Созданные ответы форума
-
Сообщения
-
ATF Cleaner помогла, ок.700 метров почистила. Но это всё, второе действие никак не сказалось. Так и непонятно, чем заняты несколько гигов…
Да.У меня диск разбит на два: С и D. На одном из них, соответственно, установлена винда. Вот на нём-то и пропало. Общий объём его 40 Гб. После
этого посмотрел объём всех папок с файлами (фильмы, музло, Program Files, Windows), через свойства показывает их общий объём 33 Гб. А в разделе Мой компьютер информация даёт занятость диска почти 38. Вот и не пойму: где ещё около 5 Гб?Logfile of random’s system information tool 1.06 (written by random/random)
Run by Администратор at 2009-12-29 11:18:34
Microsoft Windows XP Professional Service Pack 3
System drive D: has 1 GB (3%) free of 40 GB
Total RAM: 2039 MB (72% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18:37, on 29.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: NormalRunning processes:
D:WINDOWSSystem32smss.exe
D:WINDOWSsystem32winlogon.exe
D:WINDOWSsystem32services.exe
D:WINDOWSsystem32lsass.exe
D:WINDOWSsystem32svchost.exe
D:WINDOWSSystem32svchost.exe
D:Program FilesASUSASUS Data Security ManagerADSMSrv.exe
D:WINDOWSsystem32spoolsv.exe
D:Program FilesESETESET NOD32 Antivirusekrn.exe
D:Program FilesCommon FilesLightScribeLSSrvc.exe
D:Program FilesASUSNB ProbeSPMspmgr.exe
D:WINDOWSsystem32svchost.exe
D:WINDOWSSystem32StkCSrv.exe
D:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
D:WINDOWSsystem32wscntfy.exe
D:WINDOWSATK0100HControl.exe
D:WINDOWSsystem32igfxtray.exe
D:WINDOWSsystem32hkcmd.exe
D:WINDOWSsystem32igfxpers.exe
D:WINDOWSRTHDCPL.EXE
D:Program FilesMotorolaSMSERIALsm56hlpr.exe
D:WINDOWSsystem32igfxsrvc.exe
D:WINDOWSsystem32ASUSTPE.exe
D:Program FilesSynapticsSynTPSynTPEnh.exe
D:Program FilesASUSSplendidACMON.exe
D:Program FilesASUSPower4 GearBatteryLife.exe
D:Program FilesESETESET NOD32 Antivirusegui.exe
D:Program FilesMail.RuAgentMAgent.exe
D:WINDOWSsystem32ACEngSvr.exe
D:Program FilesJavajre1.6.0_06binjusched.exe
D:Program FilesVistaDriveIconVistaDrv.exe
D:Program FilesDownload Masterdmaster.exe
D:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe
D:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe
D:Program FilesToshibaBluetooth Toshiba StackTosA2dp.exe
D:Program FilesToshibaBluetooth Toshiba StackTosBtHid.exe
D:WINDOWSATK0100ATKOSD.exe
D:WINDOWSexplorer.exe
D:WINDOWSsystem32notepad.exe
D:WINDOWSsystem32acovcnt.exe
D:Program FilesMozilla Firefoxfirefox.exe
D:Program FilesJavajre1.6.0_06binjucheck.exe
D:Documents and SettingsАдминистраторРабочий столRSIT.exe
D:Program Filestrend microАдминистратор.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://virtualsoccer.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — — (no file)
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — D:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — D:Program FilesJavajre1.6.0_06binssv.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — D:PROGRA~1DOWNLO~1dmiehlp.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — D:Program FilesDownload Masterdmbar.dll
O4 — HKLM..Run: [HControl] D:WINDOWSATK0100HControl.exe
O4 — HKLM..Run: [IgfxTray] D:WINDOWSsystem32igfxtray.exe
O4 — HKLM..Run: [HotKeysCmds] D:WINDOWSsystem32hkcmd.exe
O4 — HKLM..Run: [Persistence] D:WINDOWSsystem32igfxpers.exe
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [SMSERIAL] D:Program FilesMotorolaSMSERIALsm56hlpr.exe
O4 — HKLM..Run: [ASUSTPE] D:WINDOWSsystem32ASUSTPE.exe
O4 — HKLM..Run: [Wireless Console 2] «D:Program FilesWireless Console 2wcourier.exe»
O4 — HKLM..Run: [SynTPEnh] D:Program FilesSynapticsSynTPSynTPEnh.exe
O4 — HKLM..Run: [ACMON] «D:Program FilesASUSSplendidACMON.exe»
O4 — HKLM..Run: [PowerForPhone] D:Program FilesPowerForPhonePowerForPhone.exe
O4 — HKLM..Run: [Power_Gear] D:Program FilesASUSPower4 GearBatteryLife.exe 1
O4 — HKLM..Run: [ATKHOTKEY] «D:Program FilesATK HotkeyHcontrol.exe»
O4 — HKLM..Run: [egui] «D:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKLM..Run: [MAgent] D:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [NeroFilterCheck] D:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [SunJavaUpdateSched] D:Program FilesJavajre1.6.0_06binjusched.exe
O4 — HKCU..Run: [VistaIcon] D:Program FilesVistaDriveIconVistaDrv.exe
O4 — HKCU..Run: [Download Master] D:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKCU..Run: [LightScribe Control Panel] D:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe -hidden
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..Run: [VistaIcon] D:Program FilesVistaDriveIconVistaDrv.exe (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Bluetooth Manager.lnk = ?
O4 — Global Startup: Microsoft Office.lnk = D:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://D:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — D:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — D:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Передать на удаленную закачку DM — D:Program FilesDownload Masterremdown.htm
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — D:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — D:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — D:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — D:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Program FilesDownload Masterdmaster.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — D:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — D:WINDOWSNetwork Diagnosticxpnetdiag.exe
O12 — Plugin for .spop: D:Program FilesInternet ExplorerPluginsNPDocBox.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — D:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: ADSM Service (ADSMService) — Unknown owner — D:Program FilesASUSASUS Data Security ManagerADSMSrv.exe
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — D:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — D:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — D:WINDOWSsystem32services.exe
O23 — Service: Backbone Service (giuureyva) — Unknown owner — D:Documents and SettingsАдминистраторApplication DataMicrosoftcicofuhap.exe (file missing)
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — D:WINDOWSsystem32imapi.exe
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — D:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 — Service: NBService — Nero AG — D:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — D:Program FilesCommon FilesAheadLibNMIndexingService.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — D:WINDOWSsystem32services.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — D:WINDOWSSystem32SCardSvr.exe
O23 — Service: spmgr — Unknown owner — D:Program FilesASUSNB ProbeSPMspmgr.exe
O23 — Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) — Syntek America Inc. — D:WINDOWSSystem32StkCSrv.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — D:WINDOWSsystem32smlogsvc.exe
O23 — Service: TOSHIBA Bluetooth Service — TOSHIBA CORPORATION — D:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — D:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — D:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 9281 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — D:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx [2001-04-16 37808][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — D:Program FilesJavajre1.6.0_06binssv.dll [2008-03-25 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — D:PROGRA~1DOWNLO~1dmiehlp.dll [2009-04-16 158208][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — D:Program FilesDownload Masterdmbar.dll [2007-11-26 180224][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«HControl»=D:WINDOWSATK0100HControl.exe [2006-10-14 110592]
«IgfxTray»=D:WINDOWSsystem32igfxtray.exe [2007-06-13 142104]
«HotKeysCmds»=D:WINDOWSsystem32hkcmd.exe [2007-06-13 162584]
«Persistence»=D:WINDOWSsystem32igfxpers.exe [2007-06-13 138008]
«RTHDCPL»=D:WINDOWSRTHDCPL.EXE [2007-05-28 16132608]
«SkyTel»=D:WINDOWSSkyTel.EXE [2007-05-25 1826816]
«SMSERIAL»=D:Program FilesMotorolaSMSERIALsm56hlpr.exe [2006-11-22 630784]
«ASUSTPE»=D:WINDOWSsystem32ASUSTPE.exe [2007-01-16 106496]
«Wireless Console 2″=D:Program FilesWireless Console 2wcourier.exe [2007-07-05 1040384]
«SynTPEnh»=D:Program FilesSynapticsSynTPSynTPEnh.exe [2006-05-25 786521]
«ACMON»=D:Program FilesASUSSplendidACMON.exe [2007-06-26 851968]
«PowerForPhone»=D:Program FilesPowerForPhonePowerForPhone.exe [2007-06-26 778240]
«Power_Gear»=D:Program FilesASUSPower4 GearBatteryLife.exe [2006-07-26 90112]
«ATKHOTKEY»=D:Program FilesATK HotkeyHcontrol.exe [2007-08-15 225280]
«egui»=D:Program FilesESETESET NOD32 Antivirusegui.exe [2008-07-01 1447168]
«MAgent»=D:Program FilesMail.RuAgentMAgent.exe [2009-12-04 7975608]
«NeroFilterCheck»=D:Program FilesCommon FilesAheadLibNeroCheck.exe [2007-03-01 153136]
«SunJavaUpdateSched»=D:Program FilesJavajre1.6.0_06binjusched.exe [2008-03-25 144784][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=D:Program FilesVistaDriveIconVistaDrv.exe [2008-03-23 132096]
«Download Master»=D:Program FilesDownload Masterdmaster.exe [2009-11-07 3778048]
«LightScribe Control Panel»=D:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe [2007-06-20 451872]D:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Bluetooth Manager.lnk — D:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe
Microsoft Office.lnk — D:Program FilesMicrosoft OfficeOffice10OSA.EXE[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
D:WINDOWSsystem32igfxdev.dll [2007-06-05 204800][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — D:WINDOWSsystem32WPDShServiceObj.dll [2008-03-21 133632][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«SynchronousMachineGroupPolicy»=0
«SynchronousUserGroupPolicy»=0[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=323
«NoThumbnailCache»=1
«NoSMConfigurePrograms»=1
«NoSMHelp»=1
«NoDriveAutoRun»=67108863
«NoDrives»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=
«NoDriveTypeAutoRun»=
«NoDrives»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-12-29 11:18:27 —-SHD—- D:RECYCLER
2009-12-29 11:14:55 —-D—- D:WINDOWStemp
2009-12-29 11:14:53 —-A—- D:ComboFix.txt
2009-12-29 11:03:44 —-A—- D:WINDOWSNIRCMD.exe
2009-12-29 11:03:44 —-A—- D:WINDOWSMBR.exe
2009-12-29 11:03:42 —-A—- D:WINDOWSPEV.exe
2009-12-29 11:03:41 —-A—- D:WINDOWSzip.exe
2009-12-29 11:03:41 —-A—- D:WINDOWSSWREG.exe
2009-12-29 11:03:41 —-A—- D:WINDOWSsed.exe
2009-12-29 11:03:41 —-A—- D:WINDOWSgrep.exe
2009-12-29 11:03:40 —-A—- D:WINDOWSSWXCACLS.exe
2009-12-29 11:03:40 —-A—- D:WINDOWSSWSC.exe
2009-12-29 11:03:29 —-D—- D:WINDOWSERDNT
2009-12-29 10:42:54 —-AD—- D:Qoobox
2009-12-28 00:39:23 —-A—- D:WINDOWSsystem32ccda_v8.exe
2009-12-24 03:41:15 —-A—- D:WINDOWSsystem32ms.exe
2009-12-23 01:19:35 —-A—- D:WINDOWSsystem32acovcnt.exe
2009-12-21 22:09:28 —-D—- D:Program FilesSkype
2009-12-21 22:09:28 —-D—- D:Program FilesCommon FilesSkype
2009-12-17 22:06:38 —-A—- D:WINDOWSODBC.INI
2009-12-17 22:06:07 —-D—- D:Program FilesCommon FilesDesigner
2009-12-17 22:05:33 —-D—- D:WINDOWSShellNew
2009-12-17 22:05:30 —-D—- D:Program FilesMicrosoft Office
2009-12-15 00:02:07 —-D—- D:Documents and SettingsАдминистраторApplication DataOpera
2009-12-14 23:59:17 —-D—- D:Program FilesOpera75
2009-12-14 20:04:01 —-A—- D:WINDOWSnigzss.txt
2009-12-13 23:31:01 —-A—- D:WINDOWSNeroDigital.ini
2009-12-12 13:10:29 —-D—- D:Documents and SettingsАдминистраторApplication DataAhead
2009-12-12 13:10:28 —-D—- D:Documents and SettingsAll UsersApplication DataLightScribe
2009-12-12 13:08:55 —-D—- D:Program FilesCommon FilesLightScribe
2009-12-12 13:06:38 —-D—- D:Documents and SettingsAll UsersApplication DataAhead
2009-12-12 13:01:50 —-D—- D:Documents and SettingsAll UsersApplication DataNero
2009-12-12 13:01:49 —-D—- D:Program FilesNero
2009-12-12 13:01:49 —-D—- D:Program FilesCommon FilesAhead
2009-12-12 12:38:00 —-D—- D:Documents and SettingsАдминистраторApplication DataMedia Player Classic
2009-12-11 09:04:42 —-D—- D:Documents and SettingsАдминистраторApplication DataSkype
2009-12-10 20:54:02 —-D—- D:Documents and SettingsAll UsersApplication DataGoogle
2009-12-10 19:40:53 —-D—- D:Program FilesGoogle
2009-12-10 00:46:14 —-D—- D:WINDOWSsystem32appmgmt
2009-12-09 22:45:03 —-D—- D:WINDOWSProfiles
2009-12-09 22:45:02 —-D—- D:WINDOWSsystem32Adobe
2009-12-09 22:45:02 —-D—- D:Program FilesAdobe
2009-12-09 22:45:01 —-D—- D:Program FilesCommon FilesAdobe
2009-12-09 22:45:01 —-D—- D:Documents and SettingsАдминистраторApplication DataInterTrust
2009-12-09 22:44:53 —-A—- D:WINDOWSIsUninst.exe
2009-12-08 10:15:20 —-A—- D:WINDOWSntbtlog.txt
2009-12-07 22:44:23 —-D—- D:Program Filestrend micro
2009-12-07 22:44:22 —-D—- D:rsit
2009-12-05 19:38:59 —-D—- D:movie
2009-12-04 20:57:37 —-A—- D:WINDOWSNet4Switch.INI
2009-12-04 19:46:37 —-D—- D:Documents and SettingsАдминистраторApplication DataskypePM
2009-12-04 19:22:18 —-A—- D:WINDOWSsystem32h323log.txt
2009-12-04 19:21:29 —-D—- D:WINDOWSsystem32RTCOM
2009-12-04 19:21:27 —-A—- D:WINDOWSsystem32ksuser.dll
2009-12-04 19:20:06 —-A—- D:WINDOWSsystem32usbui.dll
2009-12-04 19:19:34 —-D—- D:WINDOWSATK0100
2009-12-04 19:18:37 —-SHD—- D:WINDOWSInstaller
2009-12-04 19:18:37 —-A—- D:WINDOWSsystem32PerfStringBackup.INI
2009-12-04 19:18:36 —-D—- D:Program FilesCommon FilesODBC
2009-12-04 19:18:36 —-A—- D:WINDOWSODBCINST.INI
2009-12-04 19:18:33 —-RD—- D:Program Files
2009-12-04 19:18:33 —-D—- D:Program FilesCommon FilesSpeechEngines
2009-12-04 19:18:33 —-D—- D:Program FilesCommon FilesMicrosoft Shared
2009-12-04 19:18:33 —-D—- D:Program FilesCommon Files
2009-12-04 19:18:30 —-RA—- D:WINDOWSsystem32kbdtuq.dll
2009-12-04 19:18:30 —-RA—- D:WINDOWSsystem32kbdazel.dll
2009-12-04 19:18:29 —-RA—- D:WINDOWSsystem32kbdtuf.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhept.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhela3.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhela2.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhe319.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhe220.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhe.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdgkl.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdlv1.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdlv.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdlt1.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdlt.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdest.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdsl1.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdsl.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdro.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdpl1.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdpl.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdhu1.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdhu.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdcz2.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32kbdycl.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32kbdcz1.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32kbdcz.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32kbdcr.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32KBDAL.DLL
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdycc.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbduzb.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdur.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdtat.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdmon.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdkyr.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdkaz.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdbu.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdblr.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdaze.dll
2009-12-04 19:18:20 —-A—- D:WINDOWSsystem32irclass.dll
2009-12-04 19:18:20 —-A—- D:WINDOWSsystem32dgrpsetu.dll
2009-12-04 19:18:19 —-A—- D:WINDOWSsystem32spxcoins.dll
2009-12-04 19:18:19 —-A—- D:WINDOWSsystem32EqnClass.Dll
2009-12-04 19:18:19 —-A—- D:WINDOWSsystem32dgsetup.dll
2009-12-04 19:18:17 —-N—- D:WINDOWSsystem32CONFIG.TMP
2009-12-04 19:18:17 —-A—- D:WINDOWSTASKMAN.EXE
2009-12-04 19:18:16 —-A—- D:WINDOWSsystem32storprop.dll
2009-12-04 19:18:16 —-A—- D:WINDOWSsystem32batt.dll
2009-12-04 19:18:16 —-A—- D:WINDOWSNOTEPAD.EXE
2009-12-04 19:18:09 —-ASH—- D:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-12-04 19:18:06 —-RA—- D:WINDOWSSETAE5.tmp
2009-12-04 19:18:03 —-RA—- D:WINDOWSSETAE1.tmp
2009-12-04 19:18:02 —-RA—- D:WINDOWSSETAE0.tmp
2009-12-04 19:17:47 —-SD—- D:Documents and SettingsAll UsersApplication DataMicrosoft
2009-12-04 19:17:28 —-A—- D:WINDOWSsetuplog.txt
2009-12-04 19:15:50 —-A—- D:WINDOWSsystem32NETw4r32.dll
2009-12-04 19:15:50 —-A—- D:WINDOWSsystem32NETw4c32.dll
2009-12-04 19:15:33 —-A—- D:WINDOWSSoundMan.exe
2009-12-04 19:15:33 —-A—- D:WINDOWSSkyTel.exe
2009-12-04 19:15:33 —-A—- D:WINDOWSRtlUpd.exe
2009-12-04 19:15:32 —-A—- D:WINDOWSRTLCPL.exe
2009-12-04 19:15:31 —-A—- D:WINDOWSRTHDCPL.exe
2009-12-04 19:15:31 —-A—- D:WINDOWSMicCal.exe
2009-12-04 19:15:31 —-A—- D:WINDOWSalcwzrd.exe
2009-12-04 19:15:31 —-A—- D:WINDOWSAlcmtr.exe
2009-12-04 19:12:40 —-A—- D:WINDOWSsystem32igxprd32.dll
2009-12-04 19:12:40 —-A—- D:WINDOWSsystem32igxpgd32.dll
2009-12-04 19:12:40 —-A—- D:WINDOWSsystem32igxpdx32.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igxpdv32.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igmedcompkrn.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igklg450.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igklg400.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igfxsrvc.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igfxress.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igfxpph.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igfxCoIn_v4906.dll
2009-12-04 19:12:38 —-A—- D:WINDOWSsystem32igfxexps.dll
2009-12-04 19:12:38 —-A—- D:WINDOWSsystem32igfxdo.dll
2009-12-04 19:12:38 —-A—- D:WINDOWSsystem32igfxdev.dll
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxzoom.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxtray.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxsrvc.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxpers.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxext.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxcfg.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32ig4icd32.dll
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32ig4dev32.dll
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32hkcmd.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32hccutils.dll
2009-12-04 19:11:36 —-D—- D:WINDOWSsystem32CatRoot2
2009-12-04 19:11:36 —-D—- D:WINDOWSsystem32CatRoot
2009-12-04 19:11:22 —-SHD—- D:System Volume Information
2009-12-04 19:11:22 —-D—- D:Documents and Settings
2009-12-04 19:04:27 —-RSHDC—- D:WINDOWSsystem32dllcache
2009-12-04 19:04:27 —-RSD—- D:WINDOWSFonts
2009-12-04 19:04:27 —-HD—- D:WINDOWSinf
2009-12-04 19:04:27 —-D—- D:WINDOWSWinSxS
2009-12-04 19:04:27 —-D—- D:WINDOWSWeb
2009-12-04 19:04:27 —-D—- D:WINDOWStwain_32
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32wins
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32wbem
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32usmt
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32spool
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ShellExt
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32Setup
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ru-ru
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ru
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ras
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32oobe
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32npp
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32mui
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32inetsrv
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32IME
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32icsxml
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ias
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32export
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32drivers
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32dhcp
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32config
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem323com_dmi
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem323076
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem322052
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321054
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321049
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321042
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321041
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321037
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321033
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321031
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321028
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321025
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem
2009-12-04 19:04:27 —-D—- D:WINDOWSsecurity
2009-12-04 19:04:27 —-D—- D:WINDOWSResources
2009-12-04 19:04:27 —-D—- D:WINDOWSrepair
2009-12-04 19:04:27 —-D—- D:WINDOWSProvisioning
2009-12-04 19:04:27 —-D—- D:WINDOWSPeerNet
2009-12-04 19:04:27 —-D—- D:WINDOWSpchealth
2009-12-04 19:04:27 —-D—- D:WINDOWSNetwork Diagnostic
2009-12-04 19:04:27 —-D—- D:WINDOWSmui
2009-12-04 19:04:27 —-D—- D:WINDOWSmsapps
2009-12-04 19:04:27 —-D—- D:WINDOWSmsagent
2009-12-04 19:04:27 —-D—- D:WINDOWSMedia
2009-12-04 19:04:27 —-D—- D:WINDOWSL2Schemas
2009-12-04 19:04:27 —-D—- D:WINDOWSjava
2009-12-04 19:04:27 —-D—- D:WINDOWSime
2009-12-04 19:04:27 —-D—- D:WINDOWSHelp
2009-12-04 19:04:27 —-D—- D:WINDOWSehome
2009-12-04 19:04:27 —-D—- D:WINDOWSDriver Cache
2009-12-04 19:04:27 —-D—- D:WINDOWSDebug
2009-12-04 19:04:27 —-D—- D:WINDOWSCursors
2009-12-04 19:04:27 —-D—- D:WINDOWSConnection Wizard
2009-12-04 19:04:27 —-D—- D:WINDOWSConfig
2009-12-04 19:04:27 —-D—- D:WINDOWSAppPatch
2009-12-04 19:04:27 —-D—- D:WINDOWSaddins
2009-12-04 19:04:27 —-D—- D:WINDOWS
2009-12-04 18:45:59 —-D—- D:хрень
2009-12-04 18:45:05 —-D—- D:Program FilesuTorrent
2009-12-04 18:45:04 —-D—- D:Documents and SettingsАдминистраторApplication DatauTorrent
2009-12-04 18:06:42 —-D—- D:Documents and SettingsАдминистраторApplication DataTalkback
2009-12-04 18:05:52 —-D—- D:Documents and SettingsАдминистраторApplication DataMozilla
2009-12-04 18:05:45 —-D—- D:Program FilesMozilla Firefox
2009-12-04 17:58:35 —-D—- D:Documents and SettingsАдминистраторApplication DataMacromedia
2009-12-04 17:57:04 —-D—- D:Documents and SettingsАдминистраторApplication DataAdobe
2009-12-04 17:49:20 —-D—- D:Documents and SettingsAll UsersApplication DataSkype
2009-12-04 17:48:58 —-D—- D:Documents and SettingsАдминистраторApplication DataMra
2009-12-04 17:48:49 —-D—- D:Program FilesMail.Ru
2009-12-04 17:47:23 —-D—- D:Program FilesQIP
2009-12-04 17:46:25 —-D—- D:Documents and SettingsАдминистраторApplication DataDownload Master
2009-12-04 17:46:14 —-D—- D:Program FilesDownload Master
2009-12-04 17:41:34 —-A—- D:WINDOWSsystem32unrar.dll
2009-12-04 17:41:28 —-A—- D:WINDOWSsystem32yv12vfw.dll
2009-12-04 17:41:28 —-A—- D:WINDOWSsystem32xvidvfw.dll
2009-12-04 17:41:28 —-A—- D:WINDOWSsystem32xvidcore.dll
2009-12-04 17:41:27 —-A—- D:WINDOWSsystem32qt-dx331.dll
2009-12-04 17:41:27 —-A—- D:WINDOWSsystem32dpl100.dll
2009-12-04 17:41:22 —-A—- D:WINDOWSsystem32divx.dll
2009-12-04 17:41:20 —-A—- D:WINDOWSsystem32ff_vfw.dll.manifest
2009-12-04 17:41:20 —-A—- D:WINDOWSsystem32ff_vfw.dll
2009-12-04 17:41:19 —-D—- D:Program FilesK-Lite Codec Pack
2009-12-04 17:41:19 —-A—- D:WINDOWSsystem32pthreadGC2.dll
2009-12-04 17:41:19 —-A—- D:WINDOWSsystem32msvcr71.dll
2009-12-04 17:33:14 —-D—- D:Program FilesESET
2009-12-04 17:33:14 —-D—- D:Documents and SettingsAll UsersApplication DataESET
2009-12-04 17:32:53 —-A—- D:WINDOWSLvHook.dll
2009-12-04 17:32:51 —-A—- D:WINDOWSWlingvo.ini
2009-12-04 17:29:28 —-A—- D:WINDOWStosOBEX.INI
2009-12-04 17:24:27 —-D—- D:Program FilesToshiba
2009-12-04 17:20:33 —-D—- D:Program FilesATK Hotkey
2009-12-04 17:17:29 —-A—- D:WINDOWSModemLog_Motorola SM56 Speakerphone Modem.txt
2009-12-04 17:17:28 —-D—- D:Program FilesPowerForPhone
2009-12-04 17:15:17 —-A—- D:WINDOWSsystem32ACEngSvr.exe
2009-12-04 17:13:14 —-D—- D:WINDOWSsystem32ReinstallBackups
2009-12-04 17:13:10 —-A—- D:WINDOWSsystem32SynTPFcs.dll
2009-12-04 17:13:10 —-A—- D:WINDOWSsystem32SynTPCo2.dll
2009-12-04 17:13:10 —-A—- D:WINDOWSsystem32SynTPAPI.dll
2009-12-04 17:13:09 —-D—- D:Program FilesSynaptics
2009-12-04 17:05:19 —-A—- D:WINDOWSsystem32vfwwdm32.dll
2009-12-04 17:05:00 —-A—- D:WINDOWSVideoView.exe
2009-12-04 17:05:00 —-A—- D:WINDOWSsystem32StkSSrv.dll
2009-12-04 17:05:00 —-A—- D:WINDOWSsystem32StkCWIA.dll
2009-12-04 17:05:00 —-A—- D:WINDOWSsystem32StkCSrv.exe
2009-12-04 17:05:00 —-A—- D:WINDOWSStkUnist.exe
2009-12-04 17:05:00 —-A—- D:WINDOWSStkC112X.exe
2009-12-04 17:02:46 —-D—- D:Program FilesWireless Console 2
2009-12-04 17:01:06 —-D—- D:Program FilesASUS
2009-12-04 16:59:36 —-A—- D:WINDOWSsystem32TPESetting.dll
2009-12-04 16:59:36 —-A—- D:WINDOWSsystem32SynCtrl.dll
2009-12-04 16:59:36 —-A—- D:WINDOWSsystem32SynCOM.dll
2009-12-04 16:59:36 —-A—- D:WINDOWSsystem32ASUSTPE.exe
2009-12-04 16:58:55 —-D—- D:Program FilesMotorola
2009-12-04 16:58:45 —-A—- D:WINDOWSsystem32sm56co6a.dll
2009-12-04 16:58:08 —-D—- D:WINDOWSOPTIONS
2009-12-04 16:58:05 —-D—- D:Documents and SettingsАдминистраторApplication DataInstallShield
2009-12-04 16:56:34 —-A—- D:WINDOWSsystem32ChCfg.exe
2009-12-04 16:56:07 —-HD—- D:Program FilesInstallShield Installation Information
2009-12-04 16:56:07 —-D—- D:Program FilesRealtek
2009-12-04 16:56:05 —-A—- D:WINDOWSRtlExUpd.dll
2009-12-04 16:56:05 —-A—- D:WINDOWSHideWin.exe
2009-12-04 16:56:02 —-D—- D:Program FilesCommon FilesInstallShield
2009-12-04 16:55:10 —-A—- D:WINDOWSsystem32igfxres.dll
2009-12-04 16:53:14 —-A—- D:WINDOWSsystem32igxpun.exe
2009-12-04 16:53:14 —-A—- D:WINDOWSsystem32igmedkrn.dll
2009-12-04 16:53:14 —-A—- D:WINDOWSsystem32igfxCoIn_v4837.dll
2009-12-04 16:53:14 —-A—- D:WINDOWSsystem32difxapi.dll
2009-12-04 16:51:42 —-DC—- D:WINDOWSsystem32DRVSTORE
2009-12-04 16:51:42 —-D—- D:Program FilesIntel
2009-12-04 16:51:33 —-D—- D:Intel
2009-12-04 16:47:17 —-D—- D:Program FilesWinRAR
2009-12-04 16:46:13 —-D—- D:WINDOWSsystem32Lang
2009-12-04 16:45:52 —-D—- D:Documents and SettingsАдминистраторApplication DataIdentities
2009-12-04 16:45:35 —-HD—- D:Program FilesUninstall Information
2009-12-04 16:39:59 —-RD—- D:WINDOWSOemDrv
2009-12-04 16:39:54 —-SD—- D:Documents and SettingsАдминистраторApplication DataMicrosoft
2009-12-04 16:39:54 —-ASH—- D:Documents and SettingsАдминистраторApplication Datadesktop.ini
2009-12-04 16:38:55 —-D—- D:WINDOWSSoftwareDistribution
2009-12-04 16:38:44 —-D—- D:WINDOWSPrefetch
2009-12-04 16:38:43 —-A—- D:WINDOWSSchedLgU.Txt
2009-12-04 16:34:48 —-D—- D:WINDOWSsystem32xircom
2009-12-04 16:34:48 —-D—- D:Program Filesxerox
2009-12-04 16:34:48 —-D—- D:Program Filesmsn gaming zone
2009-12-04 16:34:48 —-D—- D:Program Filesmicrosoft frontpage
2009-12-04 16:34:35 —-D—- D:Program FilesVistaDriveIcon
2009-12-04 16:34:34 —-A—- D:WINDOWSsystem32hidcon.exe
2009-12-04 16:34:33 —-A—- D:WINDOWSsystem32OEMINFO.INI
2009-12-04 16:34:19 —-D—- D:WINDOWSIntel
2009-12-04 16:34:19 —-D—- D:WINDOWSAMD
2009-12-04 16:34:19 —-A—- D:WINDOWSoemlogo.exe
2009-12-04 16:34:16 —-SD—- D:WINDOWSsystem32Microsoft
2009-12-04 16:34:16 —-A—- D:WINDOWSsystem32javaws.exe
2009-12-04 16:34:16 —-A—- D:WINDOWSsystem32javaw.exe
2009-12-04 16:34:16 —-A—- D:WINDOWSsystem32java.exe
2009-12-04 16:33:57 —-D—- D:Program FilesJava
2009-12-04 16:33:56 —-D—- D:Program FilesCommon FilesJava
2009-12-04 16:32:52 —-RSD—- D:WINDOWSassembly
2009-12-04 16:32:52 —-D—- D:WINDOWSMicrosoft.NET
2009-12-04 16:32:51 —-D—- D:WINDOWSsystem32URTTemp
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xinput9_1_0.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xinput1_3.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xinput1_2.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xinput1_1.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32XAudio2_0.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine3_0.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_9.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_8.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_7.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_6.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_5.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_4.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_3.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_2.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_10.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_1.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_0.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32X3DAudio1_3.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32x3daudio1_2.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32x3daudio1_1.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32x3daudio1_0.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_37.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_36.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_35.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_34.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_33.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_32.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_31.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_30.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_29.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_28.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_27.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_26.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_25.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_24.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_37.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_36.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_35.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_34.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_33.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32D3DCompiler_37.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dcompiler_36.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dcompiler_35.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dcompiler_34.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dcompiler_33.dll
2009-12-04 16:32:19 —-D—- D:WINDOWSsystem32Cplicons
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32wul_lng.ini
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32wul.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32TweakUI.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32pserv2.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32pkey_lng.ini
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32MS_Auto.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32Hoster.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32bootsafe.exe
2009-12-04 16:32:02 —-HDC—- D:WINDOWS$NtUninstallKB941569$
2009-12-04 16:31:53 —-HDC—- D:WINDOWS$NtUninstallKB929399$
2009-12-04 16:31:45 —-N—- D:WINDOWSsystem32spmsg.dll
2009-12-04 16:31:44 —-HDC—- D:WINDOWS$NtUninstallMSCompPackV1$
2009-12-04 16:31:33 —-D—- D:Program FilesWindows Media Connect 2
2009-12-04 16:31:26 —-HDC—- D:WINDOWS$NtUninstallwmp11$
2009-12-04 16:31:12 —-HDC—- D:WINDOWS$NtUninstallWMFDist11$
2009-12-04 16:31:06 —-D—- D:WINDOWSsystem32LogFiles
2009-12-04 16:31:03 —-HDC—- D:WINDOWS$NtUninstallWudf01000$
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WUDFx.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WudfSvc.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WudfPlatform.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WUDFCoinstaller.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32wpdsp.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WPDShServiceObj.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WpdShext.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32wpdmtpus.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32wpd_ci.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wpdmtp.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wpdconns.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVXENCD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVSENCD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVSDECD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVENCOD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVDECOD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVADVE.DLL
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVADVD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wmpsrcwp.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wmpps.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wmpmde.dll
2009-12-04 16:30:55 —-N—- D:WINDOWSsystem32wmpencen.dll
2009-12-04 16:30:55 —-N—- D:WINDOWSsystem32wmpeffects.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32WudfHost.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wpdshextautoplay.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wmdrmsdk.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wmdrmnet.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wmdrmdev.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wdfmgr.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wdfapi.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32uwdf.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceWMDRM.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceWiaCompat.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceTypes.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceClassExtension.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceApi.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32msdelta.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32MPG4DECD.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32MP4SDECD.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32MP43DECD.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32MFPLAT.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32drmupgds.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32audiodev.dll
2009-12-04 16:30:36 —-N—- D:WINDOWSsystem32wpdshextres.dll
2009-12-04 16:30:23 —-D—- D:WINDOWSWBEM
2009-12-04 16:29:35 —-HDC—- D:WINDOWSie7
2009-12-04 16:29:30 —-HDC—- D:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-12-04 16:29:22 —-A—- D:WINDOWSsystem32spupdsvc.exe
2009-12-04 16:29:21 —-HDC—- D:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-12-04 16:29:14 —-HD—- D:WINDOWS$hf_mig$
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32WinFXDocObj.exe
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32msfeedssync.exe
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32msfeedsbs.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32msfeeds.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32ieui.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32iertutil.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32ieapfltr.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32icardie.dll
2009-12-04 16:29:06 —-A—- D:WINDOWSsystem32ieudinit.exe
2009-12-04 16:29:06 —-A—- D:WINDOWSsystem32ieframe.dll
2009-12-04 16:29:04 —-N—- D:WINDOWSsystem32ieframe.dll.mui
2009-12-04 16:29:04 —-N—- D:WINDOWSsystem32advpack.dll.mui
2009-12-04 16:28:39 —-A—- D:WINDOWScontrol.ini
2009-12-04 16:28:31 —-A—- D:WINDOWSOEWABLog.txt
2009-12-04 16:28:26 —-A—- D:WINDOWSsystem32mapi32.dll
2009-12-04 16:27:37 —-RD—- D:WINDOWSOffline Web Pages
2009-12-04 16:27:36 —-SD—- D:WINDOWSDownloaded Program Files
2009-12-04 16:27:36 —-RAH—- D:WINDOWSsystem32logonui.exe.manifest
2009-12-04 16:27:31 —-RAH—- D:WINDOWSsystem32cdplayer.exe.manifest
2009-12-04 16:27:27 —-HD—- D:Program FilesWindowsUpdate
2009-12-04 16:27:23 —-D—- D:Program FilesOnline Services
2009-12-04 16:27:07 —-D—- D:WINDOWSsystem32DirectX
2009-12-04 16:26:59 —-A—- D:WINDOWSsystem32atrace.dll
2009-12-04 16:26:58 —-A—- D:WINDOWSsystem32desktop.ini
2009-12-04 16:26:58 —-A—- D:WINDOWSdesktop.ini
2009-12-04 16:26:46 —-A—- D:WINDOWSsystem32nmevtmsg.dll
2009-12-04 16:26:44 —-D—- D:Program FilesCommon FilesServices
2009-12-04 16:26:44 —-A—- D:WINDOWSsystem32acctres.dll
2009-12-04 16:26:41 —-SD—- D:WINDOWSTasks
2009-12-04 16:26:41 —-A—- D:WINDOWSsystem32icfgnt5.dll
2009-12-04 16:26:40 —-D—- D:Program FilesCommon FilesMSSoap
2009-12-04 16:26:36 —-D—- D:WINDOWSsystem32Macromed
2009-12-04 16:26:36 —-D—- D:WINDOWSsrchasst
2009-12-04 16:26:33 —-A—- D:WINDOWSsystem32wuweb.dll
2009-12-04 16:26:33 —-A—- D:WINDOWSsystem32wucltui.dll
2009-12-04 16:26:33 —-A—- D:WINDOWSsystem32wuauserv.dll
2009-12-04 16:26:33 —-A—- D:WINDOWSsystem32wuaueng1.dll
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wups.dll
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wuaueng.dll
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wuauclt1.exe
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wuauclt.exe
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wuapi.dll
2009-12-04 16:26:31 —-N—- D:WINDOWSsystem32qmgr.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32qmgrprxy.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32bitsprx4.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32bitsprx3.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32bitsprx2.dll
2009-12-04 16:26:27 —-D—- D:Program FilesMovie Maker
2009-12-04 16:26:09 —-A—- D:WINDOWSsystem32safrslv.dll
2009-12-04 16:26:09 —-A—- D:WINDOWSsystem32safrdm.dll
2009-12-04 16:26:09 —-A—- D:WINDOWSsystem32safrcdlg.dll
2009-12-04 16:26:09 —-A—- D:WINDOWSsystem32racpldlg.dll
2009-12-04 16:26:05 —-A—- D:WINDOWSsystem32fltMc.exe
2009-12-04 16:26:05 —-A—- D:WINDOWSsystem32fltlib.dll
2009-12-04 16:26:04 —-N—- D:WINDOWSsystem32srsvc.dll
2009-12-04 16:26:04 —-D—- D:WINDOWSsystem32Restore
2009-12-04 16:26:04 —-A—- D:WINDOWSsystem32srrstr.dll
2009-12-04 16:26:04 —-A—- D:WINDOWSsystem32srclient.dll
2009-12-04 16:26:03 —-A—- D:WINDOWSsystem32nmmkcert.dll
2009-12-04 16:26:03 —-A—- D:WINDOWSsystem32mnmdd.dll
2009-12-04 16:26:03 —-A—- D:WINDOWSsystem32isrdbg32.dll
2009-12-04 16:26:03 —-A—- D:WINDOWSsystem32ils.dll
2009-12-04 16:26:02 —-A—- D:WINDOWSsystem32msconf.dll
2009-12-04 16:26:02 —-A—- D:WINDOWSsystem32mnmsrvc.exe
2009-12-04 16:26:00 —-D—- D:Program FilesNetMeeting
2009-12-04 16:25:59 —-A—- D:WINDOWSsystem32msoert2.dll
2009-12-04 16:25:59 —-A—- D:WINDOWSsystem32msoeacct.dll
2009-12-04 16:25:58 —-A—- D:WINDOWSsystem32inetres.dll
2009-12-04 16:25:58 —-A—- D:WINDOWSsystem32inetcomm.dll
2009-12-04 16:25:56 —-N—- D:WINDOWSsystem32schedsvc.dll
2009-12-04 16:25:56 —-D—- D:Program FilesOutlook Express
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32mstinit.exe
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32mstask.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32isign32.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32inetcfg.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32icwphbk.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32icwdial.dll
2009-12-04 16:25:49 —-D—- D:Program FilesCommon FilesSystem
2009-12-04 16:25:44 —-D—- D:Program FilesInternet Explorer
2009-12-04 16:25:12 —-D—- D:Program FilesComPlus Applications
2009-12-04 16:25:10 —-A—- D:WINDOWSvbaddin.ini
2009-12-04 16:25:10 —-A—- D:WINDOWSvb.ini
2009-12-04 16:25:05 —-D—- D:WINDOWSRegistration
2009-12-04 16:24:58 —-D—- D:Program FilesWindows Media Player
2009-12-04 16:24:53 —-A—- D:WINDOWSsystem32write.exe
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32sndvol32.exe
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32hticons.dll
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32avwav.dll
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32avtapi.dll
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32avmeter.dll
2009-12-04 16:24:46 —-A—- D:WINDOWSsystem32winchat.exe
2009-12-04 16:24:40 —-A—- D:WINDOWSsystem32getuname.dll
2009-12-04 16:24:40 —-A—- D:WINDOWSsystem32charmap.exe
2009-12-04 16:24:40 —-A—- D:WINDOWSsystem32calc.exe
2009-12-04 16:24:39 —-A—- D:WINDOWSsystem32winmine.exe
2009-12-04 16:24:39 —-A—- D:WINDOWSsystem32sol.exe
2009-12-04 16:24:39 —-A—- D:WINDOWSsystem32mshearts.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32usrlogon.cmd
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tsshutdn.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tslabels.ini
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tskill.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tsdiscon.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tscon.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32reset.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32freecell.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32shadow.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32rwinsta.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32regini.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32rdpcfgex.dll
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32qwinsta.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32qappsrv.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32msg.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32logoff.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32cdmodem.dll
2009-12-04 16:24:36 —-A—- D:WINDOWSsystem32msdtcprf.ini
2009-12-04 16:24:31 —-A—- D:WINDOWSsystem32wmimgmt.msc
2009-12-04 16:24:30 —-A—- D:WINDOWSsystem32accwiz.exe
2009-12-04 16:24:29 —-D—- D:Program FilesWindows NT
2009-12-04 16:24:29 —-A—- D:WINDOWSsystem32sndrec32.exe
2009-12-04 16:24:29 —-A—- D:WINDOWSsystem32mplay32.exe
2009-12-04 16:24:29 —-A—- D:WINDOWSsystem32hypertrm.dll
2009-12-04 16:24:28 —-A—- D:WINDOWSsystem32spider.exe
2009-12-04 16:24:28 —-A—- D:WINDOWSsystem32mspaint.exe
2009-12-04 16:24:28 —-A—- D:WINDOWSsystem32clipbrd.exe
2009-12-04 16:24:27 —-A—- D:WINDOWSsystem32tsgqec.dll
2009-12-04 16:24:27 —-A—- D:WINDOWSsystem32tscfgwmi.dll
2009-12-04 16:24:26 —-A—- D:WINDOWSsystem32rhttpaa.dll
2009-12-04 16:24:26 —-A—- D:WINDOWSsystem32mstscax.dll
2009-12-04 16:24:26 —-A—- D:WINDOWSsystem32aaclient.dll
2009-12-04 16:24:25 —-N—- D:WINDOWSsystem32termsrv.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32sessmgr.exe
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32remotepg.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdshost.exe
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdsaddin.exe
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdpwsx.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdpsnd.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdchost.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32mstsc.exe
2009-12-04 16:24:24 —-D—- D:WINDOWSsystem32MsDtc
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32rdpclip.exe
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32qprocess.exe
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32mtxoci.dll
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32msdtcuiu.dll
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32msdtcprx.dll
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32icaapi.dll
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32cfgbkend.dll
2009-12-04 16:24:23 —-A—- D:WINDOWSsystem32xolehlp.dll
2009-12-04 16:24:23 —-A—- D:WINDOWSsystem32msdtctm.dll
2009-12-04 16:24:23 —-A—- D:WINDOWSsystem32msdtclog.dll
2009-12-04 16:24:23 —-A—- D:WINDOWSsystem32msdtc.exe
2009-12-04 16:24:22 —-D—- D:WINDOWSsystem32Com
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32mtxlegih.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32mtxex.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32mtxdm.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32dcomcnfg.exe
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32comrepl.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32comaddin.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32colbact.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32stclient.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32comsvcs.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32clbcatex.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32catsrvut.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32catsrvps.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32catsrv.dll
2009-12-04 16:24:20 —-A—- D:WINDOWSsystem32comuid.dll
2009-12-04 16:24:20 —-A—- D:WINDOWSsystem32comsnap.dll
2009-12-04 16:24:20 —-A—- D:WINDOWSsystem32clbcatq.dll
2009-12-04 16:24:14 —-A—- D:WINDOWSsystem32servdeps.dll
2009-12-04 16:24:14 —-A—- D:WINDOWSsystem32mmfutil.dll
2009-12-04 16:24:14 —-A—- D:WINDOWSsystem32licwmi.dll
2009-12-04 16:24:14 —-A—- D:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-12-29 11:13:24 —-A—- D:WINDOWSsystem.ini
2009-12-29 10:40:13 —-A—- D:WINDOWSwin.ini
2009-12-29 10:32:56 —-N—- D:WINDOWSsystem32svchost.exe
2009-12-04 16:41:01 —-A—- D:WINDOWSsystem32PreSetup.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; D:WINDOWSsystem32DRIVERSeasdrv.sys [2008-07-01 53256]
R1 epfwtdir;epfwtdir; D:WINDOWSsystem32DRIVERSepfwtdir.sys [2008-07-01 34312]
R1 intelppm;Драйвер Intel процессора; D:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 Tosrfcom;Bluetooth RFCOMM; D:WINDOWSSystem32Driverstosrfcom.sys [2007-05-24 64000]
R2 eamon;EAMON; D:WINDOWSsystem32DRIVERSeamon.sys [2008-07-01 39944]
R2 ghaio;ghaio; ??D:Program FilesASUSNB ProbeSPMghaio.sys []
R3 catchme;catchme; ??D:ComboFixcatchme.sys []
R3 CmBatt;Драйвер батареи с ACPI-управлением (Майкрософт); D:WINDOWSsystem32DRIVERSCmBatt.sys [2008-04-25 13952]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; D:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; D:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 ialm;ialm; D:WINDOWSsystem32DRIVERSigxpmp32.sys [2007-06-05 5761728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:WINDOWSsystem32driversRtkHDAud.sys [2007-05-28 4422656]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; D:WINDOWSsystem32driversIntcHdmi.sys [2006-12-06 108032]
R3 MODEMCSA;Устройство фильтрации потока Unimodem; D:WINDOWSsystem32driversMODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Драйвер мыши HID; D:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; D:WINDOWSsystem32DRIVERSATKACPI.sys [2006-12-14 7680]
R3 NETw4x32;Драйвер адаптера Intel(R) Wireless WiFi Link для Windows XP 32 Bit; D:WINDOWSsystem32DRIVERSNETw4x32.sys [2007-08-28 2210816]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; D:WINDOWSsystem32DRIVERSRtenicxp.sys [2007-05-31 96896]
R3 RTSTOR;USB Mass Stroage Device; D:WINDOWSsystem32driversRTSTOR.SYS [2007-09-18 44032]
R3 smserial;smserial; D:WINDOWSsystem32DRIVERSsmserial.sys [2006-11-22 982272]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; D:WINDOWSSystem32DriversStkCMini.sys [2007-06-06 1260672]
R3 SynTP;Synaptics TouchPad Driver; D:WINDOWSsystem32DRIVERSSynTP.sys [2006-05-25 193088]
R3 tosporte;Bluetooth COM Port; D:WINDOWSsystem32DRIVERStosporte.sys [2006-10-10 41600]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; D:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; D:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; D:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-15 20608]
S3 CCDECODE;Closed Caption декодер; D:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-25 17024]
S3 mbr;mbr; ??D:DOCUME~19335~1LOCALS~1Tempmbr.sys []
S3 NABTSFEC;NABTS/FEC VBI кодек; D:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-25 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; D:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-25 10880]
S3 SLIP;BDA Slip De-Framer; D:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-25 11136]
S3 tosrfbd;Bluetooth RFBUS; D:WINDOWSsystem32DRIVERStosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; D:WINDOWSSystem32Driverstosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; D:WINDOWSsystem32DRIVERSTosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; D:WINDOWSsystem32DRIVERStosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; D:WINDOWSsystem32driverstosrfsnd.sys [2007-01-22 53376]
S3 tosrfusb;Bluetooth USB Controller; D:WINDOWSsystem32DRIVERStosrfusb.sys [2007-06-11 41856]
S3 usbstor;Драйвер запоминающих устройств для USB; D:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-15 26368]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; D:WINDOWSsystem32DRIVERSWudfPf.sys [2008-03-21 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; D:WINDOWSsystem32DRIVERSwudfrd.sys [2008-03-21 82944]
S4 dwshd;dwshd; D:WINDOWSSystem32driversdwshd.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADSMService;ADSM Service; D:Program FilesASUSASUS Data Security ManagerADSMSrv.exe [2007-05-18 73728]
R2 ekrn;Eset Service; D:Program FilesESETESET NOD32 Antivirusekrn.exe [2007-12-21 468224]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; D:Program FilesCommon FilesLightScribeLSSrvc.exe [2007-06-28 79136]
R2 spmgr;spmgr; D:Program FilesASUSNB ProbeSPMspmgr.exe [2006-12-28 123248]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; D:WINDOWSSystem32StkCSrv.exe [2007-04-19 24576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; D:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe [2007-02-25 125048]
S2 giuureyva;Backbone Service; D:Documents and SettingsАдминистраторApplication DataMicrosoftcicofuhap.exe []
S3 aspnet_state;ASP.NET State Service; D:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2004-07-15 32768]
S3 EhttpSrv;Eset HTTP Server; D:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2008-07-01 19200]
S3 NBService;NBService; D:Program FilesNeroNero 7Nero BackItUpNBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; D:Program FilesCommon FilesAheadLibNMIndexingService.exe [2007-06-01 271920]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; D:Program FilesWindows Media PlayerWMPNetwk.exe [2008-03-21 914944]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; D:WINDOWSsystem32svchost.exe [2009-12-29 14336]
EOF
Результаты RSIT.
info.txt logfile of random’s system information tool 1.06 2009-12-29 11:18:38
======Uninstall list======
—>D:Program FilesNeroNero 7\nerouninstallUNNERO.exe /UNINSTALL
—>D:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>D:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:WINDOWSINFPCHealth.inf
Adobe Acrobat 5.0—>D:WINDOWSISUNINST.EXE -f»D:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.isu» -c»D:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.dll»
Adobe Flash Player 10 Plugin—>D:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>D:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
ASUS Data Security Manager—>D:Program FilesInstallShield Installation Information{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}setup.exe -runfromtemp -l0x0019 -removeonly
ASUS Splendid Video Enhancement Technology—>D:Program FilesInstallShield Installation Information{C0FC1C14-4824-4A73-87A6-9E888C9C3102}setup.exe -runfromtemp -l0x0019 -removeonly
ASUS Touch Pad Extra—>RunDll32 D:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «D:Program FilesInstallShield Installation Information{DB891739-2EB3-45A8-9CBD-941C255CECD4}Setup.exe» -l0x9
ASUS Virtual Camera—>MsiExec.exe /I{4DFA6DA8-75D8-4F2B-A1A0-A5E7A3B779C8}
ATK Hotkey—>D:Program FilesInstallShield Installation Information{AFA4634D-F8D4-4F2B-9BE2-79143F369902}setup.exe -runfromtemp -l0x0019 -removeonly
ATK0100 ACPI UTILITY—>D:WINDOWSATK0100XPunin.exe
Bluetooth Stack for Windows by Toshiba—>MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Download Master version 5.5.15.1177—>»D:Program FilesDownload Masterunins000.exe»
ESET NOD32 Antivirus—>MsiExec.exe /I{3407FD83-0A2F-475E-BE94-34F1FA342C84}
HashTab 2.0.8—>D:WINDOWSsystem32ShellExthtdel32.bat
HijackThis 2.0.2—>»D:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)—>»D:WINDOWS$NtUninstallKB929399$spuninstspuninst.exe»
Intel(R) Graphics Media Accelerator Driver—>D:WINDOWSsystem32igxpun.exe -uninstall
Java 2 Runtime Environment, SE v1.4.2_01—>MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142010}
Java(TM) 6 Update 6—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
K-Lite Codec Pack 4.7.5 (Full)—>»D:Program FilesK-Lite Codec Packunins000.exe»
Mail.Ru Агент 5.5 (сборка 2842, для всех пользователей)—>D:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Compression Client Pack 1.0 for Windows XP—>»D:WINDOWS$NtUninstallMSCompPackV1$spuninstspuninst.exe»
Microsoft Internationalized Domain Names Mitigation APIs—>»D:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»D:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office XP (профессиональный выпуск)—>MsiExec.exe /I{91110419-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0—>»D:WINDOWS$NtUninstallWudf01000$spuninstspuninst.exe»
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Motorola SM56 Speakerphone Modem—>rundll32.exe sm56co6a.dll,SM56UnInstaller
Mozilla Firefox (3.0.16)—>D:Program FilesMozilla Firefoxuninstallhelper.exe
NB Probe—>RunDll32 D:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «D:Program FilesInstallShield Installation Information{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}Setup.exe» -l0x9
Nero 7 Essentials—>MsiExec.exe /X{BC61F51E-8AF7-46B9-AF20-B33B5EE81049}
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Opera—>D:PROGRA~1Opera75UnInstUNWISE.EXE D:PROGRA~1Opera75UnInstInstall.log
Path2Clipboard 1.0.7.67—>D:WINDOWSsystem32ShellExtP2Cdel.bat
Power4 Gear—>RunDll32 D:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «D:Program FilesInstallShield Installation Information{4462AD13-F2AA-4CBD-9F95-293C38EED870}Setup.exe» -l0x9
PowerForPhone—>D:Program FilesInstallShield Installation Information{FC3D290D-79BE-44B7-ABF9-FDD110925930}setup.exe -runfromtemp -l0x0009 -removeonly
REALTEK GbE & FE Ethernet PCI-E NIC Driver—>D:Program FilesInstallShield Installation Information{C9BED750-1211-4480-B1A5-718A3BE15525}setup.exe -runfromtemp -l0x0019 -removeonly
Realtek High Definition Audio Driver—>RunDll32 D:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «D:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}Setup.exe» -l0x19 -removeonly
Skype™ 3.5—>MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Synaptics Pointing Device Driver—>rundll32.exe «D:Program FilesSynapticsSynTPSynISDLL.dll»,standAloneUninstall
USB2.0 1.3M WebCam—>D:WINDOWSStkUnist.exe
Vista Drive Icon—>rundll32.exe advpack.dll,LaunchINFSection D:WINDOWSINFVistaDrv.inf,Uninstall
Windows Internet Explorer 7—>»D:WINDOWSie7spuninstspuninst.exe»
Windows Media Format 11 runtime—>»D:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»D:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»D:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
WinFlash—>RunDll32 D:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «D:Program FilesInstallShield Installation Information{DE10AB76-4756-4913-BE25-55D1C1051F9A}Setup.exe» -l0x9
Wireless Console 2—>D:Program FilesInstallShield Installation Information{83F73CB1-7705-49D1-9852-84D839CA2A45}setup.exe -runfromtemp -l0x0009 -removeonly
Архиватор WinRAR (только удаление)—>D:Program FilesWinRARuninstall.exe
Обновление безопасности для Windows XP — (KB941569)—>»D:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Проигрыватель Windows Media 11—>»D:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall======Security center information======
AV: ESET NOD32 Antivirus 3.0
======System event log======
Computer Name: MICROSOF-BFF5CE
Event Code: 7036
Message: Служба «Сетевые подключения» перешла в состояние Работает.Record Number: 5239
Source Name: Service Control Manager
Time Written: 20091222013155.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 7036
Message: Служба «Телефония» перешла в состояние Работает.Record Number: 5238
Source Name: Service Control Manager
Time Written: 20091222013155.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 7035
Message: Служба «Телефония» успешно отправила управляющий элемент «запустить».Record Number: 5237
Source Name: Service Control Manager
Time Written: 20091222013155.000000+180
Event Type: информация
User: MICROSOF-BFF5CEАдминистраторComputer Name: MICROSOF-BFF5CE
Event Code: 7035
Message: Служба «Сетевые подключения» успешно отправила управляющий элемент «запустить».Record Number: 5236
Source Name: Service Control Manager
Time Written: 20091222013155.000000+180
Event Type: информация
User: NT AUTHORITYSYSTEMComputer Name: MICROSOF-BFF5CE
Event Code: 7036
Message: Служба «Совместимость быстрого переключения пользователей» перешла в состояние Работает.Record Number: 5235
Source Name: Service Control Manager
Time Written: 20091222013155.000000+180
Event Type: информация
User:=====Application event log=====
Computer Name: MICROSOF-BFF5CE
Event Code: 1000
Message: Счетчики производительности для службы MSDTC (MSDTC) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 5
Source Name: LoadPerf
Time Written: 20091204162501.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 1000
Message: Счетчики производительности для службы TermService (Службы терминалов) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 4
Source Name: LoadPerf
Time Written: 20091204162458.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 1000
Message: Счетчики производительности для службы RemoteAccess (Маршрутизация и удаленный доступ) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 3
Source Name: LoadPerf
Time Written: 20091204162344.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 1000
Message: Счетчики производительности для службы PSched (PSched) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 2
Source Name: LoadPerf
Time Written: 20091204162325.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 1000
Message: Счетчики производительности для службы RSVP (QoS RSVP) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 1
Source Name: LoadPerf
Time Written: 20091204162231.000000+180
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 13, GenuineIntel
«PROCESSOR_REVISION»=0f0d
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Результаты ComboFix
ComboFix 09-12-27.04 — Администратор 29.12.2009 11:08:01.1.2 — x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.2039.1568 [GMT 3:00]
Running from: d:documents and settingsАдминистраторРабочий столComboFix.exe
Command switches used :: d:documents and settingsАдминистраторРабочий столWindowsXP-KB310994-SP2-Pro-BootDisk-RUS.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active.
ADS — svchost.exe: deleted 41472 bytes in 1 streams.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.C:x.exe
d:docume~19335~1LOCALS~1Temptmp1.tmp
d:docume~19335~1LOCALS~1Temptmp2.tmp
d:documents and settingsАдминистраторApplication DataMicrosoftquogip.exe
d:documents and settingsАдминистраторApplication DataMicrosoftsvchosts.exe
d:documents and settingsАдминистраторApplication DataMicrosoftzourouquyv.exe
d:documents and settingsNetworkServiceApplication DataMicrosoftsvchosts.exe
d:program filesCommon Fileskeylog.txt
d:program filesMail.RuAgentMradllnewmrasearch.dll
d:recyclerS-1-5-21-0368292895-6006422496-788931824-6417
d:recyclerS-1-5-21-4191044433-3701137194-936495401-6111
d:recyclerS-1-5-21-4403268230-0852212281-077403730-6675
d:recyclerS-1-5-21-4956930372-6668706288-626948684-1099
d:recyclerS-1-5-21-6935180972-6278255401-708456063-2166
d:recyclerS-1-5-21-7749320519-7526043517-191049907-3244
d:windowsmshost.exe
d:windowssystem320.exe
d:windowssystem321.exe
d:windowssystem322.exe
d:windowssystem323.exe
d:windowssystem324.exe
d:windowssystem327.exe
d:windowssystem3210.exe
d:windowssystem3211.exe
d:windowssystem3212.exe
d:windowssystem3213.exe
d:windowssystem3214.exe
d:windowssystem3215.exe
d:windowssystem3216.exe
d:windowssystem3217.exe
d:windowssystem3218.exe
d:windowssystem3220.exe
d:windowssystem3221.exe
d:windowssystem3222.exe
d:windowssystem3224.exe
d:windowssystem3225.exe
d:windowssystem3226.exe
d:windowssystem3227.exe
d:windowssystem3228.exe
d:windowssystem3230.exe
d:windowssystem3231.exe
d:windowssystem3232.exe
d:windowssystem3233.exe
d:windowssystem3234.exe
d:windowssystem3235.exe
d:windowssystem3236.exe
d:windowssystem3237.exe
d:windowssystem3238.exe
d:windowssystem3240.exe
d:windowssystem3241.exe
d:windowssystem3242.exe
d:windowssystem3243.exe
d:windowssystem3244.exe
d:windowssystem3245.exe
d:windowssystem3246.exe
d:windowssystem3247.exe
d:windowssystem3250.exe
d:windowssystem3252.exe
d:windowssystem3253.exe
d:windowssystem3255.exe
d:windowssystem3256.exe
d:windowssystem3257.exe
d:windowssystem3258.exe
d:windowssystem3260.exe
d:windowssystem3261.exe
d:windowssystem3262.exe
d:windowssystem3263.exe
d:windowssystem3264.exe
d:windowssystem3265.exe
d:windowssystem3266.exe
d:windowssystem3267.exe
d:windowssystem3268.exe
d:windowssystem3270.exe
d:windowssystem3271.exe
d:windowssystem3272.exe
d:windowssystem3273.exe
d:windowssystem3274.exe
d:windowssystem3275.exe
d:windowssystem3276.exe
d:windowssystem3277.exe
d:windowssystem3278.exe
d:windowssystem3280.exe
d:windowssystem3281.exe
d:windowssystem3282.exe
d:windowssystem3283.exe
d:windowssystem3284.exe
d:windowssystem3285.exe
d:windowssystem3286.exe
d:windowssystem3287.exe
d:windowssystem3288.exe
d:windowssystem32em.exe
d:windowssystem32i
d:windowssystem32nigzss.txt
d:windowswind7upd.exe.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
Legacy_ICF
Service_ICF((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-29 )))))))))))))))))))))))))))))))
.2009-12-28 21:19 . 2009-12-28 21:19 74240 —-a-w- d:windowssystem3250.scr
2009-12-27 21:39 . 2009-12-28 23:33 68608 —-a-w- d:windowssystem32ccda_v8.exe
2009-12-24 00:41 . 2009-12-29 06:49 172032 —-a-w- d:windowssystem32ms.exe
2009-12-22 22:19 . 2009-12-29 08:13 45056 —-a-w- d:windowssystem32acovcnt.exe
2009-12-21 19:09 . 2009-12-21 19:09
d
w- d:program filesSkype
2009-12-21 19:09 . 2009-12-21 19:09
d
w- d:program filesCommon FilesSkype
2009-12-17 19:05 . 2009-12-17 19:06
d
w- d:windowsShellNew
2009-12-14 20:59 . 2009-12-14 20:59
d
w- d:documents and settingsАдминистраторLocal SettingsApplication Data{7148F0A6-6813-11D6-A77B-00B0D0142010}
2009-12-14 20:59 . 2009-12-14 21:02
d
w- d:program filesOpera75
2009-12-12 10:10 . 2009-12-12 10:10
d
w- d:documents and settingsАдминистраторApplication DataAhead
2009-12-12 10:10 . 2009-12-12 10:10
d
w- d:documents and settingsAll UsersApplication DataLightScribe
2009-12-12 10:08 . 2009-12-12 10:08
d
w- d:program filesCommon FilesLightScribe
2009-12-12 10:08 . 2009-12-12 10:08
d
w- d:documents and settingsАдминистраторLocal SettingsApplication DataIdentities
2009-12-12 10:08 . 2009-12-12 10:10
d
w- d:documents and settingsАдминистраторLocal SettingsApplication DataAhead
2009-12-12 10:06 . 2009-12-12 10:06
d
w- d:documents and settingsAll UsersApplication DataAhead
2009-12-12 10:01 . 2009-12-12 10:01
d
w- d:documents and settingsAll UsersApplication DataNero
2009-12-12 10:01 . 2009-12-12 10:06
d
w- d:program filesCommon FilesAhead
2009-12-12 10:01 . 2009-12-12 10:01
d
w- d:program filesNero
2009-12-12 09:38 . 2009-12-12 09:38
d
w- d:documents and settingsАдминистраторApplication DataMedia Player Classic
2009-12-11 06:04 . 2009-12-28 21:50
d
w- d:documents and settingsАдминистраторApplication DataSkype
2009-12-10 20:36 . 2009-12-10 20:36
d
w- d:documents and settingsАдминистраторLocal SettingsApplication DataAnVir
2009-12-10 16:59 . 2009-12-10 16:59
d
w- d:documents and settingsNetworkServiceLocal SettingsApplication DataGoogle
2009-12-10 16:41 . 2009-12-10 16:41
d
w- d:documents and settingsLocalServiceLocal SettingsApplication DataGoogle
2009-12-10 16:40 . 2009-12-10 16:43
d
w- d:documents and settingsАдминистраторLocal SettingsApplication DataGoogle
2009-12-10 16:40 . 2009-12-10 17:01
d
w- d:program filesGoogle
2009-12-09 19:45 . 2009-12-09 19:45
d
w- d:windowsProfiles
2009-12-09 19:45 . 2009-12-09 19:45
d
w- d:windowssystem32Adobe
2009-12-09 19:45 . 2009-12-09 19:45
d
w- d:program filesCommon FilesAdobe
2009-12-09 19:45 . 2009-12-09 19:45
d
w- d:documents and settingsАдминистраторApplication DataInterTrust
2009-12-09 19:44 . 1998-10-29 12:45 306688 —-a-w- d:windowsIsUninst.exe
2009-12-08 07:31 . 2009-12-08 08:57 664 —-a-w- d:windowssystem32d3d9caps.dat
2009-12-07 19:44 . 2009-12-26 20:22
d
w- d:program filestrend micro
2009-12-07 19:44 . 2009-12-26 20:22
d
w- D:rsit
2009-12-07 18:16 . 2009-12-07 18:16
d
w- d:documents and settingsNetworkServiceLocal SettingsApplication DataESET
2009-12-06 13:34 . 2009-12-07 19:21
d
w- d:documents and settingsАдминистраторDoctorWeb
2009-12-05 16:38 . 2009-12-24 23:05
d
w- D:movie
2009-12-05 09:47 . 2009-12-05 09:47
d
w- d:documents and settingsАдминистраторLocal SettingsApplication DataESET
2009-12-04 19:18 . 2009-12-04 19:18
d
w- d:documents and settingsLocalServiceLocal SettingsApplication DataESET.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-29 07:32 . 2008-04-15 12:00 14336 —-a-w- d:windowssystem32svchost.exe
2009-12-28 23:32 . 2009-12-04 15:45
d
w- d:documents and settingsАдминистраторApplication DatauTorrent
2009-12-21 19:09 . 2009-12-04 14:49
d
w- d:documents and settingsAll UsersApplication DataSkype
2009-12-20 22:20 . 2009-12-04 16:46
d
w- d:documents and settingsАдминистраторApplication DataskypePM
2009-12-17 19:08 . 2009-12-04 14:17 17080 —-a-w- d:documents and settingsАдминистраторLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-12-14 21:00 . 2009-12-04 13:33
d
w- d:program filesJava
2009-12-07 19:53 . 2009-12-04 13:27 86327 —-a-w- d:windowspchealthhelpctrOfflineCacheindex.dat
2009-12-05 14:34 . 2009-12-04 13:56
d—h—w- d:program filesInstallShield Installation Information
2009-12-05 11:02 . 2009-12-04 14:01
d
w- d:program filesASUS
2009-12-04 16:46 . 2009-12-04 16:46 56 —ha-w- d:windowssystem32ezsidmv.dat
2009-12-04 15:45 . 2009-12-04 15:45
d
w- d:program filesuTorrent
2009-12-04 15:06 . 2009-12-04 15:06
d
w- d:documents and settingsАдминистраторApplication DataTalkback
2009-12-04 15:05 . 2009-12-04 15:05 0 —-a-w- d:windowsnsreg.dat
2009-12-04 14:57 . 2009-12-04 14:47
d
w- d:program filesQIP
2009-12-04 14:56 . 2009-12-04 14:48
d
w- d:documents and settingsАдминистраторApplication DataMra
2009-12-04 14:48 . 2009-12-04 14:48
d
w- d:program filesMail.Ru
2009-12-04 14:46 . 2009-12-04 14:46
d
w- d:documents and settingsАдминистраторApplication DataDownload Master
2009-12-04 14:46 . 2009-12-04 14:46
d
w- d:program filesDownload Master
2009-12-04 14:41 . 2009-12-04 14:41
d
w- d:program filesK-Lite Codec Pack
2009-12-04 14:33 . 2009-12-04 14:33
d
w- d:program filesESET
2009-12-04 14:33 . 2009-12-04 14:33
d
w- d:documents and settingsAll UsersApplication DataESET
2009-12-04 14:24 . 2009-12-04 14:24
d
w- d:program filesToshiba
2009-12-04 14:20 . 2009-12-04 14:20
d
w- d:program filesATK Hotkey
2009-12-04 14:17 . 2009-12-04 14:17
d
w- d:program filesPowerForPhone
2009-12-04 14:13 . 2009-12-04 14:13
d
w- d:program filesSynaptics
2009-12-04 14:12 . 2009-12-04 14:12 24894 —-a-r- d:documents and settingsАдминистраторApplication DataMicrosoftInstaller{4DFA6DA8-75D8-4F2B-A1A0-A5E7A3B779C8}_18be6784.exe
2009-12-04 14:10 . 2008-04-15 12:00 65160 —-a-w- d:windowssystem32perfc019.dat
2009-12-04 14:10 . 2008-04-15 12:00 421696 —-a-w- d:windowssystem32perfh019.dat
2009-12-04 14:02 . 2009-12-04 14:02
d
w- d:program filesWireless Console 2
2009-12-04 13:59 . 2009-12-04 13:56
d
w- d:program filesCommon FilesInstallShield
2009-12-04 13:58 . 2009-12-04 13:58
d
w- d:program filesMotorola
2009-12-04 13:58 . 2009-12-04 13:56
d
w- d:program filesRealtek
2009-12-04 13:58 . 2009-12-04 13:58
d
w- d:documents and settingsАдминистраторApplication DataInstallShield
2009-12-04 13:56 . 2009-12-04 13:56 315392 —-a-w- d:windowsHideWin.exe
2009-12-04 13:51 . 2009-12-04 13:51
d
w- d:program filesIntel
2009-12-04 13:34 . 2009-12-04 13:34
d
w- d:program filesmicrosoft frontpage
2009-12-04 13:34 . 2009-12-04 13:34
d
w- d:program filesVistaDriveIcon
2009-12-04 13:34 . 2009-12-04 13:34 717296 —-a-w- d:windowssystem32driverssptd.sys
2009-12-04 13:33 . 2009-12-04 13:33
d
w- d:program filesCommon FilesJava
2009-12-04 13:31 . 2009-12-04 13:31
d
w- d:program filesWindows Media Connect 2
2009-12-04 13:25 . 2009-12-04 13:25 22564 —-a-w- d:windowssystem32emptyregdb.dat
.
Sigcheck
[-] 2008-04-23 . 99BD46C2C790E52363DD1021DDCA3E8F . 361344 . . [5.1.2600.5512] . . d:windowssystem32driverstcpip.sys[-] 2008-04-25 . 7477564EC8AA190D95A7F3FBB6471F4F . 123904 . . [5.4.3790.5512] . . d:windowssystem32wuauclt.exe
[-] 2008-04-25 . E506465BFB0821DC33077E29FD184E31 . 691200 . . [5.82] . . d:windowssystem32comctl32.dll
[-] 2008-04-25 . 11E710C0612A63C6CE5B3D6534030285 . 3242496 . . [6.00.2900.5512] . . d:windowsie7mshtml.dll
[-] 2008-01-16 . B33628B9937221045A78230130A685C5 . 3593728 . . [7.00.6000.20753] . . d:windowssystem32mshtml.dll[-] 2008-04-23 . 7668E176F08B158D7EF2A17D8EB2B8D3 . 2286592 . . [5.1.2600.5512] . . d:windowssystem32ntoskrnl.exe
[-] 2008-04-25 . 371C41F777924F3EA3BFAD18C6A04502 . 584192 . . [5.1.2600.5512] . . d:windowssystem32user32.dll
[-] 2008-04-25 . A0F98BB46BEEAF2A94593FF9AB856A80 . 1597952 . . [6.00.2900.5512] . . d:windowsexplorer.exe
[-] 2008-04-25 . 1C079017E180FB9AB4B56AA8F896F708 . 1571840 . . [5.1.2600.5512] . . d:windowssystem32sfcfiles.dll
[-] 2008-04-25 . 0CE07543B08FD1E209D99D504076102B . 17408 . . [5.1.2600.5512] . . d:windowssystem32ctfmon.exe
[-] 2008-04-25 . 60D59D502589F1C0459FDDB5FC22B161 . 2165248 . . [5.1.2600.5512] . . d:windowssystem32ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersADSMOverlayIcon1]
@=»{A8D448F4-0431-45AC-9F5E-E1B434AB2249}»
[HKEY_CLASSES_ROOTCLSID{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 14:08 143360 —-a-w- d:program filesASUSASUS Data Security ManagerOverlayIconShlExt1.dll[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«VistaIcon»=»d:program filesVistaDriveIconVistaDrv.exe» [2008-03-23 132096]
«Download Master»=»d:program filesDownload Masterdmaster.exe» [2009-11-06 3778048]
«LightScribe Control Panel»=»d:program filesCommon FilesLightScribeLightScribeControlPanel.exe» [2007-06-20 451872][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«HControl»=»d:windowsATK0100HControl.exe» [2006-10-14 110592]
«IgfxTray»=»d:windowssystem32igfxtray.exe» [2007-06-13 142104]
«HotKeysCmds»=»d:windowssystem32hkcmd.exe» [2007-06-13 162584]
«Persistence»=»d:windowssystem32igfxpers.exe» [2007-06-13 138008]
«RTHDCPL»=»RTHDCPL.EXE» [2007-05-28 16132608]
«SkyTel»=»SkyTel.EXE» [2007-05-25 1826816]
«SMSERIAL»=»d:program filesMotorolaSMSERIALsm56hlpr.exe» [2006-11-22 630784]
«ASUSTPE»=»d:windowssystem32ASUSTPE.exe» [2007-01-16 106496]
«Wireless Console 2″=»d:program filesWireless Console 2wcourier.exe» [2007-07-05 1040384]
«SynTPEnh»=»d:program filesSynapticsSynTPSynTPEnh.exe» [2006-05-25 786521]
«ACMON»=»d:program filesASUSSplendidACMON.exe» [2007-06-26 851968]
«PowerForPhone»=»d:program filesPowerForPhonePowerForPhone.exe» [2007-06-26 778240]
«Power_Gear»=»d:program filesASUSPower4 GearBatteryLife.exe» [2006-07-26 90112]
«ATKHOTKEY»=»d:program filesATK HotkeyHcontrol.exe» [2007-08-15 225280]
«egui»=»d:program filesESETESET NOD32 Antivirusegui.exe» [2008-07-01 1447168]
«MAgent»=»d:program filesMail.RuAgentMAgent.exe» [2009-12-04 7975608]
«NeroFilterCheck»=»d:program filesCommon FilesAheadLibNeroCheck.exe» [2007-03-01 153136]
«SunJavaUpdateSched»=»d:program filesJavajre1.6.0_06binjusched.exe» [2008-03-25 144784][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»d:windowssystem32CTFMON.EXE» [2008-04-25 17408]
«VistaIcon»=»d:program filesVistaDriveIconVistaDrv.exe» [2008-03-23 132096]d:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Bluetooth Manager.lnk — d:program filesToshibaBluetooth Toshiba StackTosBtMng.exe [2007-5-22 2756608]
Microsoft Office.lnk — d:program filesMicrosoft OfficeOffice10OSA.EXE [2001-2-13 83360][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
«SynchronousMachineGroupPolicy»= 0 (0x0)
«SynchronousUserGroupPolicy»= 0 (0x0)[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoThumbnailCache»= 1 (0x1)
«NoSMConfigurePrograms»= 1 (0x1)
«NoSMHelp»= 1 (0x1)[HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoThumbnailCache»= 1 (0x1)
«NoSMConfigurePrograms»= 1 (0x1)
«NoSMHelp»= 1 (0x1)[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«FirewallOverride»=dword:00000001
«UpdatesOverride»=dword:00000001
«AntiVirusOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)
«DisableNotifications»= 1 (0x1)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=R0 sptd;sptd;d:windowssystem32driverssptd.sys [04.12.2009 16:34 717296]
R1 epfwtdir;epfwtdir;d:windowssystem32driversepfwtdir.sys [01.07.2008 9:04 34312]
R2 ekrn;Eset Service;d:program filesESETESET NOD32 Antivirusekrn.exe [21.12.2007 8:21 468224]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:windowssystem32StkCSrv.exe [04.12.2009 17:05 24576]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;d:windowssystem32driversIntcHdmi.sys [04.12.2009 19:12 108032]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:windowssystem32driversStkCMini.sys [04.12.2009 17:05 1260672]
S2 giuureyva;Backbone Service;d:documents and settingsАдминистраторApplication DataMicrosoftcicofuhap.exe —> d:documents and settingsАдминистраторApplication DataMicrosoftcicofuhap.exe [?]— Other Services/Drivers In Memory —
*NewlyCreated* — SRSERVICE
[HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 09:47 451872 —-a-w- d:program filesCommon FilesLightScribeLSRunOnce.exe
.
Supplementary Scan
.
uStart Page = hxxp://virtualsoccer.ru/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: &Экспорт в Microsoft Excel — d:progra~1MICROS~2Office10EXCEL.EXE/3000
IE: Закачать ВСЕ при помощи Download Master — d:program filesDownload Masterdmieall.htm
IE: Закачать при помощи Download Master — d:program filesDownload Masterdmie.htm
IE: Передать на удаленную закачку DM — d:program filesDownload Masterremdown.htm
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — d:program filesMail.RuAgentmagent.exe
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — d:program filesDownload Masterdmaster.exe
FF — ProfilePath — d:documents and settingsАдминистраторApplication DataMozillaFirefoxProfiles9tjugcxl.default
FF — prefs.js: browser.search.defaulturl — hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF — prefs.js: browser.search.selectedEngine — Яндекс
FF — prefs.js: browser.startup.homepage — hxxp://virtualsoccer.ru/
FF — plugin: d:program filesOpera75ProgramPluginsnpdsplay.dll
FF — plugin: d:program filesOpera75ProgramPluginsNPJava11.dll
FF — plugin: d:program filesOpera75ProgramPluginsNPJava12.dll
FF — plugin: d:program filesOpera75ProgramPluginsNPJava13.dll
FF — plugin: d:program filesOpera75ProgramPluginsNPJava14.dll
FF — plugin: d:program filesOpera75ProgramPluginsNPJava32.dll
FF — plugin: d:program filesOpera75ProgramPluginsNPJPI142_01.dll
FF — plugin: d:program filesOpera75ProgramPluginsNPOJI610.dll
FF — plugin: d:program filesOpera75ProgramPluginsNPSWF32.dll
FF — plugin: d:program filesOpera75ProgramPluginsnpwmsdrm.dll
.
— — — — ORPHANS REMOVED — — — —HKCU-Run-couze — d:documents and settingsАдминистраторApplication DataMicrosoftquogip.exe
HKCU-Run-svchosts.exe — d:documents and settingsАдминистраторApplication DataMicrosoftsvchosts.exe
HKLM-Run-couze — d:windowssystem32quogip.exe
HKLM-Run-mshost — d:windowsmshost.exe
HKU-Default-Run-svchosts.exe — d:documents and settingsАдминистраторApplication DataMicrosoftsvchosts.exe**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-29 11:13
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
D:ADSM_PData_0150
scan completed successfully
hidden files: 1**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sppb.sys >>UNKNOWN [0x89BB5938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
DriverDisk -> CLASSPNP.SYS @ 0xf763bf28
DriverACPI -> ACPI.sys @ 0xf7496cb8
Driveratapi -> atapi.sys @ 0xf7978b40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805e6686
ParseProcedure -> ntoskrnl.exe @ 0x8057b6b9
DeviceHarddisk0DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805e6686
ParseProcedure -> ntoskrnl.exe @ 0x8057b6b9
NDIS: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xf7b3abb0
PacketIndicateHandler -> NDIS.sys @ 0xf7b29a0d
SendHandler -> NDIS.sys @ 0xf7b3db40
user & kernel MBR OK**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(884)
d:windowssystem32cscui.dll— — — — — — — > ‘explorer.exe'(2460)
d:windowssystem32SHDOCVW.dll
d:windowssystem32COMRes.dll
d:program filesASUSASUS Data Security ManagerOverlayIconShlExt.dll
d:program filesASUSASUS Data Security ManagerOverlayIconShlExt1.dll
d:windowsSystem32cscui.dll
d:windowssystem32msi.dll
d:windowssystem32NETSHELL.dll
d:windowssystem32credui.dll
d:windowssystem32MSVCP60.dll
d:windowssystem32WPDShServiceObj.dll
d:windowssystem32PortableDeviceTypes.dll
d:windowssystem32PortableDeviceApi.dll
.
Other Running Processes
.
d:program filesASUSASUS Data Security ManagerADSMSrv.exe
d:program filesCommon FilesLightScribeLSSrvc.exe
d:program filesASUSNB ProbeSPMspmgr.exe
d:program filesToshibaBluetooth Toshiba StackTosBtSrv.exe
d:windowssystem32wscntfy.exe
d:windowsRTHDCPL.EXE
d:windowssystem32igfxsrvc.exe
d:windowssystem32ACEngSvr.exe
d:program filesToshibaBluetooth Toshiba StackTosA2dp.exe
d:program filesToshibaBluetooth Toshiba StackTosBtHid.exe
d:windowsATK0100ATKOSD.exe
d:windowssystem32acovcnt.exe
.
**************************************************************************
.
Completion time: 2009-12-29 11:14:53 — machine was rebooted
ComboFix-quarantined-files.txt 2009-12-29 08:14Pre-Run: 961 720 320 байт свободно
Post-Run: 1 352 024 064 байт свободноWindowsXP-KB310994-SP2-Pro-BootDisk-RUS.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)WINDOWS
[operating systems]
c:cmdconsBOOTSECT.DAT=»Microsoft Windows Recovery Console» /cmdcons
multi(0)disk(0)rdisk(0)partition(2)WINDOWS=»Microsoft Windows XP Professional RU» /execute /fastdetect— — End Of File — — AC2A4D81C8A6FF53276329371BC855F9
…
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://D:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — D:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — D:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Передать на удаленную закачку DM — D:Program FilesDownload Masterremdown.htm
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — D:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — D:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — D:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — D:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Program FilesDownload Masterdmaster.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — D:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — D:WINDOWSNetwork Diagnosticxpnetdiag.exe
O12 — Plugin for .spop: D:Program FilesInternet ExplorerPluginsNPDocBox.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — D:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: ADSM Service (ADSMService) — Unknown owner — D:Program FilesASUSASUS Data Security ManagerADSMSrv.exe
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — D:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — D:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — D:WINDOWSsystem32services.exe
O23 — Service: Backbone Service (giuureyva) — Unknown owner — D:Documents and SettingsАдминистраторApplication DataMicrosoftcicofuhap.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — D:WINDOWSsystem32imapi.exe
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — D:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 — Service: NBService — Nero AG — D:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — D:Program FilesCommon FilesAheadLibNMIndexingService.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — D:WINDOWSsystem32services.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — D:WINDOWSSystem32SCardSvr.exe
O23 — Service: spmgr — Unknown owner — D:Program FilesASUSNB ProbeSPMspmgr.exe
O23 — Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) — Syntek America Inc. — D:WINDOWSSystem32StkCSrv.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — D:WINDOWSsystem32smlogsvc.exe
O23 — Service: TOSHIBA Bluetooth Service — TOSHIBA CORPORATION — D:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — D:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — D:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 11087 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — D:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx [2001-04-16 37808][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — D:Program FilesJavajre1.6.0_06binssv.dll [2008-03-25 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — D:PROGRA~1DOWNLO~1dmiehlp.dll [2009-04-16 158208][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class — D:Documents and SettingsАдминистраторApplication DataMicrosoftInternet Explorerqipsearchbar.dll [2009-07-14 150768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — D:Program FilesDownload Masterdmbar.dll [2007-11-26 180224][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«HControl»=D:WINDOWSATK0100HControl.exe [2006-10-14 110592]
«IgfxTray»=D:WINDOWSsystem32i [2009-12-26 83]
«HotKeysCmds»=D:WINDOWSsystem32hkcmd.exe [2007-06-13 162584]
«Persistence»=D:WINDOWSsystem32i [2009-12-26 83]
«RTHDCPL»=D:WINDOWSRTHDCPL.EXE [2007-05-28 16132608]
«SkyTel»=D:WINDOWSSkyTel.EXE [2007-05-25 1826816]
«Alcmtr»=D:WINDOWSALCMTR.EXE [2005-05-03 69632]
«SMSERIAL»=D:Program FilesMotorolaSMSERIALsm56hlpr.exe [2006-11-22 630784]
«ASUSTPE»=D:WINDOWSsystem32ASUSTPE.exe [2007-01-16 106496]
«Wireless Console 2″=D:Program FilesWireless Console 2wcourier.exe [2007-07-05 1040384]
«SynTPEnh»=D:Program FilesSynapticsSynTPSynTPEnh.exe [2006-05-25 786521]
«ACMON»=D:Program FilesASUSSplendidACMON.exe [2007-06-26 851968]
«PowerForPhone»=D:Program FilesPowerForPhonePowerForPhone.exe [2007-06-26 778240]
«Power_Gear»=D:Program FilesASUSPower4 GearBatteryLife.exe [2006-07-26 90112]
«ATKHOTKEY»=D:Program FilesATK HotkeyHcontrol.exe [2007-08-15 225280]
«egui»=D:Program FilesESETESET NOD32 Antivirusegui.exe [2008-07-01 1447168]
«MAgent»=D:Program FilesMail.RuAgentMAgent.exe [2009-12-04 7975608]
«NeroFilterCheck»=D:Program FilesCommon FilesAheadLibNeroCheck.exe [2007-03-01 153136]
«SunJavaUpdateSched»=D:Program FilesJavajre1.6.0_06binjusched.exe [2008-03-25 144784]
«couze»=D:WINDOWSsystem32quogip.exe []
«mshost»=D:WINDOWSmshost.exe [2009-12-24 172032]
«Microsoft Driver Setup»=D:WINDOWShet7upd.exe [2009-12-25 74240]
«Universal Serial Bus device»=D:WINDOWSusbmagr.exe [2009-12-25 135168]
«Windows System Info Serivce»=D:WINDOWSsystem32lcacc.exe [2009-12-26 97792][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun]
«Microsoft Driver Setup»=D:WINDOWShet7upd.exe [2009-12-25 74240][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=D:WINDOWSsystem32ctfmon.exe [2008-04-25 17408]
«VistaIcon»=D:Program FilesVistaDriveIconVistaDrv.exe [2008-03-23 132096]
«Download Master»=D:Program FilesDownload Masterdmaster.exe [2009-11-07 3778048]
«LightScribe Control Panel»=D:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe [2007-06-20 451872]
«couze»=D:Documents and SettingsАдминистраторApplication DataMicrosoftquogip.exe [2009-12-21 181248]D:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Bluetooth Manager.lnk — D:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe
Microsoft Office.lnk — D:Program FilesMicrosoft OfficeOffice10OSA.EXE[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
D:WINDOWSsystem32igfxdev.dll [2007-06-05 204800][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — D:WINDOWSsystem32W [2009-12-26 74][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«SynchronousMachineGroupPolicy»=0
«SynchronousUserGroupPolicy»=0[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoThumbnailCache»=1
«NoSMConfigurePrograms»=1
«NoSMHelp»=1[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-12-26 16:37:45 —-A—- D:WINDOWSsystem32nigzss.txt
2009-12-26 16:37:44 —-RSH—- D:WINDOWSsystem32lcacc.exe
2009-12-26 14:41:10 —-A—- D:WINDOWSsystem3220.exe
2009-12-25 22:05:46 —-RSH—- D:WINDOWSusbmagr.exe
2009-12-25 22:05:36 —-A—- D:WINDOWSsystem32mini.exe
2009-12-25 01:53:44 —-A—- D:WINDOWSsystem3263.exe
2009-12-25 01:18:21 —-RSH—- D:WINDOWShet7upd.exe
2009-12-24 15:19:57 —-A—- D:WINDOWSsystem32gf.exe
2009-12-24 14:10:09 —-A—- D:WINDOWSsystem3278.exe
2009-12-24 03:41:15 —-A—- D:WINDOWSsystem32ms.exe
2009-12-24 02:28:43 —-A—- D:WINDOWSsystem3257.exe
2009-12-24 02:16:04 —-RSH—- D:WINDOWSmshost.exe
2009-12-24 02:07:59 —-A—- D:WINDOWSsystem3237.exe
2009-12-23 17:58:25 —-A—- D:WINDOWSsystem3270.exe
2009-12-23 11:32:00 —-A—- D:WINDOWSsystem3238.exe
2009-12-23 01:19:35 —-A—- D:WINDOWSsystem32acovcnt.exe
2009-12-21 22:09:28 —-D—- D:Program FilesSkype
2009-12-21 22:09:28 —-D—- D:Program FilesCommon FilesSkype
2009-12-19 00:00:26 —-A—- D:WINDOWSsystem32msd.exe
2009-12-18 23:52:47 —-A—- D:WINDOWSsystem3277.exe
2009-12-18 12:36:03 —-A—- D:WINDOWSsystem3236.exe
2009-12-18 11:46:20 —-A—- D:WINDOWSsystem3264.exe
2009-12-18 11:42:33 —-A—- D:WINDOWSsystem3283.exe
2009-12-18 00:12:29 —-A—- D:WINDOWSsystem3260.exe
2009-12-17 22:13:56 —-A—- D:WINDOWSsystem3274.exe
2009-12-17 22:06:38 —-A—- D:WINDOWSODBC.INI
2009-12-17 22:06:07 —-D—- D:Program FilesCommon FilesDesigner
2009-12-17 22:05:33 —-D—- D:WINDOWSShellNew
2009-12-17 22:05:30 —-D—- D:Program FilesMicrosoft Office
2009-12-16 17:07:50 —-A—- D:WINDOWSsystem3222.exe
2009-12-16 17:06:38 —-A—- D:WINDOWSsystem3253.exe
2009-12-16 16:03:45 —-A—- D:WINDOWSsystem3243.exe
2009-12-16 16:02:53 —-A—- D:WINDOWSsystem327.exe
2009-12-16 00:06:05 —-A—- D:WINDOWSsystem3261.exe
2009-12-15 23:03:14 —-A—- D:WINDOWSsystem3226.exe
2009-12-15 11:58:51 —-A—- D:WINDOWSsystem3210.exe
2009-12-15 11:53:09 —-A—- D:WINDOWSsystem3266.exe
2009-12-15 11:19:44 —-A—- D:WINDOWSsystem3228.exe
2009-12-15 11:14:18 —-A—- D:WINDOWSsystem3280.exe
2009-12-15 00:02:07 —-D—- D:Documents and SettingsАдминистраторApplication DataOpera
2009-12-14 23:59:17 —-D—- D:Program FilesOpera75
2009-12-14 20:04:01 —-A—- D:WINDOWSnigzss.txt
2009-12-14 20:01:47 —-A—- D:WINDOWSsystem3235.exe
2009-12-14 14:03:50 —-A—- D:WINDOWSsystem3282.exe
2009-12-14 13:56:42 —-A—- D:WINDOWSsystem3256.exe
2009-12-14 01:17:01 —-A—- D:WINDOWSsystem3224.exe
2009-12-14 00:02:01 —-A—- D:WINDOWSsystem3262.exe
2009-12-13 23:31:01 —-A—- D:WINDOWSNeroDigital.ini
2009-12-13 00:48:01 —-A—- D:WINDOWSsystem3272.exe
2009-12-12 13:23:20 —-A—- D:WINDOWSsystem3287.exe
2009-12-12 13:22:40 —-A—- D:WINDOWSsystem3284.exe
2009-12-12 13:10:29 —-D—- D:Documents and SettingsАдминистраторApplication DataAhead
2009-12-12 13:10:28 —-D—- D:Documents and SettingsAll UsersApplication DataLightScribe
2009-12-12 13:08:55 —-D—- D:Program FilesCommon FilesLightScribe
2009-12-12 13:06:38 —-D—- D:Documents and SettingsAll UsersApplication DataAhead
2009-12-12 13:01:50 —-D—- D:Documents and SettingsAll UsersApplication DataNero
2009-12-12 13:01:49 —-D—- D:Program FilesNero
2009-12-12 13:01:49 —-D—- D:Program FilesCommon FilesAhead
2009-12-12 12:38:00 —-D—- D:Documents and SettingsАдминистраторApplication DataMedia Player Classic
2009-12-11 23:48:12 —-A—- D:WINDOWSsystem32em.exe
2009-12-11 12:17:32 —-A—- D:WINDOWSsystem3241.exe
2009-12-11 12:06:07 —-A—- D:WINDOWSsystem320.exe
2009-12-11 11:58:56 —-A—- D:WINDOWSsystem3275.exe
2009-12-11 09:04:42 —-D—- D:Documents and SettingsАдминистраторApplication DataSkype
2009-12-10 20:54:02 —-D—- D:Documents and SettingsAll UsersApplication DataGoogle
2009-12-10 19:40:53 —-D—- D:Program FilesGoogle
2009-12-10 15:43:59 —-A—- D:WINDOWSsystem3234.exe
2009-12-10 15:30:27 —-A—- D:WINDOWSsystem3240.exe
2009-12-10 12:35:39 —-A—- D:WINDOWSsystem3244.exe
2009-12-10 12:30:41 —-A—- D:WINDOWSsystem3258.exe
2009-12-10 12:29:36 —-A—- D:WINDOWSsystem3225.exe
2009-12-10 12:25:22 —-A—- D:WINDOWSsystem3288.exe
2009-12-10 00:48:10 —-A—- D:WINDOWSsystem3273.exe
2009-12-10 00:46:14 —-D—- D:WINDOWSsystem32appmgmt
2009-12-09 23:47:26 —-A—- D:WINDOWSsystem3233.exe
2009-12-09 23:46:39 —-A—- D:WINDOWSsystem321.exe
2009-12-09 23:44:56 —-A—- D:WINDOWSsystem3252.exe
2009-12-09 22:45:03 —-D—- D:WINDOWSProfiles
2009-12-09 22:45:02 —-D—- D:WINDOWSsystem32Adobe
2009-12-09 22:45:02 —-D—- D:Program FilesAdobe
2009-12-09 22:45:01 —-D—- D:Program FilesCommon FilesAdobe
2009-12-09 22:45:01 —-D—- D:Documents and SettingsАдминистраторApplication DataInterTrust
2009-12-09 22:44:53 —-A—- D:WINDOWSIsUninst.exe
2009-12-09 21:05:28 —-A—- D:WINDOWSsystem324.exe
2009-12-09 14:14:43 —-A—- D:WINDOWSsystem3250.exe
2009-12-09 14:14:16 —-A—- D:WINDOWSsystem3268.exe
2009-12-09 12:56:21 —-A—- D:WINDOWSsystem3232.exe
2009-12-09 10:18:22 —-A—- D:WINDOWSsystem3213.exe
2009-12-09 03:14:18 —-A—- D:WINDOWSsystem3242.exe
2009-12-09 01:45:54 —-A—- D:WINDOWSsystem3276.exe
2009-12-08 21:07:24 —-A—- D:WINDOWSsystem3214.exe
2009-12-08 21:04:29 —-A—- D:WINDOWSsystem3286.exe
2009-12-08 10:15:20 —-A—- D:WINDOWSntbtlog.txt
2009-12-08 00:00:44 —-A—- D:WINDOWSsystem3271.exe
2009-12-07 22:44:23 —-D—- D:Program Filestrend micro
2009-12-07 22:44:22 —-D—- D:rsit
2009-12-07 21:52:03 —-A—- D:WINDOWSsystem3231.exe
2009-12-07 19:16:14 —-A—- D:WINDOWSsystem3285.exe
2009-12-07 15:03:30 —-A—- D:WINDOWSsystem3246.exe
2009-12-07 14:53:36 —-A—- D:WINDOWSsystem3267.exe
2009-12-07 13:49:42 —-A—- D:WINDOWSsystem3245.exe
2009-12-07 03:06:39 —-A—- D:WINDOWSsystem3217.exe
2009-12-07 01:04:36 —-A—- D:WINDOWSsystem3218.exe
2009-12-07 00:04:36 —-A—- D:WINDOWSsystem323.exe
2009-12-07 00:01:26 —-A—- D:WINDOWSsystem3247.exe
2009-12-06 23:57:05 —-A—- D:WINDOWSsystem322.exe
2009-12-06 21:54:50 —-A—- D:WINDOWSsystem3281.exe
2009-12-06 21:54:47 —-A—- D:WINDOWSsystem3221.exe
2009-12-06 20:41:08 —-A—- D:WINDOWSsystem3227.exe
2009-12-06 20:41:04 —-A—- D:WINDOWSsystem3265.exe
2009-12-06 10:02:20 —-A—- D:WINDOWSsystem3211.exe
2009-12-06 10:01:42 —-A—- D:WINDOWSsystem3216.exe
2009-12-05 19:38:59 —-D—- D:movie
2009-12-05 03:14:43 —-A—- D:WINDOWSsystem3215.exe
2009-12-04 20:57:37 —-A—- D:WINDOWSNet4Switch.INI
2009-12-04 19:46:37 —-D—- D:Documents and SettingsАдминистраторApplication DataskypePM
2009-12-04 19:22:18 —-A—- D:WINDOWSsystem32h323log.txt
2009-12-04 19:21:29 —-D—- D:WINDOWSsystem32RTCOM
2009-12-04 19:21:27 —-A—- D:WINDOWSsystem32ksuser.dll
2009-12-04 19:20:06 —-A—- D:WINDOWSsystem32usbui.dll
2009-12-04 19:19:34 —-D—- D:WINDOWSATK0100
2009-12-04 19:18:37 —-SHD—- D:WINDOWSInstaller
2009-12-04 19:18:37 —-A—- D:WINDOWSsystem32PerfStringBackup.INI
2009-12-04 19:18:36 —-D—- D:Program FilesCommon FilesODBC
2009-12-04 19:18:36 —-A—- D:WINDOWSODBCINST.INI
2009-12-04 19:18:33 —-RD—- D:Program Files
2009-12-04 19:18:33 —-D—- D:Program FilesCommon FilesSpeechEngines
2009-12-04 19:18:33 —-D—- D:Program FilesCommon FilesMicrosoft Shared
2009-12-04 19:18:33 —-D—- D:Program FilesCommon Files
2009-12-04 19:18:30 —-RA—- D:WINDOWSsystem32kbdtuq.dll
2009-12-04 19:18:30 —-RA—- D:WINDOWSsystem32kbdazel.dll
2009-12-04 19:18:29 —-RA—- D:WINDOWSsystem32kbdtuf.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhept.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhela3.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhela2.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhe319.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhe220.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhe.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdgkl.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdlv1.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdlv.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdlt1.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdlt.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdest.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdsl1.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdsl.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdro.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdpl1.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdpl.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdhu1.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdhu.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdcz2.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32kbdycl.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32kbdcz1.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32kbdcz.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32kbdcr.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32KBDAL.DLL
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdycc.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbduzb.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdur.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdtat.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdmon.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdkyr.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdkaz.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdbu.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdblr.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdaze.dll
2009-12-04 19:18:20 —-A—- D:WINDOWSsystem32irclass.dll
2009-12-04 19:18:20 —-A—- D:WINDOWSsystem32dgrpsetu.dll
2009-12-04 19:18:19 —-A—- D:WINDOWSsystem32spxcoins.dll
2009-12-04 19:18:19 —-A—- D:WINDOWSsystem32EqnClass.Dll
2009-12-04 19:18:19 —-A—- D:WINDOWSsystem32dgsetup.dll
2009-12-04 19:18:17 —-N—- D:WINDOWSsystem32CONFIG.TMP
2009-12-04 19:18:17 —-A—- D:WINDOWSTASKMAN.EXE
2009-12-04 19:18:16 —-A—- D:WINDOWSsystem32storprop.dll
2009-12-04 19:18:16 —-A—- D:WINDOWSsystem32batt.dll
2009-12-04 19:18:16 —-A—- D:WINDOWSNOTEPAD.EXE
2009-12-04 19:18:09 —-ASH—- D:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-12-04 19:18:06 —-RA—- D:WINDOWSSETAE5.tmp
2009-12-04 19:18:03 —-RA—- D:WINDOWSSETAE1.tmp
2009-12-04 19:18:02 —-RA—- D:WINDOWSSETAE0.tmp
2009-12-04 19:17:47 —-SD—- D:Documents and SettingsAll UsersApplication DataMicrosoft
2009-12-04 19:17:28 —-A—- D:WINDOWSsetuplog.txt
2009-12-04 19:15:50 —-A—- D:WINDOWSsystem32NETw4r32.dll
2009-12-04 19:15:50 —-A—- D:WINDOWSsystem32NETw4c32.dll
2009-12-04 19:15:33 —-A—- D:WINDOWSSoundMan.exe
2009-12-04 19:15:33 —-A—- D:WINDOWSSkyTel.exe
2009-12-04 19:15:33 —-A—- D:WINDOWSRtlUpd.exe
2009-12-04 19:15:32 —-A—- D:WINDOWSRTLCPL.exe
2009-12-04 19:15:31 —-A—- D:WINDOWSRTHDCPL.exe
2009-12-04 19:15:31 —-A—- D:WINDOWSMicCal.exe
2009-12-04 19:15:31 —-A—- D:WINDOWSalcwzrd.exe
2009-12-04 19:15:31 —-A—- D:WINDOWSAlcmtr.exe
2009-12-04 19:12:40 —-A—- D:WINDOWSsystem32igxprd32.dll
2009-12-04 19:12:40 —-A—- D:WINDOWSsystem32igxpgd32.dll
2009-12-04 19:12:40 —-A—- D:WINDOWSsystem32igxpdx32.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igxpdv32.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igmedcompkrn.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igklg450.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igklg400.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igfxsrvc.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igfxress.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igfxpph.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igfxCoIn_v4906.dll
2009-12-04 19:12:38 —-A—- D:WINDOWSsystem32igfxexps.dll
2009-12-04 19:12:38 —-A—- D:WINDOWSsystem32igfxdo.dll
2009-12-04 19:12:38 —-A—- D:WINDOWSsystem32igfxdev.dll
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxzoom.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxtray.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxsrvc.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxpers.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxext.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxcfg.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32ig4icd32.dll
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32ig4dev32.dll
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32hkcmd.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32hccutils.dll
2009-12-04 19:11:36 —-D—- D:WINDOWSsystem32CatRoot2
2009-12-04 19:11:36 —-D—- D:WINDOWSsystem32CatRoot
2009-12-04 19:11:22 —-SHD—- D:System Volume Information
2009-12-04 19:11:22 —-D—- D:Documents and Settings
2009-12-04 19:04:27 —-RSHDC—- D:WINDOWSsystem32dllcache
2009-12-04 19:04:27 —-RSD—- D:WINDOWSFonts
2009-12-04 19:04:27 —-HD—- D:WINDOWSinf
2009-12-04 19:04:27 —-D—- D:WINDOWSWinSxS
2009-12-04 19:04:27 —-D—- D:WINDOWSWeb
2009-12-04 19:04:27 —-D—- D:WINDOWStwain_32
2009-12-04 19:04:27 —-D—- D:WINDOWSTemp
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32wins
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32wbem
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32usmt
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32spool
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ShellExt
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32Setup
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ru-ru
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ru
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ras
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32oobe
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32npp
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32mui
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32inetsrv
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32IME
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32icsxml
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ias
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32export
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32drivers
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32dhcp
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32config
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem323com_dmi
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem323076
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem322052
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321054
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321049
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321042
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321041
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321037
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321033
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321031
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321028
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321025
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem
2009-12-04 19:04:27 —-D—- D:WINDOWSsecurity
2009-12-04 19:04:27 —-D—- D:WINDOWSResources
2009-12-04 19:04:27 —-D—- D:WINDOWSrepair
2009-12-04 19:04:27 —-D—- D:WINDOWSProvisioning
2009-12-04 19:04:27 —-D—- D:WINDOWSPeerNet
2009-12-04 19:04:27 —-D—- D:WINDOWSpchealth
2009-12-04 19:04:27 —-D—- D:WINDOWSNetwork Diagnostic
2009-12-04 19:04:27 —-D—- D:WINDOWSmui
2009-12-04 19:04:27 —-D—- D:WINDOWSmsapps
2009-12-04 19:04:27 —-D—- D:WINDOWSmsagent
2009-12-04 19:04:27 —-D—- D:WINDOWSMedia
2009-12-04 19:04:27 —-D—- D:WINDOWSL2Schemas
2009-12-04 19:04:27 —-D—- D:WINDOWSjava
2009-12-04 19:04:27 —-D—- D:WINDOWSime
2009-12-04 19:04:27 —-D—- D:WINDOWSHelp
2009-12-04 19:04:27 —-D—- D:WINDOWSehome
2009-12-04 19:04:27 —-D—- D:WINDOWSDriver Cache
2009-12-04 19:04:27 —-D—- D:WINDOWSDebug
2009-12-04 19:04:27 —-D—- D:WINDOWSCursors
2009-12-04 19:04:27 —-D—- D:WINDOWSConnection Wizard
2009-12-04 19:04:27 —-D—- D:WINDOWSConfig
2009-12-04 19:04:27 —-D—- D:WINDOWSAppPatch
2009-12-04 19:04:27 —-D—- D:WINDOWSaddins
2009-12-04 19:04:27 —-D—- D:WINDOWS
2009-12-04 18:45:59 —-D—- D:хрень
2009-12-04 18:45:05 —-D—- D:Program FilesuTorrent
2009-12-04 18:45:04 —-D—- D:Documents and SettingsАдминистраторApplication DatauTorrent
2009-12-04 18:06:42 —-D—- D:Documents and SettingsАдминистраторApplication DataTalkback
2009-12-04 18:05:52 —-D—- D:Documents and SettingsАдминистраторApplication DataMozilla
2009-12-04 18:05:45 —-D—- D:Program FilesMozilla Firefox
2009-12-04 17:58:35 —-D—- D:Documents and SettingsАдминистраторApplication DataMacromedia
2009-12-04 17:57:04 —-D—- D:Documents and SettingsАдминистраторApplication DataAdobe
2009-12-04 17:49:20 —-D—- D:Documents and SettingsAll UsersApplication DataSkype
2009-12-04 17:48:58 —-D—- D:Documents and SettingsАдминистраторApplication DataMra
2009-12-04 17:48:49 —-D—- D:Program FilesMail.Ru
2009-12-04 17:47:23 —-D—- D:Program FilesQIP
2009-12-04 17:46:25 —-D—- D:Documents and SettingsАдминистраторApplication DataDownload Master
2009-12-04 17:46:14 —-D—- D:Program FilesDownload Master
2009-12-04 17:41:34 —-A—- D:WINDOWSsystem32unrar.dll
2009-12-04 17:41:28 —-A—- D:WINDOWSsystem32yv12vfw.dll
2009-12-04 17:41:28 —-A—- D:WINDOWSsystem32xvidvfw.dll
2009-12-04 17:41:28 —-A—- D:WINDOWSsystem32xvidcore.dll
2009-12-04 17:41:27 —-A—- D:WINDOWSsystem32qt-dx331.dll
2009-12-04 17:41:27 —-A—- D:WINDOWSsystem32dpl100.dll
2009-12-04 17:41:22 —-A—- D:WINDOWSsystem32divx.dll
2009-12-04 17:41:20 —-A—- D:WINDOWSsystem32ff_vfw.dll.manifest
2009-12-04 17:41:20 —-A—- D:WINDOWSsystem32ff_vfw.dll
2009-12-04 17:41:19 —-D—- D:Program FilesK-Lite Codec Pack
2009-12-04 17:41:19 —-A—- D:WINDOWSsystem32pthreadGC2.dll
2009-12-04 17:41:19 —-A—- D:WINDOWSsystem32msvcr71.dll
2009-12-04 17:33:14 —-D—- D:Program FilesESET
2009-12-04 17:33:14 —-D—- D:Documents and SettingsAll UsersApplication DataESET
2009-12-04 17:32:53 —-A—- D:WINDOWSLvHook.dll
2009-12-04 17:32:51 —-A—- D:WINDOWSWlingvo.ini
2009-12-04 17:29:28 —-A—- D:WINDOWStosOBEX.INI
2009-12-04 17:24:27 —-D—- D:Program FilesToshiba
2009-12-04 17:20:33 —-D—- D:Program FilesATK Hotkey
2009-12-04 17:17:29 —-A—- D:WINDOWSModemLog_Motorola SM56 Speakerphone Modem.txt
2009-12-04 17:17:28 —-D—- D:Program FilesPowerForPhone
2009-12-04 17:15:17 —-A—- D:WINDOWSsystem32ACEngSvr.exe
2009-12-04 17:13:14 —-D—- D:WINDOWSsystem32ReinstallBackups
2009-12-04 17:13:10 —-A—- D:WINDOWSsystem32SynTPFcs.dll
2009-12-04 17:13:10 —-A—- D:WINDOWSsystem32SynTPCo2.dll
2009-12-04 17:13:10 —-A—- D:WINDOWSsystem32SynTPAPI.dll
2009-12-04 17:13:09 —-D—- D:Program FilesSynaptics
2009-12-04 17:05:19 —-A—- D:WINDOWSsystem32vfwwdm32.dll
2009-12-04 17:05:00 —-A—- D:WINDOWSVideoView.exe
2009-12-04 17:05:00 —-A—- D:WINDOWSsystem32StkSSrv.dll
2009-12-04 17:05:00 —-A—- D:WINDOWSsystem32StkCWIA.dll
2009-12-04 17:05:00 —-A—- D:WINDOWSsystem32StkCSrv.exe
2009-12-04 17:05:00 —-A—- D:WINDOWSStkUnist.exe
2009-12-04 17:05:00 —-A—- D:WINDOWSStkC112X.exe
2009-12-04 17:02:46 —-D—- D:Program FilesWireless Console 2
2009-12-04 17:01:06 —-D—- D:Program FilesASUS
2009-12-04 16:59:36 —-A—- D:WINDOWSsystem32TPESetting.dll
2009-12-04 16:59:36 —-A—- D:WINDOWSsystem32SynCtrl.dll
2009-12-04 16:59:36 —-A—- D:WINDOWSsystem32SynCOM.dll
2009-12-04 16:59:36 —-A—- D:WINDOWSsystem32ASUSTPE.exe
2009-12-04 16:58:55 —-D—- D:Program FilesMotorola
2009-12-04 16:58:45 —-A—- D:WINDOWSsystem32sm56co6a.dll
2009-12-04 16:58:08 —-D—- D:WINDOWSOPTIONS
2009-12-04 16:58:05 —-D—- D:Documents and SettingsАдминистраторApplication DataInstallShield
2009-12-04 16:56:34 —-A—- D:WINDOWSsystem32ChCfg.exe
2009-12-04 16:56:07 —-HD—- D:Program FilesInstallShield Installation Information
2009-12-04 16:56:07 —-D—- D:Program FilesRealtek
2009-12-04 16:56:05 —-A—- D:WINDOWSRtlExUpd.dll
2009-12-04 16:56:05 —-A—- D:WINDOWSHideWin.exe
2009-12-04 16:56:02 —-D—- D:Program FilesCommon FilesInstallShield
2009-12-04 16:55:10 —-A—- D:WINDOWSsystem32igfxres.dll
2009-12-04 16:53:14 —-A—- D:WINDOWSsystem32igxpun.exe
2009-12-04 16:53:14 —-A—- D:WINDOWSsystem32igmedkrn.dll
2009-12-04 16:53:14 —-A—- D:WINDOWSsystem32igfxCoIn_v4837.dll
2009-12-04 16:53:14 —-A—- D:WINDOWSsystem32difxapi.dll
2009-12-04 16:51:42 —-DC—- D:WINDOWSsystem32DRVSTORE
2009-12-04 16:51:42 —-D—- D:Program FilesIntel
2009-12-04 16:51:33 —-D—- D:Intel
2009-12-04 16:47:17 —-D—- D:Program FilesWinRAR
2009-12-04 16:46:13 —-D—- D:WINDOWSsystem32Lang
2009-12-04 16:45:52 —-D—- D:Documents and SettingsАдминистраторApplication DataIdentities
2009-12-04 16:45:35 —-HD—- D:Program FilesUninstall Information
2009-12-04 16:40:20 —-SHD—- D:RECYCLER
2009-12-04 16:39:59 —-RD—- D:WINDOWSOemDrv
2009-12-04 16:39:54 —-SD—- D:Documents and SettingsАдминистраторApplication DataMicrosoft
2009-12-04 16:39:54 —-ASH—- D:Documents and SettingsАдминистраторApplication Datadesktop.ini
2009-12-04 16:38:55 —-D—- D:WINDOWSSoftwareDistribution
2009-12-04 16:38:44 —-D—- D:WINDOWSPrefetch
2009-12-04 16:38:43 —-A—- D:WINDOWSSchedLgU.Txt
2009-12-04 16:34:48 —-D—- D:WINDOWSsystem32xircom
2009-12-04 16:34:48 —-D—- D:Program Filesxerox
2009-12-04 16:34:48 —-D—- D:Program Filesmsn gaming zone
2009-12-04 16:34:48 —-D—- D:Program Filesmicrosoft frontpage
2009-12-04 16:34:35 —-D—- D:Program FilesVistaDriveIcon
2009-12-04 16:34:34 —-A—- D:WINDOWSsystem32hidcon.exe
2009-12-04 16:34:33 —-A—- D:WINDOWSsystem32OEMINFO.INI
2009-12-04 16:34:19 —-D—- D:WINDOWSIntel
2009-12-04 16:34:19 —-D—- D:WINDOWSAMD
2009-12-04 16:34:19 —-A—- D:WINDOWSoemlogo.exe
2009-12-04 16:34:16 —-SD—- D:WINDOWSsystem32Microsoft
2009-12-04 16:34:16 —-A—- D:WINDOWSsystem32javaws.exe
2009-12-04 16:34:16 —-A—- D:WINDOWSsystem32javaw.exe
2009-12-04 16:34:16 —-A—- D:WINDOWSsystem32java.exe
2009-12-04 16:33:57 —-D—- D:Program FilesJava
2009-12-04 16:33:56 —-D—- D:Program FilesCommon FilesJava
2009-12-04 16:32:52 —-RSD—- D:WINDOWSassembly
2009-12-04 16:32:52 —-D—- D:WINDOWSMicrosoft.NET
2009-12-04 16:32:51 —-D—- D:WINDOWSsystem32URTTemp
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xinput9_1_0.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xinput1_3.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xinput1_2.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xinput1_1.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32XAudio2_0.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine3_0.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_9.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_8.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_7.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_6.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_5.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_4.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_3.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_2.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_10.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_1.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_0.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32X3DAudio1_3.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32x3daudio1_2.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32x3daudio1_1.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32x3daudio1_0.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_37.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_36.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_35.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_34.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_33.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_32.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_31.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_30.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_29.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_28.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_27.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_26.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_25.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_24.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_37.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_36.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_35.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_34.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_33.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32D3DCompiler_37.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dcompiler_36.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dcompiler_35.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dcompiler_34.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dcompiler_33.dll
2009-12-04 16:32:19 —-D—- D:WINDOWSsystem32Cplicons
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32wul_lng.ini
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32wul.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32TweakUI.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32pserv2.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32pkey_lng.ini
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32MS_Auto.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32Hoster.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32bootsafe.exe
2009-12-04 16:32:02 —-HDC—- D:WINDOWS$NtUninstallKB941569$
2009-12-04 16:31:53 —-HDC—- D:WINDOWS$NtUninstallKB929399$
2009-12-04 16:31:45 —-N—- D:WINDOWSsystem32spmsg.dll
2009-12-04 16:31:44 —-HDC—- D:WINDOWS$NtUninstallMSCompPackV1$
2009-12-04 16:31:33 —-D—- D:Program FilesWindows Media Connect 2
2009-12-04 16:31:26 —-HDC—- D:WINDOWS$NtUninstallwmp11$
2009-12-04 16:31:12 —-HDC—- D:WINDOWS$NtUninstallWMFDist11$
2009-12-04 16:31:06 —-D—- D:WINDOWSsystem32LogFiles
2009-12-04 16:31:03 —-HDC—- D:WINDOWS$NtUninstallWudf01000$
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WUDFx.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WudfSvc.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WudfPlatform.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WUDFCoinstaller.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32wpdsp.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WPDShServiceObj.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WpdShext.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32wpdmtpus.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32wpd_ci.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wpdmtp.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wpdconns.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVXENCD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVSENCD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVSDECD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVENCOD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVDECOD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVADVE.DLL
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVADVD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wmpsrcwp.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wmpps.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wmpmde.dll
2009-12-04 16:30:55 —-N—- D:WINDOWSsystem32wmpencen.dll
2009-12-04 16:30:55 —-N—- D:WINDOWSsystem32wmpeffects.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32WudfHost.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wpdshextautoplay.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wmdrmsdk.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wmdrmnet.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wmdrmdev.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wdfmgr.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wdfapi.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32uwdf.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceWMDRM.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceWiaCompat.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceTypes.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceClassExtension.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceApi.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32msdelta.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32MPG4DECD.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32MP4SDECD.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32MP43DECD.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32MFPLAT.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32drmupgds.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32audiodev.dll
2009-12-04 16:30:36 —-N—- D:WINDOWSsystem32wpdshextres.dll
2009-12-04 16:30:23 —-D—- D:WINDOWSWBEM
2009-12-04 16:29:35 —-HDC—- D:WINDOWSie7
2009-12-04 16:29:30 —-HDC—- D:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-12-04 16:29:22 —-A—- D:WINDOWSsystem32spupdsvc.exe
2009-12-04 16:29:21 —-HDC—- D:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-12-04 16:29:14 —-HD—- D:WINDOWS$hf_mig$
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32WinFXDocObj.exe
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32msfeedssync.exe
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32msfeedsbs.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32msfeeds.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32ieui.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32iertutil.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32ieapfltr.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32icardie.dll
2009-12-04 16:29:06 —-A—- D:WINDOWSsystem32ieudinit.exe
2009-12-04 16:29:06 —-A—- D:WINDOWSsystem32ieframe.dll
2009-12-04 16:29:04 —-N—- D:WINDOWSsystem32ieframe.dll.mui
2009-12-04 16:29:04 —-N—- D:WINDOWSsystem32advpack.dll.mui
2009-12-04 16:28:39 —-A—- D:WINDOWScontrol.ini
2009-12-04 16:28:31 —-A—- D:WINDOWSOEWABLog.txt
2009-12-04 16:28:26 —-A—- D:WINDOWSsystem32mapi32.dll
2009-12-04 16:27:37 —-RD—- D:WINDOWSOffline Web Pages
2009-12-04 16:27:36 —-SD—- D:WINDOWSDownloaded Program Files
2009-12-04 16:27:36 —-RAH—- D:WINDOWSsystem32logonui.exe.manifest
2009-12-04 16:27:31 —-RAH—- D:WINDOWSsystem32cdplayer.exe.manifest
2009-12-04 16:27:27 —-HD—- D:Program FilesWindowsUpdate
2009-12-04 16:27:23 —-D—- D:Program FilesOnline Services
2009-12-04 16:27:07 —-D—- D:WINDOWSsystem32DirectX
2009-12-04 16:26:59 —-A—- D:WINDOWSsystem32atrace.dll
2009-12-04 16:26:58 —-A—- D:WINDOWSsystem32desktop.ini
2009-12-04 16:26:58 —-A—- D:WINDOWSdesktop.ini
2009-12-04 16:26:46 —-A—- D:WINDOWSsystem32nmevtmsg.dll
2009-12-04 16:26:44 —-D—- D:Program FilesCommon FilesServices
2009-12-04 16:26:44 —-A—- D:WINDOWSsystem32acctres.dll
2009-12-04 16:26:41 —-SD—- D:WINDOWSTasks
2009-12-04 16:26:41 —-A—- D:WINDOWSsystem32icfgnt5.dll
2009-12-04 16:26:40 —-D—- D:Program FilesCommon FilesMSSoap
2009-12-04 16:26:36 —-D—- D:WINDOWSsystem32Macromed
2009-12-04 16:26:36 —-D—- D:WINDOWSsrchasst
2009-12-04 16:26:33 —-A—- D:WINDOWSsystem32wuweb.dll
2009-12-04 16:26:33 —-A—- D:WINDOWSsystem32wucltui.dll
2009-12-04 16:26:33 —-A—- D:WINDOWSsystem32wuauserv.dll
2009-12-04 16:26:33 —-A—- D:WINDOWSsystem32wuaueng1.dll
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wups.dll
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wuaueng.dll
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wuauclt1.exe
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wuauclt.exe
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wuapi.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32qmgrprxy.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32qmgr.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32bitsprx4.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32bitsprx3.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32bitsprx2.dll
2009-12-04 16:26:27 —-D—- D:Program FilesMovie Maker
2009-12-04 16:26:09 —-A—- D:WINDOWSsystem32safrslv.dll
2009-12-04 16:26:09 —-A—- D:WINDOWSsystem32safrdm.dll
2009-12-04 16:26:09 —-A—- D:WINDOWSsystem32safrcdlg.dll
2009-12-04 16:26:09 —-A—- D:WINDOWSsystem32racpldlg.dll
2009-12-04 16:26:05 —-A—- D:WINDOWSsystem32fltMc.exe
2009-12-04 16:26:05 —-A—- D:WINDOWSsystem32fltlib.dll
2009-12-04 16:26:04 —-D—- D:WINDOWSsystem32Restore
2009-12-04 16:26:04 —-A—- D:WINDOWSsystem32srsvc.dll
2009-12-04 16:26:04 —-A—- D:WINDOWSsystem32srrstr.dll
2009-12-04 16:26:04 —-A—- D:WINDOWSsystem32srclient.dll
2009-12-04 16:26:03 —-A—- D:WINDOWSsystem32nmmkcert.dll
2009-12-04 16:26:03 —-A—- D:WINDOWSsystem32mnmdd.dll
2009-12-04 16:26:03 —-A—- D:WINDOWSsystem32isrdbg32.dll
2009-12-04 16:26:03 —-A—- D:WINDOWSsystem32ils.dll
2009-12-04 16:26:02 —-A—- D:WINDOWSsystem32msconf.dll
2009-12-04 16:26:02 —-A—- D:WINDOWSsystem32mnmsrvc.exe
2009-12-04 16:26:00 —-D—- D:Program FilesNetMeeting
2009-12-04 16:25:59 —-A—- D:WINDOWSsystem32msoert2.dll
2009-12-04 16:25:59 —-A—- D:WINDOWSsystem32msoeacct.dll
2009-12-04 16:25:58 —-A—- D:WINDOWSsystem32inetres.dll
2009-12-04 16:25:58 —-A—- D:WINDOWSsystem32inetcomm.dll
2009-12-04 16:25:56 —-D—- D:Program FilesOutlook Express
2009-12-04 16:25:56 —-A—- D:WINDOWSsystem32schedsvc.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32mstinit.exe
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32mstask.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32isign32.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32inetcfg.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32icwphbk.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32icwdial.dll
2009-12-04 16:25:49 —-D—- D:Program FilesCommon FilesSystem
2009-12-04 16:25:44 —-D—- D:Program FilesInternet Explorer
2009-12-04 16:25:12 —-D—- D:Program FilesComPlus Applications
2009-12-04 16:25:10 —-A—- D:WINDOWSvbaddin.ini
2009-12-04 16:25:10 —-A—- D:WINDOWSvb.ini
2009-12-04 16:25:05 —-D—- D:WINDOWSRegistration
2009-12-04 16:24:58 —-D—- D:Program FilesWindows Media Player
2009-12-04 16:24:53 —-A—- D:WINDOWSsystem32write.exe
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32sndvol32.exe
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32hticons.dll
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32avwav.dll
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32avtapi.dll
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32avmeter.dll
2009-12-04 16:24:46 —-A—- D:WINDOWSsystem32winchat.exe
2009-12-04 16:24:40 —-A—- D:WINDOWSsystem32getuname.dll
2009-12-04 16:24:40 —-A—- D:WINDOWSsystem32charmap.exe
2009-12-04 16:24:40 —-A—- D:WINDOWSsystem32calc.exe
2009-12-04 16:24:39 —-A—- D:WINDOWSsystem32winmine.exe
2009-12-04 16:24:39 —-A—- D:WINDOWSsystem32sol.exe
2009-12-04 16:24:39 —-A—- D:WINDOWSsystem32mshearts.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32usrlogon.cmd
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tsshutdn.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tslabels.ini
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tskill.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tsdiscon.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tscon.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32reset.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32freecell.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32shadow.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32rwinsta.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32regini.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32rdpcfgex.dll
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32qwinsta.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32qappsrv.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32msg.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32logoff.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32cdmodem.dll
2009-12-04 16:24:36 —-A—- D:WINDOWSsystem32msdtcprf.ini
2009-12-04 16:24:31 —-A—- D:WINDOWSsystem32wmimgmt.msc
2009-12-04 16:24:30 —-A—- D:WINDOWSsystem32accwiz.exe
2009-12-04 16:24:29 —-D—- D:Program FilesWindows NT
2009-12-04 16:24:29 —-A—- D:WINDOWSsystem32sndrec32.exe
2009-12-04 16:24:29 —-A—- D:WINDOWSsystem32mplay32.exe
2009-12-04 16:24:29 —-A—- D:WINDOWSsystem32hypertrm.dll
2009-12-04 16:24:28 —-A—- D:WINDOWSsystem32spider.exe
2009-12-04 16:24:28 —-A—- D:WINDOWSsystem32mspaint.exe
2009-12-04 16:24:28 —-A—- D:WINDOWSsystem32clipbrd.exe
2009-12-04 16:24:27 —-A—- D:WINDOWSsystem32tsgqec.dll
2009-12-04 16:24:27 —-A—- D:WINDOWSsystem32tscfgwmi.dll
2009-12-04 16:24:26 —-A—- D:WINDOWSsystem32rhttpaa.dll
2009-12-04 16:24:26 —-A—- D:WINDOWSsystem32mstscax.dll
2009-12-04 16:24:26 —-A—- D:WINDOWSsystem32aaclient.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32termsrv.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32sessmgr.exe
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32remotepg.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdshost.exe
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdsaddin.exe
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdpwsx.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdpsnd.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdchost.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32mstsc.exe
2009-12-04 16:24:24 —-D—- D:WINDOWSsystem32MsDtc
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32rdpclip.exe
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32qprocess.exe
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32mtxoci.dll
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32msdtcuiu.dll
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32msdtcprx.dll
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32icaapi.dll
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32cfgbkend.dll
2009-12-04 16:24:23 —-A—- D:WINDOWSsystem32xolehlp.dll
2009-12-04 16:24:23 —-A—- D:WINDOWSsystem32msdtctm.dll
2009-12-04 16:24:23 —-A—- D:WINDOWSsystem32msdtclog.dll
2009-12-04 16:24:23 —-A—- D:WINDOWSsystem32msdtc.exe
2009-12-04 16:24:22 —-D—- D:WINDOWSsystem32Com
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32mtxlegih.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32mtxex.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32mtxdm.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32dcomcnfg.exe
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32comrepl.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32comaddin.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32colbact.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32stclient.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32comsvcs.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32clbcatex.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32catsrvut.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32catsrvps.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32catsrv.dll
2009-12-04 16:24:20 —-A—- D:WINDOWSsystem32comuid.dll
2009-12-04 16:24:20 —-A—- D:WINDOWSsystem32comsnap.dll
2009-12-04 16:24:20 —-A—- D:WINDOWSsystem32clbcatq.dll
2009-12-04 16:24:14 —-A—- D:WINDOWSsystem32servdeps.dll
2009-12-04 16:24:14 —-A—- D:WINDOWSsystem32mmfutil.dll
2009-12-04 16:24:14 —-A—- D:WINDOWSsystem32licwmi.dll
2009-12-04 16:24:14 —-A—- D:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-12-19 11:50:19 —-A—- D:WINDOWSsystem32svchost.exe
2009-12-17 22:06:27 —-A—- D:WINDOWSwin.ini
2009-12-04 19:18:31 —-A—- D:WINDOWSsystem.ini
2009-12-04 16:41:01 —-A—- D:WINDOWSsystem32PreSetup.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; D:WINDOWSsystem32DRIVERSeasdrv.sys [2008-07-01 53256]
R1 epfwtdir;epfwtdir; D:WINDOWSsystem32DRIVERSepfwtdir.sys [2008-07-01 34312]
R1 intelppm;Драйвер Intel процессора; D:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 Tosrfcom;Bluetooth RFCOMM; D:WINDOWSSystem32Driverstosrfcom.sys [2007-05-24 64000]
R2 eamon;EAMON; D:WINDOWSsystem32DRIVERSeamon.sys [2008-07-01 39944]
R2 ghaio;ghaio; ??D:Program FilesASUSNB ProbeSPMghaio.sys []
R3 CmBatt;Драйвер батареи с ACPI-управлением (Майкрософт); D:WINDOWSsystem32DRIVERSCmBatt.sys [2008-04-25 13952]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; D:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; D:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 ialm;ialm; D:WINDOWSsystem32DRIVERSigxpmp32.sys [2007-06-05 5761728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:WINDOWSsystem32driversRtkHDAud.sys [2007-05-28 4422656]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; D:WINDOWSsystem32driversIntcHdmi.sys [2006-12-06 108032]
R3 MODEMCSA;Устройство фильтрации потока Unimodem; D:WINDOWSsystem32driversMODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Драйвер мыши HID; D:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; D:WINDOWSsystem32DRIVERSATKACPI.sys [2006-12-14 7680]
R3 NETw4x32;Драйвер адаптера Intel(R) Wireless WiFi Link для Windows XP 32 Bit; D:WINDOWSsystem32DRIVERSNETw4x32.sys [2007-08-28 2210816]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; D:WINDOWSsystem32DRIVERSRtenicxp.sys [2007-05-31 96896]
R3 RTSTOR;USB Mass Stroage Device; D:WINDOWSsystem32driversRTSTOR.SYS [2007-09-18 44032]
R3 smserial;smserial; D:WINDOWSsystem32DRIVERSsmserial.sys [2006-11-22 982272]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; D:WINDOWSSystem32DriversStkCMini.sys [2007-06-06 1260672]
R3 SynTP;Synaptics TouchPad Driver; D:WINDOWSsystem32DRIVERSSynTP.sys [2006-05-25 193088]
R3 tosporte;Bluetooth COM Port; D:WINDOWSsystem32DRIVERStosporte.sys [2006-10-10 41600]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; D:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; D:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; D:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-15 20608]
S3 CCDECODE;Closed Caption декодер; D:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-25 17024]
S3 NABTSFEC;NABTS/FEC VBI кодек; D:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-25 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; D:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-25 10880]
S3 SLIP;BDA Slip De-Framer; D:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-25 11136]
S3 tosrfbd;Bluetooth RFBUS; D:WINDOWSsystem32DRIVERStosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; D:WINDOWSSystem32Driverstosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; D:WINDOWSsystem32DRIVERSTosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; D:WINDOWSsystem32DRIVERStosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; D:WINDOWSsystem32driverstosrfsnd.sys [2007-01-22 53376]
S3 tosrfusb;Bluetooth USB Controller; D:WINDOWSsystem32DRIVERStosrfusb.sys [2007-06-11 41856]
S3 usbstor;Драйвер запоминающих устройств для USB; D:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-15 26368]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; D:WINDOWSsystem32DRIVERSWudfPf.sys [2008-03-21 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; D:WINDOWSsystem32DRIVERSwudfrd.sys [2008-03-21 82944]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADSMService;ADSM Service; D:Program FilesASUSASUS Data Security ManagerADSMSrv.exe [2007-05-18 73728]
R2 ekrn;Eset Service; D:Program FilesESETESET NOD32 Antivirusekrn.exe [2007-12-21 468224]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; D:Program FilesCommon FilesLightScribeLSSrvc.exe [2007-06-28 79136]
R2 spmgr;spmgr; D:Program FilesASUSNB ProbeSPMspmgr.exe [2006-12-28 123248]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; D:WINDOWSSystem32StkCSrv.exe [2007-04-19 24576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; D:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe [2007-02-25 125048]
S2 giuureyva;Backbone Service; D:Documents and SettingsАдминистраторApplication DataMicrosoftcicofuhap.exe [2009-12-21 181248]
S3 aspnet_state;ASP.NET State Service; D:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2004-07-15 32768]
S3 EhttpSrv;Eset HTTP Server; D:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2008-07-01 19200]
S3 NBService;NBService; D:Program FilesNeroNero 7Nero BackItUpNBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; D:Program FilesCommon FilesAheadLibNMIndexingService.exe [2007-06-01 271920]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; D:Program FilesWindows Media PlayerWMPNetwk.exe [2008-03-21 914944]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; D:WINDOWSsystem32svchost.exe [2009-12-19 14336]
EOF
А вот результаты RSIT после сканирования DR.Web LIVE-CD
info.txt logfile of random’s system information tool 1.06 2009-12-26 23:22:36
======Uninstall list======
—>D:Program FilesNeroNero 7\nerouninstallUNNERO.exe /UNINSTALL
—>D:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>D:WINDOWSUNRecode.exe /UNINSTALL
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:WINDOWSINFPCHealth.inf
Adobe Acrobat 5.0—>D:WINDOWSISUNINST.EXE -f»D:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.isu» -c»D:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.dll»
Adobe Flash Player 10 Plugin—>D:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX—>D:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
ASUS Data Security Manager—>D:Program FilesInstallShield Installation Information{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}setup.exe -runfromtemp -l0x0019 -removeonly
ASUS Splendid Video Enhancement Technology—>D:Program FilesInstallShield Installation Information{C0FC1C14-4824-4A73-87A6-9E888C9C3102}setup.exe -runfromtemp -l0x0019 -removeonly
ASUS Touch Pad Extra—>RunDll32 D:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «D:Program FilesInstallShield Installation Information{DB891739-2EB3-45A8-9CBD-941C255CECD4}Setup.exe» -l0x9
ASUS Virtual Camera—>MsiExec.exe /I{4DFA6DA8-75D8-4F2B-A1A0-A5E7A3B779C8}
ATK Hotkey—>D:Program FilesInstallShield Installation Information{AFA4634D-F8D4-4F2B-9BE2-79143F369902}setup.exe -runfromtemp -l0x0019 -removeonly
ATK0100 ACPI UTILITY—>D:WINDOWSATK0100XPunin.exe
Bluetooth Stack for Windows by Toshiba—>MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Download Master version 5.5.15.1177—>»D:Program FilesDownload Masterunins000.exe»
ESET NOD32 Antivirus—>MsiExec.exe /I{3407FD83-0A2F-475E-BE94-34F1FA342C84}
HashTab 2.0.8—>D:WINDOWSsystem32ShellExthtdel32.bat
HijackThis 2.0.2—>»D:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)—>»D:WINDOWS$NtUninstallKB929399$spuninstspuninst.exe»
Intel(R) Graphics Media Accelerator Driver—>D:WINDOWSsystem32igxpun.exe -uninstall
Java 2 Runtime Environment, SE v1.4.2_01—>MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142010}
Java(TM) 6 Update 6—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
K-Lite Codec Pack 4.7.5 (Full)—>»D:Program FilesK-Lite Codec Packunins000.exe»
Mail.Ru Агент 5.5 (сборка 2842, для всех пользователей)—>D:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Compression Client Pack 1.0 for Windows XP—>»D:WINDOWS$NtUninstallMSCompPackV1$spuninstspuninst.exe»
Microsoft Internationalized Domain Names Mitigation APIs—>»D:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»D:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office XP (профессиональный выпуск)—>MsiExec.exe /I{91110419-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0—>»D:WINDOWS$NtUninstallWudf01000$spuninstspuninst.exe»
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Motorola SM56 Speakerphone Modem—>rundll32.exe sm56co6a.dll,SM56UnInstaller
Mozilla Firefox (3.0.16)—>D:Program FilesMozilla Firefoxuninstallhelper.exe
NB Probe—>RunDll32 D:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «D:Program FilesInstallShield Installation Information{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}Setup.exe» -l0x9
Nero 7 Essentials—>MsiExec.exe /X{BC61F51E-8AF7-46B9-AF20-B33B5EE81049}
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Opera—>D:PROGRA~1Opera75UnInstUNWISE.EXE D:PROGRA~1Opera75UnInstInstall.log
Path2Clipboard 1.0.7.67—>D:WINDOWSsystem32ShellExtP2Cdel.bat
Power4 Gear—>RunDll32 D:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «D:Program FilesInstallShield Installation Information{4462AD13-F2AA-4CBD-9F95-293C38EED870}Setup.exe» -l0x9
PowerForPhone—>D:Program FilesInstallShield Installation Information{FC3D290D-79BE-44B7-ABF9-FDD110925930}setup.exe -runfromtemp -l0x0009 -removeonly
REALTEK GbE & FE Ethernet PCI-E NIC Driver—>D:Program FilesInstallShield Installation Information{C9BED750-1211-4480-B1A5-718A3BE15525}setup.exe -runfromtemp -l0x0019 -removeonly
Realtek High Definition Audio Driver—>RunDll32 D:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «D:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}Setup.exe» -l0x19 -removeonly
Skype™ 3.5—>MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Synaptics Pointing Device Driver—>rundll32.exe «D:Program FilesSynapticsSynTPSynISDLL.dll»,standAloneUninstall
USB2.0 1.3M WebCam—>D:WINDOWSStkUnist.exe
Vista Drive Icon—>rundll32.exe advpack.dll,LaunchINFSection D:WINDOWSINFVistaDrv.inf,Uninstall
Windows Internet Explorer 7—>»D:WINDOWSie7spuninstspuninst.exe»
Windows Media Format 11 runtime—>»D:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»D:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»D:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
WinFlash—>RunDll32 D:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «D:Program FilesInstallShield Installation Information{DE10AB76-4756-4913-BE25-55D1C1051F9A}Setup.exe» -l0x9
Wireless Console 2—>D:Program FilesInstallShield Installation Information{83F73CB1-7705-49D1-9852-84D839CA2A45}setup.exe -runfromtemp -l0x0009 -removeonly
Архиватор WinRAR (только удаление)—>D:Program FilesWinRARuninstall.exe
Обновление безопасности для Windows XP — (KB941569)—>»D:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Проигрыватель Windows Media 11—>»D:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall======Security center information======
AV: ESET NOD32 Antivirus 3.0
======System event log======
Computer Name: MICROSOF-BFF5CE
Event Code: 7036
Message: Служба «Службы терминалов» перешла в состояние Работает.Record Number: 4660
Source Name: Service Control Manager
Time Written: 20091221012004.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 7009
Message: Таймаут (30000 мс) ожидания для подключения службы ICF.Record Number: 4659
Source Name: Service Control Manager
Time Written: 20091221012004.000000+180
Event Type: ошибка
User:Computer Name: MICROSOF-BFF5CE
Event Code: 7036
Message: Служба «» перешла в состояние DEVICE{CB0FAEBA-70CC-40F7-B959-43EE5E605273}.Record Number: 4658
Source Name: NETw4x32
Time Written: 20091221011852.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 6005
Message: Запущена служба журнала событий.Record Number: 4657
Source Name: EventLog
Time Written: 20091221011830.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.Record Number: 4656
Source Name: EventLog
Time Written: 20091221011830.000000+180
Event Type: информация
User:=====Application event log=====
Computer Name: MICROSOF-BFF5CE
Event Code: 1000
Message: Счетчики производительности для службы MSDTC (MSDTC) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 5
Source Name: LoadPerf
Time Written: 20091204162501.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 1000
Message: Счетчики производительности для службы TermService (Службы терминалов) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 4
Source Name: LoadPerf
Time Written: 20091204162458.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 1000
Message: Счетчики производительности для службы RemoteAccess (Маршрутизация и удаленный доступ) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 3
Source Name: LoadPerf
Time Written: 20091204162344.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 1000
Message: Счетчики производительности для службы PSched (PSched) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 2
Source Name: LoadPerf
Time Written: 20091204162325.000000+180
Event Type: информация
User:Computer Name: MICROSOF-BFF5CE
Event Code: 1000
Message: Счетчики производительности для службы RSVP (QoS RSVP) загружены успешно.
Данные записи содержат новые значение индекса,
назначенного этой службе.Record Number: 1
Source Name: LoadPerf
Time Written: 20091204162231.000000+180
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 13, GenuineIntel
«PROCESSOR_REVISION»=0f0d
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Администратор at 2009-12-26 23:22:27
Microsoft Windows XP Professional Service Pack 3
System drive D: has 3 GB (7%) free of 40 GB
Total RAM: 2039 MB (74% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:22:32, on 26.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: NormalRunning processes:
D:WINDOWSSystem32smss.exe
D:WINDOWSsystem32winlogon.exe
D:WINDOWSsystem32services.exe
D:WINDOWSsystem32lsass.exe
D:WINDOWSsystem32svchost.exe
D:WINDOWSSystem32svchost.exe
D:Program FilesASUSASUS Data Security ManagerADSMSrv.exe
D:WINDOWSsystem32spoolsv.exe
D:WINDOWSExplorer.EXE
D:WINDOWSATK0100HControl.exe
D:WINDOWSsystem32igfxtray.exe
D:WINDOWSsystem32hkcmd.exe
D:WINDOWSsystem32igfxpers.exe
D:WINDOWSRTHDCPL.EXE
D:Program FilesMotorolaSMSERIALsm56hlpr.exe
D:WINDOWSsystem32ASUSTPE.exe
D:Program FilesWireless Console 2wcourier.exe
D:Program FilesSynapticsSynTPSynTPEnh.exe
D:Program FilesASUSSplendidACMON.exe
D:WINDOWSsystem32igfxsrvc.exe
D:Program FilesPowerForPhonePowerForPhone.exe
D:Program FilesESETESET NOD32 Antivirusegui.exe
D:Program FilesMail.RuAgentMAgent.exe
D:WINDOWSsystem32ACEngSvr.exe
D:Program FilesJavajre1.6.0_06binjusched.exe
D:WINDOWSmshost.exe
D:WINDOWSsystem32lcacc.exe
D:WINDOWSsystem32ctfmon.exe
D:Program FilesVistaDriveIconVistaDrv.exe
D:Program FilesDownload Masterdmaster.exe
D:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe
D:Documents and SettingsАдминистраторApplication DataMicrosoftquogip.exe
D:Program FilesESETESET NOD32 Antivirusekrn.exe
D:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe
D:WINDOWShet7upd.exe
D:WINDOWSusbmagr.exe
D:Program FilesToshibaBluetooth Toshiba StackTosA2dp.exe
D:Program FilesToshibaBluetooth Toshiba StackTosBtHid.exe
D:Program FilesToshibaBluetooth Toshiba StackTosBtHsp.exe
D:WINDOWSATK0100ATKOSD.exe
D:Program FilesCommon FilesLightScribeLSSrvc.exe
D:Program FilesASUSNB ProbeSPMspmgr.exe
D:WINDOWSsystem32svchost.exe
D:WINDOWSSystem32StkCSrv.exe
D:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
D:WINDOWSsystem32wuauclt.exe
D:WINDOWSsystem32acovcnt.exe
D:Documents and SettingsАдминистраторРабочий столRSIT.exe
D:Program Filestrend microАдминистратор.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://virtualsoccer.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: QIPBHO Class — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — D:Documents and SettingsАдминистраторApplication DataMicrosoftInternet Explorerqipsearchbar.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — D:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: (no name) — — (no file)
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — D:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — D:Program FilesJavajre1.6.0_06binssv.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — D:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: QIPBHO — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — D:Documents and SettingsАдминистраторApplication DataMicrosoftInternet Explorerqipsearchbar.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — D:Program FilesDownload Masterdmbar.dll
O4 — HKLM..Run: [HControl] D:WINDOWSATK0100HControl.exe
O4 — HKLM..Run: [IgfxTray] D:WINDOWSsystem32igfxtray.exe
O4 — HKLM..Run: [HotKeysCmds] D:WINDOWSsystem32hkcmd.exe
O4 — HKLM..Run: [Persistence] D:WINDOWSsystem32igfxpers.exe
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [SMSERIAL] D:Program FilesMotorolaSMSERIALsm56hlpr.exe
O4 — HKLM..Run: [ASUSTPE] D:WINDOWSsystem32ASUSTPE.exe
O4 — HKLM..Run: [Wireless Console 2] «D:Program FilesWireless Console 2wcourier.exe»
O4 — HKLM..Run: [SynTPEnh] D:Program FilesSynapticsSynTPSynTPEnh.exe
O4 — HKLM..Run: [ACMON] «D:Program FilesASUSSplendidACMON.exe»
O4 — HKLM..Run: [PowerForPhone] D:Program FilesPowerForPhonePowerForPhone.exe
O4 — HKLM..Run: [Power_Gear] D:Program FilesASUSPower4 GearBatteryLife.exe 1
O4 — HKLM..Run: [ATKHOTKEY] «D:Program FilesATK HotkeyHcontrol.exe»
O4 — HKLM..Run: [egui] «D:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKLM..Run: [MAgent] D:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [NeroFilterCheck] D:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [SunJavaUpdateSched] D:Program FilesJavajre1.6.0_06binjusched.exe
O4 — HKLM..Run: [couze] D:WINDOWSsystem32quogip.exe
O4 — HKLM..Run: [mshost] D:WINDOWSmshost.exe
O4 — HKLM..Run: [Microsoft Driver Setup] D:WINDOWShet7upd.exe
O4 — HKLM..Run: [Universal Serial Bus device] usbmagr.exe
O4 — HKLM..Run: [Windows System Info Serivce] lcacc.exe
O4 — HKCU..Run: [CTFMON.EXE] D:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [VistaIcon] D:Program FilesVistaDriveIconVistaDrv.exe
O4 — HKCU..Run: [Download Master] D:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKCU..Run: [LightScribe Control Panel] D:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe -hidden
O4 — HKCU..Run: [couze] D:Documents and SettingsАдминистраторApplication DataMicrosoftquogip.exe
O4 — HKLM..PoliciesExplorerRun: [Microsoft Driver Setup] D:WINDOWShet7upd.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [VistaIcon] D:Program FilesVistaDriveIconVistaDrv.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Bluetooth Manager.lnk = ?
O4 — Global Startup: Microsoft Office.lnk = D:Program FilesMicrosoft OfficeOffice10OSA.EXEВот результаты GMER-сканирования.
GMER 1.0.15.15281 — http://www.gmer.net
Rootkit scan 2009-12-24 01:53:52
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: D:DOCUME~19335~1LOCALS~1Tempawncqpod.sys—- System — GMER 1.0.15 —-
SSDT spgk.sys ZwCreateKey [0xF74D70E0]
SSDT spgk.sys ZwEnumerateKey [0xF74F5CA2]
SSDT spgk.sys ZwEnumerateValueKey [0xF74F6030]
SSDT spgk.sys ZwOpenKey [0xF74D70C0]
SSDT spgk.sys ZwQueryKey [0xF74F6108]
SSDT spgk.sys ZwQueryValueKey [0xF74F5F88]
SSDT spgk.sys ZwSetValueKey [0xF74F619A]INT 0x62 ? 89C05BF8
INT 0x63 ? 89990E98
INT 0x83 ? 89990E98
INT 0x84 ? 89990E98
INT 0x94 ? 89990E98
INT 0xA4 ? 89990E98
INT 0xB4 ? 89C05BF8—- Kernel code sections — GMER 1.0.15 —-
? spgk.sys Не удается найти указанный файл. !
.text USBPORT.SYS!DllUnload BA12B8AC 5 Bytes JMP 89990478—- User code sections — GMER 1.0.15 —-
.text D:Program FilesESETESET NOD32 Antivirusekrn.exe[820] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 4 Bytes [C2, 04, 00, 00]
—- Kernel IAT/EAT — GMER 1.0.15 —-
IAT WINDOWSSystem32DriversSCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 89B982D8
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F74D8040] spgk.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F74D813C] spgk.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74D80BE] spgk.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74D87FC] spgk.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74D86D2] spgk.sys
IAT SystemRootsystem32DRIVERSUSBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 89990578—- Devices — GMER 1.0.15 —-
Device FileSystemNtfs Ntfs 89C041F8
AttachedDevice FileSystemNtfs Ntfs AsDsm.sys (Data Security Manager Driver/Windows (R) Codename Longhorn DDK provider)
AttachedDevice FileSystemNtfs Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice DriverKbdclass DeviceKeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice DriverKbdclass DeviceKeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)Device Driverusbehci DeviceUSBPDO-0 899731F8
Device DriverNetBT DeviceNetBT_Tcpip_{CB0FAEBA-70CC-40F7-B959-43EE5E605273} 8944F500
Device Driverdmio DeviceDmControlDmIoDaemon 89B961F8
Device Driverdmio DeviceDmControlDmConfig 89B961F8
Device Driverdmio DeviceDmControlDmPnP 89B961F8
Device Driverdmio DeviceDmControlDmInfo 89B961F8
Device Driverusbuhci DeviceUSBPDO-1 8998E1F8
Device Driverusbuhci DeviceUSBPDO-2 8998E1F8
Device Driverusbuhci DeviceUSBPDO-3 8998E1F8
Device Driverusbuhci DeviceUSBPDO-4 8998E1F8
Device DriverNetBT DeviceNetBT_Tcpip_{64193C55-9778-4115-B663-A80CD374C6CC} 8944F500AttachedDevice DriverTcpip DeviceTcp epfwtdir.sys
Device Driverusbehci DeviceUSBPDO-5 899731F8
Device Driverusbuhci DeviceUSBPDO-6 8998E1F8
Device DriverFtdisk DeviceHarddiskVolume1 89C061F8
Device DriverFtdisk DeviceHarddiskVolume2 89C061F8
Device DriverCdrom DeviceCdRom0 898861F8
Device Driveratapi DeviceIdeIdeDeviceP0T0L0-3 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device Driveratapi DeviceIdeIdePort0 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device Driveratapi DeviceIdeIdePort1 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device Driveratapi DeviceIdeIdePort2 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device Driveratapi DeviceIdeIdeDeviceP1T0L0-e [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device DriverNetBT DeviceNetBt_Wins_Export 8944F500
Device DriverNetBT DeviceNetbiosSmb 8944F500
Device Driverusbuhci DeviceUSBFDO-0 8998E1F8
Device Driverusbuhci DeviceUSBFDO-1 8998E1F8
Device FileSystemMRxSmb DeviceLanmanDatagramReceiver 89A4A1F8
Device Driverusbehci DeviceUSBFDO-2 899731F8
Device FileSystemMRxSmb DeviceLanmanRedirector 89A4A1F8
Device Driverusbuhci DeviceUSBFDO-3 8998E1F8
Device Driverusbuhci DeviceUSBFDO-4 8998E1F8
Device DriverFtdisk DeviceFtControl 89C061F8
Device Driverusbuhci DeviceUSBFDO-5 8998E1F8
Device Driverusbehci DeviceUSBFDO-6 899731F8
Device FileSystemCdfs Cdfs 89A131F8—- Registry — GMER 1.0.15 —-
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 ?4;0404=484@4>0424I484:0404 ?0404:0454B4>0424 1?2?3?4?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (L002TP) 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (PPTP) 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (PPPoE) 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@374@4O4494 ?0404@0404;4;0454;4L4=4K494 ?4>4@4B4 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (IP) 1?
Reg HKLMSYSTEMCurrentControlSetServicessptdCfg@s1 771343423
Reg HKLMSYSTEMCurrentControlSetServicessptdCfg@s2 285507792
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 ?4;0404=484@4>0424I484:0404 ?0404:0454B4>0424 1?2?3?4?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (L002TP) 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (PPTP) 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (PPPoE) 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@374@4O4494 ?0404@0404;4;0454;4L4=4K494 ?4>4@4B4 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (IP) 1?—- Files — GMER 1.0.15 —-
File D:ADSM_PData_0150 0 bytes
File D:ADSM_PData_0150DB 0 bytes
File D:ADSM_PData_0150DBSI.db 624 bytes
File D:ADSM_PData_0150DBUL.db 16 bytes
File D:ADSM_PData_0150DBVL.db 16 bytes
File D:ADSM_PData_0150DB_avt 512 bytes
File D:ADSM_PData_0150DragWait.exe 253952 bytes executable
File D:ADSM_PData_0150_avt 512 bytes
File D:Program FilesASUSASUS Data Security Managerdriverx86 0 bytes
File D:Program FilesASUSASUS Data Security Managerdriverx86AsDsm.sys 29752 bytes executable
File D:Program FilesASUSASUS Data Security Managerdriverx86_avt 512 bytes—- EOF — GMER 1.0.15 —-
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Администратор at 2009-12-08 20:29:05
Microsoft Windows XP Professional Service Pack 3
System drive D: has 23 GB (57%) free of 40 GB
Total RAM: 2039 MB (68% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:29:06, on 08.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: NormalRunning processes:
D:WINDOWSSystem32smss.exe
D:WINDOWSsystem32winlogon.exe
D:WINDOWSsystem32services.exe
D:WINDOWSsystem32lsass.exe
D:WINDOWSsystem32svchost.exe
D:WINDOWSSystem32svchost.exe
D:Program FilesASUSASUS Data Security ManagerADSMSrv.exe
D:WINDOWSsystem32spoolsv.exe
D:WINDOWSExplorer.EXE
D:WINDOWSATK0100HControl.exe
D:WINDOWSsystem32igfxtray.exe
D:WINDOWSsystem32hkcmd.exe
D:WINDOWSsystem32igfxpers.exe
D:WINDOWSRTHDCPL.EXE
D:WINDOWSsystem32igfxsrvc.exe
D:Program FilesMotorolaSMSERIALsm56hlpr.exe
D:WINDOWSsystem32ASUSTPE.exe
D:Program FilesWireless Console 2wcourier.exe
D:Program FilesSynapticsSynTPSynTPEnh.exe
D:Program FilesASUSSplendidACMON.exe
D:Program FilesPowerForPhonePowerForPhone.exe
D:Program FilesASUSPower4 GearBatteryLife.exe
D:Program FilesESETESET NOD32 Antivirusegui.exe
D:Program FilesMail.RuAgentMAgent.exe
D:WINDOWSsystem32ctfmon.exe
D:Program FilesVistaDriveIconVistaDrv.exe
D:WINDOWSsystem32ACEngSvr.exe
D:Program FilesDownload Masterdmaster.exe
D:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe
D:Program FilesESETESET NOD32 Antivirusekrn.exe
D:Program FilesASUSNB ProbeSPMspmgr.exe
D:WINDOWSsystem32svchost.exe
D:Program FilesToshibaBluetooth Toshiba StackTosA2dp.exe
D:WINDOWSSystem32StkCSrv.exe
D:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
D:Program FilesToshibaBluetooth Toshiba StackTosBtHid.exe
D:Program FilesToshibaBluetooth Toshiba StackTosBtHsp.exe
D:WINDOWSsystem32acovcnt.exe
D:WINDOWSATK0100ATKOSD.exe
D:Program FilesWindows NTAccessoriesWORDPAD.EXE
D:Documents and SettingsАдминистраторРабочий столRSIT.exe
D:Program Filestrend microАдминистратор.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://virtualsoccer.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: QIPBHO Class — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — D:Documents and SettingsАдминистраторApplication DataMicrosoftInternet Explorerqipsearchbar.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — D:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: (no name) — — (no file)
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — D:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — D:Program FilesJavajre1.6.0_06binssv.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — D:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: QIPBHO — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — D:Documents and SettingsАдминистраторApplication DataMicrosoftInternet Explorerqipsearchbar.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — D:Program FilesDownload Masterdmbar.dll
O4 — HKLM..Run: [HControl] D:WINDOWSATK0100HControl.exe
O4 — HKLM..Run: [IgfxTray] D:WINDOWSsystem32igfxtray.exe
O4 — HKLM..Run: [HotKeysCmds] D:WINDOWSsystem32hkcmd.exe
O4 — HKLM..Run: [Persistence] D:WINDOWSsystem32igfxpers.exe
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [SkyTel] SkyTel.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [SMSERIAL] D:Program FilesMotorolaSMSERIALsm56hlpr.exe
O4 — HKLM..Run: [ASUSTPE] D:WINDOWSsystem32ASUSTPE.exe
O4 — HKLM..Run: [Wireless Console 2] «D:Program FilesWireless Console 2wcourier.exe»
O4 — HKLM..Run: [SynTPEnh] D:Program FilesSynapticsSynTPSynTPEnh.exe
O4 — HKLM..Run: [ACMON] «D:Program FilesASUSSplendidACMON.exe»
O4 — HKLM..Run: [PowerForPhone] D:Program FilesPowerForPhonePowerForPhone.exe
O4 — HKLM..Run: [Power_Gear] D:Program FilesASUSPower4 GearBatteryLife.exe 1
O4 — HKLM..Run: [ATKHOTKEY] «D:Program FilesATK HotkeyHcontrol.exe»
O4 — HKLM..Run: [egui] «D:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKLM..Run: [MAgent] D:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKCU..Run: [CTFMON.EXE] D:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [VistaIcon] D:Program FilesVistaDriveIconVistaDrv.exe
O4 — HKCU..Run: [Download Master] D:Program FilesDownload Masterdmaster.exe -autorun
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [VistaIcon] D:Program FilesVistaDriveIconVistaDrv.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] D:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Bluetooth Manager.lnk = ?
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — D:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — D:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Передать на удаленную закачку DM — D:Program FilesDownload Masterremdown.htm
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — D:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — D:Program FilesJavajre1.6.0_06binssv.dll
O9 — Extra button: (no name) — {5067A26B-1337-4436-8AFE-EE169C2DA79F} — D:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 — Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer — {5067A26B-1337-4436-8AFE-EE169C2DA79F} — D:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — D:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — D:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — D:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — D:Program FilesDownload Masterdmaster.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — D:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — D:WINDOWSNetwork Diagnosticxpnetdiag.exe
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — D:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 — Service: ADSM Service (ADSMService) — Unknown owner — D:Program FilesASUSASUS Data Security ManagerADSMSrv.exe
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — D:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — D:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — D:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — D:WINDOWSsystem32imapi.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — D:WINDOWSsystem32services.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — D:WINDOWSSystem32SCardSvr.exe
O23 — Service: spmgr — Unknown owner — D:Program FilesASUSNB ProbeSPMspmgr.exe
O23 — Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) — Syntek America Inc. — D:WINDOWSSystem32StkCSrv.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — D:WINDOWSsystem32smlogsvc.exe
O23 — Service: TOSHIBA Bluetooth Service — TOSHIBA CORPORATION — D:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — D:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — D:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 9670 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — D:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2009-08-04 1586472][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — D:Program FilesJavajre1.6.0_06binssv.dll [2008-03-25 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — D:PROGRA~1DOWNLO~1dmiehlp.dll [2009-04-16 158208][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class — D:Documents and SettingsАдминистраторApplication DataMicrosoftInternet Explorerqipsearchbar.dll [2009-07-14 150768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — D:Program FilesDownload Masterdmbar.dll [2007-11-26 180224][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«HControl»=D:WINDOWSATK0100HControl.exe [2006-10-14 110592]
«IgfxTray»=D:WINDOWSsystem32igfxtray.exe [2007-06-13 142104]
«HotKeysCmds»=D:WINDOWSsystem32hkcmd.exe [2007-06-13 162584]
«Persistence»=D:WINDOWSsystem32igfxpers.exe [2007-06-13 138008]
«RTHDCPL»=D:WINDOWSRTHDCPL.EXE [2007-05-28 16132608]
«SkyTel»=D:WINDOWSSkyTel.EXE [2007-05-25 1826816]
«Alcmtr»=D:WINDOWSALCMTR.EXE [2005-05-03 69632]
«SMSERIAL»=D:Program FilesMotorolaSMSERIALsm56hlpr.exe [2006-11-22 630784]
«ASUSTPE»=D:WINDOWSsystem32ASUSTPE.exe [2007-01-16 106496]
«Wireless Console 2″=D:Program FilesWireless Console 2wcourier.exe [2007-07-05 1040384]
«SynTPEnh»=D:Program FilesSynapticsSynTPSynTPEnh.exe [2006-05-25 786521]
«ACMON»=D:Program FilesASUSSplendidACMON.exe [2007-06-26 851968]
«PowerForPhone»=D:Program FilesPowerForPhonePowerForPhone.exe [2007-06-26 778240]
«Power_Gear»=D:Program FilesASUSPower4 GearBatteryLife.exe [2006-07-26 90112]
«ATKHOTKEY»=D:Program FilesATK HotkeyHcontrol.exe [2007-08-15 225280]
«egui»=D:Program FilesESETESET NOD32 Antivirusegui.exe [2008-07-01 1447168]
«MAgent»=D:Program FilesMail.RuAgentMAgent.exe [2009-12-04 7975608][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=D:WINDOWSsystem32ctfmon.exe [2008-04-25 17408]
«VistaIcon»=D:Program FilesVistaDriveIconVistaDrv.exe [2008-03-23 132096]
«Download Master»=D:Program FilesDownload Masterdmaster.exe [2009-11-07 3778048]D:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Bluetooth Manager.lnk — D:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
D:WINDOWSsystem32igfxdev.dll [2007-06-05 204800][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — D:WINDOWSsystem32WPDShServiceObj.dll [2008-03-21 133632][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«SynchronousMachineGroupPolicy»=0
«SynchronousUserGroupPolicy»=0[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoThumbnailCache»=1
«NoSMConfigurePrograms»=1
«NoSMHelp»=1[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-12-08 10:15:20 —-A—- D:WINDOWSntbtlog.txt
2009-12-08 00:00:44 —-A—- D:WINDOWSsystem3271.exe
2009-12-07 22:44:23 —-D—- D:Program Filestrend micro
2009-12-07 22:44:22 —-D—- D:rsit
2009-12-07 21:52:03 —-A—- D:WINDOWSsystem3231.exe
2009-12-07 19:16:14 —-A—- D:WINDOWSsystem3285.exe
2009-12-07 15:03:30 —-A—- D:WINDOWSsystem3246.exe
2009-12-07 14:53:36 —-A—- D:WINDOWSsystem3267.exe
2009-12-07 13:49:42 —-A—- D:WINDOWSsystem3245.exe
2009-12-07 03:06:39 —-A—- D:WINDOWSsystem3217.exe
2009-12-07 01:04:36 —-A—- D:WINDOWSsystem3218.exe
2009-12-07 00:04:36 —-A—- D:WINDOWSsystem323.exe
2009-12-07 00:01:26 —-A—- D:WINDOWSsystem3247.exe
2009-12-06 23:57:05 —-A—- D:WINDOWSsystem322.exe
2009-12-06 21:54:50 —-A—- D:WINDOWSsystem3281.exe
2009-12-06 21:54:47 —-A—- D:WINDOWSsystem3221.exe
2009-12-06 20:41:08 —-A—- D:WINDOWSsystem3227.exe
2009-12-06 20:41:04 —-A—- D:WINDOWSsystem3265.exe
2009-12-06 10:02:20 —-A—- D:WINDOWSsystem3211.exe
2009-12-06 10:01:42 —-A—- D:WINDOWSsystem3216.exe
2009-12-05 19:38:59 —-D—- D:movie
2009-12-05 16:54:07 —-A—- D:WINDOWSsystem32acovcnt.exe
2009-12-05 03:14:43 —-A—- D:WINDOWSsystem3215.exe
2009-12-04 20:57:37 —-A—- D:WINDOWSNet4Switch.INI
2009-12-04 19:46:37 —-D—- D:Documents and SettingsАдминистраторApplication DataskypePM
2009-12-04 19:46:12 —-D—- D:Program FilesCommon FilesSkype
2009-12-04 19:46:09 —-RD—- D:Program FilesSkype
2009-12-04 19:22:18 —-A—- D:WINDOWSsystem32h323log.txt
2009-12-04 19:21:29 —-D—- D:WINDOWSsystem32RTCOM
2009-12-04 19:21:27 —-A—- D:WINDOWSsystem32ksuser.dll
2009-12-04 19:20:06 —-A—- D:WINDOWSsystem32usbui.dll
2009-12-04 19:19:34 —-D—- D:WINDOWSATK0100
2009-12-04 19:18:37 —-SHD—- D:WINDOWSInstaller
2009-12-04 19:18:37 —-A—- D:WINDOWSsystem32PerfStringBackup.INI
2009-12-04 19:18:36 —-D—- D:Program FilesCommon FilesODBC
2009-12-04 19:18:36 —-A—- D:WINDOWSODBCINST.INI
2009-12-04 19:18:33 —-RD—- D:Program Files
2009-12-04 19:18:33 —-D—- D:Program FilesCommon FilesSpeechEngines
2009-12-04 19:18:33 —-D—- D:Program FilesCommon FilesMicrosoft Shared
2009-12-04 19:18:33 —-D—- D:Program FilesCommon Files
2009-12-04 19:18:30 —-RA—- D:WINDOWSsystem32kbdtuq.dll
2009-12-04 19:18:30 —-RA—- D:WINDOWSsystem32kbdazel.dll
2009-12-04 19:18:29 —-RA—- D:WINDOWSsystem32kbdtuf.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhept.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhela3.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhela2.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhe319.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhe220.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdhe.dll
2009-12-04 19:18:28 —-RA—- D:WINDOWSsystem32kbdgkl.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdlv1.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdlv.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdlt1.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdlt.dll
2009-12-04 19:18:26 —-RA—- D:WINDOWSsystem32kbdest.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdsl1.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdsl.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdro.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdpl1.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdpl.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdhu1.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdhu.dll
2009-12-04 19:18:25 —-RA—- D:WINDOWSsystem32kbdcz2.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32kbdycl.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32kbdcz1.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32kbdcz.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32kbdcr.dll
2009-12-04 19:18:24 —-RA—- D:WINDOWSsystem32KBDAL.DLL
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdycc.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbduzb.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdur.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdtat.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdmon.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdkyr.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdkaz.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdbu.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdblr.dll
2009-12-04 19:18:21 —-A—- D:WINDOWSsystem32kbdaze.dll
2009-12-04 19:18:20 —-A—- D:WINDOWSsystem32irclass.dll
2009-12-04 19:18:20 —-A—- D:WINDOWSsystem32dgrpsetu.dll
2009-12-04 19:18:19 —-A—- D:WINDOWSsystem32spxcoins.dll
2009-12-04 19:18:19 —-A—- D:WINDOWSsystem32EqnClass.Dll
2009-12-04 19:18:19 —-A—- D:WINDOWSsystem32dgsetup.dll
2009-12-04 19:18:17 —-N—- D:WINDOWSsystem32CONFIG.TMP
2009-12-04 19:18:17 —-A—- D:WINDOWSTASKMAN.EXE
2009-12-04 19:18:16 —-A—- D:WINDOWSsystem32storprop.dll
2009-12-04 19:18:16 —-A—- D:WINDOWSsystem32batt.dll
2009-12-04 19:18:16 —-A—- D:WINDOWSNOTEPAD.EXE
2009-12-04 19:18:09 —-ASH—- D:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-12-04 19:18:06 —-RA—- D:WINDOWSSETAE5.tmp
2009-12-04 19:18:03 —-RA—- D:WINDOWSSETAE1.tmp
2009-12-04 19:18:02 —-RA—- D:WINDOWSSETAE0.tmp
2009-12-04 19:17:47 —-SD—- D:Documents and SettingsAll UsersApplication DataMicrosoft
2009-12-04 19:17:28 —-A—- D:WINDOWSsetuplog.txt
2009-12-04 19:15:50 —-A—- D:WINDOWSsystem32NETw4r32.dll
2009-12-04 19:15:50 —-A—- D:WINDOWSsystem32NETw4c32.dll
2009-12-04 19:15:33 —-A—- D:WINDOWSSoundMan.exe
2009-12-04 19:15:33 —-A—- D:WINDOWSSkyTel.exe
2009-12-04 19:15:33 —-A—- D:WINDOWSRtlUpd.exe
2009-12-04 19:15:32 —-A—- D:WINDOWSRTLCPL.exe
2009-12-04 19:15:31 —-A—- D:WINDOWSRTHDCPL.exe
2009-12-04 19:15:31 —-A—- D:WINDOWSMicCal.exe
2009-12-04 19:15:31 —-A—- D:WINDOWSalcwzrd.exe
2009-12-04 19:15:31 —-A—- D:WINDOWSAlcmtr.exe
2009-12-04 19:12:40 —-A—- D:WINDOWSsystem32igxprd32.dll
2009-12-04 19:12:40 —-A—- D:WINDOWSsystem32igxpgd32.dll
2009-12-04 19:12:40 —-A—- D:WINDOWSsystem32igxpdx32.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igxpdv32.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igmedcompkrn.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igklg450.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igklg400.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igfxsrvc.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igfxress.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igfxpph.dll
2009-12-04 19:12:39 —-A—- D:WINDOWSsystem32igfxCoIn_v4906.dll
2009-12-04 19:12:38 —-A—- D:WINDOWSsystem32igfxexps.dll
2009-12-04 19:12:38 —-A—- D:WINDOWSsystem32igfxdo.dll
2009-12-04 19:12:38 —-A—- D:WINDOWSsystem32igfxdev.dll
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxzoom.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxtray.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxsrvc.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxpers.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxext.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32igfxcfg.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32ig4icd32.dll
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32ig4dev32.dll
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32hkcmd.exe
2009-12-04 19:12:37 —-A—- D:WINDOWSsystem32hccutils.dll
2009-12-04 19:11:36 —-D—- D:WINDOWSsystem32CatRoot2
2009-12-04 19:11:36 —-D—- D:WINDOWSsystem32CatRoot
2009-12-04 19:11:22 —-SHD—- D:System Volume Information
2009-12-04 19:11:22 —-D—- D:Documents and Settings
2009-12-04 19:04:27 —-RSHDC—- D:WINDOWSsystem32dllcache
2009-12-04 19:04:27 —-RSD—- D:WINDOWSFonts
2009-12-04 19:04:27 —-HD—- D:WINDOWSinf
2009-12-04 19:04:27 —-D—- D:WINDOWSWinSxS
2009-12-04 19:04:27 —-D—- D:WINDOWSWeb
2009-12-04 19:04:27 —-D—- D:WINDOWStwain_32
2009-12-04 19:04:27 —-D—- D:WINDOWSTemp
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32wins
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32wbem
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32usmt
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32spool
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ShellExt
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32Setup
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ru-ru
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ru
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ras
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32oobe
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32npp
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32mui
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32inetsrv
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32IME
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32icsxml
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32ias
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32export
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32drivers
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32dhcp
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32config
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem323com_dmi
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem323076
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem322052
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321054
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321049
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321042
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321041
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321037
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321033
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321031
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321028
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem321025
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem32
2009-12-04 19:04:27 —-D—- D:WINDOWSsystem
2009-12-04 19:04:27 —-D—- D:WINDOWSsecurity
2009-12-04 19:04:27 —-D—- D:WINDOWSResources
2009-12-04 19:04:27 —-D—- D:WINDOWSrepair
2009-12-04 19:04:27 —-D—- D:WINDOWSProvisioning
2009-12-04 19:04:27 —-D—- D:WINDOWSPeerNet
2009-12-04 19:04:27 —-D—- D:WINDOWSpchealth
2009-12-04 19:04:27 —-D—- D:WINDOWSNetwork Diagnostic
2009-12-04 19:04:27 —-D—- D:WINDOWSmui
2009-12-04 19:04:27 —-D—- D:WINDOWSmsapps
2009-12-04 19:04:27 —-D—- D:WINDOWSmsagent
2009-12-04 19:04:27 —-D—- D:WINDOWSMedia
2009-12-04 19:04:27 —-D—- D:WINDOWSL2Schemas
2009-12-04 19:04:27 —-D—- D:WINDOWSjava
2009-12-04 19:04:27 —-D—- D:WINDOWSime
2009-12-04 19:04:27 —-D—- D:WINDOWSHelp
2009-12-04 19:04:27 —-D—- D:WINDOWSehome
2009-12-04 19:04:27 —-D—- D:WINDOWSDriver Cache
2009-12-04 19:04:27 —-D—- D:WINDOWSDebug
2009-12-04 19:04:27 —-D—- D:WINDOWSCursors
2009-12-04 19:04:27 —-D—- D:WINDOWSConnection Wizard
2009-12-04 19:04:27 —-D—- D:WINDOWSConfig
2009-12-04 19:04:27 —-D—- D:WINDOWSAppPatch
2009-12-04 19:04:27 —-D—- D:WINDOWSaddins
2009-12-04 19:04:27 —-D—- D:WINDOWS
2009-12-04 18:45:59 —-D—- D:хрень
2009-12-04 18:45:05 —-D—- D:Program FilesuTorrent
2009-12-04 18:45:04 —-D—- D:Documents and SettingsАдминистраторApplication DatauTorrent
2009-12-04 18:06:42 —-D—- D:Documents and SettingsАдминистраторApplication DataTalkback
2009-12-04 18:05:52 —-D—- D:Documents and SettingsАдминистраторApplication DataMozilla
2009-12-04 18:05:45 —-D—- D:Program FilesMozilla Firefox
2009-12-04 17:58:35 —-D—- D:Documents and SettingsАдминистраторApplication DataMacromedia
2009-12-04 17:57:37 —-D—- D:Documents and SettingsАдминистраторApplication DataSkype
2009-12-04 17:57:04 —-D—- D:Documents and SettingsАдминистраторApplication DataAdobe
2009-12-04 17:49:20 —-D—- D:Documents and SettingsAll UsersApplication DataSkype
2009-12-04 17:48:58 —-D—- D:Documents and SettingsАдминистраторApplication DataMra
2009-12-04 17:48:49 —-D—- D:Program FilesMail.Ru
2009-12-04 17:47:23 —-D—- D:Program FilesQIP
2009-12-04 17:46:25 —-D—- D:Documents and SettingsАдминистраторApplication DataDownload Master
2009-12-04 17:46:14 —-D—- D:Program FilesDownload Master
2009-12-04 17:41:34 —-A—- D:WINDOWSsystem32unrar.dll
2009-12-04 17:41:28 —-A—- D:WINDOWSsystem32yv12vfw.dll
2009-12-04 17:41:28 —-A—- D:WINDOWSsystem32xvidvfw.dll
2009-12-04 17:41:28 —-A—- D:WINDOWSsystem32xvidcore.dll
2009-12-04 17:41:27 —-A—- D:WINDOWSsystem32qt-dx331.dll
2009-12-04 17:41:27 —-A—- D:WINDOWSsystem32dpl100.dll
2009-12-04 17:41:22 —-A—- D:WINDOWSsystem32divx.dll
2009-12-04 17:41:20 —-A—- D:WINDOWSsystem32ff_vfw.dll.manifest
2009-12-04 17:41:20 —-A—- D:WINDOWSsystem32ff_vfw.dll
2009-12-04 17:41:19 —-D—- D:Program FilesK-Lite Codec Pack
2009-12-04 17:41:19 —-A—- D:WINDOWSsystem32pthreadGC2.dll
2009-12-04 17:41:19 —-A—- D:WINDOWSsystem32msvcr71.dll
2009-12-04 17:33:14 —-D—- D:Program FilesESET
2009-12-04 17:33:14 —-D—- D:Documents and SettingsAll UsersApplication DataESET
2009-12-04 17:32:53 —-A—- D:WINDOWSLvHook.dll
2009-12-04 17:32:51 —-A—- D:WINDOWSWlingvo.ini
2009-12-04 17:29:28 —-A—- D:WINDOWStosOBEX.INI
2009-12-04 17:24:27 —-D—- D:Program FilesToshiba
2009-12-04 17:20:33 —-D—- D:Program FilesATK Hotkey
2009-12-04 17:17:29 —-A—- D:WINDOWSModemLog_Motorola SM56 Speakerphone Modem.txt
2009-12-04 17:17:28 —-D—- D:Program FilesPowerForPhone
2009-12-04 17:15:17 —-A—- D:WINDOWSsystem32ACEngSvr.exe
2009-12-04 17:13:14 —-D—- D:WINDOWSsystem32ReinstallBackups
2009-12-04 17:13:10 —-A—- D:WINDOWSsystem32SynTPFcs.dll
2009-12-04 17:13:10 —-A—- D:WINDOWSsystem32SynTPCo2.dll
2009-12-04 17:13:10 —-A—- D:WINDOWSsystem32SynTPAPI.dll
2009-12-04 17:13:09 —-D—- D:Program FilesSynaptics
2009-12-04 17:05:19 —-A—- D:WINDOWSsystem32vfwwdm32.dll
2009-12-04 17:05:00 —-A—- D:WINDOWSVideoView.exe
2009-12-04 17:05:00 —-A—- D:WINDOWSsystem32StkSSrv.dll
2009-12-04 17:05:00 —-A—- D:WINDOWSsystem32StkCWIA.dll
2009-12-04 17:05:00 —-A—- D:WINDOWSsystem32StkCSrv.exe
2009-12-04 17:05:00 —-A—- D:WINDOWSStkUnist.exe
2009-12-04 17:05:00 —-A—- D:WINDOWSStkC112X.exe
2009-12-04 17:02:46 —-D—- D:Program FilesWireless Console 2
2009-12-04 17:01:06 —-D—- D:Program FilesASUS
2009-12-04 16:59:36 —-A—- D:WINDOWSsystem32TPESetting.dll
2009-12-04 16:59:36 —-A—- D:WINDOWSsystem32SynCtrl.dll
2009-12-04 16:59:36 —-A—- D:WINDOWSsystem32SynCOM.dll
2009-12-04 16:59:36 —-A—- D:WINDOWSsystem32ASUSTPE.exe
2009-12-04 16:58:55 —-D—- D:Program FilesMotorola
2009-12-04 16:58:45 —-A—- D:WINDOWSsystem32sm56co6a.dll
2009-12-04 16:58:08 —-D—- D:WINDOWSOPTIONS
2009-12-04 16:58:05 —-D—- D:Documents and SettingsАдминистраторApplication DataInstallShield
2009-12-04 16:56:34 —-A—- D:WINDOWSsystem32ChCfg.exe
2009-12-04 16:56:07 —-HD—- D:Program FilesInstallShield Installation Information
2009-12-04 16:56:07 —-D—- D:Program FilesRealtek
2009-12-04 16:56:05 —-A—- D:WINDOWSRtlExUpd.dll
2009-12-04 16:56:05 —-A—- D:WINDOWSHideWin.exe
2009-12-04 16:56:02 —-D—- D:Program FilesCommon FilesInstallShield
2009-12-04 16:55:10 —-A—- D:WINDOWSsystem32igfxres.dll
2009-12-04 16:53:14 —-A—- D:WINDOWSsystem32igxpun.exe
2009-12-04 16:53:14 —-A—- D:WINDOWSsystem32igmedkrn.dll
2009-12-04 16:53:14 —-A—- D:WINDOWSsystem32igfxCoIn_v4837.dll
2009-12-04 16:53:14 —-A—- D:WINDOWSsystem32difxapi.dll
2009-12-04 16:51:42 —-DC—- D:WINDOWSsystem32DRVSTORE
2009-12-04 16:51:42 —-D—- D:Program FilesIntel
2009-12-04 16:51:33 —-D—- D:Intel
2009-12-04 16:47:17 —-D—- D:Program FilesWinRAR
2009-12-04 16:46:13 —-D—- D:WINDOWSsystem32Lang
2009-12-04 16:45:52 —-D—- D:Documents and SettingsАдминистраторApplication DataIdentities
2009-12-04 16:45:35 —-HD—- D:Program FilesUninstall Information
2009-12-04 16:40:20 —-SHD—- D:RECYCLER
2009-12-04 16:39:59 —-RD—- D:WINDOWSOemDrv
2009-12-04 16:39:54 —-SD—- D:Documents and SettingsАдминистраторApplication DataMicrosoft
2009-12-04 16:39:54 —-ASH—- D:Documents and SettingsАдминистраторApplication Datadesktop.ini
2009-12-04 16:38:55 —-D—- D:WINDOWSSoftwareDistribution
2009-12-04 16:38:44 —-D—- D:WINDOWSPrefetch
2009-12-04 16:38:43 —-A—- D:WINDOWSSchedLgU.Txt
2009-12-04 16:34:48 —-D—- D:WINDOWSsystem32xircom
2009-12-04 16:34:48 —-D—- D:Program Filesxerox
2009-12-04 16:34:48 —-D—- D:Program Filesmsn gaming zone
2009-12-04 16:34:48 —-D—- D:Program Filesmicrosoft frontpage
2009-12-04 16:34:35 —-D—- D:Program FilesVistaDriveIcon
2009-12-04 16:34:34 —-A—- D:WINDOWSsystem32hidcon.exe
2009-12-04 16:34:33 —-A—- D:WINDOWSsystem32OEMINFO.INI
2009-12-04 16:34:19 —-D—- D:WINDOWSIntel
2009-12-04 16:34:19 —-D—- D:WINDOWSAMD
2009-12-04 16:34:19 —-A—- D:WINDOWSoemlogo.exe
2009-12-04 16:34:16 —-SD—- D:WINDOWSsystem32Microsoft
2009-12-04 16:34:16 —-A—- D:WINDOWSsystem32javaws.exe
2009-12-04 16:34:16 —-A—- D:WINDOWSsystem32javaw.exe
2009-12-04 16:34:16 —-A—- D:WINDOWSsystem32java.exe
2009-12-04 16:33:57 —-D—- D:Program FilesJava
2009-12-04 16:33:56 —-D—- D:Program FilesCommon FilesJava
2009-12-04 16:32:52 —-RSD—- D:WINDOWSassembly
2009-12-04 16:32:52 —-D—- D:WINDOWSMicrosoft.NET
2009-12-04 16:32:51 —-D—- D:WINDOWSsystem32URTTemp
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xinput9_1_0.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xinput1_3.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xinput1_2.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xinput1_1.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32XAudio2_0.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine3_0.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_9.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_8.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_7.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_6.dll
2009-12-04 16:32:31 —-A—- D:WINDOWSsystem32xactengine2_5.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_4.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_3.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_2.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_10.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_1.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32xactengine2_0.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32X3DAudio1_3.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32x3daudio1_2.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32x3daudio1_1.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32x3daudio1_0.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_37.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_36.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_35.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_34.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_33.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_32.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_31.dll
2009-12-04 16:32:30 —-A—- D:WINDOWSsystem32d3dx9_30.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_29.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_28.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_27.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_26.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_25.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx9_24.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_37.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_36.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_35.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_34.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10_33.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dx10.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32D3DCompiler_37.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dcompiler_36.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dcompiler_35.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dcompiler_34.dll
2009-12-04 16:32:29 —-A—- D:WINDOWSsystem32d3dcompiler_33.dll
2009-12-04 16:32:19 —-D—- D:WINDOWSsystem32Cplicons
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32wul_lng.ini
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32wul.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32TweakUI.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32pserv2.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32pkey_lng.ini
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32MS_Auto.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32Hoster.exe
2009-12-04 16:32:19 —-A—- D:WINDOWSsystem32bootsafe.exe
2009-12-04 16:32:02 —-HDC—- D:WINDOWS$NtUninstallKB941569$
2009-12-04 16:31:53 —-HDC—- D:WINDOWS$NtUninstallKB929399$
2009-12-04 16:31:45 —-N—- D:WINDOWSsystem32spmsg.dll
2009-12-04 16:31:44 —-HDC—- D:WINDOWS$NtUninstallMSCompPackV1$
2009-12-04 16:31:33 —-D—- D:Program FilesWindows Media Connect 2
2009-12-04 16:31:26 —-HDC—- D:WINDOWS$NtUninstallwmp11$
2009-12-04 16:31:12 —-HDC—- D:WINDOWS$NtUninstallWMFDist11$
2009-12-04 16:31:06 —-D—- D:WINDOWSsystem32LogFiles
2009-12-04 16:31:03 —-HDC—- D:WINDOWS$NtUninstallWudf01000$
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WUDFx.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WudfSvc.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WudfPlatform.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WUDFCoinstaller.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32wpdsp.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WPDShServiceObj.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32WpdShext.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32wpdmtpus.dll
2009-12-04 16:30:58 —-N—- D:WINDOWSsystem32wpd_ci.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wpdmtp.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wpdconns.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVXENCD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVSENCD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVSDECD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVENCOD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVDECOD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVADVE.DLL
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32WMVADVD.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wmpsrcwp.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wmpps.dll
2009-12-04 16:30:57 —-N—- D:WINDOWSsystem32wmpmde.dll
2009-12-04 16:30:55 —-N—- D:WINDOWSsystem32wmpencen.dll
2009-12-04 16:30:55 —-N—- D:WINDOWSsystem32wmpeffects.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32WudfHost.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wpdshextautoplay.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wmdrmsdk.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wmdrmnet.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wmdrmdev.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wdfmgr.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32wdfapi.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32uwdf.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceWMDRM.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceWiaCompat.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceTypes.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceClassExtension.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32PortableDeviceApi.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32msdelta.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32MPG4DECD.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32MP4SDECD.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32MP43DECD.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32MFPLAT.dll
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32drmupgds.exe
2009-12-04 16:30:54 —-N—- D:WINDOWSsystem32audiodev.dll
2009-12-04 16:30:36 —-N—- D:WINDOWSsystem32wpdshextres.dll
2009-12-04 16:30:23 —-D—- D:WINDOWSWBEM
2009-12-04 16:29:35 —-HDC—- D:WINDOWSie7
2009-12-04 16:29:30 —-HDC—- D:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-12-04 16:29:22 —-A—- D:WINDOWSsystem32spupdsvc.exe
2009-12-04 16:29:21 —-HDC—- D:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-12-04 16:29:14 —-HD—- D:WINDOWS$hf_mig$
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32WinFXDocObj.exe
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32msfeedssync.exe
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32msfeedsbs.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32msfeeds.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32ieui.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32iertutil.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32ieapfltr.dll
2009-12-04 16:29:06 —-N—- D:WINDOWSsystem32icardie.dll
2009-12-04 16:29:06 —-A—- D:WINDOWSsystem32ieudinit.exe
2009-12-04 16:29:06 —-A—- D:WINDOWSsystem32ieframe.dll
2009-12-04 16:29:04 —-N—- D:WINDOWSsystem32ieframe.dll.mui
2009-12-04 16:29:04 —-N—- D:WINDOWSsystem32advpack.dll.mui
2009-12-04 16:28:39 —-A—- D:WINDOWScontrol.ini
2009-12-04 16:28:31 —-A—- D:WINDOWSOEWABLog.txt
2009-12-04 16:28:26 —-A—- D:WINDOWSsystem32mapi32.dll
2009-12-04 16:27:37 —-RD—- D:WINDOWSOffline Web Pages
2009-12-04 16:27:36 —-SD—- D:WINDOWSDownloaded Program Files
2009-12-04 16:27:36 —-RAH—- D:WINDOWSsystem32logonui.exe.manifest
2009-12-04 16:27:31 —-RAH—- D:WINDOWSsystem32cdplayer.exe.manifest
2009-12-04 16:27:27 —-HD—- D:Program FilesWindowsUpdate
2009-12-04 16:27:23 —-D—- D:Program FilesOnline Services
2009-12-04 16:27:07 —-D—- D:WINDOWSsystem32DirectX
2009-12-04 16:26:59 —-A—- D:WINDOWSsystem32atrace.dll
2009-12-04 16:26:58 —-A—- D:WINDOWSsystem32desktop.ini
2009-12-04 16:26:58 —-A—- D:WINDOWSdesktop.ini
2009-12-04 16:26:46 —-A—- D:WINDOWSsystem32nmevtmsg.dll
2009-12-04 16:26:44 —-D—- D:Program FilesCommon FilesServices
2009-12-04 16:26:44 —-A—- D:WINDOWSsystem32acctres.dll
2009-12-04 16:26:41 —-SD—- D:WINDOWSTasks
2009-12-04 16:26:41 —-A—- D:WINDOWSsystem32icfgnt5.dll
2009-12-04 16:26:40 —-D—- D:Program FilesCommon FilesMSSoap
2009-12-04 16:26:36 —-D—- D:WINDOWSsystem32Macromed
2009-12-04 16:26:36 —-D—- D:WINDOWSsrchasst
2009-12-04 16:26:33 —-A—- D:WINDOWSsystem32wuweb.dll
2009-12-04 16:26:33 —-A—- D:WINDOWSsystem32wucltui.dll
2009-12-04 16:26:33 —-A—- D:WINDOWSsystem32wuauserv.dll
2009-12-04 16:26:33 —-A—- D:WINDOWSsystem32wuaueng1.dll
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wups.dll
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wuaueng.dll
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wuauclt1.exe
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wuauclt.exe
2009-12-04 16:26:32 —-A—- D:WINDOWSsystem32wuapi.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32qmgrprxy.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32qmgr.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32bitsprx4.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32bitsprx3.dll
2009-12-04 16:26:31 —-A—- D:WINDOWSsystem32bitsprx2.dll
2009-12-04 16:26:27 —-D—- D:Program FilesMovie Maker
2009-12-04 16:26:09 —-A—- D:WINDOWSsystem32safrslv.dll
2009-12-04 16:26:09 —-A—- D:WINDOWSsystem32safrdm.dll
2009-12-04 16:26:09 —-A—- D:WINDOWSsystem32safrcdlg.dll
2009-12-04 16:26:09 —-A—- D:WINDOWSsystem32racpldlg.dll
2009-12-04 16:26:05 —-A—- D:WINDOWSsystem32fltMc.exe
2009-12-04 16:26:05 —-A—- D:WINDOWSsystem32fltlib.dll
2009-12-04 16:26:04 —-D—- D:WINDOWSsystem32Restore
2009-12-04 16:26:04 —-A—- D:WINDOWSsystem32srsvc.dll
2009-12-04 16:26:04 —-A—- D:WINDOWSsystem32srrstr.dll
2009-12-04 16:26:04 —-A—- D:WINDOWSsystem32srclient.dll
2009-12-04 16:26:03 —-A—- D:WINDOWSsystem32nmmkcert.dll
2009-12-04 16:26:03 —-A—- D:WINDOWSsystem32mnmdd.dll
2009-12-04 16:26:03 —-A—- D:WINDOWSsystem32isrdbg32.dll
2009-12-04 16:26:03 —-A—- D:WINDOWSsystem32ils.dll
2009-12-04 16:26:02 —-A—- D:WINDOWSsystem32msconf.dll
2009-12-04 16:26:02 —-A—- D:WINDOWSsystem32mnmsrvc.exe
2009-12-04 16:26:00 —-D—- D:Program FilesNetMeeting
2009-12-04 16:25:59 —-A—- D:WINDOWSsystem32msoert2.dll
2009-12-04 16:25:59 —-A—- D:WINDOWSsystem32msoeacct.dll
2009-12-04 16:25:58 —-A—- D:WINDOWSsystem32inetres.dll
2009-12-04 16:25:58 —-A—- D:WINDOWSsystem32inetcomm.dll
2009-12-04 16:25:56 —-D—- D:Program FilesOutlook Express
2009-12-04 16:25:56 —-A—- D:WINDOWSsystem32schedsvc.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32mstinit.exe
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32mstask.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32isign32.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32inetcfg.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32icwphbk.dll
2009-12-04 16:25:55 —-A—- D:WINDOWSsystem32icwdial.dll
2009-12-04 16:25:49 —-D—- D:Program FilesCommon FilesSystem
2009-12-04 16:25:44 —-D—- D:Program FilesInternet Explorer
2009-12-04 16:25:12 —-D—- D:Program FilesComPlus Applications
2009-12-04 16:25:10 —-A—- D:WINDOWSvbaddin.ini
2009-12-04 16:25:10 —-A—- D:WINDOWSvb.ini
2009-12-04 16:25:05 —-D—- D:WINDOWSRegistration
2009-12-04 16:24:58 —-D—- D:Program FilesWindows Media Player
2009-12-04 16:24:53 —-A—- D:WINDOWSsystem32write.exe
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32sndvol32.exe
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32hticons.dll
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32avwav.dll
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32avtapi.dll
2009-12-04 16:24:47 —-A—- D:WINDOWSsystem32avmeter.dll
2009-12-04 16:24:46 —-A—- D:WINDOWSsystem32winchat.exe
2009-12-04 16:24:40 —-A—- D:WINDOWSsystem32getuname.dll
2009-12-04 16:24:40 —-A—- D:WINDOWSsystem32charmap.exe
2009-12-04 16:24:40 —-A—- D:WINDOWSsystem32calc.exe
2009-12-04 16:24:39 —-A—- D:WINDOWSsystem32winmine.exe
2009-12-04 16:24:39 —-A—- D:WINDOWSsystem32sol.exe
2009-12-04 16:24:39 —-A—- D:WINDOWSsystem32mshearts.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32usrlogon.cmd
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tsshutdn.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tslabels.ini
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tskill.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tsdiscon.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32tscon.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32reset.exe
2009-12-04 16:24:38 —-A—- D:WINDOWSsystem32freecell.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32shadow.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32rwinsta.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32regini.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32rdpcfgex.dll
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32qwinsta.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32qappsrv.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32msg.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32logoff.exe
2009-12-04 16:24:37 —-A—- D:WINDOWSsystem32cdmodem.dll
2009-12-04 16:24:36 —-A—- D:WINDOWSsystem32msdtcprf.ini
2009-12-04 16:24:31 —-A—- D:WINDOWSsystem32wmimgmt.msc
2009-12-04 16:24:30 —-A—- D:WINDOWSsystem32accwiz.exe
2009-12-04 16:24:29 —-D—- D:Program FilesWindows NT
2009-12-04 16:24:29 —-A—- D:WINDOWSsystem32sndrec32.exe
2009-12-04 16:24:29 —-A—- D:WINDOWSsystem32mplay32.exe
2009-12-04 16:24:29 —-A—- D:WINDOWSsystem32hypertrm.dll
2009-12-04 16:24:28 —-A—- D:WINDOWSsystem32spider.exe
2009-12-04 16:24:28 —-A—- D:WINDOWSsystem32mspaint.exe
2009-12-04 16:24:28 —-A—- D:WINDOWSsystem32clipbrd.exe
2009-12-04 16:24:27 —-A—- D:WINDOWSsystem32tsgqec.dll
2009-12-04 16:24:27 —-A—- D:WINDOWSsystem32tscfgwmi.dll
2009-12-04 16:24:26 —-A—- D:WINDOWSsystem32rhttpaa.dll
2009-12-04 16:24:26 —-A—- D:WINDOWSsystem32mstscax.dll
2009-12-04 16:24:26 —-A—- D:WINDOWSsystem32aaclient.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32termsrv.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32sessmgr.exe
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32remotepg.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdshost.exe
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdsaddin.exe
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdpwsx.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdpsnd.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32rdchost.dll
2009-12-04 16:24:25 —-A—- D:WINDOWSsystem32mstsc.exe
2009-12-04 16:24:24 —-D—- D:WINDOWSsystem32MsDtc
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32rdpclip.exe
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32qprocess.exe
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32mtxoci.dll
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32msdtcuiu.dll
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32msdtcprx.dll
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32icaapi.dll
2009-12-04 16:24:24 —-A—- D:WINDOWSsystem32cfgbkend.dll
2009-12-04 16:24:23 —-A—- D:WINDOWSsystem32xolehlp.dll
2009-12-04 16:24:23 —-A—- D:WINDOWSsystem32msdtctm.dll
2009-12-04 16:24:23 —-A—- D:WINDOWSsystem32msdtclog.dll
2009-12-04 16:24:23 —-A—- D:WINDOWSsystem32msdtc.exe
2009-12-04 16:24:22 —-D—- D:WINDOWSsystem32Com
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32mtxlegih.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32mtxex.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32mtxdm.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32dcomcnfg.exe
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32comrepl.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32comaddin.dll
2009-12-04 16:24:22 —-A—- D:WINDOWSsystem32colbact.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32stclient.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32comsvcs.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32clbcatex.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32catsrvut.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32catsrvps.dll
2009-12-04 16:24:21 —-A—- D:WINDOWSsystem32catsrv.dll
2009-12-04 16:24:20 —-A—- D:WINDOWSsystem32comuid.dll
2009-12-04 16:24:20 —-A—- D:WINDOWSsystem32comsnap.dll
2009-12-04 16:24:20 —-A—- D:WINDOWSsystem32clbcatq.dll
2009-12-04 16:24:14 —-A—- D:WINDOWSsystem32servdeps.dll
2009-12-04 16:24:14 —-A—- D:WINDOWSsystem32mmfutil.dll
2009-12-04 16:24:14 —-A—- D:WINDOWSsystem32licwmi.dll
2009-12-04 16:24:14 —-A—- D:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-12-04 19:18:31 —-A—- D:WINDOWSsystem.ini
2009-12-04 17:05:33 —-A—- D:WINDOWSwin.ini
2009-12-04 16:41:01 —-A—- D:WINDOWSsystem32PreSetup.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; D:WINDOWSsystem32DRIVERSeasdrv.sys [2008-07-01 53256]
R1 epfwtdir;epfwtdir; D:WINDOWSsystem32DRIVERSepfwtdir.sys [2008-07-01 34312]
R1 intelppm;Драйвер Intel процессора; D:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 Tosrfcom;Bluetooth RFCOMM; D:WINDOWSSystem32Driverstosrfcom.sys [2007-05-24 64000]
R2 eamon;EAMON; D:WINDOWSsystem32DRIVERSeamon.sys [2008-07-01 39944]
R2 ghaio;ghaio; ??D:Program FilesASUSNB ProbeSPMghaio.sys []
R3 CmBatt;Драйвер батареи с ACPI-управлением (Майкрософт); D:WINDOWSsystem32DRIVERSCmBatt.sys [2008-04-25 13952]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; D:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidusb;Драйвер класса HID Microsoft; D:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 ialm;ialm; D:WINDOWSsystem32DRIVERSigxpmp32.sys [2007-06-05 5761728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:WINDOWSsystem32driversRtkHDAud.sys [2007-05-28 4422656]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; D:WINDOWSsystem32driversIntcHdmi.sys [2006-12-06 108032]
R3 MODEMCSA;Устройство фильтрации потока Unimodem; D:WINDOWSsystem32driversMODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Драйвер мыши HID; D:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; D:WINDOWSsystem32DRIVERSATKACPI.sys [2006-12-14 7680]
R3 NETw4x32;Драйвер адаптера Intel(R) Wireless WiFi Link для Windows XP 32 Bit; D:WINDOWSsystem32DRIVERSNETw4x32.sys [2007-08-28 2210816]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; D:WINDOWSsystem32DRIVERSRtenicxp.sys [2007-05-31 96896]
R3 RTSTOR;USB Mass Stroage Device; D:WINDOWSsystem32driversRTSTOR.SYS [2007-09-18 44032]
R3 smserial;smserial; D:WINDOWSsystem32DRIVERSsmserial.sys [2006-11-22 982272]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; D:WINDOWSSystem32DriversStkCMini.sys [2007-06-06 1260672]
R3 SynTP;Synaptics TouchPad Driver; D:WINDOWSsystem32DRIVERSSynTP.sys [2006-05-25 193088]
R3 tosporte;Bluetooth COM Port; D:WINDOWSsystem32DRIVERStosporte.sys [2006-10-10 41600]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; D:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-15 30208]
R3 usbhub;USB2 концентратор; D:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-15 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; D:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-15 20608]
S3 CCDECODE;Closed Caption декодер; D:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-25 17024]
S3 NABTSFEC;NABTS/FEC VBI кодек; D:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-25 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; D:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-25 10880]
S3 SLIP;BDA Slip De-Framer; D:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-25 11136]
S3 tosrfbd;Bluetooth RFBUS; D:WINDOWSsystem32DRIVERStosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; D:WINDOWSSystem32Driverstosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; D:WINDOWSsystem32DRIVERSTosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; D:WINDOWSsystem32DRIVERStosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; D:WINDOWSsystem32driverstosrfsnd.sys [2007-01-22 53376]
S3 tosrfusb;Bluetooth USB Controller; D:WINDOWSsystem32DRIVERStosrfusb.sys [2007-06-11 41856]
S3 usbstor;Драйвер запоминающих устройств для USB; D:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-15 26368]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; D:WINDOWSsystem32DRIVERSWudfPf.sys [2008-03-21 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; D:WINDOWSsystem32DRIVERSwudfrd.sys [2008-03-21 82944]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADSMService;ADSM Service; D:Program FilesASUSASUS Data Security ManagerADSMSrv.exe [2007-05-18 73728]
R2 ekrn;Eset Service; D:Program FilesESETESET NOD32 Antivirusekrn.exe [2007-12-21 468224]
R2 spmgr;spmgr; D:Program FilesASUSNB ProbeSPMspmgr.exe [2006-12-28 123248]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; D:WINDOWSSystem32StkCSrv.exe [2007-04-19 24576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; D:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe [2007-02-25 125048]
S3 aspnet_state;ASP.NET State Service; D:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2004-07-15 32768]
S3 EhttpSrv;Eset HTTP Server; D:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2008-07-01 19200]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; D:Program FilesWindows Media PlayerWMPNetwk.exe [2008-03-21 914944]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; D:WINDOWSsystem32svchost.exe [2008-04-15 14336]
EOF
