Созданные ответы форума
-
Сообщения
-
Здраствуйте! Все сделал! Вот лог:
Malwarebytes’ Anti-Malware 1.40
Версия базы данных: 2758
Windows 5.1.2600 Service Pack 208.09.2009 20:37:34
mbam-log-2009-09-08 (20-37-34).txtТип проверки: Быстрая
Проверено объектов: 98930
Прошло времени: 5 minute(s), 5 second(s)Заражено процессов в памяти: 0
Заражено модулей в памяти: 0
Заражено ключей реестра: 1
Заражено значений реестра: 0
Заражено параметров реестра: 0
Заражено папок: 1
Заражено файлов: 1Заражено процессов в памяти:
(Вредоносные программы не обнаружены)Заражено модулей в памяти:
(Вредоносные программы не обнаружены)Заражено ключей реестра:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{08b0e5c0-4fcb-11cf-aax5-81c01c608512} (Generic.Bot.H) -> Quarantined and deleted successfully.Заражено значений реестра:
(Вредоносные программы не обнаружены)Заражено параметров реестра:
(Вредоносные программы не обнаружены)Заражено папок:
C:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.Заражено файлов:
C:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.Сканер Касперского не получается запустить, какие то проблемы с приложением Java! А остальное сделал!
All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{27effe22-e85d-11dd-8693-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{27effe22-e85d-11dd-8693-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{7410c538-720b-11de-871d-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{7410c538-720b-11de-871d-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{886f5f49-7288-11de-871e-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{886f5f49-7288-11de-871e-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{924932ca-84be-11dd-8651-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{924932ca-84be-11dd-8651-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a03e7724-74e9-11de-8720-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{a03e7724-74e9-11de-8720-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a03e7736-74e9-11de-8720-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{a03e7736-74e9-11de-8720-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b2a16600-e88d-11dd-8697-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{b2a16600-e88d-11dd-8697-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c2b0a670-87ff-11dd-8655-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{c2b0a670-87ff-11dd-8655-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c5508600-59cd-11de-86e9-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{c5508600-59cd-11de-86e9-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c871d69c-5a58-11de-86ed-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{c871d69c-5a58-11de-86ed-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{df814ec8-b8db-11dd-8679-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{df814ec8-b8db-11dd-8679-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f590bc55-6542-11de-86fe-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{f590bc55-6542-11de-86fe-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{fc54c504-5e79-11de-86f3-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{fc54c504-5e79-11de-86f3-001167ba0f22} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ffaeb70e-59ce-11de-86ea-001167ba0f22} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{ffaeb70e-59ce-11de-86ea-001167ba0f22} not found.
========== COMMANDS ==========[EMPTYTEMP]
User: 1
->Temp folder emptied: 154967803 bytes
->Temporary Internet Files folder emptied: 104823266 bytesUser: All Users
User: Default User
->Temp folder emptied: 208896 bytes
->Temporary Internet Files folder emptied: 32902 bytesUser: LocalService
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTempTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTempHistoryHistory.IE5index.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTempCookiesindex.dat scheduled to be deleted on reboot.
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 4272488 bytesUser: NetworkService
->Temp folder emptied: 32768 bytes
File delete failed. C:Documents and SettingsNetworkServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytesUser: Администратор
->Temp folder emptied: 208896 bytes
->Temporary Internet Files folder emptied: 32768 bytes%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%System32 .tmp files removed: 5709 bytes
Windows Temp folder emptied: 3044872 bytes
RecycleBin emptied: 1420604 bytesTotal Files Cleaned = 256,68 mb
OTM by OldTimer — Version 3.0.0.6 log created on 09062009_140538
Files moved on Reboot…
Registry entries deleted on Reboot…
Logfile of random’s system information tool 1.06 (written by random/random)
Run by 1 at 2009-09-06 18:20:50
Microsoft Windows XP Professional Service Pack 2
System drive C: has 20 GB (27%) free of 73 GB
Total RAM: 1014 MB (35% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:20:54, on 06.09.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesIntelWirelessBinS24EvMon.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe
C:Program FilesIntelWirelessBinEvtEng.exe
C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:Program FilesIntelWirelessBinRegSrvc.exe
C:Program FilesCyberLinkShared FilesRichVideo.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:AcerEmpowering TechnologyeLockServiceeLockServ.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe
C:Program FilesCanonCALCALMAIN.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSExplorer.EXE
C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:WINDOWSsystem32igfxtray.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSsystem32igfxpers.exe
C:WINDOWSsystem32igfxsrvc.exe
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:AcerEmpowering TechnologyePresentationePresentation.exe
C:AcerEmpowering TechnologyePowerePower_DMC.exe
C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe
C:AcerEmpowering TechnologyeRecoveryeRAgent.exe
C:PROGRA~1LAUNCH~1LManager.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe
C:Program FilesWinampwinampa.exe
C:Program Files2gisUpdateClientWin32UpdateClientUI.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSvistadriveVdrive.exe
C:Documents and Settings1Рабочий столавторизатор.exe
C:Program Files2gisUpdateClientWin32UpdateClientService.exe
C:AcerEmpowering TechnologyAcer.Empowering.Framework.Launcher.exe
C:WINDOWSsystem32igfxext.exe
C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
C:WINDOWSsystem32wbemunsecapp.exe
C:DOCUME~11LOCALS~1TempRtkBtMnt.exe
C:Program FilesOperaopera.exe
C:Program FilesJavajre6binjqs.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and Settings1Рабочий столRSIT.exe
C:Program Filestrend micro1.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ya.ru/?clid=41124
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ru.intl.acer.yahoo.com
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ru.intl.acer.yahoo.com
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: QIPBHO Class — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:Documents and Settings1Application DataMicrosoftInternet Explorerqipsearchbar.dll
R3 — URLSearchHook: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 — BHO: Yahoo! Toolbar Helper — {02478D38-C3F9-4EFB-9B51-7695ECA05670} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 — BHO: QIPBHO — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:Documents and Settings1Application DataMicrosoftInternet Explorerqipsearchbar.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.2.4204.1700swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 — Toolbar: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O3 — Toolbar: Acer eDataSecurity Management — {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} — C:WINDOWSsystem32eDStoolbar.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O4 — HKLM..Run: [preload] C:WindowsRUNXMLPL.exe
O4 — HKLM..Run: [IAAnotif] «C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe»
O4 — HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 — HKLM..Run: [AzMixerSel] C:Program FilesRealtekInstallShieldAzMixerSel.exe
O4 — HKLM..Run: [IMJPMIG8.1] «C:WINDOWSIMEimjp8_1IMJPMIG.EXE» /Spoil /RemAdvDef /Migration32
O4 — HKLM..Run: [MSPY2002] C:WINDOWSsystem32IMEPINTLGNTImScInst.exe /SYNC
O4 — HKLM..Run: [PHIME2002ASync] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNC
O4 — HKLM..Run: [PHIME2002A] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /IMEName
O4 — HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 — HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 — HKLM..Run: [Persistence] C:WINDOWSsystem32igfxpers.exe
O4 — HKLM..Run: [SynTPStart] C:Program FilesSynapticsSynTPSynTPStart.exe
O4 — HKLM..Run: [RemoteControl] «C:Program FilesCyberLinkPowerDVDPDVDServ.exe»
O4 — HKLM..Run: [LanguageShortcut] «C:Program FilesCyberLinkPowerDVDLanguageLanguage.exe»
O4 — HKLM..Run: [Acer ePresentation HPD] C:AcerEmpowering TechnologyePresentationePresentation.exe
O4 — HKLM..Run: [ePower_DMC] C:AcerEmpowering TechnologyePowerePower_DMC.exe
O4 — HKLM..Run: [Boot] C:AcerEmpowering TechnologyePowerBoot.exe
O4 — HKLM..Run: [eLockMonitor] C:AcerEmpowering TechnologyeLockMonitorLaunchMonitor.exe
O4 — HKLM..Run: [eDataSecurity Loader] C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe 0
O4 — HKLM..Run: [eRecoveryService] C:AcerEmpowering TechnologyeRecoveryeRAgent.exe
O4 — HKLM..Run: [LManager] C:PROGRA~1LAUNCH~1LManager.exe
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe»
O4 — HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [2gis update client UI] «C:Program Files2gisUpdateClientWin32UpdateClientUI.exe» -minimized
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [Vistapack Reloader] C:Program FilesVistapack XPvistapack.exe /S
O4 — HKCU..Run: [Tbar] C:WINDOWSsystem32Tbar.exe /a 175
O4 — HKCU..Run: [Vistadrive] C:WINDOWSvistadriveVdrive.exe
O4 — HKCU..Run: [KabAuth] C:Documents and Settings1Рабочий столавторизатор.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Acer Empowering Technology.lnk = ?
O4 — Global Startup: BlueSoleil.lnk = C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Добавить в Анти-Баннер — C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsie_banner_deny.htm
O9 — Extra button: Cтатистика Веб-Антивируса — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows WorkstationsSCIEPlgn.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra button: QIP 2005 — {1EF681F7-A04B-4D6D-9012-A307CCA55610} — C:Program FilesQIPqip.exe (HKCU)
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 — DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} — http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 — HKLMSystemCCSServicesTcpip..{BDF9198C-A417-4E61-8311-F431D240B23E}: NameServer = 87.224.197.1,87.224.213.1
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1.0FOadialhk.dll
O23 — Service: 2GIS UpdateClientService — ДубльГИС — C:Program Files2gisUpdateClientWin32UpdateClientService.exe
O23 — Service: Kaspersky Anti-Virus 6.0 (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe
O23 — Service: Canon Camera Access Library 8 (CCALib8) — Canon Inc. — C:Program FilesCanonCALCALMAIN.exe
O23 — Service: Symantec Lic NetConnect service (CLTNetCnService) — Unknown owner — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file missing)
O23 — Service: eLock Service (eLockService) — — C:AcerEmpowering TechnologyeLockServiceeLockServ.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Intel(R) PROSet/Wireless Event Log (EvtEng) — Intel Corporation — C:Program FilesIntelWirelessBinEvtEng.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) — Intel Corporation — C:Program FilesIntelWirelessBinRegSrvc.exe
O23 — Service: Cyberlink RichVideo Service(CRVS) (RichVideo) — Unknown owner — C:Program FilesCyberLinkShared FilesRichVideo.exe
O23 — Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) — CACE Technologies — C:Program FilesWinPcaprpcapd.exe
O23 — Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) — Intel Corporation — C:Program FilesIntelWirelessBinS24EvMon.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 13016 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2006-09-06 439872][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class — C:Documents and Settings1Application DataMicrosoftInternet Explorerqipsearchbar.dll [2009-07-14 150768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2009-08-26 256112][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.2.4204.1700swg.dll [2009-08-26 761840][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll [2009-08-26 458736][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2009-09-06 41760][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-09-06 73728][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} — Yahoo! Toolbar — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2006-09-06 439872]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} — Acer eDataSecurity Management — C:WINDOWSsystem32eDStoolbar.dll [2007-05-28 106496]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2009-08-26 256112][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«preload»=C:WindowsRUNXMLPL.exe [2007-04-21 20480]
«IAAnotif»=C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe [2007-03-21 174872]
«SynTPEnh»=C:Program FilesSynapticsSynTPSynTPEnh.exe [2007-09-07 1015808]
«AzMixerSel»=C:Program FilesRealtekInstallShieldAzMixerSel.exe [2005-06-11 53248]
«IMJPMIG8.1″=C:WINDOWSIMEimjp8_1IMJPMIG.EXE [2004-08-18 208952]
«MSPY2002″=C:WINDOWSsystem32IMEPINTLGNTImScInst.exe [2004-08-18 59392]
«PHIME2002ASync»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-18 455168]
«PHIME2002A»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-18 455168]
«IgfxTray»=C:WINDOWSsystem32igfxtray.exe [2007-06-13 142104]
«HotKeysCmds»=C:WINDOWSsystem32hkcmd.exe [2007-06-13 162584]
«Persistence»=C:WINDOWSsystem32igfxpers.exe [2007-06-13 138008]
«SynTPStart»=C:Program FilesSynapticsSynTPSynTPStart.exe [2007-09-07 102400]
«RemoteControl»=C:Program FilesCyberLinkPowerDVDPDVDServ.exe [2007-01-08 68640]
«LanguageShortcut»=C:Program FilesCyberLinkPowerDVDLanguageLanguage.exe [2007-01-08 52256]
«Acer ePresentation HPD»=C:AcerEmpowering TechnologyePresentationePresentation.exe [2007-03-02 208896]
«ePower_DMC»=C:AcerEmpowering TechnologyePowerePower_DMC.exe [2007-07-04 475136]
«Boot»=C:AcerEmpowering TechnologyePowerBoot.exe [2006-03-15 579584]
«eLockMonitor»=C:AcerEmpowering TechnologyeLockMonitorLaunchMonitor.exe []
«eDataSecurity Loader»=C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe [2007-05-28 342528]
«eRecoveryService»=C:AcerEmpowering TechnologyeRecoveryeRAgent.exe [2007-07-11 421888]
«LManager»=C:PROGRA~1LAUNCH~1LManager.exe [2007-10-17 858632]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2007-10-25 16855552]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«AVP»=C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe [2007-11-19 231952]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2007-05-15 35328]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
«2gis update client UI»=C:Program Files2gisUpdateClientWin32UpdateClientUI.exe [2008-09-17 4055040]
«SunJavaUpdateSched»=C:Program FilesJavajre6binjusched.exe [2009-09-06 149280][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-18 40448]
«Vistapack Reloader»=C:Program FilesVistapack XPvistapack.exe [2008-11-09 465065]
«Tbar»=C:WINDOWSsystem32Tbar.exe [2007-06-12 2560]
«Vistadrive»=C:WINDOWSvistadriveVdrive.exe [2008-06-15 253573]
«KabAuth»=C:Documents and Settings1Рабочий столавторизатор.exe [2009-08-19 876544]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-08-19 39408]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Acer Empowering Technology.lnk — C:AcerEmpowering TechnologyAcer.Empowering.Framework.Launcher.exe
BlueSoleil.lnk — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1.0FOadialhk.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:WINDOWSsystem32igfxdev.dll [2007-06-05 204800][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2007-11-19 219664][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesCyberLinkPowerDVDPowerDVD.exe»=»C:Program FilesCyberLinkPowerDVDPowerDVD.exe:*:Enabled:CyberLink PowerDVD»
«C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe»=»C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe:*:Enabled:BlueSoleil»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-09-06 17:56:55 —-A—- C:WINDOWSsystem32javaws.exe
2009-09-06 17:56:55 —-A—- C:WINDOWSsystem32deploytk.dll
2009-09-06 17:56:54 —-A—- C:WINDOWSsystem32javaw.exe
2009-09-06 17:56:53 —-A—- C:WINDOWSsystem32java.exe
2009-09-06 17:56:21 —-D—- C:Program FilesJava
2009-09-06 17:53:59 —-D—- C:Documents and Settings1Application DataSun
2009-09-06 14:05:38 —-D—- C:_OTM
2009-09-03 14:40:39 —-RASHD—- C:autorun.inf
2009-09-01 22:01:27 —-D—- C:WINDOWSSxsCaPendDel
2009-09-01 21:55:26 —-D—- C:Documents and Settings1Application DataOpera
2009-09-01 21:55:13 —-D—- C:Program FilesOpera
2009-09-01 21:53:26 —-A—- C:Program FilesOpera_1000_ru_Setup.exe
2009-08-31 16:52:19 —-D—- C:Program Filestrend micro
2009-08-31 16:52:18 —-D—- C:rsit
2009-08-22 16:53:02 —-A—- C:WINDOWSsystem32CmdLineExt.dll
2009-08-22 16:52:41 —-D—- C:Documents and Settings1Application DataOff Road
2009-08-22 16:51:55 —-A—- C:WINDOWSsystem32xactengine2_5.dll
2009-08-22 16:51:54 —-A—- C:WINDOWSsystem32d3dx9_32.dll
2009-08-22 16:51:53 —-A—- C:WINDOWSsystem32xinput1_3.dll
2009-08-22 16:51:53 —-A—- C:WINDOWSsystem32xactengine2_4.dll
2009-08-22 16:51:53 —-A—- C:WINDOWSsystem32x3daudio1_1.dll
2009-08-22 16:51:53 —-A—- C:WINDOWSsystem32d3dx9_31.dll
2009-08-22 16:51:52 —-A—- C:WINDOWSsystem32xactengine2_3.dll
2009-08-22 16:51:51 —-A—- C:WINDOWSsystem32xinput1_2.dll
2009-08-22 16:51:51 —-A—- C:WINDOWSsystem32xinput1_1.dll
2009-08-22 16:51:51 —-A—- C:WINDOWSsystem32xactengine2_2.dll
2009-08-22 16:51:50 —-A—- C:WINDOWSsystem32xactengine2_1.dll
2009-08-22 16:51:36 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2009-08-22 16:51:35 —-A—- C:WINDOWSsystem32xactengine2_0.dll
2009-08-22 16:51:35 —-A—- C:WINDOWSsystem32x3daudio1_0.dll
2009-08-22 16:51:35 —-A—- C:WINDOWSsystem32d3dx9_29.dll
2009-08-22 16:51:34 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2009-08-22 16:51:33 —-A—- C:WINDOWSsystem32xinput9_1_0.dll
2009-08-22 16:51:33 —-A—- C:WINDOWSsystem32d3dx9_27.dll
2009-08-22 16:51:32 —-A—- C:WINDOWSsystem32d3dx9_26.dll
2009-08-22 16:51:32 —-A—- C:WINDOWSsystem32d3dx9_25.dll
2009-08-22 16:51:25 —-A—- C:WINDOWSsystem32d3dx9_24.dll
2009-08-22 11:10:40 —-D—- C:Program FilesOpenAL
2009-08-22 11:10:39 —-A—- C:WINDOWSsystem32wrap_oal.dll
2009-08-22 11:10:39 —-A—- C:WINDOWSsystem32OpenAL32.dll
2009-08-22 10:55:19 —-D—- C:Program FilesCodemasters
2009-08-20 23:09:11 —-HDC—- C:WINDOWS$NtUninstallKB899587$
2009-08-20 23:09:02 —-HDC—- C:WINDOWS$NtUninstallKB927779$
2009-08-20 23:08:54 —-HDC—- C:WINDOWS$NtUninstallKB927802$
2009-08-20 23:08:34 —-HDC—- C:WINDOWS$NtUninstallKB960859$
2009-08-20 23:08:25 —-HDC—- C:WINDOWS$NtUninstallKB885835$
2009-08-20 23:08:16 —-HDC—- C:WINDOWS$NtUninstallKB885836$
2009-08-20 23:08:06 —-HDC—- C:WINDOWS$NtUninstallKB928255$
2009-08-20 23:07:56 —-HDC—- C:WINDOWS$NtUninstallKB911927$
2009-08-20 23:07:36 —-HDC—- C:WINDOWS$NtUninstallKB901017$
2009-08-20 23:07:26 —-HDC—- C:WINDOWS$NtUninstallKB899591$
2009-08-20 23:07:17 —-HDC—- C:WINDOWS$NtUninstallKB920685$
2009-08-20 23:07:09 —-HDC—- C:WINDOWS$NtUninstallKB893756$
2009-08-20 23:07:00 —-HDC—- C:WINDOWS$NtUninstallKB923980$
2009-08-20 23:06:52 —-HDC—- C:WINDOWS$NtUninstallKB911280$
2009-08-20 23:06:43 —-HDC—- C:WINDOWS$NtUninstallKB911562$
2009-08-20 23:06:35 —-HDC—- C:WINDOWS$NtUninstallKB938828$
2009-08-20 23:06:28 —-HDC—- C:WINDOWS$NtUninstallKB924667$
2009-08-20 23:06:20 —-HDC—- C:WINDOWS$NtUninstallKB896423$
2009-08-20 23:06:13 —-HDC—- C:WINDOWS$NtUninstallKB900485$
2009-08-20 23:06:01 —-HDC—- C:WINDOWS$NtUninstallKB924270$
2009-08-20 23:05:34 —-HDC—- C:WINDOWS$NtUninstallKB873339$
2009-08-20 23:05:10 —-HDC—- C:WINDOWS$NtUninstallKB961371-v2$
2009-08-20 23:04:44 —-HDC—- C:WINDOWS$NtUninstallKB972260$
2009-08-20 23:04:34 —-HDC—- C:WINDOWS$NtUninstallKB971657$
2009-08-20 23:04:26 —-HDC—- C:WINDOWS$NtUninstallKB887472$
2009-08-20 23:04:19 —-HDC—- C:WINDOWS$NtUninstallKB946026$
2009-08-20 23:04:11 —-HDC—- C:WINDOWS$NtUninstallKB971557$
2009-08-20 23:04:04 —-HDC—- C:WINDOWS$NtUninstallKB973346$
2009-08-20 23:03:54 —-HDC—- C:WINDOWS$NtUninstallKB896358$
2009-08-20 23:03:47 —-HDC—- C:WINDOWS$NtUninstallKB925398_WMP64$
2009-08-20 23:02:58 —-HDC—- C:WINDOWS$NtUninstallKB910437$
2009-08-20 23:02:50 —-HDC—- C:WINDOWS$NtUninstallKB911564$
2009-08-20 23:02:15 —-HDC—- C:WINDOWS$NtUninstallKB971633$
2009-08-20 23:02:08 —-HDC—- C:WINDOWS$NtUninstallKB973869$
2009-08-20 23:01:56 —-HDC—- C:WINDOWS$NtUninstallKB973540_WM9L$
2009-08-20 23:01:51 —-HDC—- C:WINDOWS$NtUninstallKB920670$
2009-08-20 23:01:42 —-HDC—- C:WINDOWS$NtUninstallKB918439$
2009-08-20 23:01:18 —-HDC—- C:WINDOWS$NtUninstallKB952004$
2009-08-20 23:01:09 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-08-20 23:01:01 —-HDC—- C:WINDOWS$NtUninstallKB952004_1$
2009-08-20 23:00:55 —-HDC—- C:WINDOWS$NtUninstallKB913580$
2009-08-20 23:00:43 —-HDC—- C:WINDOWS$NtUninstallKB902400$
2009-08-20 22:59:45 —-HDC—- C:WINDOWS$NtUninstallKB926436$
2009-08-20 22:59:21 —-HDC—- C:WINDOWS$NtUninstallKB973507$
2009-08-20 22:59:13 —-HDC—- C:WINDOWS$NtUninstallKB920872$
2009-08-20 22:58:44 —-HDC—- C:WINDOWS$NtUninstallKB914388$
2009-08-20 22:58:34 —-HDC—- C:WINDOWS$NtUninstallKB941569$
2009-08-20 22:57:47 —-HDC—- C:WINDOWS$NtUninstallKB905414$
2009-08-20 22:55:12 —-HDC—- C:WINDOWS$NtUninstallKB901214$
2009-08-20 22:55:04 —-HDC—- C:WINDOWS$NtUninstallKB923191$
2009-08-20 22:54:56 —-HDC—- C:WINDOWS$NtUninstallKB973354$
2009-08-20 22:54:49 —-HDC—- C:WINDOWS$NtUninstallKB922582$
2009-08-20 22:54:39 —-HDC—- C:WINDOWS$NtUninstallKB918118$
2009-08-20 22:54:31 —-HDC—- C:WINDOWS$NtUninstallKB926255$
2009-08-20 22:54:24 —-HDC—- C:WINDOWS$NtUninstallKB888302$
2009-08-20 22:54:16 —-HDC—- C:WINDOWS$NtUninstallKB900725$
2009-08-20 22:54:09 —-HDC—- C:WINDOWS$NtUninstallKB938127$
2009-08-20 22:54:02 —-HDC—- C:WINDOWS$NtUninstallKB920213$
2009-08-20 22:53:55 —-HDC—- C:WINDOWS$NtUninstallKB945553$
2009-08-20 22:53:48 —-HDC—- C:WINDOWS$NtUninstallKB886185$
2009-08-20 22:53:40 —-HDC—- C:WINDOWS$NtUninstallKB916595$
2009-08-20 22:53:01 —-HDC—- C:WINDOWS$NtUninstallKB950749$
2009-08-20 22:52:38 —-D—- C:WINDOWSServicePackFiles
2009-08-20 22:52:36 —-HDC—- C:WINDOWS$NtUninstallKB958470$
2009-08-20 22:52:14 —-HDC—- C:WINDOWS$NtUninstallKB973815$
2009-08-20 22:52:06 —-HDC—- C:WINDOWS$NtUninstallKB908531$
2009-08-20 22:51:49 —-HDC—- C:WINDOWS$NtUninstallKB971032$
2009-08-20 22:51:40 —-HDC—- C:WINDOWS$NtUninstallKB905749$
2009-08-20 22:51:20 —-HDC—- C:WINDOWS$NtUninstallKB913580_0$
2009-08-20 22:51:11 —-HDC—- C:WINDOWS$NtUninstallKB943055$
2009-08-20 22:50:45 —-HDC—- C:WINDOWS$NtUninstallKB894391$
2009-08-20 22:50:37 —-HDC—- C:WINDOWS$NtUninstallKB920683$
2009-08-20 22:50:14 —-HDC—- C:WINDOWS$NtUninstallKB914389$
2009-08-20 22:49:16 —-HDC—- C:WINDOWS$NtUninstallKB944653$
2009-08-20 22:49:05 —-HDC—- C:WINDOWS$NtUninstallKB890859$
2009-08-20 22:48:36 —-HDC—- C:WINDOWS$NtUninstallKB968389$
2009-08-20 11:07:44 —-N—- C:WINDOWSsystem32verclsid.exe
2009-08-19 16:47:20 —-D—- C:Documents and Settings1Application DataGoogle
2009-08-19 16:46:48 —-D—- C:Program FilesGoogle
2009-08-19 16:46:48 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle======List of files/folders modified in the last 1 months======
2009-09-06 18:20:18 —-D—- C:WINDOWSTemp
2009-09-06 18:13:13 —-D—- C:WINDOWSPrefetch
2009-09-06 17:57:14 —-SHD—- C:Config.Msi
2009-09-06 17:56:56 —-D—- C:WINDOWSsystem32
2009-09-06 17:56:23 —-SHD—- C:WINDOWSInstaller
2009-09-06 17:56:21 —-D—- C:Program Files
2009-09-06 14:25:26 —-D—- C:WINDOWSsystem32CatRoot2
2009-09-06 14:25:25 —-D—- C:Documents and Settings1Application Datakabauth
2009-09-06 14:25:19 —-D—- C:WINDOWS
2009-09-06 14:25:16 —-D—- C:Program FilesVistapack XP
2009-09-06 14:25:16 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-09-06 14:24:29 —-A—- C:WINDOWSModemLog_Bluetooth Fax Modem.txt
2009-09-06 14:24:29 —-A—- C:WINDOWSModemLog_Bluetooth DUN Modem.txt
2009-09-06 14:24:23 —-A—- C:WINDOWSModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2009-09-06 13:55:23 —-A—- C:WINDOWSNeroDigital.ini
2009-09-06 12:26:01 —-A—- C:WINDOWSSchedLgU.Txt
2009-09-02 21:06:00 —-RSHD—- C:WINDOWSsystem32dllcache
2009-09-02 18:31:25 —-D—- C:WINDOWSsystem32FxsTmp
2009-09-02 10:51:26 —-HD—- C:WINDOWSinf
2009-09-02 10:51:26 —-D—- C:WINDOWSHelp
2009-09-01 22:01:15 —-D—- C:Program FilesAdobe
2009-09-01 22:01:08 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-09-01 10:46:15 —-D—- C:Program FilesInternet Explorer
2009-08-22 16:51:57 —-D—- C:WINDOWSsystem32DirectX
2009-08-22 16:51:50 —-RSD—- C:WINDOWSassembly
2009-08-22 16:49:41 —-HD—- C:Program FilesInstallShield Installation Information
2009-08-21 17:09:02 —-D—- C:WINDOWSsystem32CatRoot
2009-08-21 08:20:48 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-08-21 08:18:16 —-D—- C:WINDOWSsystem32Setup
2009-08-21 08:18:15 —-D—- C:WINDOWSsystem32drivers
2009-08-20 23:09:10 —-HD—- C:WINDOWS$hf_mig$
2009-08-20 23:09:07 —-A—- C:WINDOWSimsins.BAK
2009-08-20 23:07:49 —-D—- C:Documents and SettingsAll UsersApplication DataMicrosoft Help
2009-08-20 23:06:30 —-D—- C:WINDOWSWinSxS
2009-08-20 23:04:29 —-D—- C:Program FilesMessenger
2009-08-20 23:02:52 —-D—- C:Program FilesWindows Media Player
2009-08-20 23:00:50 —-D—- C:WINDOWSsystem32Com
2009-08-20 23:00:24 —-D—- C:WINDOWSMicrosoft.NET
2009-08-20 22:54:59 —-D—- C:Program FilesOutlook Express
2009-08-20 22:54:04 —-D—- C:WINDOWSmsagent
2009-08-20 05:53:35 —-SD—- C:WINDOWSDownloaded Program Files
2009-08-19 16:45:40 —-SD—- C:Documents and Settings1Application DataMicrosoft
2009-08-19 15:59:19 —-A—- C:WINDOWSModemLog_HUAWEI Mobile Connect — 3G Modem #2.txt
2009-08-19 15:23:08 —-D—- C:Program FilesДлинные нарды 2.0
2009-08-19 14:58:46 —-D—- C:Program FilesQIP
2009-08-12 10:55:22 —-A—- C:WINDOWSModemLog_HUAWEI Mobile Connect — 3G Modem.txt
2009-08-11 21:28:21 —-A—- C:WINDOWSModemLog_HUAWEI Mobile Connect — 3G Modem #4.txt======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-18 40448]
R1 klif;Klif; ??C:WINDOWSsystem32driversklif.sys []
R1 Tcpip6;Драйвер протокола IPv6 (Microsoft); C:WINDOWSsystem32DRIVERStcpip6.sys [2008-06-20 225920]
R1 WmiAcpi;Интерфейс управления для ACPI Microsoft Windows; C:WINDOWSsystem32DRIVERSwmiacpi.sys [2004-08-03 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:WINDOWSsystem32DRIVERSAegisP.sys [2008-09-09 21425]
R2 EpmPsd;Acer EPM Power Scheme Driver; ??C:WINDOWSsystem32driversepm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; ??C:WINDOWSsystem32driversepm-shd.sys []
R2 int15;int15; ??C:WINDOWSsystem32driversint15.sys []
R2 irda;ИК-протокол IrDA; C:WINDOWSsystem32DRIVERSirda.sys [2004-08-03 87424]
R2 mdmxsdk;mdmxsdk; C:WINDOWSsystem32DRIVERSmdmxsdk.sys [2006-06-20 12672]
R2 npf;NetGroup Packet Filter Driver; C:WINDOWSsystem32driversnpf.sys [2009-03-16 34064]
R2 s24trans;Транспорт беспроводной сети; C:WINDOWSsystem32DRIVERSs24trans.sys [2007-02-21 12416]
R2 tvicport;tvicport; ??C:WINDOWSsystem32driverstvicport.sys []
R2 zntport;zntport; ??C:WINDOWSsystem32driverszntport.sys []
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:WINDOWSsystem32DRIVERSb57xp32.sys [2007-02-16 160256]
R3 BlueletAudio;Bluetooth Audio Service; C:WINDOWSsystem32DRIVERSblueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:WINDOWSsystem32DRIVERSBlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:WINDOWSsystem32DRIVERSbtnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WINDOWSSystem32Driversbtcusb.sys [2007-05-09 36496]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Майкрософт); C:WINDOWSsystem32DRIVERSCmBatt.sys [2004-08-03 14080]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:WINDOWSsystem32DRIVERSDKbFltr.sys [2006-01-21 17408]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 HSF_DPV;HSF_DPV; C:WINDOWSsystem32DRIVERSHSF_DPV.sys [2006-12-22 988800]
R3 HSFHWAZL;HSFHWAZL; C:WINDOWSsystem32DRIVERSHSFHWAZL.sys [2006-12-22 209664]
R3 ialm;ialm; C:WINDOWSsystem32DRIVERSigxpmp32.sys [2007-06-06 5761728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-11-01 4620288]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2007-05-30 24344]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
R3 NETw4x32;Драйвер адаптера Intel(R) Wireless WiFi Link для Windows XP 32 Bit; C:WINDOWSsystem32DRIVERSNETw4x32.sys [2007-04-30 2206976]
R3 nm;Драйвер сетевого монитора; C:WINDOWSsystem32DRIVERSNMnt.sys [2004-08-18 40320]
R3 NSCIRDA;Драйвер ИК-устройства NSC; C:WINDOWSsystem32DRIVERSnscirda.sys [2004-08-03 28672]
R3 NTIDrvr;Upper Class Filter Driver; C:WINDOWSsystem32DRIVERSNTIDrvr.sys [2007-08-21 6144]
R3 psdfilter;psdfilter; ??C:WINDOWSsystem32Driverspsdfilter.sys []
R3 psdvdisk;psdvdisk; ??C:WINDOWSsystem32Driverspsdvdisk.sys []
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2004-08-18 5888]
R3 sdbus;sdbus; C:WINDOWSsystem32DRIVERSsdbus.sys [2004-08-18 67584]
R3 SynTP;Synaptics TouchPad Driver; C:WINDOWSsystem32DRIVERSSynTP.sys [2007-09-07 215904]
R3 tifm21;tifm21; C:WINDOWSsystem32driverstifm21.sys [2007-05-02 290816]
R3 tunmp;Драйвер адаптера минипорта Microsoft Tun; C:WINDOWSsystem32DRIVERStunmp.sys [2004-08-18 12416]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2006-04-19 30080]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2006-02-21 58240]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2006-04-19 20608]
R3 VComm;Virtual Serial port driver; C:WINDOWSsystem32DRIVERSVComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:WINDOWSSystem32DriversVcommMgr.sys [2007-03-05 44304]
R3 winachsf;winachsf; C:WINDOWSsystem32DRIVERSHSF_CNXT.sys [2006-12-22 730112]
S3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2004-08-18 60800]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSfetnd5.sys [2001-08-17 27165]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:WINDOWSsystem32DRIVERSewusbmdm.sys [2008-07-24 101376]
S3 int15.sys;int15.sys; ??C:AcerEmpowering TechnologyeRecoveryint15.sys []
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2004-08-18 61824]
S3 sffdisk;Драйвер класса SFF Storage; C:WINDOWSsystem32DRIVERSsffdisk.sys [2004-08-18 11136]
S3 sffp_sd;Драйвер протокола SFF Storage для SDBus; C:WINDOWSsystem32DRIVERSsffp_sd.sys [2004-08-18 10240]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:WINDOWSsystem32DRIVERSssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:WINDOWSsystem32DRIVERSssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:WINDOWSsystem32DRIVERSssm_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-18 26496]
S3 usbvideo;USB-видеоустройство (WDM); C:WINDOWSSystem32Driversusbvideo.sys [2004-08-03 78464]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 2GIS UpdateClientService;2GIS UpdateClientService; C:Program Files2gisUpdateClientWin32UpdateClientService.exe [2008-09-17 1134592]
R2 6to4;Служба поддержки IPv6; C:WINDOWSsystem32svchost.exe [2004-08-18 14336]
R2 AVP;Kaspersky Anti-Virus 6.0; C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe [2007-11-19 231952]
R2 CCALib8;Canon Camera Access Library 8; C:Program FilesCanonCALCALMAIN.exe [2007-01-31 96370]
R2 eLockService;eLock Service; C:AcerEmpowering TechnologyeLockServiceeLockServ.exe [2007-03-01 24576]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:Program FilesIntelWirelessBinEvtEng.exe [2007-02-21 643072]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe [2007-03-21 355096]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSsystem32svchost.exe [2004-08-18 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2009-09-06 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2007-01-17 61440]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:Program FilesIntelWirelessBinRegSrvc.exe [2007-02-21 327680]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:Program FilesCyberLinkShared FilesRichVideo.exe [2007-01-08 171040]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:Program FilesIntelWirelessBinS24EvMon.exe [2007-02-21 983040]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe /h ccCommon []
S2 Fax;Fax; C:WINDOWSsystem32fxssvc.exe [2004-08-18 268288]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-04-13 68952]
S3 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-08-19 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:Program FilesWinPcaprpcapd.exe [2009-03-16 92792]
S3 SQLWriter;SQL Server VSS Writer; C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe [2006-04-14 87840]
EOF
Здравствуйте! Сделал все что написали! Теперь сайты нормально открываются!
Вот свежий лог:
Logfile of random’s system information tool 1.06 (written by random/random)
Run by 1 at 2009-09-03 15:04:59
Microsoft Windows XP Professional Service Pack 2
System drive C: has 15 GB (20%) free of 73 GB
Total RAM: 1014 MB (24% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:05:03, on 03.09.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesIntelWirelessBinS24EvMon.exe
C:WINDOWSsystem32spoolsv.exe
C:Program Files2gisUpdateClientWin32UpdateClientService.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe
C:Program FilesIntelWirelessBinEvtEng.exe
C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:Program FilesIntelWirelessBinRegSrvc.exe
C:Program FilesCyberLinkShared FilesRichVideo.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:AcerEmpowering TechnologyeLockServiceeLockServ.exe
C:Program FilesCanonCALCALMAIN.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSExplorer.EXE
C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:WINDOWSsystem32igfxtray.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSsystem32igfxpers.exe
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:AcerEmpowering TechnologyePresentationePresentation.exe
C:WINDOWSsystem32igfxsrvc.exe
C:AcerEmpowering TechnologyePowerePower_DMC.exe
C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe
C:AcerEmpowering TechnologyeRecoveryeRAgent.exe
C:PROGRA~1LAUNCH~1LManager.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe
C:Program FilesWinampwinampa.exe
C:Program Files2gisUpdateClientWin32UpdateClientUI.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSvistadriveVdrive.exe
C:Documents and Settings1Рабочий столавторизатор.exe
C:AcerEmpowering TechnologyAcer.Empowering.Framework.Launcher.exe
C:WINDOWSsystem32igfxext.exe
C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
C:WINDOWSsystem32wbemunsecapp.exe
C:DOCUME~11LOCALS~1TempRtkBtMnt.exe
C:Program FilesOperaopera.exe
C:Documents and Settings1Рабочий столRSIT.exe
C:Program Filestrend micro1.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ya.ru/?clid=41124
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ru.intl.acer.yahoo.com
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ru.intl.acer.yahoo.com
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: QIPBHO Class — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:Documents and Settings1Application DataMicrosoftInternet Explorerqipsearchbar.dll
R3 — URLSearchHook: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 — BHO: Yahoo! Toolbar Helper — {02478D38-C3F9-4EFB-9B51-7695ECA05670} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 — BHO: QIPBHO — {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} — C:Documents and Settings1Application DataMicrosoftInternet Explorerqipsearchbar.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.2.4204.1700swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll
O3 — Toolbar: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program FilesYahoo!CompanionInstallscpnyt.dll
O3 — Toolbar: Acer eDataSecurity Management — {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} — C:WINDOWSsystem32eDStoolbar.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O4 — HKLM..Run: [preload] C:WindowsRUNXMLPL.exe
O4 — HKLM..Run: [IAAnotif] «C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe»
O4 — HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 — HKLM..Run: [AzMixerSel] C:Program FilesRealtekInstallShieldAzMixerSel.exe
O4 — HKLM..Run: [IMJPMIG8.1] «C:WINDOWSIMEimjp8_1IMJPMIG.EXE» /Spoil /RemAdvDef /Migration32
O4 — HKLM..Run: [MSPY2002] C:WINDOWSsystem32IMEPINTLGNTImScInst.exe /SYNC
O4 — HKLM..Run: [PHIME2002ASync] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNC
O4 — HKLM..Run: [PHIME2002A] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /IMEName
O4 — HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 — HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 — HKLM..Run: [Persistence] C:WINDOWSsystem32igfxpers.exe
O4 — HKLM..Run: [SynTPStart] C:Program FilesSynapticsSynTPSynTPStart.exe
O4 — HKLM..Run: [RemoteControl] «C:Program FilesCyberLinkPowerDVDPDVDServ.exe»
O4 — HKLM..Run: [LanguageShortcut] «C:Program FilesCyberLinkPowerDVDLanguageLanguage.exe»
O4 — HKLM..Run: [Acer ePresentation HPD] C:AcerEmpowering TechnologyePresentationePresentation.exe
O4 — HKLM..Run: [ePower_DMC] C:AcerEmpowering TechnologyePowerePower_DMC.exe
O4 — HKLM..Run: [Boot] C:AcerEmpowering TechnologyePowerBoot.exe
O4 — HKLM..Run: [eLockMonitor] C:AcerEmpowering TechnologyeLockMonitorLaunchMonitor.exe
O4 — HKLM..Run: [eDataSecurity Loader] C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe 0
O4 — HKLM..Run: [eRecoveryService] C:AcerEmpowering TechnologyeRecoveryeRAgent.exe
O4 — HKLM..Run: [LManager] C:PROGRA~1LAUNCH~1LManager.exe
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe»
O4 — HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [2gis update client UI] «C:Program Files2gisUpdateClientWin32UpdateClientUI.exe» -minimized
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [Vistapack Reloader] C:Program FilesVistapack XPvistapack.exe /S
O4 — HKCU..Run: [Tbar] C:WINDOWSsystem32Tbar.exe /a 175
O4 — HKCU..Run: [Vistadrive] C:WINDOWSvistadriveVdrive.exe
O4 — HKCU..Run: [KabAuth] C:Documents and Settings1Рабочий столавторизатор.exe
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: Acer Empowering Technology.lnk = ?
O4 — Global Startup: BlueSoleil.lnk = C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Добавить в Анти-Баннер — C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsie_banner_deny.htm
O9 — Extra button: Cтатистика Веб-Антивируса — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows WorkstationsSCIEPlgn.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra button: QIP 2005 — {1EF681F7-A04B-4D6D-9012-A307CCA55610} — C:Program FilesQIPqip.exe (HKCU)
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 — DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} — http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 — HKLMSystemCCSServicesTcpip..{BDF9198C-A417-4E61-8311-F431D240B23E}: NameServer = 87.224.197.1,87.224.213.1
O20 — AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1.0FOadialhk.dll
O23 — Service: 2GIS UpdateClientService — ДубльГИС — C:Program Files2gisUpdateClientWin32UpdateClientService.exe
O23 — Service: Kaspersky Anti-Virus 6.0 (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe
O23 — Service: Canon Camera Access Library 8 (CCALib8) — Canon Inc. — C:Program FilesCanonCALCALMAIN.exe
O23 — Service: Symantec Lic NetConnect service (CLTNetCnService) — Unknown owner — C:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file missing)
O23 — Service: eLock Service (eLockService) — — C:AcerEmpowering TechnologyeLockServiceeLockServ.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Intel(R) PROSet/Wireless Event Log (EvtEng) — Intel Corporation — C:Program FilesIntelWirelessBinEvtEng.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: LightScribeService Direct Disc Labeling Service (LightScribeService) — Hewlett-Packard Company — C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) — Intel Corporation — C:Program FilesIntelWirelessBinRegSrvc.exe
O23 — Service: Cyberlink RichVideo Service(CRVS) (RichVideo) — Unknown owner — C:Program FilesCyberLinkShared FilesRichVideo.exe
O23 — Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) — CACE Technologies — C:Program FilesWinPcaprpcapd.exe
O23 — Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) — Intel Corporation — C:Program FilesIntelWirelessBinS24EvMon.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 12411 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2006-09-06 439872][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class — C:Documents and Settings1Application DataMicrosoftInternet Explorerqipsearchbar.dll [2009-07-14 150768][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2009-08-26 256112][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier5.2.4204.1700swg.dll [2009-08-26 761840][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll [2009-08-26 458736][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} — Yahoo! Toolbar — C:Program FilesYahoo!CompanionInstallscpnyt.dll [2006-09-06 439872]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} — Acer eDataSecurity Management — C:WINDOWSsystem32eDStoolbar.dll [2007-05-28 106496]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll [2009-08-26 256112][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«preload»=C:WindowsRUNXMLPL.exe [2007-04-21 20480]
«IAAnotif»=C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe [2007-03-21 174872]
«SynTPEnh»=C:Program FilesSynapticsSynTPSynTPEnh.exe [2007-09-07 1015808]
«AzMixerSel»=C:Program FilesRealtekInstallShieldAzMixerSel.exe [2005-06-11 53248]
«IMJPMIG8.1″=C:WINDOWSIMEimjp8_1IMJPMIG.EXE [2004-08-18 208952]
«MSPY2002″=C:WINDOWSsystem32IMEPINTLGNTImScInst.exe [2004-08-18 59392]
«PHIME2002ASync»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-18 455168]
«PHIME2002A»=C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE [2004-08-18 455168]
«IgfxTray»=C:WINDOWSsystem32igfxtray.exe [2007-06-13 142104]
«HotKeysCmds»=C:WINDOWSsystem32hkcmd.exe [2007-06-13 162584]
«Persistence»=C:WINDOWSsystem32igfxpers.exe [2007-06-13 138008]
«SynTPStart»=C:Program FilesSynapticsSynTPSynTPStart.exe [2007-09-07 102400]
«RemoteControl»=C:Program FilesCyberLinkPowerDVDPDVDServ.exe [2007-01-08 68640]
«LanguageShortcut»=C:Program FilesCyberLinkPowerDVDLanguageLanguage.exe [2007-01-08 52256]
«Acer ePresentation HPD»=C:AcerEmpowering TechnologyePresentationePresentation.exe [2007-03-02 208896]
«ePower_DMC»=C:AcerEmpowering TechnologyePowerePower_DMC.exe [2007-07-04 475136]
«Boot»=C:AcerEmpowering TechnologyePowerBoot.exe [2006-03-15 579584]
«eLockMonitor»=C:AcerEmpowering TechnologyeLockMonitorLaunchMonitor.exe []
«eDataSecurity Loader»=C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe [2007-05-28 342528]
«eRecoveryService»=C:AcerEmpowering TechnologyeRecoveryeRAgent.exe [2007-07-11 421888]
«LManager»=C:PROGRA~1LAUNCH~1LManager.exe [2007-10-17 858632]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2007-10-25 16855552]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«AVP»=C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe [2007-11-19 231952]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2007-05-15 35328]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2001-07-09 155648]
«2gis update client UI»=C:Program Files2gisUpdateClientWin32UpdateClientUI.exe [2008-09-17 4055040][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-18 40448]
«Vistapack Reloader»=C:Program FilesVistapack XPvistapack.exe [2008-11-09 465065]
«Tbar»=C:WINDOWSsystem32Tbar.exe [2007-06-12 2560]
«Vistadrive»=C:WINDOWSvistadriveVdrive.exe [2008-06-15 253573]
«KabAuth»=C:Documents and Settings1Рабочий столавторизатор.exe [2009-08-19 876544]
«swg»=C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-08-19 39408]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
Acer Empowering Technology.lnk — C:AcerEmpowering TechnologyAcer.Empowering.Framework.Launcher.exe
BlueSoleil.lnk — C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLS»=»C:PROGRA~1KASPER~1KASPER~1.0FOadialhk.dll»[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyigfxcui]
C:WINDOWSsystem32igfxdev.dll [2007-06-05 204800][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2007-11-19 219664][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesCyberLinkPowerDVDPowerDVD.exe»=»C:Program FilesCyberLinkPowerDVDPowerDVD.exe:*:Enabled:CyberLink PowerDVD»
«C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe»=»C:Program FilesIVT CorporationBlueSoleilBlueSoleil.exe:*:Enabled:BlueSoleil»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{27effe22-e85d-11dd-8693-001167ba0f22}]
shellAutoRuncommand — F:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013isee.exe
shellopencommand — F:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013isee.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{7410c538-720b-11de-871d-001167ba0f22}]
shellAutoRuncommand — H:AutoRun.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{886f5f49-7288-11de-871e-001167ba0f22}]
shellAutoRuncommand — H:AutoRun.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{924932ca-84be-11dd-8651-001167ba0f22}]
shellAutoRuncommand — F:mayyuk9g.bat
shellexplorecommand — F:mayyuk9g.bat
shellopencommand — F:mayyuk9g.bat[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a03e7724-74e9-11de-8720-001167ba0f22}]
shellAutoRuncommand — H:AutoRun.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a03e7736-74e9-11de-8720-001167ba0f22}]
shellAutoRuncommand — H:AutoRun.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{b2a16600-e88d-11dd-8697-001167ba0f22}]
shellAuToplaycommand — F:kkauy.pif
shellAutoRuncommand — F:kkauy.pif
shellExplOrEcommand — F:kkauy.pif
shellopENcommand — F:kkauy.pif[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c2b0a670-87ff-11dd-8655-001167ba0f22}]
shellAutoRuncommand — F:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013isee.exe
shellopencommand — F:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013isee.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c5508600-59cd-11de-86e9-001167ba0f22}]
shellAutoRuncommand — H:AutoRun.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c871d69c-5a58-11de-86ed-001167ba0f22}]
shellAutoRuncommand — H:AutoRun.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{df814ec8-b8db-11dd-8679-001167ba0f22}]
shellAutoRuncommand — RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013isee.exe
shellopencommand — RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013isee.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f590bc55-6542-11de-86fe-001167ba0f22}]
shellAutoRuncommand — DATAFILESBEAST.exe
shellopencommand — DATAFILESBEAST.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{fc54c504-5e79-11de-86f3-001167ba0f22}]
shellAutoRuncommand — H:AutoRun.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ffaeb70e-59ce-11de-86ea-001167ba0f22}]
shellAutoRuncommand — H:AutoRun.exe======List of files/folders created in the last 1 months======
2009-09-03 14:40:39 —-RASHD—- C:autorun.inf
2009-09-01 22:01:27 —-D—- C:WINDOWSSxsCaPendDel
2009-09-01 21:55:26 —-D—- C:Documents and Settings1Application DataOpera
2009-09-01 21:55:13 —-D—- C:Program FilesOpera
2009-09-01 21:53:26 —-A—- C:Program FilesOpera_1000_ru_Setup.exe
2009-08-31 16:52:19 —-D—- C:Program Filestrend micro
2009-08-31 16:52:18 —-D—- C:rsit
2009-08-22 16:53:02 —-A—- C:WINDOWSsystem32CmdLineExt.dll
2009-08-22 16:52:41 —-D—- C:Documents and Settings1Application DataOff Road
2009-08-22 16:51:55 —-A—- C:WINDOWSsystem32xactengine2_5.dll
2009-08-22 16:51:54 —-A—- C:WINDOWSsystem32d3dx9_32.dll
2009-08-22 16:51:53 —-A—- C:WINDOWSsystem32xinput1_3.dll
2009-08-22 16:51:53 —-A—- C:WINDOWSsystem32xactengine2_4.dll
2009-08-22 16:51:53 —-A—- C:WINDOWSsystem32x3daudio1_1.dll
2009-08-22 16:51:53 —-A—- C:WINDOWSsystem32d3dx9_31.dll
2009-08-22 16:51:52 —-A—- C:WINDOWSsystem32xactengine2_3.dll
2009-08-22 16:51:51 —-A—- C:WINDOWSsystem32xinput1_2.dll
2009-08-22 16:51:51 —-A—- C:WINDOWSsystem32xinput1_1.dll
2009-08-22 16:51:51 —-A—- C:WINDOWSsystem32xactengine2_2.dll
2009-08-22 16:51:50 —-A—- C:WINDOWSsystem32xactengine2_1.dll
2009-08-22 16:51:36 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2009-08-22 16:51:35 —-A—- C:WINDOWSsystem32xactengine2_0.dll
2009-08-22 16:51:35 —-A—- C:WINDOWSsystem32x3daudio1_0.dll
2009-08-22 16:51:35 —-A—- C:WINDOWSsystem32d3dx9_29.dll
2009-08-22 16:51:34 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2009-08-22 16:51:33 —-A—- C:WINDOWSsystem32xinput9_1_0.dll
2009-08-22 16:51:33 —-A—- C:WINDOWSsystem32d3dx9_27.dll
2009-08-22 16:51:32 —-A—- C:WINDOWSsystem32d3dx9_26.dll
2009-08-22 16:51:32 —-A—- C:WINDOWSsystem32d3dx9_25.dll
2009-08-22 16:51:25 —-A—- C:WINDOWSsystem32d3dx9_24.dll
2009-08-22 11:10:40 —-D—- C:Program FilesOpenAL
2009-08-22 11:10:39 —-A—- C:WINDOWSsystem32wrap_oal.dll
2009-08-22 11:10:39 —-A—- C:WINDOWSsystem32OpenAL32.dll
2009-08-22 10:55:19 —-D—- C:Program FilesCodemasters
2009-08-20 23:09:11 —-HDC—- C:WINDOWS$NtUninstallKB899587$
2009-08-20 23:09:02 —-HDC—- C:WINDOWS$NtUninstallKB927779$
2009-08-20 23:08:54 —-HDC—- C:WINDOWS$NtUninstallKB927802$
2009-08-20 23:08:34 —-HDC—- C:WINDOWS$NtUninstallKB960859$
2009-08-20 23:08:25 —-HDC—- C:WINDOWS$NtUninstallKB885835$
2009-08-20 23:08:16 —-HDC—- C:WINDOWS$NtUninstallKB885836$
2009-08-20 23:08:06 —-HDC—- C:WINDOWS$NtUninstallKB928255$
2009-08-20 23:07:56 —-HDC—- C:WINDOWS$NtUninstallKB911927$
2009-08-20 23:07:36 —-HDC—- C:WINDOWS$NtUninstallKB901017$
2009-08-20 23:07:26 —-HDC—- C:WINDOWS$NtUninstallKB899591$
2009-08-20 23:07:17 —-HDC—- C:WINDOWS$NtUninstallKB920685$
2009-08-20 23:07:09 —-HDC—- C:WINDOWS$NtUninstallKB893756$
2009-08-20 23:07:00 —-HDC—- C:WINDOWS$NtUninstallKB923980$
2009-08-20 23:06:52 —-HDC—- C:WINDOWS$NtUninstallKB911280$
2009-08-20 23:06:43 —-HDC—- C:WINDOWS$NtUninstallKB911562$
2009-08-20 23:06:35 —-HDC—- C:WINDOWS$NtUninstallKB938828$
2009-08-20 23:06:28 —-HDC—- C:WINDOWS$NtUninstallKB924667$
2009-08-20 23:06:20 —-HDC—- C:WINDOWS$NtUninstallKB896423$
2009-08-20 23:06:13 —-HDC—- C:WINDOWS$NtUninstallKB900485$
2009-08-20 23:06:01 —-HDC—- C:WINDOWS$NtUninstallKB924270$
2009-08-20 23:05:34 —-HDC—- C:WINDOWS$NtUninstallKB873339$
2009-08-20 23:05:10 —-HDC—- C:WINDOWS$NtUninstallKB961371-v2$
2009-08-20 23:04:44 —-HDC—- C:WINDOWS$NtUninstallKB972260$
2009-08-20 23:04:34 —-HDC—- C:WINDOWS$NtUninstallKB971657$
2009-08-20 23:04:26 —-HDC—- C:WINDOWS$NtUninstallKB887472$
2009-08-20 23:04:19 —-HDC—- C:WINDOWS$NtUninstallKB946026$
2009-08-20 23:04:11 —-HDC—- C:WINDOWS$NtUninstallKB971557$
2009-08-20 23:04:04 —-HDC—- C:WINDOWS$NtUninstallKB973346$
2009-08-20 23:03:54 —-HDC—- C:WINDOWS$NtUninstallKB896358$
2009-08-20 23:03:47 —-HDC—- C:WINDOWS$NtUninstallKB925398_WMP64$
2009-08-20 23:02:58 —-HDC—- C:WINDOWS$NtUninstallKB910437$
2009-08-20 23:02:50 —-HDC—- C:WINDOWS$NtUninstallKB911564$
2009-08-20 23:02:15 —-HDC—- C:WINDOWS$NtUninstallKB971633$
2009-08-20 23:02:08 —-HDC—- C:WINDOWS$NtUninstallKB973869$
2009-08-20 23:01:56 —-HDC—- C:WINDOWS$NtUninstallKB973540_WM9L$
2009-08-20 23:01:51 —-HDC—- C:WINDOWS$NtUninstallKB920670$
2009-08-20 23:01:42 —-HDC—- C:WINDOWS$NtUninstallKB918439$
2009-08-20 23:01:18 —-HDC—- C:WINDOWS$NtUninstallKB952004$
2009-08-20 23:01:09 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-08-20 23:01:01 —-HDC—- C:WINDOWS$NtUninstallKB952004_1$
2009-08-20 23:00:55 —-HDC—- C:WINDOWS$NtUninstallKB913580$
2009-08-20 23:00:43 —-HDC—- C:WINDOWS$NtUninstallKB902400$
2009-08-20 22:59:45 —-HDC—- C:WINDOWS$NtUninstallKB926436$
2009-08-20 22:59:21 —-HDC—- C:WINDOWS$NtUninstallKB973507$
2009-08-20 22:59:13 —-HDC—- C:WINDOWS$NtUninstallKB920872$
2009-08-20 22:58:44 —-HDC—- C:WINDOWS$NtUninstallKB914388$
2009-08-20 22:58:34 —-HDC—- C:WINDOWS$NtUninstallKB941569$
2009-08-20 22:57:47 —-HDC—- C:WINDOWS$NtUninstallKB905414$
2009-08-20 22:55:12 —-HDC—- C:WINDOWS$NtUninstallKB901214$
2009-08-20 22:55:04 —-HDC—- C:WINDOWS$NtUninstallKB923191$
2009-08-20 22:54:56 —-HDC—- C:WINDOWS$NtUninstallKB973354$
2009-08-20 22:54:49 —-HDC—- C:WINDOWS$NtUninstallKB922582$
2009-08-20 22:54:39 —-HDC—- C:WINDOWS$NtUninstallKB918118$
2009-08-20 22:54:31 —-HDC—- C:WINDOWS$NtUninstallKB926255$
2009-08-20 22:54:24 —-HDC—- C:WINDOWS$NtUninstallKB888302$
2009-08-20 22:54:16 —-HDC—- C:WINDOWS$NtUninstallKB900725$
2009-08-20 22:54:09 —-HDC—- C:WINDOWS$NtUninstallKB938127$
2009-08-20 22:54:02 —-HDC—- C:WINDOWS$NtUninstallKB920213$
2009-08-20 22:53:55 —-HDC—- C:WINDOWS$NtUninstallKB945553$
2009-08-20 22:53:48 —-HDC—- C:WINDOWS$NtUninstallKB886185$
2009-08-20 22:53:40 —-HDC—- C:WINDOWS$NtUninstallKB916595$
2009-08-20 22:53:01 —-HDC—- C:WINDOWS$NtUninstallKB950749$
2009-08-20 22:52:38 —-D—- C:WINDOWSServicePackFiles
2009-08-20 22:52:36 —-HDC—- C:WINDOWS$NtUninstallKB958470$
2009-08-20 22:52:14 —-HDC—- C:WINDOWS$NtUninstallKB973815$
2009-08-20 22:52:06 —-HDC—- C:WINDOWS$NtUninstallKB908531$
2009-08-20 22:51:49 —-HDC—- C:WINDOWS$NtUninstallKB971032$
2009-08-20 22:51:40 —-HDC—- C:WINDOWS$NtUninstallKB905749$
2009-08-20 22:51:20 —-HDC—- C:WINDOWS$NtUninstallKB913580_0$
2009-08-20 22:51:11 —-HDC—- C:WINDOWS$NtUninstallKB943055$
2009-08-20 22:50:45 —-HDC—- C:WINDOWS$NtUninstallKB894391$
2009-08-20 22:50:37 —-HDC—- C:WINDOWS$NtUninstallKB920683$
2009-08-20 22:50:14 —-HDC—- C:WINDOWS$NtUninstallKB914389$
2009-08-20 22:49:16 —-HDC—- C:WINDOWS$NtUninstallKB944653$
2009-08-20 22:49:05 —-HDC—- C:WINDOWS$NtUninstallKB890859$
2009-08-20 22:48:36 —-HDC—- C:WINDOWS$NtUninstallKB968389$
2009-08-20 11:07:44 —-N—- C:WINDOWSsystem32verclsid.exe
2009-08-19 16:47:20 —-D—- C:Documents and Settings1Application DataGoogle
2009-08-19 16:46:48 —-D—- C:Program FilesGoogle
2009-08-19 16:46:48 —-D—- C:Documents and SettingsAll UsersApplication DataGoogle
2009-08-06 21:07:44 —-D—- C:Program FilesCS
2009-08-05 18:09:49 —-D—- C:WINDOWSProfiles
2009-08-05 18:09:47 —-D—- C:WINDOWSsystem32Adobe
2009-08-05 18:09:46 —-D—- C:Documents and Settings1Application DataInterTrust======List of files/folders modified in the last 1 months======
2009-09-03 15:04:59 —-D—- C:WINDOWSTemp
2009-09-03 15:02:20 —-D—- C:Documents and Settings1Application Datakabauth
2009-09-03 15:02:07 —-D—- C:WINDOWSsystem32CatRoot2
2009-09-03 15:02:00 —-D—- C:WINDOWS
2009-09-03 15:01:57 —-D—- C:Program FilesVistapack XP
2009-09-03 15:01:57 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-09-03 15:01:43 —-A—- C:WINDOWSModemLog_Bluetooth Fax Modem.txt
2009-09-03 15:01:43 —-A—- C:WINDOWSModemLog_Bluetooth DUN Modem.txt
2009-09-03 15:01:37 —-A—- C:WINDOWSModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2009-09-03 15:00:30 —-A—- C:WINDOWSSchedLgU.Txt
2009-09-03 12:03:42 —-D—- C:WINDOWSsystem32
2009-09-02 21:08:19 —-D—- C:WINDOWSPrefetch
2009-09-02 21:06:00 —-RSHD—- C:WINDOWSsystem32dllcache
2009-09-02 21:03:26 —-A—- C:WINDOWSNeroDigital.ini
2009-09-02 18:31:25 —-D—- C:WINDOWSsystem32FxsTmp
2009-09-02 10:51:26 —-HD—- C:WINDOWSinf
2009-09-02 10:51:26 —-D—- C:WINDOWSHelp
2009-09-01 22:01:21 —-SHD—- C:Config.Msi
2009-09-01 22:01:15 —-D—- C:Program FilesAdobe
2009-09-01 22:01:08 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-09-01 22:00:29 —-SHD—- C:WINDOWSInstaller
2009-09-01 21:55:13 —-D—- C:Program Files
2009-09-01 10:46:15 —-D—- C:Program FilesInternet Explorer
2009-08-22 16:51:57 —-D—- C:WINDOWSsystem32DirectX
2009-08-22 16:51:50 —-RSD—- C:WINDOWSassembly
2009-08-22 16:49:41 —-HD—- C:Program FilesInstallShield Installation Information
2009-08-21 17:09:02 —-D—- C:WINDOWSsystem32CatRoot
2009-08-21 08:20:48 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-08-21 08:18:16 —-D—- C:WINDOWSsystem32Setup
2009-08-21 08:18:15 —-D—- C:WINDOWSsystem32drivers
2009-08-20 23:09:10 —-HD—- C:WINDOWS$hf_mig$
2009-08-20 23:09:07 —-A—- C:WINDOWSimsins.BAK
2009-08-20 23:07:49 —-D—- C:Documents and SettingsAll UsersApplication DataMicrosoft Help
2009-08-20 23:06:30 —-D—- C:WINDOWSWinSxS
2009-08-20 23:04:29 —-D—- C:Program FilesMessenger
2009-08-20 23:02:52 —-D—- C:Program FilesWindows Media Player
2009-08-20 23:00:50 —-D—- C:WINDOWSsystem32Com
2009-08-20 23:00:24 —-D—- C:WINDOWSMicrosoft.NET
2009-08-20 22:54:59 —-D—- C:Program FilesOutlook Express
2009-08-20 22:54:04 —-D—- C:WINDOWSmsagent
2009-08-20 05:53:35 —-SD—- C:WINDOWSDownloaded Program Files
2009-08-19 16:45:40 —-SD—- C:Documents and Settings1Application DataMicrosoft
2009-08-19 15:59:19 —-A—- C:WINDOWSModemLog_HUAWEI Mobile Connect — 3G Modem #2.txt
2009-08-19 15:23:08 —-D—- C:Program FilesДлинные нарды 2.0
2009-08-19 14:58:46 —-D—- C:Program FilesQIP
2009-08-12 10:55:22 —-A—- C:WINDOWSModemLog_HUAWEI Mobile Connect — 3G Modem.txt
2009-08-11 21:28:21 —-A—- C:WINDOWSModemLog_HUAWEI Mobile Connect — 3G Modem #4.txt
2009-08-06 19:24:26 —-A—- C:WINDOWSsystem32wuapi.dll.mui
2009-08-06 19:24:18 —-A—- C:WINDOWSsystem32wuweb.dll
2009-08-06 19:24:18 —-A—- C:WINDOWSsystem32wucltui.dll
2009-08-06 19:24:10 —-A—- C:WINDOWSsystem32wups2.dll
2009-08-06 19:24:10 —-A—- C:WINDOWSsystem32wups.dll
2009-08-06 19:24:06 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-08-06 19:24:04 —-A—- C:WINDOWSsystem32wuaueng.dll.mui
2009-08-06 19:24:04 —-A—- C:WINDOWSsystem32cdm.dll
2009-08-06 19:23:54 —-A—- C:WINDOWSsystem32wuapi.dll
2009-08-06 19:23:46 —-A—- C:WINDOWSsystem32wucltui.dll.mui
2009-08-06 19:23:46 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-08-05 13:08:09 —-A—- C:WINDOWSsystem32mswebdvd.dll======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-18 40448]
R1 klif;Klif; ??C:WINDOWSsystem32driversklif.sys []
R1 Tcpip6;Драйвер протокола IPv6 (Microsoft); C:WINDOWSsystem32DRIVERStcpip6.sys [2008-06-20 225920]
R1 WmiAcpi;Интерфейс управления для ACPI Microsoft Windows; C:WINDOWSsystem32DRIVERSwmiacpi.sys [2004-08-03 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:WINDOWSsystem32DRIVERSAegisP.sys [2008-09-09 21425]
R2 EpmPsd;Acer EPM Power Scheme Driver; ??C:WINDOWSsystem32driversepm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; ??C:WINDOWSsystem32driversepm-shd.sys []
R2 int15;int15; ??C:WINDOWSsystem32driversint15.sys []
R2 irda;ИК-протокол IrDA; C:WINDOWSsystem32DRIVERSirda.sys [2004-08-03 87424]
R2 mdmxsdk;mdmxsdk; C:WINDOWSsystem32DRIVERSmdmxsdk.sys [2006-06-20 12672]
R2 npf;NetGroup Packet Filter Driver; C:WINDOWSsystem32driversnpf.sys [2009-03-16 34064]
R2 s24trans;Транспорт беспроводной сети; C:WINDOWSsystem32DRIVERSs24trans.sys [2007-02-21 12416]
R2 tvicport;tvicport; ??C:WINDOWSsystem32driverstvicport.sys []
R2 zntport;zntport; ??C:WINDOWSsystem32driverszntport.sys []
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:WINDOWSsystem32DRIVERSb57xp32.sys [2007-02-16 160256]
R3 BlueletAudio;Bluetooth Audio Service; C:WINDOWSsystem32DRIVERSblueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:WINDOWSsystem32DRIVERSBlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:WINDOWSsystem32DRIVERSbtnetdrv.sys [2007-03-05 18320]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Майкрософт); C:WINDOWSsystem32DRIVERSCmBatt.sys [2004-08-03 14080]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:WINDOWSsystem32DRIVERSDKbFltr.sys [2006-01-21 17408]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 HSF_DPV;HSF_DPV; C:WINDOWSsystem32DRIVERSHSF_DPV.sys [2006-12-22 988800]
R3 HSFHWAZL;HSFHWAZL; C:WINDOWSsystem32DRIVERSHSFHWAZL.sys [2006-12-22 209664]
R3 ialm;ialm; C:WINDOWSsystem32DRIVERSigxpmp32.sys [2007-06-06 5761728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-11-01 4620288]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2007-05-30 24344]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
R3 NETw4x32;Драйвер адаптера Intel(R) Wireless WiFi Link для Windows XP 32 Bit; C:WINDOWSsystem32DRIVERSNETw4x32.sys [2007-04-30 2206976]
R3 nm;Драйвер сетевого монитора; C:WINDOWSsystem32DRIVERSNMnt.sys [2004-08-18 40320]
R3 NSCIRDA;Драйвер ИК-устройства NSC; C:WINDOWSsystem32DRIVERSnscirda.sys [2004-08-03 28672]
R3 NTIDrvr;Upper Class Filter Driver; C:WINDOWSsystem32DRIVERSNTIDrvr.sys [2007-08-21 6144]
R3 psdfilter;psdfilter; ??C:WINDOWSsystem32Driverspsdfilter.sys []
R3 psdvdisk;psdvdisk; ??C:WINDOWSsystem32Driverspsdvdisk.sys []
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2004-08-18 5888]
R3 sdbus;sdbus; C:WINDOWSsystem32DRIVERSsdbus.sys [2004-08-18 67584]
R3 SynTP;Synaptics TouchPad Driver; C:WINDOWSsystem32DRIVERSSynTP.sys [2007-09-07 215904]
R3 tifm21;tifm21; C:WINDOWSsystem32driverstifm21.sys [2007-05-02 290816]
R3 tunmp;Драйвер адаптера минипорта Microsoft Tun; C:WINDOWSsystem32DRIVERStunmp.sys [2004-08-18 12416]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2006-04-19 30080]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2006-02-21 58240]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2006-04-19 20608]
R3 VComm;Virtual Serial port driver; C:WINDOWSsystem32DRIVERSVComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:WINDOWSSystem32DriversVcommMgr.sys [2007-03-05 44304]
R3 winachsf;winachsf; C:WINDOWSsystem32DRIVERSHSF_CNXT.sys [2006-12-22 730112]
S3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2004-08-18 60800]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:WINDOWSSystem32Driversbtcusb.sys [2007-05-09 36496]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSfetnd5.sys [2001-08-17 27165]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:WINDOWSsystem32DRIVERSewusbmdm.sys [2008-07-24 101376]
S3 int15.sys;int15.sys; ??C:AcerEmpowering TechnologyeRecoveryint15.sys []
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2004-08-18 61824]
S3 sffdisk;Драйвер класса SFF Storage; C:WINDOWSsystem32DRIVERSsffdisk.sys [2004-08-18 11136]
S3 sffp_sd;Драйвер протокола SFF Storage для SDBus; C:WINDOWSsystem32DRIVERSsffp_sd.sys [2004-08-18 10240]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:WINDOWSsystem32DRIVERSssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:WINDOWSsystem32DRIVERSssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:WINDOWSsystem32DRIVERSssm_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-18 26496]
S3 usbvideo;USB-видеоустройство (WDM); C:WINDOWSSystem32Driversusbvideo.sys [2004-08-03 78464]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 2GIS UpdateClientService;2GIS UpdateClientService; C:Program Files2gisUpdateClientWin32UpdateClientService.exe [2008-09-17 1134592]
R2 6to4;Служба поддержки IPv6; C:WINDOWSsystem32svchost.exe [2004-08-18 14336]
R2 AVP;Kaspersky Anti-Virus 6.0; C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe [2007-11-19 231952]
R2 CCALib8;Canon Camera Access Library 8; C:Program FilesCanonCALCALMAIN.exe [2007-01-31 96370]
R2 eLockService;eLock Service; C:AcerEmpowering TechnologyeLockServiceeLockServ.exe [2007-03-01 24576]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:Program FilesIntelWirelessBinEvtEng.exe [2007-02-21 643072]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe [2007-03-21 355096]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSsystem32svchost.exe [2004-08-18 14336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:Program FilesCommon FilesLightScribeLSSrvc.exe [2007-01-17 61440]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:Program FilesIntelWirelessBinRegSrvc.exe [2007-02-21 327680]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:Program FilesCyberLinkShared FilesRichVideo.exe [2007-01-08 171040]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:Program FilesIntelWirelessBinS24EvMon.exe [2007-02-21 983040]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:Program FilesCommon FilesSymantec SharedccSvcHst.exe /h ccCommon []
S2 Fax;Fax; C:WINDOWSsystem32fxssvc.exe [2004-08-18 268288]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-04-13 68952]
S3 gusvc;Google Software Updater; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-08-19 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:Program FilesWinPcaprpcapd.exe [2009-03-16 92792]
S3 SQLWriter;SQL Server VSS Writer; C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe [2006-04-14 87840]
EOF
Все не влезло!!!!! ВОТ INFO:
info.txt logfile of random’s system information tool 1.06 2009-08-31 16:52:40======Uninstall list======
—>C:WINDOWSIsUninst.exe -f»C:Program FilesAcer Inc.Acer English Online Help CreatorUninst.isu»
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
«Интерактивный курс. Microsoft Office 2007»—>»C:Program FilesНовая школаИнтерактивные курсыОфисные пакеты выпуск 2Microsoft Office 2007unins000.exe»
«Интерактивный курс. Microsoft Office Access 2007»—>»C:Program FilesНовая школаИнтерактивные курсыОфисные пакеты выпуск 2Microsoft Office Access 2007unins000.exe»
«Интерактивный курс. Microsoft Office Excel 2007»—>»C:Program FilesНовая школаИнтерактивные курсыОфисные пакеты выпуск 2Microsoft Office Excel 2007unins000.exe»
«Интерактивный курс. Microsoft Office Outlook 2007»—>»C:Program FilesНовая школаИнтерактивные курсыОфисные пакеты выпуск 2Microsoft Office Outlook 2007unins000.exe»
«Интерактивный курс. Microsoft Office PowerPoint 2007»—>»C:Program FilesНовая школаИнтерактивные курсыОфисные пакеты выпуск 2Microsoft Office PowerPoint 2007unins000.exe»
«Интерактивный курс. Microsoft Office Word 2007»—>»C:Program FilesНовая школаИнтерактивные курсыОфисные пакеты выпуск 2Microsoft Office Word 2007unins000.exe»
«Интерактивный курс. OpenOffice.org 2.0»—>»C:Program FilesНовая школаИнтерактивные курсыОфисные пакеты выпуск 2OpenOffice.org 2.0unins000.exe»
15000 рефератов—>»C:Program FilesНовый Диск15000 рефератовuninstall.exe»
Acer eDataSecurity Management 2.0.4088—>C:PROGRA~1COMMON~1INSTAL~1Driver1150INTEL3~1IDriver.exe /M{4AD13F68-CADA-4C6B-9759-C33753F89908} /l1033
Acer eDataSecurity Management—>C:AcerEmpowering TechnologyeDataSecurityeDStbmngr.exe UNINSTALL 1
Acer eLock Management—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}setup.exe» -l0x9 -removeonly
Acer Empowering Technology—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{AB6097D9-D722-4987-BD9E-A076E2848EE2}setup.exe» -l0x19 -removeonly
Acer eNet Management—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{C06554A1-2C1E-4D20-B613-EE62C79927CC}setup.exe» -l0x9 -removeonly
Acer ePower Management—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{58E5844B-7CE2-413D-83D1-99294BF6C74F}setup.exe» -l0x19 -removeonly
Acer ePresentation Management—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{BF839132-BD43-4056-ACBF-4377F4A88E2A}setup.exe» -l0x9 -removeonly
Acer eSettings Management—>»C:Program FilesInstallShield Installation Information{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}setup.exe» -runfromtemp -l0x0019 -removeonly
Acer GridVista—>C:WINDOWSUnInst32.exe GridV.UNI
Acer ScreenSaver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}setup.exe» -l0x9 -removeonly
Adobe Acrobat 5.0—>C:WINDOWSISUNINST.EXE -f»C:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.isu» -c»C:Program FilesCommon FilesAdobeAcrobat 5.0NTUninst.dll»
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Reader 8.1.0—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Bluesoleil2.6.0.8 Release 070517—>MsiExec.exe /X{438BB9B4-65FE-4626-91D9-A8F57B18001D}
Broadcom Gigabit Integrated Controller—>MsiExec.exe /X{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}
Canon Camera Access Library—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonCALUninst.ini»
Canon Camera Support Core Library—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonCSCLIBUninst.ini»
Canon G.726 WMP-Decoder—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonG726DecoderG726DecUnInstall.ini»
Canon MovieEdit Task for ZoomBrowser EX—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonZoomBrowser EXProgramMVWUninst.ini»
Canon RAW Image Task for ZoomBrowser EX—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonRAW Image TaskUninst.ini»
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonCameraWindowCameraWindowDVCUninst.ini»
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonCameraWindowCameraWindowDVC6Uninst.ini»
Canon Utilities CameraWindow DC—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonCameraWindowCameraWindowDCUninst.ini»
Canon Utilities CameraWindow—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonCameraWindowCameraWindowLauncherUninst.ini»
Canon Utilities EOS Utility—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonEOS UtilityUninst.ini»
Canon Utilities MyCamera DC—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonCameraWindowMyCameraDCUninst.ini»
Canon Utilities MyCamera—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonCameraWindowMyCameraUninst.ini»
Canon Utilities PhotoStitch—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonPhotoStitchUninst.ini»
Canon Utilities RemoteCapture Task for ZoomBrowser EX—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonCameraWindowRemoteCaptureTask DCUninst.ini»
Canon Utilities ZoomBrowser EX—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonZoomBrowser EXProgramUninst.ini»
Canon ZoomBrowser EX Memory Card Utility—>»C:Program FilesCommon FilesCanonUIW1.4.0.0Uninst.exe» «C:Program FilesCanonZoomBrowser EX MCUUninst.ini»
ConsumerUpdate—>MsiExec.exe /I{7C6999B2-1A35-4F2C-8DB7-3CB46B640CC9}
Counter-Strike 1.6—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime90Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{13B792AA-C078-43A4-8A3A-8B12D629940D}Setup.exe» -l0x19
eMusic — 50 Free MP3 offer—>»C:Program FilesWinampeMusicUninst-eMusic-promotion.exe»
Google Toolbar for Internet Explorer—>»C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarManager_E582EA556D8DE101.exe» /uninstall
Google Toolbar for Internet Explorer—>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HDAUDIO Soft Data Fax Modem with SmartCP—>C:Program FilesCONEXANTCNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118UIU32m.exe -U -IAcZUnM5k.inf
High Definition Audio Driver Package — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Hotfix for Microsoft .NET Framework 2.0 (KB922981)—>C:WINDOWSsystem32msiexec.exe /promptrestart /uninstall {A1D5A6B2-B620-41F9-B435-10A4FF3C18A2} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Intel(R) Graphics Media Accelerator Driver—>C:WINDOWSsystem32igxpun.exe -uninstall
Intel(R) Matrix Storage Manager—>C:WINDOWSSystem32Imsmudlg.exe
Launch Manager—>C:WINDOWSUnInst32.exe LManager.UNI
mCore—>MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
Microsoft .NET Framework 1.1 Hotfix (KB928366)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WINDOWSMicrosoft.NETFrameworkv1.1.4322UpdatesM928366M928366Uninstall.msp»
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0install.exe
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Standard 2007—>MsiExec.exe /X{90120000-0012-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft Office Стандартный 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall STANDARD /dll OSETUP.DLL
Microsoft SQL Server Native Client—>MsiExec.exe /I{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}
Microsoft SQL Server Setup Support Files (English)—>MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer—>MsiExec.exe /I{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}
mMHouse—>MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
mPfMgr—>MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe—>MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)—>MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
mWlsSafe—>MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
Nero 6 Enterprise Edition—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
NTI Backup NOW! 4.7—>»C:Program FilesInstallShield Installation Information{1598034D-7147-432C-8CA8-888E0632D124}setup.exe» -removeonly
NTI Backup NOW! 4.7—>C:Program FilesInstallShield Installation Information{1598034D-7147-432C-8CA8-888E0632D124}setup.exe -runfromtemp -l0x0419
NTI CD & DVD-Maker—>C:PROGRA~1COMMON~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1049 CDM7
NTI Shadow—>»C:Program FilesInstallShield Installation Information{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}setup.exe» -removeonly
NTI Shadow—>C:Program FilesInstallShield Installation Information{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}setup.exe -runfromtemp -l0x0419
OpenAL—>»C:Program FilesOpenALoalinst.exe» /U
PowerDVD—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}Setup.exe» -uninstall
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}setup.exe» -l0x19 -removeonly
SAMSUNG CDMA Modem Driver Set—>C:WINDOWSsystem32Samsung_USB_Drivers3SSCDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software—>C:WINDOWSsystem32Samsung_USB_Drivers1SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software—>C:WINDOWSsystem32Samsung_USB_Drivers2SSM_Uninstall.exe
Samsung PC Studio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{C4A4722E-79F9-417C-BD72-8D359A090C97}setup.exe» -l0x19 -removeonly
Security Update for 2007 Microsoft Office System (KB951550)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB960003)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
Security Update for Microsoft Office Excel 2007 (KB959997)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update для Microsoft .NET Framework 2.0 (КБ928365)—>C:WINDOWSsystem32msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Synaptics Pointing Device Driver—>rundll32.exe «C:Program FilesSynapticsSynTPSynISDLL.dll»,standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers.—>C:Program FilesInstallShield Installation Information{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}setup.exe -runfromtemp -l0x0409
Update for 2007 Microsoft Office System (KB967642)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office Outlook 2007 (KB952142)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB932080)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB934391)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Outlook 2007 Junk Email Filter (kb972691)—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {AA020E6E-E2FB-45EF-B732-2400E2296742}
Vodafone 804SS USB driver Software—>C:WINDOWSsystem32Samsung_USB_Drivers4SSVDUninstall.exe
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Windows Installer 3.1 (KB893803)—>»C:WINDOWS$MSI31Uninstall_KB893803v2$spuninstspuninst.exe»
winpcap-nmap 4.02—>»C:Program FilesWinPcapuninstall.exe»
Yahoo! Toolbar—>C:PROGRA~1Yahoo!commonunyt.exe
Антивирус Касперского 6.0 для Windows Workstations—>MsiExec.exe /I{79B986AD-54D8-4498-AA06-89808829ACC0}
Антивирус Касперского 6.0 для Windows Workstations—>MsiExec.exe /I{79B986AD-54D8-4498-AA06-89808829ACC0}
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Банк курсовых—>»C:Банк курсовыхuninstall.exe»
Билайн Интернет Дома—>C:Program FilesHuawei E160GБилайн Интернет Домаuninst.exe
Данные ДубльГИС г.Екатеринбург 01.08.2009—>MsiExec.exe /X{2C7D84FC-5435-4FEA-83A9-614CB89020DC}
Данные ДубльГИС г.Пермь 01.08.2009—>MsiExec.exe /X{0EEF6544-295F-4C29-B2BA-8D62BFF3F845}
Длинные нарды 2.0—>»C:Program FilesДлинные нарды 2.0Uninstal.exe»
ДубльГИС 3.0.5.4—>MsiExec.exe /X{67A1DF48-1CEA-468C-ADAA-74BA915437D8}
Исправление для Windows XP (KB896256)—>»C:WINDOWS$NtUninstallKB896256$spuninstspuninst.exe»
Исправление для Windows XP (KB909667)—>»C:WINDOWS$NtUninstallKB909667$spuninstspuninst.exe»
Исправление для Windows XP (KB914642)—>»C:WINDOWS$NtUninstallKB914642$spuninstspuninst.exe»
Исправление для Windows XP (KB918005)—>»C:WINDOWS$NtUninstallKB918005$spuninstspuninst.exe»
Исправление для Windows XP (KB935448)—>»C:WINDOWS$NtUninstallKB935448$spuninstspuninst.exe»
Исправление для Windows XP (KB952287)—>»C:WINDOWS$NtUninstallKB952287$spuninstspuninst.exe»
Модуль GPS для ДубльГИС—>MsiExec.exe /X{16CAA079-EBF2-4EB2-B21F-4D0C5B331E71}
Обновление безопасности для Windows XP — (KB923689)—>»C:WINDOWS$NtUninstallKB923689$spuninstspuninst.exe»
Обновление безопасности для Windows XP — (KB941569)—>»C:WINDOWS$NtUninstallKB941569$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB893756)—>»C:WINDOWS$NtUninstallKB893756$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB896358)—>»C:WINDOWS$NtUninstallKB896358$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB896423)—>»C:WINDOWS$NtUninstallKB896423$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB899587)—>»C:WINDOWS$NtUninstallKB899587$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB899591)—>»C:WINDOWS$NtUninstallKB899591$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB900725)—>»C:WINDOWS$NtUninstallKB900725$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB901017)—>»C:WINDOWS$NtUninstallKB901017$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB901190)—>»C:WINDOWS$NtUninstallKB901190$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB901214)—>»C:WINDOWS$NtUninstallKB901214$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB902400)—>»C:WINDOWS$NtUninstallKB902400$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB905414)—>»C:WINDOWS$NtUninstallKB905414$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB905749)—>»C:WINDOWS$NtUninstallKB905749$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB911562)—>»C:WINDOWS$NtUninstallKB911562$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB911927)—>»C:WINDOWS$NtUninstallKB911927$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB913580)—>»C:WINDOWS$NtUninstallKB913580$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB914388)—>»C:WINDOWS$NtUninstallKB914388$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB914389)—>»C:WINDOWS$NtUninstallKB914389$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB918118)—>»C:WINDOWS$NtUninstallKB918118$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB918439)—>»C:WINDOWS$NtUninstallKB918439$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB920213)—>»C:WINDOWS$NtUninstallKB920213$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB920670)—>»C:WINDOWS$NtUninstallKB920670$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB920683)—>»C:WINDOWS$NtUninstallKB920683$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB920685)—>»C:WINDOWS$NtUninstallKB920685$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB923191)—>»C:WINDOWS$NtUninstallKB923191$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB923561)—>»C:WINDOWS$NtUninstallKB923561$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB923980)—>»C:WINDOWS$NtUninstallKB923980$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB924270)—>»C:WINDOWS$NtUninstallKB924270$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB924667)—>»C:WINDOWS$NtUninstallKB924667$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB925902)—>»C:WINDOWS$NtUninstallKB925902$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB926255)—>»C:WINDOWS$NtUninstallKB926255$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB926436)—>»C:WINDOWS$NtUninstallKB926436$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB927779)—>»C:WINDOWS$NtUninstallKB927779$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB927802)—>»C:WINDOWS$NtUninstallKB927802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB928255)—>»C:WINDOWS$NtUninstallKB928255$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB929123)—>»C:WINDOWS$NtUninstallKB929123$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB930178)—>»C:WINDOWS$NtUninstallKB930178$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB931261)—>»C:WINDOWS$NtUninstallKB931261$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB931768)—>»C:WINDOWS$NtUninstallKB931768$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB931784)—>»C:WINDOWS$NtUninstallKB931784$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB932168)—>»C:WINDOWS$NtUninstallKB932168$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB933566)—>»C:WINDOWS$NtUninstallKB933566$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB935839)—>»C:WINDOWS$NtUninstallKB935839$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB935840)—>»C:WINDOWS$NtUninstallKB935840$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB938127)—>»C:WINDOWS$NtUninstallKB938127$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB938464-v2)—>»C:WINDOWS$NtUninstallKB938464-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB943055)—>»C:WINDOWS$NtUninstallKB943055$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB944338-v2)—>»C:WINDOWS$NtUninstallKB944338-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB944653)—>»C:WINDOWS$NtUninstallKB944653$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB945553)—>»C:WINDOWS$NtUninstallKB945553$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946026)—>»C:WINDOWS$NtUninstallKB946026$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB946648)—>»C:WINDOWS$NtUninstallKB946648$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950749)—>»C:WINDOWS$NtUninstallKB950749$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950760)—>»C:WINDOWS$NtUninstallKB950760$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950762)—>»C:WINDOWS$NtUninstallKB950762$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950974)—>»C:WINDOWS$NtUninstallKB950974$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951066)—>»C:WINDOWS$NtUninstallKB951066$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951376-v2)—>»C:WINDOWS$NtUninstallKB951376-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB951748)—>»C:WINDOWS$NtUninstallKB951748$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952004)—>»C:WINDOWS$NtUninstallKB952004$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952954)—>»C:WINDOWS$NtUninstallKB952954$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB954600)—>»C:WINDOWS$NtUninstallKB954600$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB955069)—>»C:WINDOWS$NtUninstallKB955069$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956572)—>»C:WINDOWS$NtUninstallKB956572$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956802)—>»C:WINDOWS$NtUninstallKB956802$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956803)—>»C:WINDOWS$NtUninstallKB956803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB957097)—>»C:WINDOWS$NtUninstallKB957097$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958470)—>»C:WINDOWS$NtUninstallKB958470$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958644)—>»C:WINDOWS$NtUninstallKB958644$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958687)—>»C:WINDOWS$NtUninstallKB958687$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB959426)—>»C:WINDOWS$NtUninstallKB959426$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960225)—>»C:WINDOWS$NtUninstallKB960225$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960803)—>»C:WINDOWS$NtUninstallKB960803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960859)—>»C:WINDOWS$NtUninstallKB960859$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961371-v2)—>»C:WINDOWS$NtUninstallKB961371-v2$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961373)—>»C:WINDOWS$NtUninstallKB961373$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961501)—>»C:WINDOWS$NtUninstallKB961501$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB968537)—>»C:WINDOWS$NtUninstallKB968537$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB969897)—>»C:WINDOWS$NtUninstallKB969897$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB969898)—>»C:WINDOWS$NtUninstallKB969898$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB970238)—>»C:WINDOWS$NtUninstallKB970238$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971032)—>»C:WINDOWS$NtUninstallKB971032$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971557)—>»C:WINDOWS$NtUninstallKB971557$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971633)—>»C:WINDOWS$NtUninstallKB971633$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB971657)—>»C:WINDOWS$NtUninstallKB971657$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB972260)—>»C:WINDOWS$NtUninstallKB972260$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973346)—>»C:WINDOWS$NtUninstallKB973346$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973354)—>»C:WINDOWS$NtUninstallKB973354$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973507)—>»C:WINDOWS$NtUninstallKB973507$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB973869)—>»C:WINDOWS$NtUninstallKB973869$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB911564)—>»C:WINDOWS$NtUninstallKB911564$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB952069)—>»C:WINDOWS$NtUninstallKB952069_WM9$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media — (KB973540)—>»C:WINDOWS$NtUninstallKB973540_WM9L$spuninstspuninst.exe»
Обновление безопасности для проигрывателя Windows Media 6.4 — (KB925398)—>»C:WINDOWS$NtUninstallKB925398_WMP64$spuninstspuninst.exe»
Обновление для Windows XP (KB894391)—>»C:WINDOWS$NtUninstallKB894391$spuninstspuninst.exe»
Обновление для Windows XP (KB898461)—>»C:WINDOWS$NtUninstallKB898461$spuninstspuninst.exe»
Обновление для Windows XP (KB900485)—>»C:WINDOWS$NtUninstallKB900485$spuninstspuninst.exe»
Обновление для Windows XP (KB908531)—>»C:WINDOWS$NtUninstallKB908531$spuninstspuninst.exe»
Обновление для Windows XP (KB910437)—>»C:WINDOWS$NtUninstallKB910437$spuninstspuninst.exe»
Обновление для Windows XP (KB911280)—>»C:WINDOWS$NtUninstallKB911280$spuninstspuninst.exe»
Обновление для Windows XP (KB912945)—>»C:WINDOWS$NtUninstallKB912945$spuninstspuninst.exe»
Обновление для Windows XP (KB916595)—>»C:WINDOWS$NtUninstallKB916595$spuninstspuninst.exe»
Обновление для Windows XP (KB920872)—>»C:WINDOWS$NtUninstallKB920872$spuninstspuninst.exe»
Обновление для Windows XP (KB922582)—>»C:WINDOWS$NtUninstallKB922582$spuninstspuninst.exe»
Обновление для Windows XP (KB927891)—>»C:WINDOWS$NtUninstallKB927891$spuninstspuninst.exe»
Обновление для Windows XP (KB929338)—>»C:WINDOWS$NtUninstallKB929338$spuninstspuninst.exe»
Обновление для Windows XP (KB930916)—>»C:WINDOWS$NtUninstallKB930916$spuninstspuninst.exe»
Обновление для Windows XP (KB936357)—>»C:WINDOWS$NtUninstallKB936357$spuninstspuninst.exe»
Обновление для Windows XP (KB938828)—>»C:WINDOWS$NtUninstallKB938828$spuninstspuninst.exe»
Обновление для Windows XP (KB955839)—>»C:WINDOWS$NtUninstallKB955839$spuninstspuninst.exe»
Обновление для Windows XP (KB967715)—>»C:WINDOWS$NtUninstallKB967715$spuninstspuninst.exe»
Обновление для Windows XP (KB968389)—>»C:WINDOWS$NtUninstallKB968389$spuninstspuninst.exe»
Обновление для Windows XP (KB973815)—>»C:WINDOWS$NtUninstallKB973815$spuninstspuninst.exe»
Пакет исправлений для Windows XP — KB873339—>C:WINDOWS$NtUninstallKB873339$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB885835—>C:WINDOWS$NtUninstallKB885835$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB885836—>C:WINDOWS$NtUninstallKB885836$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB885855—>C:WINDOWS$NtUninstallKB885855$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB886185—>C:WINDOWS$NtUninstallKB886185$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB887472—>C:WINDOWS$NtUninstallKB887472$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB888302—>C:WINDOWS$NtUninstallKB888302$spuninstspuninst.exe
Пакет исправлений для Windows XP — KB890859—>»C:WINDOWS$NtUninstallKB890859$spuninstspuninst.exe»
Программное обеспечение Intel(R) PROSet/Wireless—>C:WINDOWSInstalleriProInst.exe
Центр обновлений ДубльГИС—>MsiExec.exe /X{2FB165EB-69C0-416D-9B4E-E805ABC8CB1F}======Hosts File======
213.155.27.239 http://www.yandex.ru
213.155.27.239 http://www.ya.ru
213.155.27.239 vkontakte.ru
213.155.27.239 google.com
213.155.27.239 mail.ru
213.155.27.239 rambler.ru
213.155.27.239 yandex.ru
213.155.27.239 ya.ru
213.155.27.239 google.ru
213.155.27.239 google.net======Security center information======
AV: Антивирус Касперского (outdated)
FW: Антивирус Касперского======System event log======
Computer Name: ACER-D29F329B82
Event Code: 7036
Message: Служба «Адаптер производительности WMI» перешла в состояние Остановлена.Record Number: 7842
Source Name: Service Control Manager
Time Written: 20090803115804.000000+240
Event Type: информация
User:Computer Name: ACER-D29F329B82
Event Code: 7036
Message: Служба «Служба COM записи компакт-дисков IMAPI» перешла в состояние Остановлена.Record Number: 7841
Source Name: Service Control Manager
Time Written: 20090803115736.000000+240
Event Type: информация
User:Computer Name: ACER-D29F329B82
Event Code: 7036
Message: Служба «Служба COM записи компакт-дисков IMAPI» перешла в состояние Работает.Record Number: 7840
Source Name: Service Control Manager
Time Written: 20090803115730.000000+240
Event Type: информация
User:Computer Name: ACER-D29F329B82
Event Code: 7035
Message: Служба «Служба COM записи компакт-дисков IMAPI» успешно отправила управляющий элемент «запустить».Record Number: 7839
Source Name: Service Control Manager
Time Written: 20090803115730.000000+240
Event Type: информация
User: NT AUTHORITYSYSTEMComputer Name: ACER-D29F329B82
Event Code: 7036
Message: Служба «» перешла в состояние DEVICE{73285D06-00CF-4459-880C-51D1ABA37E37}.Record Number: 7838
Source Name: NETw4x32
Time Written: 20090803105155.000000+240
Event Type: информация
User:=====Application event log=====
Computer Name: ACER-D29F329B82
Event Code: 4
Message: The LightScribe Service started successfully.Record Number: 5978
Source Name: LightScribeService
Time Written: 20090430211807.000000+240
Event Type: информация
User:Computer Name: ACER-D29F329B82
Event Code: 0
Message:
Record Number: 5977
Source Name: EvtEng
Time Written: 20090430211807.000000+240
Event Type: информация
User:Computer Name: ACER-D29F329B82
Event Code: 0
Message:
Record Number: 5976
Source Name: 2GIS UpdateClientService
Time Written: 20090430211807.000000+240
Event Type: информация
User:Computer Name: ACER-D29F329B82
Event Code: 102
Message: wuaueng.dll (3088) SUS20ClientDataStore: Ядро базы данных запустило новый экземпляр (0).Record Number: 5975
Source Name: ESENT
Time Written: 20090430211442.000000+240
Event Type: информация
User:Computer Name: ACER-D29F329B82
Event Code: 100
Message: wuauclt (3088) Ядро базы данных 5.01.2600.2180 запущено.Record Number: 5974
Source Name: ESENT
Time Written: 20090430211442.000000+240
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesIntelWirelessBin
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 13, GenuineIntel
«PROCESSOR_REVISION»=0f0d
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{88888888-8888-8888-8888-888888888888} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{88888888-8888-8888-8888-888888888888} not found.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9D64F819-9380-8473-DAB2-702FCB3D7A3E} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{9D64F819-9380-8473-DAB2-702FCB3D7A3E} deleted successfully.
Registry key HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregamva deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{43e144e5-1c4a-11de-b841-001a4d75ec6b} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{43e144e5-1c4a-11de-b841-001a4d75ec6b} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{49a339e8-c65a-11dc-b040-f1e434541553} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{49a339e8-c65a-11dc-b040-f1e434541553} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{49a339e9-c65a-11dc-b040-f1e434541553} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{49a339e9-c65a-11dc-b040-f1e434541553} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{78e23bb6-1a09-11de-b83e-001a4d75ec6b} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{78e23bb6-1a09-11de-b83e-001a4d75ec6b} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{96202b12-9501-11dc-afdc-d301a29501d2} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{96202b12-9501-11dc-afdc-d301a29501d2} not found.
========== FILES ==========
LoadLibrary failed for C:Documents and SettingsАнтонApplication Databpfeed.dll
C:Documents and SettingsАнтонApplication Databpfeed.dll NOT unregistered.
C:Documents and SettingsАнтонApplication Databpfeed.dll moved successfully.
========== COMMANDS ==========[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytesUser: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytesUser: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytesUser: Администратор
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytesUser: Антон
->Temp folder emptied: 7334768 bytes
->Temporary Internet Files folder emptied: 28970256 bytes%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 4228588 bytes
%systemroot%System32 .tmp files removed: 788045 bytes
Windows Temp folder emptied: 0 bytes
Session Manager Temp folder emptied: 417341752 bytes
Session Manager Tmp folder emptied: 0 bytesRecycleBin emptied: 0 bytes
Total Files Cleaned = 437,51 mb
OTM by OldTimer — Version 3.0.0.2 log created on 06272009_224728
Files moved on Reboot…
Registry entries deleted on Reboot…
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Антон at 2009-06-27 23:00:29
Microsoft Windows XP Professional Service Pack 2
System drive C: has 68 GB (45%) free of 153 GB
Total RAM: 1023 MB (59% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:00:32, on 27.06.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesICQ6ToolbarICQ Service.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32PnkBstrA.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesVIAVIAudioiHDADeckHDeck.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesAuthinet.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesSamsungSamsung Media Studio 5SMSTray.exe
C:Program FilesMarkAnyContentSaferMAAgent.exe
C:Program FilesMail.RuAgentMAgent.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesICQ6.5ICQ.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
C:Program FilesHPDigital ImagingSmart Web Printinghpswp_clipbook.exe
C:Program FilesHPDigital ImagingbinhpqSTE08.exe
C:Program FilesHPDigital Imagingbinhpqbam08.exe
C:Program FilesHPDigital Imagingbinhpqgpc01.exe
C:WINDOWSexplorer.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsАнтонРабочий столRSIT.exe
C:Program Filestrend microАнтон.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
R3 — URLSearchHook: (no name) — — (no file)
R3 — URLSearchHook: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O2 — BHO: HP Print Enhancer — {0347C33E-8762-4905-BF09-768834316C61} — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_printenhancer.dll
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program filesmail.rusputnikMailRuSputnik.dll
O2 — BHO: HP Smart BHO Class — {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
O3 — Toolbar: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [HDAudDeck] C:Program FilesVIAVIAudioiHDADeckHDeck.exe 1
O4 — HKLM..Run: [AVP] «C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe»
O4 — HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 — HKLM..Run: [hpqSRMon] C:Program FilesHPDigital ImagingbinhpqSRMon.exe
O4 — HKLM..Run: [Insys inet] C:Program FilesAuthinet.exe
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeqttask.exe» -atboottime
O4 — HKLM..Run: [NevoDRM] «C:ИгрыNevoDRMNevoDRM.exe»
O4 — HKLM..Run: [SMSTray] C:Program FilesSamsungSamsung Media Studio 5SMSTray.exe
O4 — HKLM..Run: [MAAgent] C:Program FilesMarkAnyContentSaferMAAgent.exe
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [ICQ] «C:Program FilesICQ6.5ICQ.exe» silent
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imagingbinhpqtra08.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Поиск@Mail.Ru — res://c:program filesmail.rusputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Словари@Mail.Ru — res://c:program filesmail.rusputnikMailRuSputnik.dll/283
O9 — Extra button: Cтатистика Веб-Антивируса — {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} — C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0SCIEPlgn.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: Расширенный выбор HP — {DDE87865-83C5-48c4-8357-2F5B1AA84522} — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O12 — Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 — HKLMSystemCCSServicesTcpip..{32DAE4F5-DA44-49F8-9DB0-E401D5C00DF7}: NameServer = 217.24.176.230,217.24.177.2
O17 — HKLMSystemCS1ServicesTcpip..{32DAE4F5-DA44-49F8-9DB0-E401D5C00DF7}: NameServer = 217.24.176.230,217.24.177.2
O17 — HKLMSystemCS2ServicesTcpip..{32DAE4F5-DA44-49F8-9DB0-E401D5C00DF7}: NameServer = 217.24.176.230,217.24.177.2
O23 — Service: Kaspersky Anti-Virus 7.0 (AVP) — Kaspersky Lab — C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: ICQ Service — Unknown owner — C:Program FilesICQ6ToolbarICQ Service.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — c:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NBService — Nero AG — C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesAheadLibNMIndexingService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: PnkBstrA — Unknown owner — C:WINDOWSsystem32PnkBstrA.exe
O23 — Service: TMNT.Teenage Mutant Ninja Turtles Drivers Auto Removal (pr2ajzsb) (pr2ajzsb) — Russobit-M — C:WINDOWSsystem32pr2ajzsb.exe
O23 — Service: KDS 4 Drivers Auto Removal (pr2am8ub) (pr2am8ub) — Russobit-M — C:WINDOWSsystem32pr2am8ub.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 9516 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_printenhancer.dll [2007-11-06 322880][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx [2001-03-02 37808][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — c:program filesmail.rusputnikMailRuSputnik.dll [2009-05-22 680624][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll [2007-11-06 542016][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} — ICQToolBar — C:Program FilesICQ6ToolbarICQToolBar.dll [2008-06-12 958712]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2009-01-13 3112736]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll [2009-05-22 680624][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2007-04-20 8429568]
«HDAudDeck»=C:Program FilesVIAVIAudioiHDADeckHDeck.exe [2008-11-11 704512]
«AVP»=C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe [2007-06-28 218376]
«HP Software Update»=C:Program FilesHPHP Software UpdateHPWuSchd2.exe [2007-10-14 49152]
«hpqSRMon»=C:Program FilesHPDigital ImagingbinhpqSRMon.exe [2007-08-22 80896]
«Insys inet»=C:Program FilesAuthinet.exe [2008-12-09 1100288]
«QuickTime Task»=C:Program FilesQuickTimeqttask.exe [2008-11-11 77824]
«NevoDRM»=C:ИгрыNevoDRMNevoDRM.exe [2008-12-11 41984]
«SMSTray»=C:Program FilesSamsungSamsung Media Studio 5SMSTray.exe [2007-09-20 132624]
«MAAgent»=C:Program FilesMarkAnyContentSaferMAAgent.exe [2007-01-30 57344]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-05-22 6210744][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«ICQ»=C:Program FilesICQ6.5ICQ.exe [2009-03-01 172792][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregBgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2008-11-11 147456][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDAEMON Tools-1033]
C:Program FilesDRToolsdaemon.exe [2008-11-11 81920][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregHDAudDeck]
C:Program FilesVIAVIAudioiHDADeckHDeck.exe [2008-11-11 704512][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]
C:Program FilesCommon FilesAheadLibNeroCheck.exe [2008-11-11 155648][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNvMediaCenter]
NvMCTray.dll,NvTaskbarInit [][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregnwiz]
nwiz.exe /install [][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]
C:Program FilesQuickTimeqttask.exe [2008-11-11 77824][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRemoteControl]
C:Program FilesCyberLinkPowerDVDPDVDServ.exe [2008-11-11 32768][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregTray Temperature]
C:PROGRA~1AWSMiniBug.exe [2008-11-11 249856][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Ускоренный запуск Adobe Reader.lnk]
C:PROGRA~1AdobeACROBA~1.0ReaderREADER~1.EXE [2008-11-11 29696][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«wuauserv»=2
«UPS»=3C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
HP Digital Imaging Monitor.lnk — C:Program FilesHPDigital Imagingbinhpqtra08.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2007-06-28 206088][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{88485281-8b4b-4f8d-9ede-82e29a064277}»=C:PROGRA~1MarkAnyCONTEN~1MACSMA~1.DLL [2004-11-23 192512][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMedal of Honor Allied Assault Breakthroughmoh_Breakthrough.exe»=»C:Program FilesMedal of Honor Allied Assault Breakthroughmoh_Breakthrough.exe:*:Enabled:Medal of Honor Allied Assault(tm) Breakthrough»
«C:Program FilesMedal of Honor Allied Assault BreakthroughMOHAA.EXE»=»C:Program FilesMedal of Honor Allied Assault BreakthroughMOHAA.EXE:*:Enabled:Medal of Honor Allied Assault»
«C:Program FilesMoH Allied Assault Spearheadmoh_spearhead.exe»=»C:Program FilesMoH Allied Assault Spearheadmoh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault(tm) Spearhead»
«C:Program FilesMoH Allied Assault SpearheadMOHAA.EXE»=»C:Program FilesMoH Allied Assault SpearheadMOHAA.EXE:*:Enabled:Medal of Honor Allied Assault»
«C:Program FilesRockstar GamesMidnight Club IImc2.exe»=»C:Program FilesRockstar GamesMidnight Club IImc2.exe:*:Enabled:mc2»
«C:Program FilesEa GamesNeed For Speed Underground 2speed2.exe»=»C:Program FilesEa GamesNeed For Speed Underground 2speed2.exe:*:Enabled:speed2»
«C:Documents and SettingsАнтонРабочий столМои игрыEngineImplementation_Retail.exe»=»C:Documents and SettingsАнтонРабочий столМои игрыEngineImplementation_Retail.exe:*:Enabled:A2M Game Engine»
«C:Program FilesHPDigital Imagingbinhpqtra08.exe»=»C:Program FilesHPDigital Imagingbinhpqtra08.exe:*:Enabled:hpqtra08.exe»
«C:Program FilesHPDigital Imagingbinhpqste08.exe»=»C:Program FilesHPDigital Imagingbinhpqste08.exe:*:Enabled:hpqste08.exe»
«C:Program FilesHPDigital Imagingbinhposid01.exe»=»C:Program FilesHPDigital Imagingbinhposid01.exe:*:Enabled:hposid01.exe»
«C:Program FilesHPDigital Imagingbinhpiscnapp.exe»=»C:Program FilesHPDigital Imagingbinhpiscnapp.exe:*:Enabled:hpiscnapp.exe»
«C:Program FilesHPDigital Imagingbinhpqkygrp.exe»=»C:Program FilesHPDigital Imagingbinhpqkygrp.exe:*:Enabled:hpqkygrp.exe»
«C:Program FilesOrangeBoxhl2.exe»=»C:Program FilesOrangeBoxhl2.exe:*:Enabled:hl2»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»
«C:WINDOWSsystem32muzapp.exe»=»C:WINDOWSsystem32muzapp.exe:*:Enabled:MUZ AOD APP player»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-06-27 22:47:28 —-D—- C:_OTM
2009-06-27 22:43:54 —-RASHD—- C:autorun.inf
2009-06-27 21:48:11 —-D—- C:Ea Games
2009-06-19 21:37:50 —-D—- C:Program Filestrend micro
2009-06-19 21:37:49 —-D—- C:rsit
2009-06-15 12:58:34 —-D—- C:Documents and SettingsАнтонApplication DataIce Age 2
2009-06-08 19:55:39 —-D—- C:Program FilesOpenAL
2009-06-08 19:54:54 —-A—- C:WINDOWSsystem32ATL80.dll
2009-06-08 19:54:47 —-A—- C:WINDOWSsystem32mfc80u.dll
2009-06-08 19:54:47 —-A—- C:WINDOWSsystem32mfc80ENU.dll
2009-06-08 19:54:47 —-A—- C:WINDOWSsystem32mfc80.dll
2009-06-08 19:54:46 —-A—- C:WINDOWSsystem32mfcm80.dll
2009-06-08 19:54:45 —-A—- C:WINDOWSsystem32mfcm80u.dll
2009-06-08 19:54:36 —-A—- C:WINDOWSsystem32msvcm80.dll
2009-06-08 19:54:28 —-A—- C:WINDOWSsystem32OpenALwEAX.exe
2009-06-08 19:54:15 —-A—- C:WINDOWSsystem32vcomp.dll
2009-05-29 22:56:48 —-D—- C:Documents and SettingsАнтонApplication DataDisney Interactive Studios
2009-05-29 22:40:16 —-D—- C:Program FilesMeet the Robinsons
2009-05-29 22:39:04 —-D—- C:Program FilesSpider-Man 3
2009-05-29 22:25:04 —-A—- C:WINDOWSsystem32Borlndmm.dll
2009-05-29 22:25:01 —-A—- C:WINDOWSsystem32msvci70d.dll
2009-05-29 22:25:00 —-A—- C:WINDOWSsystem32Msvcp60d.dll
2009-05-29 22:24:58 —-A—- C:WINDOWSsystem32msvcp70d.dll
2009-05-29 22:24:57 —-A—- C:WINDOWSsystem32msvcp71d.dll
2009-05-29 22:24:56 —-A—- C:WINDOWSsystem32msvcr70d.dll
2009-05-29 22:24:56 —-A—- C:WINDOWSsystem32msvcp80.dll
2009-05-29 22:24:54 —-A—- C:WINDOWSsystem32msvcr80.dll
2009-05-29 22:24:52 —-A—- C:WINDOWSsystem32OpenAL32.dll
2009-05-29 22:24:48 —-A—- C:WINDOWSsystem32wrap_oal.dll
2009-05-29 22:24:06 —-A—- C:WINDOWSgame.ini======List of files/folders modified in the last 1 months======
2009-06-27 23:00:29 —-D—- C:temp
2009-06-27 22:54:01 —-D—- C:WINDOWSsystem32CatRoot2
2009-06-27 22:54:01 —-D—- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-06-27 22:54:00 —-D—- C:Program FilesAuth
2009-06-27 22:49:12 —-D—- C:WINDOWSsystem32
2009-06-27 22:49:12 —-D—- C:WINDOWS
2009-06-27 22:43:54 —-D—- C:WINDOWSPrefetch
2009-06-27 22:03:07 —-A—- C:WINDOWSSchedLgU.Txt
2009-06-22 00:04:49 —-D—- C:Documents and SettingsАнтонApplication DataHPAppData
2009-06-21 23:58:23 —-D—- C:WINDOWSHelp
2009-06-19 21:37:50 —-RD—- C:Program Files
2009-06-15 23:02:57 —-D—- C:Documents and SettingsАнтонApplication DataMra
2009-06-08 20:19:01 —-HD—- C:WINDOWSinf
2009-06-08 20:19:01 —-D—- C:WINDOWSTemp
2009-06-08 20:18:50 —-RSD—- C:WINDOWSassembly
2009-06-08 20:18:02 —-D—- C:WINDOWSsystem32DirectX
2009-06-08 19:56:15 —-D—- C:Program Filesdirectx
2009-06-08 19:55:31 —-SHD—- C:WINDOWSInstaller
2009-06-08 19:55:06 —-HD—- C:Config.Msi
2009-06-08 19:54:52 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-06-08 19:54:08 —-D—- C:Games
2009-06-04 15:25:51 —-A—- C:WINDOWSsystem32CmdLineExt.dll
2009-06-03 13:26:31 —-HD—- C:Program FilesInstallShield Installation Information
2009-06-03 13:20:22 —-D—- C:Program FilesActivision
2009-06-02 12:42:35 —-D—- C:Program FilesЛунтик. Математика
2009-05-29 00:40:05 —-D—- C:Program FilesBuka======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-17 14848]
R1 klif;Klif; ??C:WINDOWSsystem32driversklif.sys []
R1 prodrv04;Star Force copy protection driver v4; C:WINDOWSSystem32driversprodrv04.sys [2008-07-23 114496]
R1 prodrv06;StarForce Protection Environment Driver v6; C:WINDOWSSystem32driversprodrv06.sys [2004-08-09 53920]
R2 hwpsgt;hwpsgt; C:WINDOWSsystem32DRIVERShwpsgt.sys [2008-05-09 137344]
R2 lemsgt;lemsgt; C:WINDOWSsystem32DRIVERSlemsgt.sys [2008-05-09 9472]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:WINDOWSsystem32DRIVERSfetnd5b.sys [2004-04-15 42496]
R3 HdAudAddService;VIA High Definition Audio Service; C:WINDOWSsystem32driversviahduaa.sys [2006-11-09 136448]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2004-10-27 138240]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2007-04-04 24344]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2007-04-20 6739168]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 WpdUsb;WpdUsb; C:WINDOWSSystem32Driverswpdusb.sys [2006-10-18 38528]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSfetnd5.sys [2001-08-18 27165]
S3 FXDrv32;FXDrv32; ??D:FXDrv32.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2007-10-30 21568]
S3 MAP2A10K;MAP2A10K; C:WINDOWSsystem32driversMAP2A10K.SYS []
S3 NTSIM;NTSIM; ??C:WINDOWSsystem32ntsim.sys []
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-04 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S3 zteusbser;ZTE USB Device for Legacy Serial Communication; C:WINDOWSsystem32DRIVERSzteusbser.sys [2007-04-10 98432]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 hpqddsvc;Служба HP CUE DeviceDiscovery; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R2 ICQ Service;ICQ Service; C:Program FilesICQ6ToolbarICQ Service.exe [2008-06-10 222456]
R2 Net Driver HPZ12;Net Driver HPZ12; C:WINDOWSSystem32svchost.exe [2004-08-17 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2007-04-20 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSSystem32svchost.exe [2004-08-17 14336]
R2 PnkBstrA;PnkBstrA; C:WINDOWSsystem32PnkBstrA.exe [2009-01-20 66872]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
R3 hpqcxs08;hpqcxs08; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
S2 AVP;Kaspersky Anti-Virus 7.0; C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe [2007-06-28 218376]
S2 pr2ajzsb;TMNT.Teenage Mutant Ninja Turtles Drivers Auto Removal (pr2ajzsb); C:WINDOWSsystem32pr2ajzsb.exe [2007-03-24 407208]
S2 pr2am8ub;KDS 4 Drivers Auto Removal (pr2am8ub); C:WINDOWSsystem32pr2am8ub.exe [2007-10-04 410984]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2008-11-11 36864]
S3 IDriverT;InstallDriver Table Manager; c:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-11-11 741376]
S3 NBService;NBService; C:Program FilesNeroNero 7Nero BackItUpNBService.exe [2008-11-11 774144]
S3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesAheadLibNMIndexingService.exe [2007-01-15 266240]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2008-11-11 914944]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-11-11 122880]
EOF
Вроде все сделал! Но чё та комп стал тормозить! Даже Counter Strike тормозит! Почему?
Кериш установил сам! Но я вроде его снёс! Комп работает хорошо, спасибо! И кстати как все эти программы сносить которыми я лечил?
Здравствуйте! Вот лог:
ComboFix 09-01-19.05 — user 2009-01-20 20:25:53.4 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.1.1049.18.255.44 [GMT 5:00]
Running from: c:documents and settingsuser.1-F23B81FC8DDD4Рабочий столComboFix.exe
.((((((((((((((((((((((((( Files Created from 2008-12-20 to 2009-01-20 )))))))))))))))))))))))))))))))
.2009-01-18 17:54 . 2009-01-18 17:58
d
c:program filesValve
2009-01-18 16:54 . 2009-01-18 16:54d
c:program filesCommon FilesICQ
2009-01-18 16:54 . 2009-01-20 20:12d
c:documents and settingsuser.1-F23B81FC8DDD4Application DataICQ
2009-01-18 16:53 . 2009-01-18 16:55d
c:program filesICQLite
2009-01-18 13:50 . 2009-01-18 13:51d
c:program filesAlawar.ru
2009-01-15 18:41 . 2009-01-18 16:38d
c:program filesOpera
2009-01-14 19:24 . 2009-01-14 19:24d
C:_OTMoveIt
2009-01-14 19:11 . 2009-01-14 19:13d
C:rsit
2009-01-14 19:11 . 2009-01-14 19:12d
c:program filestrend micro
2009-01-14 19:00 . 2009-01-18 16:45d
c:program filesKerishAV2005
2009-01-14 19:00 . 2009-01-14 19:00 212,240 —a
c:windowssystem32RICHTX32.OCX
2009-01-14 19:00 . 2009-01-14 19:00 140,488 —a
c:windowssystem32Comdlg32.ocx
2009-01-14 19:00 . 2009-01-14 19:00 115,920 —a
c:windowssystem32MSINET.OCX
2009-01-14 19:00 . 2009-01-14 19:00 108,336 —a
c:windowssystem32MSWINSCK.OCX
2009-01-02 15:46 . 2009-01-02 15:46d
c:documents and settingsuser.1-F23B81FC8DDD4Application Datakabauth
2008-12-29 21:09 . 2008-12-29 21:09 550,560 —a
c:documents and settingsuser.1-F23B81FC8DDD4WinPcap_4_0_2.exe.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-18 12:54
d—h—w c:program filesInstallShield Installation Information
2009-01-18 11:54
d
w c:program filesICQ6Toolbar
2009-01-18 11:36
d
w c:program filesModemSPD
2009-01-18 08:51
d
w c:documents and settingsAll UsersApplication DataAlawarWrapper
2009-01-14 14:00 1,392,671 —-a-w c:windowssystem32msvbvm60.dll
2009-01-02 13:26
d
w c:documents and settingsAll UsersApplication DataEgoset
2008-12-21 08:46
d
w c:program filesMyPlayCityRU
2008-12-21 08:46
d
w c:program filesMyPlayCity.ru
2008-12-15 14:55
d
w c:documents and settingsAll UsersApplication Data2DBoy
2008-12-15 14:54
d
w c:program filesWorldOfGoo
2008-12-14 18:57
d
w c:program filesИгры
2008-12-14 16:06
d
w c:program filesConduit
2008-12-14 12:26
d
w c:documents and settingsAll UsersApplication DataICQ
2008-12-14 10:21
d
w c:documents and settingsuser.1-F23B81FC8DDD4Application DataLuntik
2008-12-12 04:32
d
w c:program filesMSXML 4.0
2008-12-11 11:57 333,184 —-a-w c:windowssystem32driverssrv.sys
2008-12-10 18:22
d
w c:program filestelenet
2008-12-10 18:06
d
w c:documents and settingsAll UsersApplication DataKaspersky Lab Setup Files
2008-12-10 15:30
d
w c:program filesAhead
2008-12-10 11:39
d
w c:program filesWinPcap
2008-10-23 13:01 283,648 —-a-w c:windowssystem32gdi32.dll
.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}»= «c:program filesMyPlayCityRUtbMyP0.dll» [2008-11-24 1784856][HKEY_CLASSES_ROOTclsid{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
[HKEY_LOCAL_MACHINE~Browser Helper Objects{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
2008-11-24 01:03 1784856 —a
c:program filesMyPlayCityRUtbMyP0.dll[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}»= «c:program filesMyPlayCityRUtbMyP0.dll» [2008-11-24 1784856][HKEY_CLASSES_ROOTclsid{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{DFBEB35B-444D-4F25-8D7D-EB2683C206EC}»= «c:program filesMyPlayCityRUtbMyP0.dll» [2008-11-24 1784856][HKEY_CLASSES_ROOTclsid{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2004-08-17 15360]
«KabAuth»=»c:documents and settingsuser.1-F23B81FC8DDD4Рабочий столkabauth.exe» [2009-01-16 764928]
«ICQ»=»c:program filesICQLiteICQ.exe» [2008-11-23 153848][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«RemoteControl»=»c:program filesCyberLinkPowerDVDPDVDServ.exe» [2003-10-31 32768]
«AVPCC»=»c:program filesKaspersky LabKaspersky Anti-Virus Personalavpcc.exe» [2003-05-27 487488]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2005-12-10 7311360]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2005-12-10 86016]
«Kerish-Antivirus»=»c:program filesKerishAV2005Antivirus.exe» [2005-04-21 1723904]
«nwiz»=»nwiz.exe» [2005-12-10 c:windowssystem32nwiz.exe][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2004-08-17 15360]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
MultiLex Universal Hotkeys.lnk — c:program filesMediaLinguaMultiLex 3.5HKML_SRV.exe [2007-10-15 102400][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«vidc.3iv2″= 3ivxVfWCodec.dll
«msacm.divxa32″= divxa32.acm
«VIDC.HFYU»= huffyuv.dll
«VIDC.i263″= i263_32.drv
«msacm.imc»= imc32.acm
«VIDC.VP31″= vp31vfw.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001
«FirewallOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\ICQLite\ICQ.exe»=R2 AVPCC;AVP Control Centre Service;c:program filesKaspersky LabKaspersky Anti-Virus Personalavpcc.exe [2003-05-27 487488]
S2 ICQ Service;ICQ Service;c:program filesICQ6ToolbarICQ Service.exe [2008-06-10 222456]
S2 KAVMonitorService;KAV Monitor Service;c:program filesKaspersky LabKaspersky Anti-Virus Personalavpm.exe [2003-06-11 618614]
S3 NPF;NetGroup Packet Filter Driver;c:windowssystem32driversnpf.sys [2007-11-07 34064]— Other Services/Drivers In Memory —
*Deregistered* — Alerter
*Deregistered* — ALG
*Deregistered* — AudioSrv
*Deregistered* — AVPCC
*Deregistered* — Browser
*Deregistered* — CryptSvc
*Deregistered* — DcomLaunch
*Deregistered* — Dhcp
*Deregistered* — dmserver
*Deregistered* — Dnscache
*Deregistered* — ERSvc
*Deregistered* — EventSystem
*Deregistered* — FastUserSwitchingCompatibility
*Deregistered* — FltMgr
*Deregistered* — Ftdisk
*Deregistered* — Gpc
*Deregistered* — helpsvc
*Deregistered* — HTTP
*Deregistered* — ICQ Service
*Deregistered* — ImapiService
*Deregistered* — IpNat
*Deregistered* — IPSec
*Deregistered* — KAVMonitorService
*Deregistered* — Klif
*Deregistered* — KSecDD
*Deregistered* — lanmanserver
*Deregistered* — lanmanworkstation
*Deregistered* — LmHosts
*Deregistered* — mnmdd
*Deregistered* — MountMgr
*Deregistered* — MRxDAV
*Deregistered* — MRxSmb
*Deregistered* — Msfs
*Deregistered* — mssmbios
*Deregistered* — Mup
*Deregistered* — NDIS
*Deregistered* — NdisTapi
*Deregistered* — Ndisuio
*Deregistered* — NdisWan
*Deregistered* — NDProxy
*Deregistered* — NetBIOS
*Deregistered* — NetBT
*Deregistered* — Netman
*Deregistered* — Nla
*Deregistered* — nm
*Deregistered* — NPF
*Deregistered* — Npfs
*Deregistered* — Ntfs
*Deregistered* — Null
*Deregistered* — NVSvc
*Deregistered* — PartMgr
*Deregistered* — ParVdm
*Deregistered* — PolicyAgent
*Deregistered* — PptpMiniport
*Deregistered* — ProtectedStorage
*Deregistered* — PSched
*Deregistered* — RasAcd
*Deregistered* — Rasl2tp
*Deregistered* — RasMan
*Deregistered* — RasPppoe
*Deregistered* — Raspti
*Deregistered* — Rdbss
*Deregistered* — RDPCDD
*Deregistered* — rdpdr
*Deregistered* — RemoteRegistry
*Deregistered* — RpcSs
*Deregistered* — SamSs
*Deregistered* — Schedule
*Deregistered* — seclogon
*Deregistered* — SENS
*Deregistered* — sfdrv01
*Deregistered* — sfhlp02
*Deregistered* — sfsync02
*Deregistered* — SharedAccess
*Deregistered* — ShellHWDetection
*Deregistered* — Spooler
*Deregistered* — sr
*Deregistered* — srservice
*Deregistered* — Srv
*Deregistered* — SSDPSRV
*Deregistered* — swenum
*Deregistered* — TapiSrv
*Deregistered* — Tcpip
*Deregistered* — TermDD
*Deregistered* — TermService
*Deregistered* — Themes
*Deregistered* — TrkWks
*Deregistered* — Update
*Deregistered* — VgaSave
*Deregistered* — VolSnap
*Deregistered* — W32Time
*Deregistered* — Wanarp
*Deregistered* — WebClient
*Deregistered* — winmgmt
*Deregistered* — WS2IFSL
*Deregistered* — wscsvc
*Deregistered* — wuauserv
*Deregistered* — WZCSVC
.
.
Supplementary Scan
.
uStart Page = hxxp://start.icq.com/
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE574} — c:program filesX-Translator DIAMONDPROMTIE4promtie5.htm
IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE575} — c:program filesX-Translator DIAMONDPROMTIE4options.htm
TCP: {26CBF977-982B-44C1-A948-9D894CF79C7E} = 87.224.197.1,87.224.213.1
.**************************************************************************
catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-20 20:43:03
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERSS-1-5-21-1123561945-1060284298-767985171-1003SoftwareMicrosoftWindowsCurrentVersionExplorerMenuOrderStart Menu2Programs1*!]
«Order»=hex:08,00,00,00,02,00,00,00,9c,00,00,00,01,00,00,00,01,00,00,00,90,00,
00,00,00,00,00,00,82,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,70,00,31,
.
Completion time: 2009-01-20 20:52:14
ComboFix-quarantined-files.txt 2009-01-20 15:52:01
ComboFix2.txt 2009-01-18 08:18:52
ComboFix3.txt 2009-01-16 06:48:59Pre-Run: 5 514 334 208 байт свободно
Post-Run: 5,780,840,448 байт свободно229 — E O F — 2009-01-15 10:12:18
!!!!Это я сделал:»Скачайте программу LSPFix кликнув по этой ссылке и распакуйте на ваш рабочий стол.
Запустите LSPFix.
Поставьте галочку напротив пункта «I know what i`m doing».
В KEEP окне выберите t1.dll и нажмите кнопку «>>».
Нажмите кнопку Finish>>.
Когда LSPFix закончит работу кликните по кнопке OK.»
Может я туплю, но я действительно не понял: на иконку Combofix что-то перетащить надо или просто его запустить?????Здравствуйте! Все сделал! Эксплоер нормально пока работает, без ленты! Опера не работает, также пишет «Ошибка. Проблема сети» Вот лог:
ComboFix 09-01-17.03 — user 2009-01-18 12:53:05.3 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.1.1049.18.255.64 [GMT 5:00]
Running from: c:documents and settingsuser.1-F23B81FC8DDD4Рабочий столComboFix.exe
Command switches used :: c:documents and settingsuser.1-F23B81FC8DDD4Рабочий столCFScript.txtFILE ::
c:documents and settingsAll UsersApplication Datakkmlib.dll
c:windowssystem32tmp90D.tmp
c:windowssystem32tmp90E.tmp
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:documents and settingsAll UsersApplication Datakkmlib.dll
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files0EB9F12C_6E6B_4c03_AEBA_8C04CFA98AA4.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files15913497_F86C_4218_8817_F50940D1E1B2.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files29887DDE_00B9_4011_9CF7_59511F1ECC1B.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files35B7DFFA_884F_4fbc_8E60_DA601BDC7BF7.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files362FD6E8_8CDA_4c2a_A8AA-BDA22B321711.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files3DF04940_9866_4241_A998_0CDDFAFD147A.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files426500D7_0FF3_426c_828D_065DBAEA0581.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files478BD4AE_2691_438d_BDCA_3485DC022700.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files5C6C645F_BAA8_4149_BFEB_2031230FF0FD.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files61EA7D69_19D4_421a_A899_0DF4D58CD119.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files777FDAFB_83CF_4960_AA71_4E5D7BCD8E57.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files8DA878D5_E80B_4721_B75A_17EFFAF1A700.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files98F6DF79_7171_452d_9C26_C0193E12DBDF.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet FilesA2B240D6_0386_419e_91C5_3F7D90437CD0.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet FilesC75CEF8D_5AF4_4563_8594_C45A45E14E63.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet FilesE21285C1_40E6_435c_A69F_3387E7BD89CB.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet FilesE9A4D648_ED73_4ea7_88B2_18332DBA4F3E.gif
c:windowssystem32tmp90D.tmp
c:windowssystem32tmp90E.tmp.
((((((((((((((((((((((((( Files Created from 2008-12-18 to 2009-01-18 )))))))))))))))))))))))))))))))
.2009-01-15 18:41 . 2009-01-15 18:41
d
c:program filesOpera
2009-01-14 19:24 . 2009-01-14 19:24d
C:_OTMoveIt
2009-01-14 19:11 . 2009-01-14 19:13d
C:rsit
2009-01-14 19:11 . 2009-01-14 19:12d
c:program filestrend micro
2009-01-14 19:00 . 2009-01-14 19:00d
c:program filesKerishAV2005
2009-01-14 19:00 . 2009-01-14 19:00 212,240 —a
c:windowssystem32RICHTX32.OCX
2009-01-14 19:00 . 2009-01-14 19:00 140,488 —a
c:windowssystem32Comdlg32.ocx
2009-01-14 19:00 . 2009-01-14 19:00 115,920 —a
c:windowssystem32MSINET.OCX
2009-01-14 19:00 . 2009-01-14 19:00 108,336 —a
c:windowssystem32MSWINSCK.OCX
2009-01-02 15:46 . 2009-01-02 15:46d
c:documents and settingsuser.1-F23B81FC8DDD4Application Datakabauth
2008-12-29 21:09 . 2008-12-29 21:09 550,560 —a
c:documents and settingsuser.1-F23B81FC8DDD4WinPcap_4_0_2.exe.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-14 14:00 1,392,671 —-a-w c:windowssystem32msvbvm60.dll
2009-01-02 13:26
d
w c:documents and settingsAll UsersApplication DataEgoset
2008-12-21 08:46
d
w c:program filesMyPlayCityRU
2008-12-21 08:46
d
w c:program filesMyPlayCity.ru
2008-12-15 14:55
d
w c:documents and settingsAll UsersApplication Data2DBoy
2008-12-15 14:54
d
w c:program filesWorldOfGoo
2008-12-14 18:57
d
w c:program filesИгры
2008-12-14 16:06
d
w c:program filesConduit
2008-12-14 12:26
d—h—w c:program filesInstallShield Installation Information
2008-12-14 12:26
d
w c:program filesICQ6Toolbar
2008-12-14 12:26
d
w c:documents and settingsAll UsersApplication DataICQ
2008-12-14 10:21
d
w c:documents and settingsuser.1-F23B81FC8DDD4Application DataLuntik
2008-12-14 10:21
d
w c:documents and settingsAll UsersApplication DataAlawarWrapper
2008-12-12 04:32
d
w c:program filesMSXML 4.0
2008-12-11 11:57 333,184 —-a-w c:windowssystem32driverssrv.sys
2008-12-10 18:22
d
w c:program filestelenet
2008-12-10 18:06
d
w c:documents and settingsAll UsersApplication DataKaspersky Lab Setup Files
2008-12-10 15:30
d
w c:program filesAhead
2008-12-10 11:39
d
w c:program filesWinPcap
2008-10-23 13:01 283,648 —-a-w c:windowssystem32gdi32.dll
.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}»= «c:program filesMyPlayCityRUtbMyP0.dll» [2008-11-24 1784856][HKEY_CLASSES_ROOTclsid{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
[HKEY_LOCAL_MACHINE~Browser Helper Objects{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
2008-11-24 01:03 1784856 —a
c:program filesMyPlayCityRUtbMyP0.dll[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}»= «c:program filesMyPlayCityRUtbMyP0.dll» [2008-11-24 1784856][HKEY_CLASSES_ROOTclsid{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{DFBEB35B-444D-4F25-8D7D-EB2683C206EC}»= «c:program filesMyPlayCityRUtbMyP0.dll» [2008-11-24 1784856][HKEY_CLASSES_ROOTclsid{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2004-08-17 15360]
«KabAuth»=»c:documents and settingsuser.1-F23B81FC8DDD4Рабочий столkabauth.exe» [2009-01-16 764928][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«RemoteControl»=»c:program filesCyberLinkPowerDVDPDVDServ.exe» [2003-10-31 32768]
«AVPCC»=»c:program filesKaspersky LabKaspersky Anti-Virus Personalavpcc.exe» [2003-05-27 487488]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2005-12-10 7311360]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2005-12-10 86016]
«Kerish-Antivirus»=»c:program filesKerishAV2005Antivirus.exe» [2005-04-21 1723904]
«nwiz»=»nwiz.exe» [2005-12-10 c:windowssystem32nwiz.exe][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2004-08-17 15360]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
MultiLex Universal Hotkeys.lnk — c:program filesMediaLinguaMultiLex 3.5HKML_SRV.exe [2007-10-15 102400][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«vidc.3iv2″= 3ivxVfWCodec.dll
«msacm.divxa32″= divxa32.acm
«VIDC.HFYU»= huffyuv.dll
«VIDC.i263″= i263_32.drv
«msacm.imc»= imc32.acm
«VIDC.VP31″= vp31vfw.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001
«FirewallOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=R2 AVPCC;AVP Control Centre Service;c:program filesKaspersky LabKaspersky Anti-Virus Personalavpcc.exe [2003-05-27 487488]
S2 KAVMonitorService;KAV Monitor Service;c:program filesKaspersky LabKaspersky Anti-Virus Personalavpm.exe [2003-06-11 618614]
S3 NPF;NetGroup Packet Filter Driver;c:windowssystem32driversnpf.sys [2007-11-07 34064]— Other Services/Drivers In Memory —
*Deregistered* — Alerter
*Deregistered* — ALG
*Deregistered* — AudioSrv
*Deregistered* — AVPCC
*Deregistered* — Browser
*Deregistered* — CryptSvc
*Deregistered* — DcomLaunch
*Deregistered* — Dhcp
*Deregistered* — dmserver
*Deregistered* — Dnscache
*Deregistered* — ERSvc
*Deregistered* — EventSystem
*Deregistered* — FastUserSwitchingCompatibility
*Deregistered* — helpsvc
*Deregistered* — ImapiService
*Deregistered* — KAVMonitorService
*Deregistered* — lanmanserver
*Deregistered* — lanmanworkstation
*Deregistered* — LmHosts
*Deregistered* — mssmbios
*Deregistered* — Mup
*Deregistered* — NDIS
*Deregistered* — NdisTapi
*Deregistered* — Ndisuio
*Deregistered* — NdisWan
*Deregistered* — NDProxy
*Deregistered* — NetBIOS
*Deregistered* — NetBT
*Deregistered* — Netman
*Deregistered* — Nla
*Deregistered* — nm
*Deregistered* — NPF
*Deregistered* — Npfs
*Deregistered* — Ntfs
*Deregistered* — Null
*Deregistered* — NVSvc
*Deregistered* — PartMgr
*Deregistered* — ParVdm
*Deregistered* — PolicyAgent
*Deregistered* — PptpMiniport
*Deregistered* — ProtectedStorage
*Deregistered* — PSched
*Deregistered* — RasAcd
*Deregistered* — Rasl2tp
*Deregistered* — RasMan
*Deregistered* — RasPppoe
*Deregistered* — Raspti
*Deregistered* — Rdbss
*Deregistered* — RDPCDD
*Deregistered* — rdpdr
*Deregistered* — RemoteRegistry
*Deregistered* — RpcSs
*Deregistered* — SamSs
*Deregistered* — Schedule
*Deregistered* — seclogon
*Deregistered* — SENS
*Deregistered* — sfdrv01
*Deregistered* — sfhlp02
*Deregistered* — sfsync02
*Deregistered* — SharedAccess
*Deregistered* — ShellHWDetection
*Deregistered* — Spooler
*Deregistered* — sr
*Deregistered* — srservice
*Deregistered* — Srv
*Deregistered* — SSDPSRV
*Deregistered* — swenum
*Deregistered* — TapiSrv
*Deregistered* — Tcpip
*Deregistered* — TermDD
*Deregistered* — TermService
*Deregistered* — Themes
*Deregistered* — TrkWks
*Deregistered* — Update
*Deregistered* — VgaSave
*Deregistered* — VolSnap
*Deregistered* — W32Time
*Deregistered* — Wanarp
*Deregistered* — WebClient
*Deregistered* — winmgmt
*Deregistered* — WS2IFSL
*Deregistered* — wscsvc
*Deregistered* — wuauserv
*Deregistered* — WZCSVC
.
.
Supplementary Scan
.
uStart Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT1392749
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE574} — c:program filesX-Translator DIAMONDPROMTIE4promtie5.htm
IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE575} — c:program filesX-Translator DIAMONDPROMTIE4options.htm
LSP: c:windowssystem32t1.dll
TCP: {26CBF977-982B-44C1-A948-9D894CF79C7E} = 87.224.197.1,87.224.213.1
.**************************************************************************
catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-18 13:10:00
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERSS-1-5-21-1123561945-1060284298-767985171-1003SoftwareMicrosoftWindowsCurrentVersionExplorerMenuOrderStart Menu2Programs1*!]
«Order»=hex:08,00,00,00,02,00,00,00,9c,00,00,00,01,00,00,00,01,00,00,00,90,00,
00,00,00,00,00,00,82,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,70,00,31,
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘lsass.exe'(664)
c:windowssystem32t1.dll
.
Completion time: 2009-01-18 13:18:41
ComboFix-quarantined-files.txt 2009-01-18 08:18:28
ComboFix2.txt 2009-01-16 06:48:59Pre-Run: 4 154 093 568 байт свободно
Post-Run: 4,396,208,128 байт свободно238 — E O F — 2009-01-15 10:12:18
Здравствуйте! Запустил Combofix! Опера показвает ошибку связи, не открывает ни одного сайта. Explorer все также с этой хренью! Вот лог:
ComboFix 09-01-13.04 — user 2009-01-16 11:24:10.2 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.1.1049.18.255.89 [GMT 5:00]
Running from: c:documents and settingsuser.1-F23B81FC8DDD4Рабочий столComboFix.exe
Command switches used :: c:documents and settingsuser.1-F23B81FC8DDD4Рабочий столWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files0EB9F12C_6E6B_4c03_AEBA_8C04CFA98AA4.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files15913497_F86C_4218_8817_F50940D1E1B2.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files29887DDE_00B9_4011_9CF7_59511F1ECC1B.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files35B7DFFA_884F_4fbc_8E60_DA601BDC7BF7.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files362FD6E8_8CDA_4c2a_A8AA-BDA22B321711.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files3DF04940_9866_4241_A998_0CDDFAFD147A.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files426500D7_0FF3_426c_828D_065DBAEA0581.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files478BD4AE_2691_438d_BDCA_3485DC022700.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files5C6C645F_BAA8_4149_BFEB_2031230FF0FD.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files61EA7D69_19D4_421a_A899_0DF4D58CD119.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files777FDAFB_83CF_4960_AA71_4E5D7BCD8E57.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files8DA878D5_E80B_4721_B75A_17EFFAF1A700.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files98F6DF79_7171_452d_9C26_C0193E12DBDF.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet FilesA2B240D6_0386_419e_91C5_3F7D90437CD0.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet FilesC75CEF8D_5AF4_4563_8594_C45A45E14E63.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet FilesE21285C1_40E6_435c_A69F_3387E7BD89CB.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet FilesE9A4D648_ED73_4ea7_88B2_18332DBA4F3E.gif
.
—- Previous Run
.
C:Autorun.inf
c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr0.dat
c:documents and settingsAll UsersApplication DataMicrosoftNetworkDownloaderqmgr1.dat
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files0EB9F12C_6E6B_4c03_AEBA_8C04CFA98AA4.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files15913497_F86C_4218_8817_F50940D1E1B2.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files29887DDE_00B9_4011_9CF7_59511F1ECC1B.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files35B7DFFA_884F_4fbc_8E60_DA601BDC7BF7.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files362FD6E8_8CDA_4c2a_A8AA-BDA22B321711.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files3DF04940_9866_4241_A998_0CDDFAFD147A.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files426500D7_0FF3_426c_828D_065DBAEA0581.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files478BD4AE_2691_438d_BDCA_3485DC022700.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files5C6C645F_BAA8_4149_BFEB_2031230FF0FD.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files61EA7D69_19D4_421a_A899_0DF4D58CD119.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files777FDAFB_83CF_4960_AA71_4E5D7BCD8E57.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files8DA878D5_E80B_4721_B75A_17EFFAF1A700.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet Files98F6DF79_7171_452d_9C26_C0193E12DBDF.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet FilesA2B240D6_0386_419e_91C5_3F7D90437CD0.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet FilesC75CEF8D_5AF4_4563_8594_C45A45E14E63.gif
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet FilesE21285C1_40E6_435c_A69F_3387E7BD89CB.jpg
c:documents and settingsuser.1-F23B81FC8DDD4Local SettingsTemporary Internet FilesE9A4D648_ED73_4ea7_88B2_18332DBA4F3E.gif
c:windowspi.exe
c:windowssystem32amvo.exe
c:windowssystem32amvo0.dll.
((((((((((((((((((((((((( Files Created from 2008-12-16 to 2009-01-16 )))))))))))))))))))))))))))))))
.2009-01-15 18:41 . 2009-01-15 18:41
d
c:program filesOpera
2009-01-14 19:24 . 2009-01-14 19:24d
C:_OTMoveIt
2009-01-14 19:11 . 2009-01-14 19:13d
C:rsit
2009-01-14 19:11 . 2009-01-14 19:12d
c:program filestrend micro
2009-01-14 19:00 . 2009-01-14 19:00d
c:program filesKerishAV2005
2009-01-14 19:00 . 2009-01-14 19:00 212,240 —a
c:windowssystem32RICHTX32.OCX
2009-01-14 19:00 . 2009-01-14 19:00 140,488 —a
c:windowssystem32Comdlg32.ocx
2009-01-14 19:00 . 2009-01-14 19:00 115,920 —a
c:windowssystem32MSINET.OCX
2009-01-14 19:00 . 2009-01-14 19:00 108,336 —a
c:windowssystem32MSWINSCK.OCX
2009-01-14 18:14 . 2009-01-14 18:14 0 —a
c:windowssystem32tmp90E.tmp
2009-01-14 17:55 . 2009-01-14 17:55 0 —a
c:windowssystem32tmp90D.tmp
2009-01-14 15:14 . 2009-01-14 15:15 323,584 —a
c:documents and settingsAll UsersApplication Datakkmlib.dll
2009-01-02 15:46 . 2009-01-02 15:46d
c:documents and settingsuser.1-F23B81FC8DDD4Application Datakabauth
2008-12-29 21:09 . 2008-12-29 21:09 550,560 —a
c:documents and settingsuser.1-F23B81FC8DDD4WinPcap_4_0_2.exe.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-14 14:00 1,392,671 —-a-w c:windowssystem32msvbvm60.dll
2009-01-02 13:26
d
w c:documents and settingsAll UsersApplication DataEgoset
2008-12-21 08:46
d
w c:program filesMyPlayCityRU
2008-12-21 08:46
d
w c:program filesMyPlayCity.ru
2008-12-20 03:48
d
w c:documents and settingsuser.1-F23B81FC8DDD4Application DataICQ
2008-12-15 14:55
d
w c:documents and settingsAll UsersApplication Data2DBoy
2008-12-15 14:54
d
w c:program filesWorldOfGoo
2008-12-14 18:57
d
w c:program filesИгры
2008-12-14 16:06
d
w c:program filesConduit
2008-12-14 12:28
d
w c:program filesICQ6.5
2008-12-14 12:26
d—h—w c:program filesInstallShield Installation Information
2008-12-14 12:26
d
w c:program filesICQ6Toolbar
2008-12-14 12:26
d
w c:documents and settingsAll UsersApplication DataICQ
2008-12-14 10:21
d
w c:documents and settingsuser.1-F23B81FC8DDD4Application DataLuntik
2008-12-14 10:21
d
w c:documents and settingsAll UsersApplication DataAlawarWrapper
2008-12-12 04:32
d
w c:program filesMSXML 4.0
2008-12-11 11:57 333,184 —-a-w c:windowssystem32driverssrv.sys
2008-12-10 18:22
d
w c:program filestelenet
2008-12-10 18:06
d
w c:documents and settingsAll UsersApplication DataKaspersky Lab Setup Files
2008-12-10 15:30
d
w c:program filesAhead
2008-12-10 11:39
d
w c:program filesWinPcap
2008-10-23 13:01 283,648 —-a-w c:windowssystem32gdi32.dll
2008-10-16 10:39 659,968 —-a-w c:windowssystem32wininet.dll
.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}»= «c:program filesMyPlayCityRUtbMyP0.dll» [2008-11-24 1784856][HKEY_CLASSES_ROOTclsid{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
[HKEY_LOCAL_MACHINE~Browser Helper Objects{22F63A47-6957-4CF7-BCC4-634B1A93D568}]
2009-01-14 15:15 323584 —a
c:documents and settingsAll UsersApplication Datakkmlib.dll[HKEY_LOCAL_MACHINE~Browser Helper Objects{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
2008-11-24 01:03 1784856 —a
c:program filesMyPlayCityRUtbMyP0.dll[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
«{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}»= «c:program filesMyPlayCityRUtbMyP0.dll» [2008-11-24 1784856][HKEY_CLASSES_ROOTclsid{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser]
«{DFBEB35B-444D-4F25-8D7D-EB2683C206EC}»= «c:program filesMyPlayCityRUtbMyP0.dll» [2008-11-24 1784856][HKEY_CLASSES_ROOTclsid{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}]
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2004-08-17 15360]
«KabAuth»=»c:documents and settingsuser.1-F23B81FC8DDD4Рабочий столkabauth.exe» [2009-01-16 764928][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NeroFilterCheck»=»c:windowssystem32NeroCheck.exe» [2001-07-09 155648]
«RemoteControl»=»c:program filesCyberLinkPowerDVDPDVDServ.exe» [2003-10-31 32768]
«AVPCC»=»c:program filesKaspersky LabKaspersky Anti-Virus Personalavpcc.exe» [2003-05-27 487488]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2005-12-10 7311360]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2005-12-10 86016]
«Kerish-Antivirus»=»c:program filesKerishAV2005Antivirus.exe» [2005-04-21 1723904]
«nwiz»=»nwiz.exe» [2005-12-10 c:windowssystem32nwiz.exe][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2004-08-17 15360]c:documents and settingsAll Usersѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
MultiLex Universal Hotkeys.lnk — c:program filesMediaLinguaMultiLex 3.5HKML_SRV.exe [2007-10-15 102400][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32]
«vidc.3iv2″= 3ivxVfWCodec.dll
«msacm.divxa32″= divxa32.acm
«VIDC.HFYU»= huffyuv.dll
«VIDC.i263″= i263_32.drv
«msacm.imc»= imc32.acm
«VIDC.VP31″= vp31vfw.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«AntiVirusOverride»=dword:00000001
«FirewallOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\ICQ6.5\ICQ.exe»=R2 AVPCC;AVP Control Centre Service;c:program filesKaspersky LabKaspersky Anti-Virus Personalavpcc.exe [2003-05-27 487488]
S2 ICQ Service;ICQ Service;c:program filesICQ6ToolbarICQ Service.exe [2008-06-10 222456]
S2 KAVMonitorService;KAV Monitor Service;c:program filesKaspersky LabKaspersky Anti-Virus Personalavpm.exe [2003-06-11 618614]
S3 NPF;NetGroup Packet Filter Driver;c:windowssystem32driversnpf.sys [2007-11-07 34064]— Other Services/Drivers In Memory —
*Deregistered* — AFD
*Deregistered* — Alerter
*Deregistered* — ALG
*Deregistered* — AudioSrv
*Deregistered* — audstub
*Deregistered* — AVPCC
*Deregistered* — Beep
*Deregistered* — Browser
*Deregistered* — Cdfs
*Deregistered* — CryptSvc
*Deregistered* — DcomLaunch
*Deregistered* — Dhcp
*Deregistered* — dmio
*Deregistered* — dmload
*Deregistered* — dmserver
*Deregistered* — Dnscache
*Deregistered* — ERSvc
*Deregistered* — EventSystem
*Deregistered* — Fastfat
*Deregistered* — FastUserSwitchingCompatibility
*Deregistered* — Fips
*Deregistered* — FltMgr
*Deregistered* — Ftdisk
*Deregistered* — Gpc
*Deregistered* — helpsvc
*Deregistered* — HTTP
*Deregistered* — ICQ Service
*Deregistered* — ImapiService
*Deregistered* — IpNat
*Deregistered* — IPSec
*Deregistered* — KAVMonitorService
*Deregistered* — Klif
*Deregistered* — KSecDD
*Deregistered* — lanmanserver
*Deregistered* — lanmanworkstation
*Deregistered* — LmHosts
*Deregistered* — mnmdd
*Deregistered* — MountMgr
*Deregistered* — MRxDAV
*Deregistered* — MRxSmb
*Deregistered* — Msfs
*Deregistered* — mssmbios
*Deregistered* — Mup
*Deregistered* — NDIS
*Deregistered* — NdisTapi
*Deregistered* — Ndisuio
*Deregistered* — NdisWan
*Deregistered* — NDProxy
*Deregistered* — NetBIOS
*Deregistered* — NetBT
*Deregistered* — Netman
*Deregistered* — Nla
*Deregistered* — nm
*Deregistered* — NPF
*Deregistered* — Npfs
*Deregistered* — Ntfs
*Deregistered* — Null
*Deregistered* — NVSvc
*Deregistered* — PartMgr
*Deregistered* — ParVdm
*Deregistered* — PolicyAgent
*Deregistered* — PptpMiniport
*Deregistered* — ProtectedStorage
*Deregistered* — PSched
*Deregistered* — RasAcd
*Deregistered* — Rasl2tp
*Deregistered* — RasMan
*Deregistered* — RasPppoe
*Deregistered* — Raspti
*Deregistered* — Rdbss
*Deregistered* — RDPCDD
*Deregistered* — rdpdr
*Deregistered* — RemoteRegistry
*Deregistered* — RpcSs
*Deregistered* — SamSs
*Deregistered* — Schedule
*Deregistered* — seclogon
*Deregistered* — SENS
*Deregistered* — sfdrv01
*Deregistered* — sfhlp02
*Deregistered* — sfsync02
*Deregistered* — SharedAccess
*Deregistered* — ShellHWDetection
*Deregistered* — Spooler
*Deregistered* — sr
*Deregistered* — srservice
*Deregistered* — Srv
*Deregistered* — SSDPSRV
*Deregistered* — swenum
*Deregistered* — TapiSrv
*Deregistered* — Tcpip
*Deregistered* — TermDD
*Deregistered* — TermService
*Deregistered* — Themes
*Deregistered* — TrkWks
*Deregistered* — Update
*Deregistered* — VgaSave
*Deregistered* — VolSnap
*Deregistered* — W32Time
*Deregistered* — Wanarp
*Deregistered* — WebClient
*Deregistered* — winmgmt
*Deregistered* — WS2IFSL
*Deregistered* — wscsvc
*Deregistered* — wuauserv
*Deregistered* — WZCSVC[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{7450fbe0-ce43-11dd-a1ed-0080485ce56e}]
ShellAutoRuncommand — E:xpbkh.com
ShellexploreCommand — E:xpbkh.com
ShellopenCommand — E:xpbkh.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{867c9790-49b2-11dc-a073-d9d126cce368}]
ShellAutoRuncommand — F:xpbkh.com
ShellexploreCommand — F:xpbkh.com
ShellopenCommand — F:xpbkh.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{9cd2c120-5b00-11dd-a186-8230aadab768}]
ShellAutoRuncommand — E:xpbkh.com
ShellexploreCommand — E:xpbkh.com
ShellopenCommand — E:xpbkh.com
.
.
Supplementary Scan
.
uStart Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT1392749
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2OFFICE11EXCEL.EXE/3000
IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE574} — c:program filesX-Translator DIAMONDPROMTIE4promtie5.htm
IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE575} — c:program filesX-Translator DIAMONDPROMTIE4options.htm
LSP: c:windowssystem32t1.dll
TCP: {26CBF977-982B-44C1-A948-9D894CF79C7E} = 87.224.197.1,87.224.213.1
.**************************************************************************
catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-16 11:39:51
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERSS-1-5-21-1123561945-1060284298-767985171-1003SoftwareMicrosoftWindowsCurrentVersionExplorerMenuOrderStart Menu2Programs1*!]
«Order»=hex:08,00,00,00,02,00,00,00,9c,00,00,00,01,00,00,00,01,00,00,00,90,00,
00,00,00,00,00,00,82,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,70,00,31,
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘lsass.exe'(668)
c:windowssystem32t1.dll
.
Completion time: 2009-01-16 11:48:48
ComboFix-quarantined-files.txt 2009-01-16 06:48:35Pre-Run: 4,401,844,224 байт свободно
Post-Run: 4,394,602,496 байт свободно300 — E O F — 2009-01-15 10:12:18
