Editionkerneld.wnt — (EverestDriver [On_Demand | Running])
