[jorjik]

Тревога отменяется! Проблема решена! Дело было в настройках! Теперь всё нормально открывается ! 😆

[jorjik]

Сделал всё как Вы посоветовали! Спасибо большое! Всего доброго и удачи Вам!

[jorjik]

Компьютер работает отлично,вообще всё в ажуре! Спасибо Вам большое за всё!Я удалил Combofix,надеюсь он больше не понадобится?

[jorjik]

Здравствуйте Валерий! Сделал всё,вот лог:ComboFix 09-03-06.02 — User 2009-03-09 15:13:04.2 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.7.1033.18.1023.564 [GMT 4:00]
Running from: c:documents and settingsUserDesktopComboFix.exe
Command switches used :: c:documents and settingsUserDesktopCFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
c:windowssystem32DriversWinwu60.sys
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

---

Legacy_WINWU60

---

Service_Winwu60

((((((((((((((((((((((((( Files Created from 2009-02-09 to 2009-03-09 )))))))))))))))))))))))))))))))
.

2009-03-07 12:51 . 2009-03-07 23:39

d

---

c:windowssystem32CatRoot_bak

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-09 06:27

---

d

---

w c:documents and settingsUserApplication DataskypePM
2009-03-09 06:27

---

d

---

w c:documents and settingsUserApplication DataSkype
2009-03-08 12:37

---

d

---

w c:documents and settingsAll UsersApplication DataGoogle Updater
2009-01-27 11:33 325,128 —-a-w c:windowssystem32driversavgldx86.sys
2009-01-27 11:33 107,272 —-a-w c:windowssystem32driversavgtdix.sys
2009-01-27 11:33

---

d

---

w c:documents and settingsAll UsersApplication Dataavg8
2008-10-08 07:49 106,488 —-a-w c:documents and settingsUserApplication DataGDIPFONTCACHEV1.DAT
2006-06-23 06:48 32,768 —-a-r c:windowsinfUpdateUSB.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2004-08-03 15360]
«swg»=»c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe» [2008-07-23 68856]
«MSMSGS»=»c:program filesMessengermsmsgs.exe» [2004-08-04 1667584]
«Google Update»=»c:documents and settingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» [2009-01-20 133104]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«UserFaultCheck»=»c:windowssystem32dumprep 0 -u» [X]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2007-09-16 8491008]
«snp2std»=»c:windowsvsnp2std.exe» [2006-09-15 675840]
«AVG8_TRAY»=»c:progra~1AVGAVG8avgtray.exe» [2009-01-27 1601304]

[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2004-08-03 15360]

c:documents and settingsAll UsersStart MenuProgramsStartup
Adobe Reader Speed Launch.lnk — c:program filesAdobeAcrobat 7.0Readerreader_sl.exe [2004-12-14 29696]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavgrsstarter]
2009-01-27 15:33 10520 c:windowssystem32avgrsstx.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«VIDC.3iv2″= c:progra~1K-LITE~1codecs3IVXVF~1.DLL
«VIDC.VP60″= c:progra~1K-LITE~1codecsvp6vfw.dll
«VIDC.VP61″= c:progra~1K-LITE~1codecsvp6vfw.dll
«VIDC.VP62″= c:progra~1K-LITE~1codecsvp6vfw.dll
«VIDC.VP70″= c:progra~1K-LITE~1codecsvp7vfw.dll
«VIDC.VP31″= c:progra~1K-LITE~1codecsvp31vfw.dll
«VIDC.FFDS»= c:progra~1K-LITE~1ffdshowff_vfw.dll
«msacm.ac3acm»= c:progra~1K-LITE~1codecsac3acm.acm
«msacm.l3fhg»= c:progra~1K-LITE~1codecsl3codecp.acm
«msacm.divxa32″= msaud32_divx.acm

[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Media Key.lnk]
path=c:documents and settingsAll UsersStart MenuProgramsStartupMedia Key.lnk
backup=c:windowspssMedia Key.lnkCommon Startup

[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:documents and settingsAll UsersStart MenuProgramsStartupMicrosoft Office.lnk
backup=c:windowspssMicrosoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcoholAutomount]
—a

---

2007-07-02 14:29 220544 c:program filesAlcohol SoftAlcohol 120AxCmd.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
—a

---

2006-11-16 19:04 139264 c:program filesCommon FilesAheadLibNMBgMonitor.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools]
—a

---

2005-11-09 02:00 128920 c:program filesDAEMON Toolsdaemon.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDevice Detector]
—a

---

2003-09-17 17:39 212992 c:program filesCommon FilesACD SystemsENDevDetect.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvo Launcher]
—a

---

2004-10-09 16:17 110592 c:program filesABBYY Lingvo 10 Multilingual DictionaryLvAgent.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvoTraining]
—a

---

2004-10-09 16:23 1159168 c:program filesABBYY Lingvo 10 Multilingual DictionaryTutor.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]

---

2004-08-04 01:06 1667584 c:program filesMessengermsmsgs.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
—a

---

2006-01-12 15:40 155648 c:program filesCommon FilesAheadLibNeroCheck.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvCplDaemon]
—a

---

2007-09-16 21:07 8491008 c:windowssystem32nvcpl.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter]
—a

---

2007-09-16 21:07 81920 c:windowssystem32nvmctray.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
-ra

---

2008-09-23 14:17 21755688 c:program filesSkypePhoneSkype.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregsnp2std]
—a

---

2006-09-15 12:21 675840 c:windowsvsnp2std.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcmtr]
-r

---

2005-05-03 14:43 69632 c:windowsAlcmtr.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz]
—a

---

2007-09-16 21:07 1626112 c:windowssystem32nwiz.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
-r

---

2007-03-21 10:49 16126464 c:windowsRTHDCPL.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2 (0x2)
«wscsvc»=2 (0x2)

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoring]
«DisableMonitoring»=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecAntiVirus]
«DisableMonitoring»=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecFirewall]
«DisableMonitoring»=dword:00000001

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«DisableNotifications»= 1 (0x1)

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Games\Medal of Honor PA\mohpa.exe»=
«c:\Games\Medal of Honor AA\MOHAA.exe»=
«c:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\Russian\setup.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«c:\Program Files\Empire Interactive\FlatOut2\FlatOut2.exe»=
«c:\Program Files\AVG\AVG8\avgemc.exe»=
«c:\Program Files\AVG\AVG8\avgupd.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«:TCP»= :TCP:Explorer

R0 mv61xx;mv61xx;c:windowssystem32driversmv61xx.sys [2007-05-25 137728]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:windowssystem32driversavgldx86.sys [2008-11-23 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:windowssystem32driversavgtdix.sys [2008-11-23 107272]
R1 kbfilter;Keyboard Filter Driver;c:windowssystem32driverskbfilter.sys [2008-01-11 12856]
R1 UsbFltr;WayTechUSBFilterDriver;c:windowssystem32driversUsbFltr.sys [2008-01-11 8576]
R2 avg8emc;AVG Free8 E-mail Scanner;c:progra~1AVGAVG8avgemc.exe [2008-11-23 903960]
R2 avg8wd;AVG Free8 WatchDog;c:progra~1AVGAVG8avgwdsvc.exe [2008-11-23 298264]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:windowssystem32driversatl01_xp.sys [2008-01-09 38656]
S3 ATE_PROCMON;ATE_PROCMON;??c:program filesAnti Trojan EliteATEPMon.sys —> c:program filesAnti Trojan EliteATEPMon.sys [?]
.
Contents of the ‘Scheduled Tasks’ folder

2009-03-08 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-776561741-1202660629-725345543-1003.job
— c:documents and settingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2009-01-20 10:32]
.
.

---

Supplementary Scan

---

.
uStart Page = hxxp://www.google.ru/
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: E&xport to Microsoft Excel — c:progra~1MICROS~2Office10EXCEL.EXE/3000
IE: Translate with Lingvo — c:program filesABBYY Lingvo 10 Multilingual DictionaryLingvo.exe/3000
TCP: {5002A937-9FEE-431E-9D49-42014DA0C205} = 62.168.168.2,62.168.168.5
FF — ProfilePath — c:documents and settingsUserApplication DataMozillaFirefoxProfilesijlz0w0r.default
FF — prefs.js: browser.search.defaulturl — hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF — prefs.js: network.proxy.http — 127.0.0.1
FF — prefs.js: network.proxy.http_port — 9090
FF — prefs.js: network.proxy.type — 4
FF — component: c:program filesAVGAVG8Firefoxcomponentsavgssff.dll
FF — component: c:program filesAVGAVG8ToolbarFFcomponentsvmAVGConnector.dll
FF — plugin: c:documents and settingsUserLocal SettingsApplication DataGoogleUpdate1.2.141.5npGoogleOneClick7.dll
FF — plugin: c:program filesGoogleGoogle Updater2.4.1399.3742npCIDetect13.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnprpjplug.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-09 15:16:22
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully
hidden files: 0

**************************************************************************
.

---

Other Running Processes

---

.
c:program filesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
c:program filesCommon FilesLightScribeLSSrvc.exe
c:windowssystem32dumprep.exe
c:program filesCommon FilesMicrosoft SharedVS7Debugmdm.exe
c:program filesAVGAVG8avgrsx.exe
c:windowssystem32nvsvc32.exe
c:progra~1AVGAVG8avgnsx.exe
c:program filesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
c:windowssystem32wdfmgr.exe
c:program filesAVGAVG8avgcsrvx.exe
c:windowssystem32rundll32.exe
.
**************************************************************************
.
Completion time: 2009-03-09 15:18:08 — machine was rebooted
ComboFix-quarantined-files.txt 2009-03-09 11:18:06

Pre-Run: 150 190 088 192 bytes free
Post-Run: 150,219,960,320 байт свободно

199 — E O F — 2008-09-12 09:03:24
Кстати этот Winwu60 был в драйверах долгое время.

[jorjik]

УРА!!!!Валерий Вы победили!!!Иконки вернулись,всё просто отлично!Огромнейшее спасибо за помощь и поддержку!Вот combofix log:ComboFix 09-03-04.01 — User 2009-03-07 11:24:14.1 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.7.1033.18.1023.630 [GMT 4:00]
Running from: c:documents and settingsUserDesktopComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:autorun.inf
c:documents and settingsAll UsersApplication DataCrucialSoft Ltd
c:program filestintinyproxyytinyproxy.exe
c:windowssystem32DelSelf.bat
c:windowssystem32pb1M3aNy.exe.a_a
c:windowssystem32svchost.t__
D:Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

---

Legacy_GOOGLE_ONLINE_SERVICES

---

Legacy_IPSEC_SERVICES_(POLICYAGENT)_

---

Legacy_MSUPDATE

---

Service_Google Online Services

---

Service_IPSEC Services (PolicyAgent)

((((((((((((((((((((((((( Files Created from 2009-02-07 to 2009-03-07 )))))))))))))))))))))))))))))))
.

2009-02-24 12:58 . 2009-03-07 11:18

d

---

c:program filestrend micro

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-06 17:53

---

d

---

w c:documents and settingsUserApplication DataSkype
2009-03-06 16:59

---

d

---

w c:documents and settingsUserApplication DataskypePM
2009-03-06 09:30

---

d

---

w c:documents and settingsAll UsersApplication DataGoogle Updater
2009-01-27 11:33 325,128 —-a-w c:windowssystem32driversavgldx86.sys
2009-01-27 11:33 107,272 —-a-w c:windowssystem32driversavgtdix.sys
2009-01-27 11:33

---

d

---

w c:documents and settingsAll UsersApplication Dataavg8
2008-10-08 07:49 106,488 —-a-w c:documents and settingsUserApplication DataGDIPFONTCACHEV1.DAT
2006-06-23 06:48 32,768 —-a-r c:windowsinfUpdateUSB.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2004-08-03 15360]
«swg»=»c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe» [2008-07-23 68856]
«MSMSGS»=»c:program filesMessengermsmsgs.exe» [2004-08-04 1667584]
«Google Update»=»c:documents and settingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» [2009-01-20 133104]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«UserFaultCheck»=»c:windowssystem32dumprep 0 -u» [X]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2007-09-16 8491008]
«snp2std»=»c:windowsvsnp2std.exe» [2006-09-15 675840]
«AVG8_TRAY»=»c:progra~1AVGAVG8avgtray.exe» [2009-01-27 1601304]

[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2004-08-03 15360]

c:documents and settingsAll UsersStart MenuProgramsStartup
Adobe Reader Speed Launch.lnk — c:program filesAdobeAcrobat 7.0Readerreader_sl.exe [2004-12-14 29696]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyavgrsstarter]
2009-01-27 15:33 10520 c:windowssystem32avgrsstx.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«VIDC.3iv2″= c:progra~1K-LITE~1codecs3IVXVF~1.DLL
«VIDC.VP60″= c:progra~1K-LITE~1codecsvp6vfw.dll
«VIDC.VP61″= c:progra~1K-LITE~1codecsvp6vfw.dll
«VIDC.VP62″= c:progra~1K-LITE~1codecsvp6vfw.dll
«VIDC.VP70″= c:progra~1K-LITE~1codecsvp7vfw.dll
«VIDC.VP31″= c:progra~1K-LITE~1codecsvp31vfw.dll
«VIDC.FFDS»= c:progra~1K-LITE~1ffdshowff_vfw.dll
«msacm.ac3acm»= c:progra~1K-LITE~1codecsac3acm.acm
«msacm.l3fhg»= c:progra~1K-LITE~1codecsl3codecp.acm
«msacm.divxa32″= msaud32_divx.acm

[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Media Key.lnk]
path=c:documents and settingsAll UsersStart MenuProgramsStartupMedia Key.lnk
backup=c:windowspssMedia Key.lnkCommon Startup

[HKLM~startupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:documents and settingsAll UsersStart MenuProgramsStartupMicrosoft Office.lnk
backup=c:windowspssMicrosoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcoholAutomount]
—a

---

2007-07-02 14:29 220544 c:program filesAlcohol SoftAlcohol 120AxCmd.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
—a

---

2006-11-16 19:04 139264 c:program filesCommon FilesAheadLibNMBgMonitor.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools]
—a

---

2005-11-09 02:00 128920 c:program filesDAEMON Toolsdaemon.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDevice Detector]
—a

---

2003-09-17 17:39 212992 c:program filesCommon FilesACD SystemsENDevDetect.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvo Launcher]
—a

---

2004-10-09 16:17 110592 c:program filesABBYY Lingvo 10 Multilingual DictionaryLvAgent.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvoTraining]
—a

---

2004-10-09 16:23 1159168 c:program filesABBYY Lingvo 10 Multilingual DictionaryTutor.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]

---

2004-08-04 01:06 1667584 c:program filesMessengermsmsgs.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
—a

---

2006-01-12 15:40 155648 c:program filesCommon FilesAheadLibNeroCheck.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvCplDaemon]
—a

---

2007-09-16 21:07 8491008 c:windowssystem32nvcpl.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter]
—a

---

2007-09-16 21:07 81920 c:windowssystem32nvmctray.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
-ra

---

2008-09-23 14:17 21755688 c:program filesSkypePhoneSkype.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregsnp2std]
—a

---

2006-09-15 12:21 675840 c:windowsvsnp2std.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcmtr]
-r

---

2005-05-03 14:43 69632 c:windowsAlcmtr.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz]
—a

---

2007-09-16 21:07 1626112 c:windowssystem32nwiz.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
-r

---

2007-03-21 10:49 16126464 c:windowsRTHDCPL.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2 (0x2)
«wscsvc»=2 (0x2)

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoring]
«DisableMonitoring»=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecAntiVirus]
«DisableMonitoring»=dword:00000001

[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity centerMonitoringSymantecFirewall]
«DisableMonitoring»=dword:00000001

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«DisableNotifications»= 1 (0x1)

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Games\Medal of Honor PA\mohpa.exe»=
«c:\Games\Medal of Honor AA\MOHAA.exe»=
«c:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\Russian\setup.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«c:\Program Files\Empire Interactive\FlatOut2\FlatOut2.exe»=
«c:\Program Files\AVG\AVG8\avgemc.exe»=
«c:\Program Files\AVG\AVG8\avgupd.exe»=
«c:\Program Files\Skype\Phone\Skype.exe»=

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«:TCP»= :TCP:Explorer

R0 mv61xx;mv61xx;c:windowssystem32driversmv61xx.sys [2007-05-25 137728]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:windowssystem32driversavgldx86.sys [2008-11-23 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:windowssystem32driversavgtdix.sys [2008-11-23 107272]
R1 kbfilter;Keyboard Filter Driver;c:windowssystem32driverskbfilter.sys [2008-01-11 12856]
R1 UsbFltr;WayTechUSBFilterDriver;c:windowssystem32driversUsbFltr.sys [2008-01-11 8576]
R2 avg8emc;AVG Free8 E-mail Scanner;c:progra~1AVGAVG8avgemc.exe [2008-11-23 903960]
R2 avg8wd;AVG Free8 WatchDog;c:progra~1AVGAVG8avgwdsvc.exe [2008-11-23 298264]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:windowssystem32driversatl01_xp.sys [2008-01-09 38656]
S0 Winwu60;Winwu60;c:windowssystem32DriversWinwu60.sys —> c:windowssystem32DriversWinwu60.sys [?]
S3 ATE_PROCMON;ATE_PROCMON;??c:program filesAnti Trojan EliteATEPMon.sys —> c:program filesAnti Trojan EliteATEPMon.sys [?]
.
Contents of the ‘Scheduled Tasks’ folder

2009-03-05 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-776561741-1202660629-725345543-1003.job
— c:documents and settingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2009-01-20 10:32]
.
— — — — ORPHANS REMOVED — — — —

HKLM-Run-High Defination Audio — c:windowsHDaudio.exe
Notify-WgaLogon — (no file)
MSConfigStartUp-ASUSGamerOSD — c:program filesASUSGamerOSDGamerOSD.exe
MSConfigStartUp-swg — c:program filesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe

.

---

Supplementary Scan

---

.
uStart Page = hxxp://www.google.ru/
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: E&xport to Microsoft Excel — c:progra~1MICROS~2Office10EXCEL.EXE/3000
IE: Translate with Lingvo — c:program filesABBYY Lingvo 10 Multilingual DictionaryLingvo.exe/3000
TCP: {5002A937-9FEE-431E-9D49-42014DA0C205} = 62.168.168.2,62.168.168.5
FF — ProfilePath — c:documents and settingsUserApplication DataMozillaFirefoxProfilesijlz0w0r.default
FF — prefs.js: browser.search.defaulturl — hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF — prefs.js: network.proxy.http — 127.0.0.1
FF — prefs.js: network.proxy.http_port — 9090
FF — prefs.js: network.proxy.type — 4
FF — component: c:program filesAVGAVG8Firefoxcomponentsavgssff.dll
FF — component: c:program filesAVGAVG8ToolbarFFcomponentsvmAVGConnector.dll
FF — plugin: c:documents and settingsUserLocal SettingsApplication DataGoogleUpdate1.2.141.5npGoogleOneClick7.dll
FF — plugin: c:program filesGoogleGoogle Updater2.4.1399.3742npCIDetect13.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnprpjplug.dll
FF — plugin: c:program filesOpera 9.5 betaprogrampluginsNPSWF32.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-07 11:27:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully
hidden files: 0

**************************************************************************
.

---

Other Running Processes

---

.
c:program filesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
c:program filesCommon FilesLightScribeLSSrvc.exe
c:program filesCommon FilesMicrosoft SharedVS7Debugmdm.exe
c:windowssystem32nvsvc32.exe
c:program filesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
c:windowssystem32wdfmgr.exe
c:program filesAVGAVG8avgrsx.exe
c:progra~1AVGAVG8avgnsx.exe
c:program filesAVGAVG8avgcsrvx.exe
c:windowssystem32wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-03-07 11:29:28 — machine was rebooted
ComboFix-quarantined-files.txt 2009-03-07 07:29:26

Pre-Run: 150 965 977 088 bytes free
Post-Run: 151,018,205,184 байт свободно

212 — E O F — 2008-09-12 09:03:24

[jorjik]

Здравствуйте Валерий!Проблема , к сожалению,жива! Я нашёл на жёстких дисках файл autorun.inf с атрибутами «скрытый»( Cautorun.inf,Dautorun.inf).Время создания совпадает с временем возникновения проблемы.Это и есть файл трояна или это каталог,созданный Flash Disinfector-ом? В принципе комп работает нормально,если-бы не проблема с иконками дисков.Может быть стоит попробовать подчистить через «Безопасный режим»,как описано в вашей статье.

[jorjik]

Сделал всё как Вы посоветовали.Строка была,я её отметил,дальше по инструкции.Что касается Flash Disinfectorа,то антивирус я отключал перед запуском.Вот свежие логи Rsit:Logfile of random’s system information tool 1.05 (written by random/random)
Run by User at 2009-02-28 23:15:37
Microsoft Windows XP Professional Service Pack 2
System drive C: has 144 GB (75%) free of 191 GB
Total RAM: 1023 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:15:40, on 28.02.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSvsnp2std.exe
C:PROGRA~1AVGAVG8avgtray.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesMessengermsmsgs.exe
C:PROGRA~1AVGAVG8avgwdsvc.exe
C:Documents and SettingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
C:WINDOWSsystem32svchost.exe
C:PROGRA~1AVGAVG8avgemc.exe
C:PROGRA~1AVGAVG8avgrsx.exe
C:PROGRA~1AVGAVG8avgnsx.exe
C:Program FilesAVGAVG8avgcsrvx.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsUserMy DocumentsProgrammi dlia udalenia raznih vrediteleiRSIT.exe
C:Program Filestrend microUser.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.ru/
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:9090
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 — BHO: WormRadar.com IESiteBlocker.NavFilter — {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} — C:Program FilesAVGAVG8avgssie.dll
O2 — BHO: AVG Security Toolbar — {A057A204-BACC-4D26-9990-79A187E2698E} — C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O3 — Toolbar: AVG Security Toolbar — {A057A204-BACC-4D26-9990-79A187E2698E} — C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [snp2std] C:WINDOWSvsnp2std.exe
O4 — HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 — HKLM..Run: [AVG8_TRAY] C:PROGRA~1AVGAVG8avgtray.exe
O4 — HKLM..Run: [High Defination Audio] C:WINDOWSHDaudio.exe
O4 — HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [Google Update] «C:Documents and SettingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» /c
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 — Extra context menu item: Translate with Lingvo — res://C:Program FilesABBYY Lingvo 10 Multilingual DictionaryLingvo.exe/3000
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{5002A937-9FEE-431E-9D49-42014DA0C205}: NameServer = 62.168.168.2,62.168.168.5
O18 — Protocol: linkscanner — {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} — C:Program FilesAVGAVG8avgpp.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 — Winlogon Notify: avgrsstarter — C:WINDOWSSYSTEM32avgrsstx.dll
O23 — Service: AVG Free8 E-mail Scanner (avg8emc) — AVG Technologies CZ, s.r.o. — C:PROGRA~1AVGAVG8avgemc.exe
O23 — Service: AVG Free8 WatchDog (avg8wd) — AVG Technologies CZ, s.r.o. — C:PROGRA~1AVGAVG8avgwdsvc.exe
O23 — Service: Google Online Services — Unknown owner — C:Documents and SettingsUserie_updates3r.exe (file missing)
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: IPSEC Services (PolicyAgent) — Unknown owner — C:Program Filestintinyproxyytinyproxy.exe (file missing)
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: StarWind AE Service (StarWindServiceAE) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe

—
End of file — 6421 bytes

======Scheduled tasks folder======

C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-776561741-1202660629-725345543-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2008-09-23 1088296]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Program FilesAVGAVG8avgssie.dll [2009-01-27 1078552]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2008-11-04 657904]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-06-19 2427968]
{A057A204-BACC-4D26-9990-79A187E2698E} — AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2007-09-16 8491008]
«snp2std»=C:WINDOWSvsnp2std.exe [2006-09-15 675840]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«AVG8_TRAY»=C:PROGRA~1AVGAVG8avgtray.exe [2009-01-27 1601304]
«High Defination Audio»=C:WINDOWSHDaudio.exe []
«UserFaultCheck»=C:WINDOWSsystem32dumprep 0 -u []

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-03 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-07-23 68856]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]
«Google Update»=C:Documents and SettingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2009-01-20 133104]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcmtr]
C:WINDOWSALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcoholAutomount]
C:Program FilesAlcohol SoftAlcohol 120axcmd.exe [2007-07-02 220544]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregASUSGamerOSD]
C:Program FilesASUSGamerOSDGamerOSD.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-11-16 139264]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools]
C:Program FilesDAEMON Toolsdaemon.exe [2005-11-09 128920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDevice Detector]
C:Program FilesCommon FilesACD SystemsENDevDetect.exe [2003-09-17 212992]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvo Launcher]
C:Program FilesABBYY Lingvo 10 Multilingual DictionaryLvagent.exe [2004-10-09 110592]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvoTraining]
C:Program FilesABBYY Lingvo 10 Multilingual DictionaryTutor.exe [2004-10-09 1159168]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvCplDaemon]
C:WINDOWSsystem32NvCpl.dll [2007-09-16 8491008]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter]
C:WINDOWSsystem32NvMcTray.dll [2007-09-16 81920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
C:WINDOWSRTHDCPL.EXE [2007-03-21 16126464]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkypePhoneSkype.exe [2008-09-23 21755688]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregsnp2std]
C:WINDOWSvsnp2std.exe [2006-09-15 675840]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Media Key.lnk]
C:PROGRA~1MEDIAK~1MagicKey.exe [2003-12-31 159744]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:PROGRA~1MICROS~2Office10OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2
«wscsvc»=2

C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavgrsstarter]
C:WINDOWSsystem32avgrsstx.dll [2009-01-27 10520]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«NoDispBackgroundPage»=1
«NoDispScrSavPage»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:GamesMedal of Honor PAmohpa.exe»=»C:GamesMedal of Honor PAmohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)»
«C:GamesMedal of Honor AAMOHAA.exe»=»C:GamesMedal of Honor AAMOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)»
«C:WINDOWSsystem32hucq.exe»=»C:WINDOWSsystem32hucq.exe:*:Enabled:ENABLE»
«C:Documents and SettingsUserttm.exe»=»C:Documents and SettingsUserttm.exe:*:Enabled:ENABLE»
«C:WINDOWSsystem32naip.exe»=»C:WINDOWSsystem32naip.exe:*:Enabled:ENABLE»
«C:Documents and SettingsUserketnug.exe»=»C:Documents and SettingsUserketnug.exe:*:Enabled:ENABLE»
«C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Anti-Virus 7.0.1.325Russiansetup.exe»=»C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Anti-Virus 7.0.1.325Russiansetup.exe:*:Enabled:Программа установки Антивируса Касперского 7.0»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesEmpire InteractiveFlatOut2FlatOut2.exe»=»C:Program FilesEmpire InteractiveFlatOut2FlatOut2.exe:*:Enabled:FlatOut2»
«C:Program FilesAVGAVG8avgemc.exe»=»C:Program FilesAVGAVG8avgemc.exe:*:Enabled:avgemc.exe»
«C:Program FilesAVGAVG8avgupd.exe»=»C:Program FilesAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»
«C:WINDOWSHDaudio.exe»=»C:WINDOWSHDaudio.exe:*:Enabled:Explorer»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

======File associations======

.ini — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1
.txt — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-02-28 23:15:37 —-D—- C:rsit
2009-02-24 12:58:29 —-D—- C:Program Filestrend micro

======List of files/folders modified in the last 1 months======

2009-02-28 23:13:18 —-D—- C:WINDOWSTemp
2009-02-28 23:11:42 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-28 23:01:53 —-D—- C:Program FilesMozilla Firefox
2009-02-28 22:52:44 —-D—- C:Documents and SettingsUserApplication DataSkype
2009-02-28 21:19:47 —-D—- C:Documents and SettingsUserApplication DataskypePM
2009-02-27 21:47:37 —-D—- C:WINDOWS
2009-02-27 21:47:34 —-D—- C:WINDOWSAlbum
2009-02-27 21:47:20 —-A—- C:WINDOWSNeroDigital.ini
2009-02-27 15:28:14 —-D—- C:WINDOWSMinidump
2009-02-26 16:10:03 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle Updater
2009-02-24 22:45:02 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-24 12:58:29 —-RD—- C:Program Files
2009-02-21 23:02:18 —-D—- C:WINDOWSPrefetch
2009-02-15 11:30:43 —-D—- C:WINDOWSnetwork diagnostic
2009-02-14 21:26:48 —-SD—- C:WINDOWSTasks
2009-02-13 12:45:15 —-HD—- C:$AVG8.VAULT$
2009-02-08 12:22:29 —-HD—- C:WINDOWSinf
2009-02-05 13:18:27 —-D—- C:WINDOWSsystem32drivers
2009-02-04 11:54:47 —-SHD—- C:System Volume Information
2009-02-04 11:54:47 —-D—- C:WINDOWSsystem32Restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2009-01-27 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2009-01-27 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:WINDOWSSystem32Driversavgtdix.sys [2009-01-27 107272]
R1 EIO;EIO; ??C:WINDOWSsystem32driversEIO.sys []
R1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-03 36096]
R1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-03 14848]
R1 kbfilter;Keyboard Filter Driver; C:WINDOWSsystem32driverskbfilter.sys [2002-07-11 12856]
R1 UsbFltr;WayTechUSBFilterDriver; C:WINDOWSsystem32driversUsbFltr.sys [2003-12-29 8576]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:WINDOWSsystem32DRIVERSatl01_xp.sys [2007-03-15 38656]
R3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2008-05-15 223128]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-03-26 4395008]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2007-09-16 6853088]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2006-03-02 9856]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:WINDOWSsystem32DRIVERSsnp2sxp.sys [2007-03-30 12033024]
R3 usbaudio;USB Audio Driver (WDM); C:WINDOWSsystem32driversusbaudio.sys [2004-08-03 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 ak8ae1ex;ak8ae1ex; C:WINDOWSsystem32driversak8ae1ex.sys []
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:WINDOWSsystem32driversasusgsb.sys [2007-09-13 12416]
S3 ATE_PROCMON;ATE_PROCMON; ??C:Program FilesAnti Trojan EliteATEPMon.sys []
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-03 17024]
S3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 Video3D;ASUS Video3D Service; C:WINDOWSSystem32DriversVideo3D32.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG Free8 E-mail Scanner; C:PROGRA~1AVGAVG8avgemc.exe [2009-01-27 903960]
R2 avg8wd;AVG Free8 WatchDog; C:PROGRA~1AVGAVG8avgwdsvc.exe [2009-01-27 298264]
R2 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-04 168432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2006-10-19 61440]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2007-09-16 155716]
R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
S2 Google Online Services;Google Online Services; C:Documents and SettingsUserie_updates3r.exe -A []
S2 IPSEC Services (PolicyAgent) ;IPSEC Services (PolicyAgent) ; C:Program Filestintinyproxyytinyproxy.exe []
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]

---

EOF

---

info.txt logfile of random’s system information tool 1.05 2009-02-28 23:15:41

======Uninstall list======

—>C:Program FilesNeroNero 7nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ABBYY Lingvo 10 Multilingual Dictionary—>MsiExec.exe /I{AA10000A-C75E-487C-88FC-37AA1AACFB60}
ACDSee 6.0 PowerPack—>MsiExec.exe /I{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Reader 7.0—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Attansic Ethernet Utility—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1F698102-5739-441E-96F0-74F4EA540F06}setup.exe» -l0x9 -removeonly
Attansic L1 Gigabit Ethernet Driver—>rundll32.exe C:WINDOWSsystem32AttansicL1atcInst.dll,AtcUninst C:WINDOWSsystem32AttansicL1 x86 1969 1048 L1
AVG Free 8.0—>C:Program FilesAVGAVG8setup.exe /UNINSTALL
Call Of Duty 2—>»C:Program FilesCall Of Duty 2unins000.exe»
Canon MF Toolbox 4.9.1.1.mf02—>MsiExec.exe /I{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}
Canon MF3200 Series—>»C:WINDOWSsystem32CanonMF Uninstaller Information{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76}miscDelDrv.exe» /U:{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76} /L0x0000
Desert Thunder—>C:WINDOWSIsUn0419.exe -f»C:Program FilesDT(rus)Uninst.isu»
Flat Out—>»C:Program FilesBukaFlat Outunins000.exe»
FlatOut2—>»C:Program FilesEmpire InteractiveFlatOut2unins000.exe»
GOM Player—>»C:Program FilesGRETECHGomPlayerUninstall.exe»
Google Toolbar for Internet Explorer—>MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer—>regsvr32 /u /s «c:program filesgooglegoogletoolbar1.dll»
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Windows XP (KB914440)—>»C:WINDOWS$NtUninstallKB914440$spuninstspuninst.exe»
Hotfix for Windows XP (KB915865)—>»C:WINDOWS$NtUninstallKB915865$spuninstspuninst.exe»
Hotfix for Windows XP (KB935448)—>»C:WINDOWS$NtUninstallKB935448$spuninstspuninst.exe»
Hotfix for Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Internet for Kids—>»C:Program FilesСамоучитель Интернет для детейunins000.exe»
K-Lite Mega Codec Pack 1.42—>»C:Program FilesK-Lite Codec Packunins000.exe»
marvell 61xx—>C:Program FilesMarvell61xxuninst-61xx.exe
Medal of Honor Allied Assault—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0DEA94ED-915A-4834-A87E-388D012C8E02}Setup.exe» -l0x9
Medal of Honor Pacific Assault(tm)—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}Setup.exe» -l0x9 -removeonly
Media Key—>C:WINDOWSISUNINST.EXE -f»C:Program FilesMedia Keyuninst.isu» -c»C:Program FilesMedia KeyUnInst.dll»
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office XP Professional with FrontPage—>MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Russian User Interface Pack—>MsiExec.exe /I{901E0419-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows XP for Kids—>»C:Program FilesСамоучитель Microsoft Windows XP для детейunins000.exe»
Moto Racer 3—>C:GamesMOTORA~1UNWISE.EXE C:GamesMOTORA~1INSTALL.LOG
Mozilla Firefox (3.0.6)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSN—>C:Program FilesMSNMsnInstallermsninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Need for Speed Most Wanted—>»C:Program FilesEA GAMESNeed for Speed Most Wantedunins000.exe»
Need For Speed Underground—>C:EAGAME~1NEEDFO~1r{F7F2D~1UNWISE.EXE C:EAGAME~1NEEDFO~1r{F7F2D~1INSTALL.LOG
Nero 7 Essentials—>MsiExec.exe /I{C1E544E5-EF3C-4103-A57B-3A499FD91049}
NVIDIA Drivers—>C:WINDOWSsystem32nvudisp.exe UninstallGUI
Race Driver 3—>C:GamesTRD3unwise.exe
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}setup.exe» -l0x19 -removeonly
Security Update for Windows XP (KB923689)—>»C:WINDOWS$NtUninstallKB923689$spuninstspuninst.exe»
Security Update for Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Security Update for Windows XP (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Security Update for Windows XP (KB944338-v2)—>»C:WINDOWS$NtUninstallKB944338-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Security Update for Windows XP (KB950749)—>»C:WINDOWS$NtUninstallKB950749$spuninstspuninst.exe»
Security Update for Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Security Update for Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Security Update for Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Security Update for Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Security Update for Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Security Update for Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Security Update for Windows XP (KB953838)—>»C:WINDOWS$NtUninstallKB953838$spuninstspuninst.exe»
Security Update for Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
Skype™ 3.8—>MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Slim 1320—>C:Program FilesInstallShield Installation Information{393E0058-AE7E-4D6C-BA44-B42B3FE29332}setup.exe -runfromtemp -l0x0019 -removeonly -u
Update for Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Update for Windows XP (KB904942)—>»C:WINDOWS$NtUninstallKB904942$spuninstspuninst.exe»
Update for Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803v2$spuninstspuninst.exe»
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows XP Hotfix — KB885884—>C:WINDOWS$NtUninstallKB885884$spuninstspuninst.exe
WinRAR archiver—>C:Program FilesWinRARuninstall.exe
XviD MPEG-4 Video Codec—>C:WINDOWSsystem32rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:WINDOWSINFxvid.inf
Занимательная математика—>»C:Program FilesРуссобит-МРазвивайка. Репетитор. Занимательная математикаunins000.exe»
Программа обновлений Google—>»C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe» -uninstall

=====HijackThis Backups=====

F2 — REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe,C:Documents and SettingsUserketnug.exe s

======Security center information======

AV: AVG Anti-Virus Free

System event log

Computer Name: USER-
Event Code: 7036
Message: Служба «IMAPI CD-Burning COM Service» перешла в состояние Остановлена.

Record Number: 27147
Source Name: Service Control Manager
Time Written: 20090122160454.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «Computer Browser» перешла в состояние Остановлена.

Record Number: 27146
Source Name: Service Control Manager
Time Written: 20090122160454.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «Remote Access Connection Manager» перешла в состояние Работает.

Record Number: 27145
Source Name: Service Control Manager
Time Written: 20090122160454.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «Application Layer Gateway Service» перешла в состояние Работает.

Record Number: 27144
Source Name: Service Control Manager
Time Written: 20090122160454.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7035
Message: Служба «Application Layer Gateway Service» успешно отправила управляющий элемент «запустить».

Record Number: 27143
Source Name: Service Control Manager
Time Written: 20090122160454.000000+240
Event Type: информация
User: NT AUTHORITYSYSTEM

Application event log

Computer Name: USER-
Event Code: 0
Message:
Record Number: 5
Source Name: gusvc
Time Written: 20090218144550.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 1000
Message: Ошибка приложения flatout2.exe, версия 0.0.0.0, модуль flatout2.exe, версия 0.0.0.0, адрес 0x0010e520.

Record Number: 4
Source Name: Application Error
Time Written: 20090218130256.000000+240
Event Type: ошибка
User:

Computer Name: USER-
Event Code: 1
Message:
Record Number: 3
Source Name: avg8emc
Time Written: 20090218124530.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 2
Source Name: LightScribeService
Time Written: 20090218124521.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 0
Message:
Record Number: 1
Source Name: gusvc
Time Written: 20090218124520.000000+240
Event Type: информация
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 11, GenuineIntel
«PROCESSOR_REVISION»=0f0b
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

[jorjik]

Запускал несколько раз, но проблема та же.Вместо иконок дисков какие-то ярлыки.В логе есть C:Documents and SettingsUserketnug.exe s.найти не смог.Что это может быть?

[jorjik]

Здравствуйте! Вот новые RSIT логи:Logfile of random’s system information tool 1.05 (written by random/random)
Run by User at 2009-02-24 12:58:29
Microsoft Windows XP Professional Service Pack 2
System drive C: has 145 GB (76%) free of 191 GB
Total RAM: 1023 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:58:54, on 24.02.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSvsnp2std.exe
C:PROGRA~1AVGAVG8avgtray.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesMessengermsmsgs.exe
C:Documents and SettingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
C:PROGRA~1AVGAVG8avgwdsvc.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
C:WINDOWSsystem32svchost.exe
C:PROGRA~1AVGAVG8avgrsx.exe
C:PROGRA~1AVGAVG8avgemc.exe
C:PROGRA~1AVGAVG8avgnsx.exe
C:Program FilesAVGAVG8avgcsrvx.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsUserMy DocumentsProgrammi dlia udalenia raznih vrediteleiRSIT.exe
C:Program Filestrend microUser.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.ru/
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:9090
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
F2 — REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe,C:Documents and SettingsUserketnug.exe s
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 — BHO: WormRadar.com IESiteBlocker.NavFilter — {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} — C:Program FilesAVGAVG8avgssie.dll
O2 — BHO: AVG Security Toolbar — {A057A204-BACC-4D26-9990-79A187E2698E} — C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O3 — Toolbar: AVG Security Toolbar — {A057A204-BACC-4D26-9990-79A187E2698E} — C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [snp2std] C:WINDOWSvsnp2std.exe
O4 — HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 — HKLM..Run: [AVG8_TRAY] C:PROGRA~1AVGAVG8avgtray.exe
O4 — HKLM..Run: [High Defination Audio] C:WINDOWSHDaudio.exe
O4 — HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [Google Update] «C:Documents and SettingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe» /c
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 — Extra context menu item: Translate with Lingvo — res://C:Program FilesABBYY Lingvo 10 Multilingual DictionaryLingvo.exe/3000
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCCSServicesTcpip..{5002A937-9FEE-431E-9D49-42014DA0C205}: NameServer = 62.168.168.2,62.168.168.5
O18 — Protocol: linkscanner — {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} — C:Program FilesAVGAVG8avgpp.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 — Winlogon Notify: avgrsstarter — C:WINDOWSSYSTEM32avgrsstx.dll
O23 — Service: AVG Free8 E-mail Scanner (avg8emc) — AVG Technologies CZ, s.r.o. — C:PROGRA~1AVGAVG8avgemc.exe
O23 — Service: AVG Free8 WatchDog (avg8wd) — AVG Technologies CZ, s.r.o. — C:PROGRA~1AVGAVG8avgwdsvc.exe
O23 — Service: Google Online Services — Unknown owner — C:Documents and SettingsUserie_updates3r.exe (file missing)
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: IPSEC Services (PolicyAgent) — Unknown owner — C:Program Filestintinyproxyytinyproxy.exe (file missing)
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: StarWind AE Service (StarWindServiceAE) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe

—
End of file — 6530 bytes

======Scheduled tasks folder======

C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-776561741-1202660629-725345543-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2008-09-23 1088296]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Program FilesAVGAVG8avgssie.dll [2009-01-27 1078552]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2008-11-04 657904]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-06-19 2427968]
{A057A204-BACC-4D26-9990-79A187E2698E} — AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2007-09-16 8491008]
«snp2std»=C:WINDOWSvsnp2std.exe [2006-09-15 675840]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«AVG8_TRAY»=C:PROGRA~1AVGAVG8avgtray.exe [2009-01-27 1601304]
«High Defination Audio»=C:WINDOWSHDaudio.exe []
«UserFaultCheck»=C:WINDOWSsystem32dumprep 0 -u []

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-03 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-07-23 68856]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]
«Google Update»=C:Documents and SettingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2009-01-20 133104]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcmtr]
C:WINDOWSALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcoholAutomount]
C:Program FilesAlcohol SoftAlcohol 120axcmd.exe [2007-07-02 220544]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregASUSGamerOSD]
C:Program FilesASUSGamerOSDGamerOSD.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-11-16 139264]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools]
C:Program FilesDAEMON Toolsdaemon.exe [2005-11-09 128920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDevice Detector]
C:Program FilesCommon FilesACD SystemsENDevDetect.exe [2003-09-17 212992]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvo Launcher]
C:Program FilesABBYY Lingvo 10 Multilingual DictionaryLvagent.exe [2004-10-09 110592]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvoTraining]
C:Program FilesABBYY Lingvo 10 Multilingual DictionaryTutor.exe [2004-10-09 1159168]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvCplDaemon]
C:WINDOWSsystem32NvCpl.dll [2007-09-16 8491008]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter]
C:WINDOWSsystem32NvMcTray.dll [2007-09-16 81920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
C:WINDOWSRTHDCPL.EXE [2007-03-21 16126464]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkypePhoneSkype.exe [2008-09-23 21755688]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregsnp2std]
C:WINDOWSvsnp2std.exe [2006-09-15 675840]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Media Key.lnk]
C:PROGRA~1MEDIAK~1MagicKey.exe [2003-12-31 159744]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:PROGRA~1MICROS~2Office10OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2
«wscsvc»=2

C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavgrsstarter]
C:WINDOWSsystem32avgrsstx.dll [2009-01-27 10520]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«NoDispBackgroundPage»=1
«NoDispScrSavPage»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:GamesMedal of Honor PAmohpa.exe»=»C:GamesMedal of Honor PAmohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)»
«C:GamesMedal of Honor AAMOHAA.exe»=»C:GamesMedal of Honor AAMOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)»
«C:WINDOWSsystem32hucq.exe»=»C:WINDOWSsystem32hucq.exe:*:Enabled:ENABLE»
«C:Documents and SettingsUserttm.exe»=»C:Documents and SettingsUserttm.exe:*:Enabled:ENABLE»
«C:WINDOWSsystem32naip.exe»=»C:WINDOWSsystem32naip.exe:*:Enabled:ENABLE»
«C:Documents and SettingsUserketnug.exe»=»C:Documents and SettingsUserketnug.exe:*:Enabled:ENABLE»
«C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Anti-Virus 7.0.1.325Russiansetup.exe»=»C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Anti-Virus 7.0.1.325Russiansetup.exe:*:Enabled:Программа установки Антивируса Касперского 7.0»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesEmpire InteractiveFlatOut2FlatOut2.exe»=»C:Program FilesEmpire InteractiveFlatOut2FlatOut2.exe:*:Enabled:FlatOut2»
«C:Program FilesAVGAVG8avgemc.exe»=»C:Program FilesAVGAVG8avgemc.exe:*:Enabled:avgemc.exe»
«C:Program FilesAVGAVG8avgupd.exe»=»C:Program FilesAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»
«C:WINDOWSHDaudio.exe»=»C:WINDOWSHDaudio.exe:*:Enabled:Explorer»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

======File associations======

.ini — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1
.txt — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-02-24 12:58:29 —-D—- C:rsit
2009-02-24 12:58:29 —-D—- C:Program Filestrend micro

======List of files/folders modified in the last 1 months======

2009-02-24 12:58:29 —-RD—- C:Program Files
2009-02-24 12:56:37 —-D—- C:WINDOWSTemp
2009-02-24 12:55:09 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-24 12:50:16 —-D—- C:Program FilesMozilla Firefox
2009-02-23 22:31:59 —-D—- C:Documents and SettingsUserApplication DataSkype
2009-02-23 22:19:37 —-A—- C:WINDOWSNeroDigital.ini
2009-02-23 22:19:09 —-D—- C:WINDOWSAlbum
2009-02-23 22:18:08 —-D—- C:Documents and SettingsUserApplication DataskypePM
2009-02-23 18:54:13 —-D—- C:WINDOWS
2009-02-22 17:42:43 —-D—- C:WINDOWSMinidump
2009-02-21 23:02:18 —-D—- C:WINDOWSPrefetch
2009-02-20 19:58:48 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle Updater
2009-02-17 19:07:54 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-15 11:30:43 —-D—- C:WINDOWSnetwork diagnostic
2009-02-14 21:26:48 —-SD—- C:WINDOWSTasks
2009-02-13 12:45:15 —-HD—- C:$AVG8.VAULT$
2009-02-08 12:22:29 —-HD—- C:WINDOWSinf
2009-02-05 13:18:27 —-D—- C:WINDOWSsystem32drivers
2009-02-04 11:54:47 —-SHD—- C:System Volume Information
2009-02-04 11:54:47 —-D—- C:WINDOWSsystem32Restore
2009-01-27 15:35:31 —-D—- C:WINDOWSsystem32
2009-01-27 15:33:35 —-D—- C:Documents and SettingsAll UsersApplication Dataavg8
2009-01-27 15:33:21 —-A—- C:WINDOWSsystem32avgrsstx.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2009-01-27 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2009-01-27 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:WINDOWSSystem32Driversavgtdix.sys [2009-01-27 107272]
R1 EIO;EIO; ??C:WINDOWSsystem32driversEIO.sys []
R1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-03 36096]
R1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-03 14848]
R1 kbfilter;Keyboard Filter Driver; C:WINDOWSsystem32driverskbfilter.sys [2002-07-11 12856]
R1 UsbFltr;WayTechUSBFilterDriver; C:WINDOWSsystem32driversUsbFltr.sys [2003-12-29 8576]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:WINDOWSsystem32DRIVERSatl01_xp.sys [2007-03-15 38656]
R3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2008-05-15 223128]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-03-26 4395008]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2007-09-16 6853088]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2006-03-02 9856]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:WINDOWSsystem32DRIVERSsnp2sxp.sys [2007-03-30 12033024]
R3 usbaudio;USB Audio Driver (WDM); C:WINDOWSsystem32driversusbaudio.sys [2004-08-03 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 afdclk3z;afdclk3z; C:WINDOWSsystem32driversafdclk3z.sys []
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:WINDOWSsystem32driversasusgsb.sys [2007-09-13 12416]
S3 ATE_PROCMON;ATE_PROCMON; ??C:Program FilesAnti Trojan EliteATEPMon.sys []
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-03 17024]
S3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 Video3D;ASUS Video3D Service; C:WINDOWSSystem32DriversVideo3D32.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG Free8 E-mail Scanner; C:PROGRA~1AVGAVG8avgemc.exe [2009-01-27 903960]
R2 avg8wd;AVG Free8 WatchDog; C:PROGRA~1AVGAVG8avgwdsvc.exe [2009-01-27 298264]
R2 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-04 168432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2006-10-19 61440]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2007-09-16 155716]
R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
S2 Google Online Services;Google Online Services; C:Documents and SettingsUserie_updates3r.exe -A []
S2 IPSEC Services (PolicyAgent) ;IPSEC Services (PolicyAgent) ; C:Program Filestintinyproxyytinyproxy.exe []
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]

---

EOF

---

info.txt logfile of random’s system information tool 1.05 2009-02-24 12:58:54

======Uninstall list======

—>C:Program FilesNeroNero 7nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ABBYY Lingvo 10 Multilingual Dictionary—>MsiExec.exe /I{AA10000A-C75E-487C-88FC-37AA1AACFB60}
ACDSee 6.0 PowerPack—>MsiExec.exe /I{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Reader 7.0—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Attansic Ethernet Utility—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1F698102-5739-441E-96F0-74F4EA540F06}setup.exe» -l0x9 -removeonly
Attansic L1 Gigabit Ethernet Driver—>rundll32.exe C:WINDOWSsystem32AttansicL1atcInst.dll,AtcUninst C:WINDOWSsystem32AttansicL1 x86 1969 1048 L1
AVG Free 8.0—>C:Program FilesAVGAVG8setup.exe /UNINSTALL
Call Of Duty 2—>»C:Program FilesCall Of Duty 2unins000.exe»
Canon MF Toolbox 4.9.1.1.mf02—>MsiExec.exe /I{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}
Canon MF3200 Series—>»C:WINDOWSsystem32CanonMF Uninstaller Information{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76}miscDelDrv.exe» /U:{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76} /L0x0000
Desert Thunder—>C:WINDOWSIsUn0419.exe -f»C:Program FilesDT(rus)Uninst.isu»
Flat Out—>»C:Program FilesBukaFlat Outunins000.exe»
FlatOut2—>»C:Program FilesEmpire InteractiveFlatOut2unins000.exe»
GOM Player—>»C:Program FilesGRETECHGomPlayerUninstall.exe»
Google Toolbar for Internet Explorer—>MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer—>regsvr32 /u /s «c:program filesgooglegoogletoolbar1.dll»
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Windows XP (KB914440)—>»C:WINDOWS$NtUninstallKB914440$spuninstspuninst.exe»
Hotfix for Windows XP (KB915865)—>»C:WINDOWS$NtUninstallKB915865$spuninstspuninst.exe»
Hotfix for Windows XP (KB935448)—>»C:WINDOWS$NtUninstallKB935448$spuninstspuninst.exe»
Hotfix for Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Internet for Kids—>»C:Program FilesСамоучитель Интернет для детейunins000.exe»
K-Lite Mega Codec Pack 1.42—>»C:Program FilesK-Lite Codec Packunins000.exe»
marvell 61xx—>C:Program FilesMarvell61xxuninst-61xx.exe
Medal of Honor Allied Assault—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0DEA94ED-915A-4834-A87E-388D012C8E02}Setup.exe» -l0x9
Medal of Honor Pacific Assault(tm)—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}Setup.exe» -l0x9 -removeonly
Media Key—>C:WINDOWSISUNINST.EXE -f»C:Program FilesMedia Keyuninst.isu» -c»C:Program FilesMedia KeyUnInst.dll»
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office XP Professional with FrontPage—>MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Russian User Interface Pack—>MsiExec.exe /I{901E0419-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows XP for Kids—>»C:Program FilesСамоучитель Microsoft Windows XP для детейunins000.exe»
Moto Racer 3—>C:GamesMOTORA~1UNWISE.EXE C:GamesMOTORA~1INSTALL.LOG
Mozilla Firefox (3.0.6)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSN—>C:Program FilesMSNMsnInstallermsninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Need for Speed Most Wanted—>»C:Program FilesEA GAMESNeed for Speed Most Wantedunins000.exe»
Need For Speed Underground—>C:EAGAME~1NEEDFO~1r{F7F2D~1UNWISE.EXE C:EAGAME~1NEEDFO~1r{F7F2D~1INSTALL.LOG
Nero 7 Essentials—>MsiExec.exe /I{C1E544E5-EF3C-4103-A57B-3A499FD91049}
NVIDIA Drivers—>C:WINDOWSsystem32nvudisp.exe UninstallGUI
Race Driver 3—>C:GamesTRD3unwise.exe
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}setup.exe» -l0x19 -removeonly
Security Update for Windows XP (KB923689)—>»C:WINDOWS$NtUninstallKB923689$spuninstspuninst.exe»
Security Update for Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Security Update for Windows XP (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Security Update for Windows XP (KB944338-v2)—>»C:WINDOWS$NtUninstallKB944338-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Security Update for Windows XP (KB950749)—>»C:WINDOWS$NtUninstallKB950749$spuninstspuninst.exe»
Security Update for Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Security Update for Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Security Update for Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Security Update for Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Security Update for Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Security Update for Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Security Update for Windows XP (KB953838)—>»C:WINDOWS$NtUninstallKB953838$spuninstspuninst.exe»
Security Update for Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
Skype™ 3.8—>MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Slim 1320—>C:Program FilesInstallShield Installation Information{393E0058-AE7E-4D6C-BA44-B42B3FE29332}setup.exe -runfromtemp -l0x0019 -removeonly -u
Update for Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Update for Windows XP (KB904942)—>»C:WINDOWS$NtUninstallKB904942$spuninstspuninst.exe»
Update for Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803v2$spuninstspuninst.exe»
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows XP Hotfix — KB885884—>C:WINDOWS$NtUninstallKB885884$spuninstspuninst.exe
WinRAR archiver—>C:Program FilesWinRARuninstall.exe
XviD MPEG-4 Video Codec—>C:WINDOWSsystem32rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:WINDOWSINFxvid.inf
Занимательная математика—>»C:Program FilesРуссобит-МРазвивайка. Репетитор. Занимательная математикаunins000.exe»
Программа обновлений Google—>»C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe» -uninstall

======Security center information======

AV: AVG Anti-Virus Free

System event log

Computer Name: USER-
Event Code: 6005
Message: Запущена служба журнала событий.

Record Number: 26861
Source Name: EventLog
Time Written: 20090119193225.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 26860
Source Name: EventLog
Time Written: 20090119193225.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 6006
Message: Служба журнала событий остановлена.

Record Number: 26859
Source Name: EventLog
Time Written: 20090119193114.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «IMAPI CD-Burning COM Service» перешла в состояние Остановлена.

Record Number: 26858
Source Name: Service Control Manager
Time Written: 20090119192603.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «IMAPI CD-Burning COM Service» перешла в состояние Работает.

Record Number: 26857
Source Name: Service Control Manager
Time Written: 20090119192557.000000+240
Event Type: информация
User:

Application event log

Computer Name: USER-
Event Code: 0
Message:
Record Number: 5
Source Name: gusvc
Time Written: 20090218144550.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 1000
Message: Ошибка приложения flatout2.exe, версия 0.0.0.0, модуль flatout2.exe, версия 0.0.0.0, адрес 0x0010e520.

Record Number: 4
Source Name: Application Error
Time Written: 20090218130256.000000+240
Event Type: ошибка
User:

Computer Name: USER-
Event Code: 1
Message:
Record Number: 3
Source Name: avg8emc
Time Written: 20090218124530.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 2
Source Name: LightScribeService
Time Written: 20090218124521.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 0
Message:
Record Number: 1
Source Name: gusvc
Time Written: 20090218124520.000000+240
Event Type: информация
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 11, GenuineIntel
«PROCESSOR_REVISION»=0f0b
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

[jorjik]

Уважаемый Валерий! Мне удалось запустить IE!Проблема была в настройках.Я их изменил и он запускается без проблем,вообще система работает отлично.Огромное Вам спасибо!!!Но,к сожалению, есть ещё одна проблема;значки жёсткого диска превратились в непонятные ярлыки.Подобное уже обсуждалось на форуме ( писал viv).Если Вам не трудно, просмотрите пожалуйста эту тему.Можно и мне воспользоваться предложенным вариантом?

[jorjik]

Здравствуйте Валерий!В инструкции использования Combofix есть пункт об отключении антивируса.Как ни старался не отключается! У меня AVG 8.0 FREE. Посоветуйте пожалуйста как это сделать.А нельзя использовать другую программу? Заранее благодарю!

[jorjik]

У меня Internet Explorer 6.0.При попытке запуска появляется/ Cannot find server/.Я попробовал изменить настройки через Свойства Обозревателя,не получилось.

[jorjik]

Здравствуйте Валерий!Спасибо большое за помощь,компьютер работает как раньше, но не открывается Internet Explorer.Вообще-то я им не особо пользуюсь,хочется узнать в чём может быть причина.

[jorjik]

Здравствуйте Валерий! Сделал как Вы сказали.Логи ниже,появились новые проблемы: не открываются Internet Explorer и Mozilla.Может быть изменились какие-нибудь настройки?========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service gdi32 stopped successfully.
Service gdi32 deleted successfully.
Unable to stop service aqqncj55 .
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\lphcgg2j0ev7a deleted successfully.
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\in3 deleted successfully.
Registry key HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregVVSN\ deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWinCtrl32\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{3819ac78-b630-11dd-a760-001d609a4dce}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde676e-beb9-11dc-bff9-806d6172696f}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde676f-beb9-11dc-bff9-806d6172696f}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde6770-beb9-11dc-bff9-806d6172696f}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c49058fa-9833-11dd-a71f-001d609a4dce}\ deleted successfully.
========== FILES ==========
File/Folder C:WINDOWSsystem32driversgdi32.sys [] not found.
C:Program Filestintinyproxyytinyproxy.exe moved successfully.
C:WINDOWStasksAt1.job moved successfully.
C:WINDOWStasksAt10.job moved successfully.
C:WINDOWStasksAt11.job moved successfully.
C:WINDOWStasksAt12.job moved successfully.
C:WINDOWStasksAt13.job moved successfully.
C:WINDOWStasksAt14.job moved successfully.
C:WINDOWStasksAt15.job moved successfully.
C:WINDOWStasksAt16.job moved successfully.
C:WINDOWStasksAt17.job moved successfully.
C:WINDOWStasksAt18.job moved successfully.
C:WINDOWStasksAt19.job moved successfully.
C:WINDOWStasksAt2.job moved successfully.
C:WINDOWStasksAt20.job moved successfully.
C:WINDOWStasksAt21.job moved successfully.
C:WINDOWStasksAt22.job moved successfully.
C:WINDOWStasksAt23.job moved successfully.
C:WINDOWStasksAt24.job moved successfully.
C:WINDOWStasksAt25.job moved successfully.
C:WINDOWStasksAt26.job moved successfully.
C:WINDOWStasksAt27.job moved successfully.
C:WINDOWStasksAt28.job moved successfully.
C:WINDOWStasksAt29.job moved successfully.
C:WINDOWStasksAt3.job moved successfully.
C:WINDOWStasksAt30.job moved successfully.
C:WINDOWStasksAt31.job moved successfully.
C:WINDOWStasksAt32.job moved successfully.
C:WINDOWStasksAt33.job moved successfully.
C:WINDOWStasksAt34.job moved successfully.
C:WINDOWStasksAt35.job moved successfully.
C:WINDOWStasksAt36.job moved successfully.
C:WINDOWStasksAt37.job moved successfully.
C:WINDOWStasksAt38.job moved successfully.
C:WINDOWStasksAt39.job moved successfully.
C:WINDOWStasksAt4.job moved successfully.
C:WINDOWStasksAt40.job moved successfully.
C:WINDOWStasksAt41.job moved successfully.
C:WINDOWStasksAt42.job moved successfully.
C:WINDOWStasksAt43.job moved successfully.
C:WINDOWStasksAt44.job moved successfully.
C:WINDOWStasksAt45.job moved successfully.
C:WINDOWStasksAt46.job moved successfully.
C:WINDOWStasksAt47.job moved successfully.
C:WINDOWStasksAt48.job moved successfully.
C:WINDOWStasksAt5.job moved successfully.
C:WINDOWStasksAt6.job moved successfully.
C:WINDOWStasksAt7.job moved successfully.
C:WINDOWStasksAt8.job moved successfully.
C:WINDOWStasksAt9.job moved successfully.
========== COMMANDS ==========
User’s Temp folder emptied.
User’s Temporary Internet Files folder emptied.
User’s Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 02142009_212648
И свежие логи от rsitLogfile of random’s system information tool 1.05 (written by random/random)
Run by User at 2009-02-14 22:48:03
Microsoft Windows XP Professional Service Pack 2
System drive C: has 145 GB (76%) free of 191 GB
Total RAM: 1023 MB (58% free)

HijackThis download failed

======Scheduled tasks folder======

C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-776561741-1202660629-725345543-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2008-09-23 1088296]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Program FilesAVGAVG8avgssie.dll [2009-01-27 1078552]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2008-11-04 657904]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-06-19 2427968]
{A057A204-BACC-4D26-9990-79A187E2698E} — AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2007-09-16 8491008]
«snp2std»=C:WINDOWSvsnp2std.exe [2006-09-15 675840]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«AVG8_TRAY»=C:PROGRA~1AVGAVG8avgtray.exe [2009-01-27 1601304]
«High Defination Audio»=C:WINDOWSHDaudio.exe []
«UserFaultCheck»=C:WINDOWSsystem32dumprep 0 -u []

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-03 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-07-23 68856]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]
«Google Update»=C:Documents and SettingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2009-01-20 133104]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcmtr]
C:WINDOWSALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcoholAutomount]
C:Program FilesAlcohol SoftAlcohol 120axcmd.exe [2007-07-02 220544]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregASUSGamerOSD]
C:Program FilesASUSGamerOSDGamerOSD.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-11-16 139264]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools]
C:Program FilesDAEMON Toolsdaemon.exe [2005-11-09 128920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDevice Detector]
C:Program FilesCommon FilesACD SystemsENDevDetect.exe [2003-09-17 212992]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvo Launcher]
C:Program FilesABBYY Lingvo 10 Multilingual DictionaryLvagent.exe [2004-10-09 110592]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvoTraining]
C:Program FilesABBYY Lingvo 10 Multilingual DictionaryTutor.exe [2004-10-09 1159168]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvCplDaemon]
C:WINDOWSsystem32NvCpl.dll [2007-09-16 8491008]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter]
C:WINDOWSsystem32NvMcTray.dll [2007-09-16 81920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
C:WINDOWSRTHDCPL.EXE [2007-03-21 16126464]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkypePhoneSkype.exe [2008-09-23 21755688]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregsnp2std]
C:WINDOWSvsnp2std.exe [2006-09-15 675840]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Media Key.lnk]
C:PROGRA~1MEDIAK~1MagicKey.exe [2003-12-31 159744]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:PROGRA~1MICROS~2Office10OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2
«wscsvc»=2

C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavgrsstarter]
C:WINDOWSsystem32avgrsstx.dll [2009-01-27 10520]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«NoDispBackgroundPage»=1
«NoDispScrSavPage»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:GamesMedal of Honor PAmohpa.exe»=»C:GamesMedal of Honor PAmohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)»
«C:GamesMedal of Honor AAMOHAA.exe»=»C:GamesMedal of Honor AAMOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)»
«C:WINDOWSsystem32hucq.exe»=»C:WINDOWSsystem32hucq.exe:*:Enabled:ENABLE»
«C:Documents and SettingsUserttm.exe»=»C:Documents and SettingsUserttm.exe:*:Enabled:ENABLE»
«C:WINDOWSsystem32naip.exe»=»C:WINDOWSsystem32naip.exe:*:Enabled:ENABLE»
«C:Documents and SettingsUserketnug.exe»=»C:Documents and SettingsUserketnug.exe:*:Enabled:ENABLE»
«C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Anti-Virus 7.0.1.325Russiansetup.exe»=»C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Anti-Virus 7.0.1.325Russiansetup.exe:*:Enabled:Программа установки Антивируса Касперского 7.0»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesEmpire InteractiveFlatOut2FlatOut2.exe»=»C:Program FilesEmpire InteractiveFlatOut2FlatOut2.exe:*:Enabled:FlatOut2»
«C:Program FilesAVGAVG8avgemc.exe»=»C:Program FilesAVGAVG8avgemc.exe:*:Enabled:avgemc.exe»
«C:Program FilesAVGAVG8avgupd.exe»=»C:Program FilesAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»
«C:WINDOWSHDaudio.exe»=»C:WINDOWSHDaudio.exe:*:Enabled:Explorer»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

======File associations======

.ini — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1
.txt — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-02-14 22:48:03 —-D—- C:rsit
2009-02-14 22:48:03 —-D—- C:Program Filestrend micro
2009-02-14 21:26:48 —-D—- C:_OTMoveIt

======List of files/folders modified in the last 1 months======

2009-02-14 22:48:03 —-RD—- C:Program Files
2009-02-14 22:43:53 —-D—- C:Program FilesMozilla Firefox
2009-02-14 22:43:22 —-D—- C:WINDOWSPrefetch
2009-02-14 22:10:41 —-D—- C:WINDOWSTemp
2009-02-14 22:09:03 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-14 22:08:01 —-D—- C:Documents and SettingsUserApplication DataSkype
2009-02-14 22:06:40 —-D—- C:Documents and SettingsUserApplication DataskypePM
2009-02-14 21:26:48 —-SD—- C:WINDOWSTasks
2009-02-14 12:07:11 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle Updater
2009-02-13 23:00:24 —-A—- C:WINDOWSNeroDigital.ini
2009-02-13 20:37:11 —-D—- C:WINDOWSMinidump
2009-02-13 20:37:11 —-D—- C:WINDOWS
2009-02-13 12:45:15 —-HD—- C:$AVG8.VAULT$
2009-02-08 15:55:45 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-08 12:22:29 —-HD—- C:WINDOWSinf
2009-02-07 13:01:20 —-D—- C:WINDOWSAlbum
2009-02-05 13:18:27 —-D—- C:WINDOWSsystem32drivers
2009-02-04 11:54:47 —-SHD—- C:System Volume Information
2009-02-04 11:54:47 —-D—- C:WINDOWSsystem32Restore
2009-01-27 15:35:31 —-D—- C:WINDOWSsystem32
2009-01-27 15:33:35 —-D—- C:Documents and SettingsAll UsersApplication Dataavg8
2009-01-27 15:33:21 —-A—- C:WINDOWSsystem32avgrsstx.dll
2009-01-19 19:22:23 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-19 19:21:50 —-A—- C:WINDOWSimsins.BAK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2009-01-27 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2009-01-27 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:WINDOWSSystem32Driversavgtdix.sys [2009-01-27 107272]
R1 EIO;EIO; ??C:WINDOWSsystem32driversEIO.sys []
R1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-03 36096]
R1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-03 14848]
R1 kbfilter;Keyboard Filter Driver; C:WINDOWSsystem32driverskbfilter.sys [2002-07-11 12856]
R1 UsbFltr;WayTechUSBFilterDriver; C:WINDOWSsystem32driversUsbFltr.sys [2003-12-29 8576]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:WINDOWSsystem32DRIVERSatl01_xp.sys [2007-03-15 38656]
R3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2008-05-15 223128]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-03-26 4395008]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2007-09-16 6853088]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2006-03-02 9856]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:WINDOWSsystem32DRIVERSsnp2sxp.sys [2007-03-30 12033024]
R3 usbaudio;USB Audio Driver (WDM); C:WINDOWSsystem32driversusbaudio.sys [2004-08-03 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 a5ip2ohq;a5ip2ohq; C:WINDOWSsystem32driversa5ip2ohq.sys []
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:WINDOWSsystem32driversasusgsb.sys [2007-09-13 12416]
S3 ATE_PROCMON;ATE_PROCMON; ??C:Program FilesAnti Trojan EliteATEPMon.sys []
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-03 17024]
S3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 Video3D;ASUS Video3D Service; C:WINDOWSSystem32DriversVideo3D32.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG Free8 E-mail Scanner; C:PROGRA~1AVGAVG8avgemc.exe [2009-01-27 903960]
R2 avg8wd;AVG Free8 WatchDog; C:PROGRA~1AVGAVG8avgwdsvc.exe [2009-01-27 298264]
R2 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-04 168432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2006-10-19 61440]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2007-09-16 155716]
R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
S2 Google Online Services;Google Online Services; C:Documents and SettingsUserie_updates3r.exe -A []
S2 IPSEC Services (PolicyAgent) ;IPSEC Services (PolicyAgent) ; C:Program Filestintinyproxyytinyproxy.exe []
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]

---

EOF

---

info.txt logfile of random’s system information tool 1.05 2009-02-14 22:48:05

======Uninstall list======

—>C:Program FilesNeroNero 7nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ABBYY Lingvo 10 Multilingual Dictionary—>MsiExec.exe /I{AA10000A-C75E-487C-88FC-37AA1AACFB60}
ACDSee 6.0 PowerPack—>MsiExec.exe /I{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Reader 7.0—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Attansic Ethernet Utility—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1F698102-5739-441E-96F0-74F4EA540F06}setup.exe» -l0x9 -removeonly
Attansic L1 Gigabit Ethernet Driver—>rundll32.exe C:WINDOWSsystem32AttansicL1atcInst.dll,AtcUninst C:WINDOWSsystem32AttansicL1 x86 1969 1048 L1
AVG Free 8.0—>C:Program FilesAVGAVG8setup.exe /UNINSTALL
Call Of Duty 2—>»C:Program FilesCall Of Duty 2unins000.exe»
Canon MF Toolbox 4.9.1.1.mf02—>MsiExec.exe /I{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}
Canon MF3200 Series—>»C:WINDOWSsystem32CanonMF Uninstaller Information{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76}miscDelDrv.exe» /U:{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76} /L0x0000
Desert Thunder—>C:WINDOWSIsUn0419.exe -f»C:Program FilesDT(rus)Uninst.isu»
Flat Out—>»C:Program FilesBukaFlat Outunins000.exe»
FlatOut2—>»C:Program FilesEmpire InteractiveFlatOut2unins000.exe»
GOM Player—>»C:Program FilesGRETECHGomPlayerUninstall.exe»
Google Toolbar for Internet Explorer—>MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer—>regsvr32 /u /s «c:program filesgooglegoogletoolbar1.dll»
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
Hotfix for Windows XP (KB914440)—>»C:WINDOWS$NtUninstallKB914440$spuninstspuninst.exe»
Hotfix for Windows XP (KB915865)—>»C:WINDOWS$NtUninstallKB915865$spuninstspuninst.exe»
Hotfix for Windows XP (KB935448)—>»C:WINDOWS$NtUninstallKB935448$spuninstspuninst.exe»
Hotfix for Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Internet for Kids—>»C:Program FilesСамоучитель Интернет для детейunins000.exe»
K-Lite Mega Codec Pack 1.42—>»C:Program FilesK-Lite Codec Packunins000.exe»
marvell 61xx—>C:Program FilesMarvell61xxuninst-61xx.exe
Medal of Honor Allied Assault—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0DEA94ED-915A-4834-A87E-388D012C8E02}Setup.exe» -l0x9
Medal of Honor Pacific Assault(tm)—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}Setup.exe» -l0x9 -removeonly
Media Key—>C:WINDOWSISUNINST.EXE -f»C:Program FilesMedia Keyuninst.isu» -c»C:Program FilesMedia KeyUnInst.dll»
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office XP Professional with FrontPage—>MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Russian User Interface Pack—>MsiExec.exe /I{901E0419-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows XP for Kids—>»C:Program FilesСамоучитель Microsoft Windows XP для детейunins000.exe»
Moto Racer 3—>C:GamesMOTORA~1UNWISE.EXE C:GamesMOTORA~1INSTALL.LOG
Mozilla Firefox (3.0.1)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSN—>C:Program FilesMSNMsnInstallermsninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Need for Speed Most Wanted—>»C:Program FilesEA GAMESNeed for Speed Most Wantedunins000.exe»
Need For Speed Underground—>C:EAGAME~1NEEDFO~1r{F7F2D~1UNWISE.EXE C:EAGAME~1NEEDFO~1r{F7F2D~1INSTALL.LOG
Nero 7 Essentials—>MsiExec.exe /I{C1E544E5-EF3C-4103-A57B-3A499FD91049}
NVIDIA Drivers—>C:WINDOWSsystem32nvudisp.exe UninstallGUI
Race Driver 3—>C:GamesTRD3unwise.exe
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}setup.exe» -l0x19 -removeonly
Security Update for Windows XP (KB923689)—>»C:WINDOWS$NtUninstallKB923689$spuninstspuninst.exe»
Security Update for Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Security Update for Windows XP (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Security Update for Windows XP (KB944338-v2)—>»C:WINDOWS$NtUninstallKB944338-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Security Update for Windows XP (KB950749)—>»C:WINDOWS$NtUninstallKB950749$spuninstspuninst.exe»
Security Update for Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Security Update for Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Security Update for Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Security Update for Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Security Update for Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Security Update for Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Security Update for Windows XP (KB953838)—>»C:WINDOWS$NtUninstallKB953838$spuninstspuninst.exe»
Security Update for Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
Skype™ 3.8—>MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Slim 1320—>C:Program FilesInstallShield Installation Information{393E0058-AE7E-4D6C-BA44-B42B3FE29332}setup.exe -runfromtemp -l0x0019 -removeonly -u
Update for Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Update for Windows XP (KB904942)—>»C:WINDOWS$NtUninstallKB904942$spuninstspuninst.exe»
Update for Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803v2$spuninstspuninst.exe»
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows XP Hotfix — KB885884—>C:WINDOWS$NtUninstallKB885884$spuninstspuninst.exe
WinRAR archiver—>C:Program FilesWinRARuninstall.exe
XviD MPEG-4 Video Codec—>C:WINDOWSsystem32rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:WINDOWSINFxvid.inf
Занимательная математика—>»C:Program FilesРуссобит-МРазвивайка. Репетитор. Занимательная математикаunins000.exe»
Программа обновлений Google—>»C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe» -uninstall

======Security center information======

AV: AVG Anti-Virus Free

System event log

Computer Name: USER-
Event Code: 7036
Message: Служба «Terminal Services» перешла в состояние Работает.

Record Number: 26185
Source Name: Service Control Manager
Time Written: 20090112112142.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7000
Message: Сбой при запуске службы «Parallel port driver» из-за ошибки
Указанная служба не может быть запущена, поскольку она отключена или все связанные с ней устройства отключены.

Record Number: 26184
Source Name: Service Control Manager
Time Written: 20090112112142.000000+240
Event Type: ошибка
User:

Computer Name: USER-
Event Code: 1007
Message: Компьютер автоматически настроил IP-адрес для сетевого адаптера
с адресом 001D609A4DCE. Используется IP-адрес 169.254.242.178.

Record Number: 26183
Source Name: Dhcp
Time Written: 20090112112112.000000+240
Event Type: предупреждение
User:

Computer Name: USER-
Event Code: 6005
Message: Запущена служба журнала событий.

Record Number: 26182
Source Name: EventLog
Time Written: 20090112112011.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 26181
Source Name: EventLog
Time Written: 20090112112011.000000+240
Event Type: информация
User:

Application event log

Computer Name: USER-
Event Code: 1
Message:
Record Number: 4046
Source Name: Avg7UpdSvc
Time Written: 20080705110924.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 1000
Message: Ошибка приложения skin.exe, версия 2.0.0.0, модуль skin.exe, версия 2.0.0.0, адрес 0x0005268e.

Record Number: 4045
Source Name: Application Error
Time Written: 20080705001046.000000+240
Event Type: ошибка
User:

Computer Name: USER-
Event Code: 1
Message:
Record Number: 4044
Source Name: AVGEMS
Time Written: 20080704192716.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 4043
Source Name: LightScribeService
Time Written: 20080704192715.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 1
Message:
Record Number: 4042
Source Name: Avg7UpdSvc
Time Written: 20080704192711.000000+240
Event Type: информация
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 11, GenuineIntel
«PROCESSOR_REVISION»=0f0b
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

[jorjik]

Здравствуйте Валерий!Сделал всё как Вы просили.Вот логи: ========== PROCESSES ==========
Process explorer.exe killed successfully.
Unable to kill process: :services
Unable to kill process: gdi32
Unable to kill process: aqqncj55
Unable to kill process: :reg
Unable to kill process: [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
Unable to kill process: «lphcgg2j0ev7a»=-
Unable to kill process: «in3″=-
Unable to kill process: [-HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregVVSN]
Unable to kill process: [-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWinCtrl32]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{3819ac78-b630-11dd-a760-001d609a4dce}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde676e-beb9-11dc-bff9-806d6172696f}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde676f-beb9-11dc-bff9-806d6172696f}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde6770-beb9-11dc-bff9-806d6172696f}]
Unable to kill process: [-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c49058fa-9833-11dd-a71f-001d609a4dce}]
Unable to kill process: :files
Unable to kill process: C:WINDOWSsystem32driversgdi32.sys []
Unable to kill process: %ProgramFiles%tintinyproxyytinyproxy.exe
Unable to kill process: C:WINDOWStasksAt1.job
Unable to kill process: C:WINDOWStasksAt10.job
Unable to kill process: C:WINDOWStasksAt11.job
Unable to kill process: C:WINDOWStasksAt12.job
Unable to kill process: C:WINDOWStasksAt13.job
Unable to kill process: C:WINDOWStasksAt14.job
Unable to kill process: C:WINDOWStasksAt15.job
Unable to kill process: C:WINDOWStasksAt16.job
Unable to kill process: C:WINDOWStasksAt17.job
Unable to kill process: C:WINDOWStasksAt18.job
Unable to kill process: C:WINDOWStasksAt19.job
Unable to kill process: C:WINDOWStasksAt2.job
Unable to kill process: C:WINDOWStasksAt20.job
Unable to kill process: C:WINDOWStasksAt21.job
Unable to kill process: C:WINDOWStasksAt22.job
Unable to kill process: C:WINDOWStasksAt23.job
Unable to kill process: C:WINDOWStasksAt24.job
Unable to kill process: C:WINDOWStasksAt25.job
Unable to kill process: C:WINDOWStasksAt26.job
Unable to kill process: C:WINDOWStasksAt27.job
Unable to kill process: C:WINDOWStasksAt28.job
Unable to kill process: C:WINDOWStasksAt29.job
Unable to kill process: C:WINDOWStasksAt3.job
Unable to kill process: C:WINDOWStasksAt30.job
Unable to kill process: C:WINDOWStasksAt31.job
Unable to kill process: C:WINDOWStasksAt32.job
Unable to kill process: C:WINDOWStasksAt33.job
Unable to kill process: C:WINDOWStasksAt34.job
Unable to kill process: C:WINDOWStasksAt35.job
Unable to kill process: C:WINDOWStasksAt36.job
Unable to kill process: C:WINDOWStasksAt37.job
Unable to kill process: C:WINDOWStasksAt38.job
Unable to kill process: C:WINDOWStasksAt39.job
Unable to kill process: C:WINDOWStasksAt4.job
Unable to kill process: C:WINDOWStasksAt40.job
Unable to kill process: C:WINDOWStasksAt41.job
Unable to kill process: C:WINDOWStasksAt42.job
Unable to kill process: C:WINDOWStasksAt43.job
Unable to kill process: C:WINDOWStasksAt44.job
Unable to kill process: C:WINDOWStasksAt45.job
Unable to kill process: C:WINDOWStasksAt46.job
Unable to kill process: C:WINDOWStasksAt47.job
Unable to kill process: C:WINDOWStasksAt48.job
Unable to kill process: C:WINDOWStasksAt5.job
Unable to kill process: C:WINDOWStasksAt6.job
Unable to kill process: C:WINDOWStasksAt7.job
Unable to kill process: C:WINDOWStasksAt8.job
Unable to kill process: C:WINDOWStasksAt9.job
Unable to kill process: :Commands
Unable to kill process: [emptytemp]
Unable to kill process: [start explorer]
Unable to kill process: [Reboot]

OTMoveIt3 by OldTimer — Version 1.0.8.0 log created on 02112009_214417
и свежий Rsit лог:Logfile of random’s system information tool 1.05 (written by random/random)
Run by User at 2009-02-11 21:56:48
Microsoft Windows XP Professional Service Pack 2
System drive C: has 145 GB (76%) free of 191 GB
Total RAM: 1023 MB (65% free)

HijackThis download failed

======Scheduled tasks folder======

C:WINDOWStasksAt1.job
C:WINDOWStasksAt10.job
C:WINDOWStasksAt11.job
C:WINDOWStasksAt12.job
C:WINDOWStasksAt13.job
C:WINDOWStasksAt14.job
C:WINDOWStasksAt15.job
C:WINDOWStasksAt16.job
C:WINDOWStasksAt17.job
C:WINDOWStasksAt18.job
C:WINDOWStasksAt19.job
C:WINDOWStasksAt2.job
C:WINDOWStasksAt20.job
C:WINDOWStasksAt21.job
C:WINDOWStasksAt22.job
C:WINDOWStasksAt23.job
C:WINDOWStasksAt24.job
C:WINDOWStasksAt25.job
C:WINDOWStasksAt26.job
C:WINDOWStasksAt27.job
C:WINDOWStasksAt28.job
C:WINDOWStasksAt29.job
C:WINDOWStasksAt3.job
C:WINDOWStasksAt30.job
C:WINDOWStasksAt31.job
C:WINDOWStasksAt32.job
C:WINDOWStasksAt33.job
C:WINDOWStasksAt34.job
C:WINDOWStasksAt35.job
C:WINDOWStasksAt36.job
C:WINDOWStasksAt37.job
C:WINDOWStasksAt38.job
C:WINDOWStasksAt39.job
C:WINDOWStasksAt4.job
C:WINDOWStasksAt40.job
C:WINDOWStasksAt41.job
C:WINDOWStasksAt42.job
C:WINDOWStasksAt43.job
C:WINDOWStasksAt44.job
C:WINDOWStasksAt45.job
C:WINDOWStasksAt46.job
C:WINDOWStasksAt47.job
C:WINDOWStasksAt48.job
C:WINDOWStasksAt5.job
C:WINDOWStasksAt6.job
C:WINDOWStasksAt7.job
C:WINDOWStasksAt8.job
C:WINDOWStasksAt9.job
C:WINDOWStasksGoogleUpdateTaskUserS-1-5-21-776561741-1202660629-725345543-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2008-09-23 1088296]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Program FilesAVGAVG8avgssie.dll [2009-01-27 1078552]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll [2008-11-04 657904]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-06-19 2427968]
{A057A204-BACC-4D26-9990-79A187E2698E} — AVG Security Toolbar — C:PROGRA~1AVGAVG8AVGTOO~1.DLL [2009-01-27 1968920]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2007-09-16 8491008]
«snp2std»=C:WINDOWSvsnp2std.exe [2006-09-15 675840]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«lphcgg2j0ev7a»=C:WINDOWSsystem32lphcgg2j0ev7a.exe []
«in3″=C:WINDOWSTemp.tt8.tmp.exe /CR=44EC2F7153ED5CB7C3D95BB12E9FB9A40311B3CA8C6CD4334A264174AF45F61EEB4BCDB987EFD75B81454C50FBB29A7A8197ADE6F0F2D3245E8C17C22418300045F5AF4AC7546A6BFD2722F37B290FD7290B9C []
«AVG8_TRAY»=C:PROGRA~1AVGAVG8avgtray.exe [2009-01-27 1601304]
«High Defination Audio»=C:WINDOWSHDaudio.exe []
«UserFaultCheck»=C:WINDOWSsystem32dumprep 0 -u []

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-03 15360]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-07-23 68856]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]
«Google Update»=C:Documents and SettingsUserLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2009-01-20 133104]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcmtr]
C:WINDOWSALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAlcoholAutomount]
C:Program FilesAlcohol SoftAlcohol 120axcmd.exe [2007-07-02 220544]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregASUSGamerOSD]
C:Program FilesASUSGamerOSDGamerOSD.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-11-16 139264]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools]
C:Program FilesDAEMON Toolsdaemon.exe [2005-11-09 128920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDevice Detector]
C:Program FilesCommon FilesACD SystemsENDevDetect.exe [2003-09-17 212992]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvo Launcher]
C:Program FilesABBYY Lingvo 10 Multilingual DictionaryLvagent.exe [2004-10-09 110592]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLingvoTraining]
C:Program FilesABBYY Lingvo 10 Multilingual DictionaryTutor.exe [2004-10-09 1159168]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-04 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvCplDaemon]
C:WINDOWSsystem32NvCpl.dll [2007-09-16 8491008]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter]
C:WINDOWSsystem32NvMcTray.dll [2007-09-16 81920]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRTHDCPL]
C:WINDOWSRTHDCPL.EXE [2007-03-21 16126464]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkypePhoneSkype.exe [2008-09-23 21755688]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregsnp2std]
C:WINDOWSvsnp2std.exe [2006-09-15 675840]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregVVSN]
C:Program FilesVVSNVVSN.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Media Key.lnk]
C:PROGRA~1MEDIAK~1MagicKey.exe [2003-12-31 159744]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:PROGRA~1MICROS~2Office10OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2
«wscsvc»=2

C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Reader Speed Launch.lnk — C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavgrsstarter]
C:WINDOWSsystem32avgrsstx.dll [2009-01-27 10520]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWgaLogon]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWinCtrl32]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«NoDispBackgroundPage»=1
«NoDispScrSavPage»=1

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:GamesMedal of Honor PAmohpa.exe»=»C:GamesMedal of Honor PAmohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)»
«C:GamesMedal of Honor AAMOHAA.exe»=»C:GamesMedal of Honor AAMOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)»
«C:WINDOWSsystem32hucq.exe»=»C:WINDOWSsystem32hucq.exe:*:Enabled:ENABLE»
«C:Documents and SettingsUserttm.exe»=»C:Documents and SettingsUserttm.exe:*:Enabled:ENABLE»
«C:WINDOWSsystem32naip.exe»=»C:WINDOWSsystem32naip.exe:*:Enabled:ENABLE»
«C:Documents and SettingsUserketnug.exe»=»C:Documents and SettingsUserketnug.exe:*:Enabled:ENABLE»
«C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Anti-Virus 7.0.1.325Russiansetup.exe»=»C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Anti-Virus 7.0.1.325Russiansetup.exe:*:Enabled:Программа установки Антивируса Касперского 7.0»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesEmpire InteractiveFlatOut2FlatOut2.exe»=»C:Program FilesEmpire InteractiveFlatOut2FlatOut2.exe:*:Enabled:FlatOut2»
«C:Program FilesAVGAVG8avgemc.exe»=»C:Program FilesAVGAVG8avgemc.exe:*:Enabled:avgemc.exe»
«C:Program FilesAVGAVG8avgupd.exe»=»C:Program FilesAVGAVG8avgupd.exe:*:Enabled:avgupd.exe»
«C:WINDOWSHDaudio.exe»=»C:WINDOWSHDaudio.exe:*:Enabled:Explorer»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{3819ac78-b630-11dd-a760-001d609a4dce}]
shellAutoPlaycommand — H:USBFlash.exe
shellAutoRuncommand — H:USBFlash.exe
shellExplorecommand — H:USBFlash.exe
shellOpencommand — H:USBFlash.exe
shellScancommand — H:

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bdde6770-beb9-11dc-bff9-806d6172696f}]
shellAutoRuncommand — E:.BinAssetup.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c49058fa-9833-11dd-a71f-001d609a4dce}]
shellAutoRuncommand — H:bo1dhu.bat
shellexplorecommand — H:bo1dhu.bat
shellopencommand — H:bo1dhu.bat

======File associations======

.ini — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1
.txt — open — C:WINDOWSSYSTEM32NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-02-11 21:56:48 —-D—- C:rsit
2009-02-11 21:44:17 —-D—- C:_OTMoveIt
2009-02-09 15:41:31 —-D—- C:Program Filestrend micro

======List of files/folders modified in the last 1 months======

2009-02-11 21:53:03 —-D—- C:Program FilesMozilla Firefox
2009-02-11 21:50:44 —-D—- C:WINDOWSTemp
2009-02-11 21:49:06 —-A—- C:WINDOWSSchedLgU.Txt
2009-02-11 21:42:22 —-D—- C:WINDOWSPrefetch
2009-02-11 19:10:43 —-A—- C:WINDOWSNeroDigital.ini
2009-02-11 18:11:52 —-D—- C:WINDOWSMinidump
2009-02-11 18:11:52 —-D—- C:WINDOWS
2009-02-10 23:20:46 —-D—- C:Documents and SettingsUserApplication DataSkype
2009-02-10 22:27:45 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle Updater
2009-02-10 20:53:27 —-HD—- C:$AVG8.VAULT$
2009-02-10 18:02:43 —-D—- C:Documents and SettingsUserApplication DataskypePM
2009-02-09 15:41:31 —-RD—- C:Program Files
2009-02-08 15:55:45 —-D—- C:WINDOWSsystem32CatRoot2
2009-02-08 12:22:29 —-HD—- C:WINDOWSinf
2009-02-07 13:01:20 —-D—- C:WINDOWSAlbum
2009-02-05 13:18:27 —-D—- C:WINDOWSsystem32drivers
2009-02-04 11:54:47 —-SHD—- C:System Volume Information
2009-02-04 11:54:47 —-D—- C:WINDOWSsystem32Restore
2009-01-27 15:35:31 —-D—- C:WINDOWSsystem32
2009-01-27 15:33:35 —-D—- C:Documents and SettingsAll UsersApplication Dataavg8
2009-01-27 15:33:21 —-A—- C:WINDOWSsystem32avgrsstx.dll
2009-01-23 11:02:28 —-SD—- C:WINDOWSTasks
2009-01-19 19:22:23 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-01-19 19:21:50 —-A—- C:WINDOWSimsins.BAK
2009-01-13 12:43:26 —-D—- C:Documents and SettingsAll UsersApplication DataCrucialSoft Ltd

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2009-01-27 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2009-01-27 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:WINDOWSSystem32Driversavgtdix.sys [2009-01-27 107272]
R1 EIO;EIO; ??C:WINDOWSsystem32driversEIO.sys []
R1 intelppm;Intel Processor Driver; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-03 36096]
R1 kbdhid;Keyboard HID Driver; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-03 14848]
R1 kbfilter;Keyboard Filter Driver; C:WINDOWSsystem32driverskbfilter.sys [2002-07-11 12856]
R1 UsbFltr;WayTechUSBFilterDriver; C:WINDOWSsystem32driversUsbFltr.sys [2003-12-29 8576]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:WINDOWSsystem32DRIVERSatl01_xp.sys [2007-03-15 38656]
R3 dtscsi;dtscsi; C:WINDOWSSystem32Driversdtscsi.sys [2008-05-15 223128]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-03-26 4395008]
R3 mouhid;Mouse HID Driver; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2007-09-16 6853088]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2006-03-02 9856]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:WINDOWSsystem32DRIVERSsnp2sxp.sys [2007-03-30 12033024]
R3 usbaudio;USB Audio Driver (WDM); C:WINDOWSsystem32driversusbaudio.sys [2004-08-03 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S1 gdi32;gdi32; ??C:WINDOWSsystem32driversgdi32.sys []
S3 asqppqlr;asqppqlr; C:WINDOWSsystem32driversasqppqlr.sys []
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:WINDOWSsystem32driversasusgsb.sys [2007-09-13 12416]
S3 ATE_PROCMON;ATE_PROCMON; ??C:Program FilesAnti Trojan EliteATEPMon.sys []
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:WINDOWSsystem32driversmsmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:WINDOWSsystem32DRIVERSusbohci.sys [2004-08-03 17024]
S3 usbprint;Microsoft USB PRINTER Class; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 Video3D;ASUS Video3D Service; C:WINDOWSSystem32DriversVideo3D32.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG Free8 E-mail Scanner; C:PROGRA~1AVGAVG8avgemc.exe [2009-01-27 903960]
R2 avg8wd;AVG Free8 WatchDog; C:PROGRA~1AVGAVG8avgwdsvc.exe [2009-01-27 298264]
R2 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2008-11-04 168432]
R2 IPSEC Services (PolicyAgent) ;IPSEC Services (PolicyAgent) ; C:Program Filestintinyproxyytinyproxy.exe [2009-01-04 8960]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2006-10-19 61440]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2007-09-16 155716]
R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
R2 UMWdf;Windows User Mode Driver Framework; C:WINDOWSsystem32wdfmgr.exe [2004-08-11 38912]
S2 Google Online Services;Google Online Services; C:Documents and SettingsUserie_updates3r.exe -A []
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2006-11-10 774144]

---

EOF

---

info.txt logfile of random’s system information tool 1.05 2009-02-11 21:56:53

======Uninstall list======

—>C:Program FilesNeroNero 7nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
ABBYY Lingvo 10 Multilingual Dictionary—>MsiExec.exe /I{AA10000A-C75E-487C-88FC-37AA1AACFB60}
ACDSee 6.0 PowerPack—>MsiExec.exe /I{38A0BB97-772D-422E-BCCA-4BA2A5D81F42}
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Reader 7.0—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Attansic Ethernet Utility—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1F698102-5739-441E-96F0-74F4EA540F06}setup.exe» -l0x9 -removeonly
Attansic L1 Gigabit Ethernet Driver—>rundll32.exe C:WINDOWSsystem32AttansicL1atcInst.dll,AtcUninst C:WINDOWSsystem32AttansicL1 x86 1969 1048 L1
AVG Free 8.0—>C:Program FilesAVGAVG8setup.exe /UNINSTALL
Call Of Duty 2—>»C:Program FilesCall Of Duty 2unins000.exe»
Canon MF Toolbox 4.9.1.1.mf02—>MsiExec.exe /I{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}
Canon MF3200 Series—>»C:WINDOWSsystem32CanonMF Uninstaller Information{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76}miscDelDrv.exe» /U:{269DBC9C-CAFC-472d-B1F1-0D327C2FFA76} /L0x0000
Desert Thunder—>C:WINDOWSIsUn0419.exe -f»C:Program FilesDT(rus)Uninst.isu»
Flat Out—>»C:Program FilesBukaFlat Outunins000.exe»
FlatOut2—>»C:Program FilesEmpire InteractiveFlatOut2unins000.exe»
GOM Player—>»C:Program FilesGRETECHGomPlayerUninstall.exe»
Google Toolbar for Internet Explorer—>MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer—>regsvr32 /u /s «c:program filesgooglegoogletoolbar1.dll»
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
Hotfix for Windows XP (KB914440)—>»C:WINDOWS$NtUninstallKB914440$spuninstspuninst.exe»
Hotfix for Windows XP (KB915865)—>»C:WINDOWS$NtUninstallKB915865$spuninstspuninst.exe»
Hotfix for Windows XP (KB935448)—>»C:WINDOWS$NtUninstallKB935448$spuninstspuninst.exe»
Hotfix for Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Internet for Kids—>»C:Program FilesСамоучитель Интернет для детейunins000.exe»
K-Lite Mega Codec Pack 1.42—>»C:Program FilesK-Lite Codec Packunins000.exe»
marvell 61xx—>C:Program FilesMarvell61xxuninst-61xx.exe
Medal of Honor Allied Assault—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0DEA94ED-915A-4834-A87E-388D012C8E02}Setup.exe» -l0x9
Medal of Honor Pacific Assault(tm)—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime101Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}Setup.exe» -l0x9 -removeonly
Media Key—>C:WINDOWSISUNINST.EXE -f»C:Program FilesMedia Keyuninst.isu» -c»C:Program FilesMedia KeyUnInst.dll»
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office XP Professional with FrontPage—>MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Russian User Interface Pack—>MsiExec.exe /I{901E0419-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows XP for Kids—>»C:Program FilesСамоучитель Microsoft Windows XP для детейunins000.exe»
Moto Racer 3—>C:GamesMOTORA~1UNWISE.EXE C:GamesMOTORA~1INSTALL.LOG
Mozilla Firefox (3.0.6)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSN—>C:Program FilesMSNMsnInstallermsninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)—>MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Need for Speed Most Wanted—>»C:Program FilesEA GAMESNeed for Speed Most Wantedunins000.exe»
Need For Speed Underground—>C:EAGAME~1NEEDFO~1r{F7F2D~1UNWISE.EXE C:EAGAME~1NEEDFO~1r{F7F2D~1INSTALL.LOG
Nero 7 Essentials—>MsiExec.exe /I{C1E544E5-EF3C-4103-A57B-3A499FD91049}
NVIDIA Drivers—>C:WINDOWSsystem32nvudisp.exe UninstallGUI
Race Driver 3—>C:GamesTRD3unwise.exe
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}setup.exe» -l0x19 -removeonly
Security Update for Windows XP (KB923689)—>»C:WINDOWS$NtUninstallKB923689$spuninstspuninst.exe»
Security Update for Windows XP (KB938464)—>»C:WINDOWS$NtUninstallKB938464$spuninstspuninst.exe»
Security Update for Windows XP (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Security Update for Windows XP (KB944338-v2)—>»C:WINDOWS$NtUninstallKB944338-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Security Update for Windows XP (KB950749)—>»C:WINDOWS$NtUninstallKB950749$spuninstspuninst.exe»
Security Update for Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Security Update for Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Security Update for Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Security Update for Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Security Update for Windows XP (KB951698)—>»C:WINDOWS$NtUninstallKB951698$spuninstspuninst.exe»
Security Update for Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Security Update for Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Security Update for Windows XP (KB953838)—>»C:WINDOWS$NtUninstallKB953838$spuninstspuninst.exe»
Security Update for Windows XP (KB953839)—>»C:WINDOWS$NtUninstallKB953839$spuninstspuninst.exe»
Skype™ 3.8—>MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Slim 1320—>C:Program FilesInstallShield Installation Information{393E0058-AE7E-4D6C-BA44-B42B3FE29332}setup.exe -runfromtemp -l0x0019 -removeonly -u
Update for Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Update for Windows XP (KB904942)—>»C:WINDOWS$NtUninstallKB904942$spuninstspuninst.exe»
Update for Windows XP (KB951072-v2)—>»C:WINDOWS$NtUninstallKB951072-v2$spuninstspuninst.exe»
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803v2$spuninstspuninst.exe»
Windows Media Format Runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows XP Hotfix — KB885884—>C:WINDOWS$NtUninstallKB885884$spuninstspuninst.exe
WinRAR archiver—>C:Program FilesWinRARuninstall.exe
XviD MPEG-4 Video Codec—>C:WINDOWSsystem32rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:WINDOWSINFxvid.inf
Занимательная математика—>»C:Program FilesРуссобит-МРазвивайка. Репетитор. Занимательная математикаunins000.exe»
Программа обновлений Google—>»C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe» -uninstall

======Security center information======

AV: AVG AntiiVirus Free

System event log

Computer Name: USER-
Event Code: 7901
Message: Сбой при запуске команды At23.job из-за ошибки
%%2147942402

Record Number: 25829
Source Name: Schedule
Time Written: 20090109220000.000000+240
Event Type: ошибка
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «IMAPI CD-Burning COM Service» перешла в состояние Остановлена.

Record Number: 25828
Source Name: Service Control Manager
Time Written: 20090109211526.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «Computer Browser» перешла в состояние Остановлена.

Record Number: 25827
Source Name: Service Control Manager
Time Written: 20090109211526.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «Remote Access Connection Manager» перешла в состояние Работает.

Record Number: 25826
Source Name: Service Control Manager
Time Written: 20090109211526.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 7036
Message: Служба «Application Layer Gateway Service» перешла в состояние Работает.

Record Number: 25825
Source Name: Service Control Manager
Time Written: 20090109211526.000000+240
Event Type: информация
User:

Application event log

Computer Name: USER-
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 3979
Source Name: LightScribeService
Time Written: 20080630172340.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 1
Message:
Record Number: 3978
Source Name: Avg7UpdSvc
Time Written: 20080630172337.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 1
Message:
Record Number: 3977
Source Name: AVGEMS
Time Written: 20080630171811.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 3976
Source Name: LightScribeService
Time Written: 20080630171811.000000+240
Event Type: информация
User:

Computer Name: USER-
Event Code: 1
Message:
Record Number: 3975
Source Name: Avg7UpdSvc
Time Written: 20080630171807.000000+240
Event Type: информация
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 11, GenuineIntel
«PROCESSOR_REVISION»=0f0b
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

---

EOF

---

Спасибо большое за всё ,что вы делаете!

[Автор]

Сообщения