Созданные ответы форума
-
Сообщения
-
Лог RSIT
Logfile of random’s system information tool 1.06 (written by random/random)
Run by User at 2009-05-06 21:53:26
Microsoft Windows XP Professional Service Pack 2
System drive C: has 54 GB (61%) free of 88 GB
Total RAM: 2046 MB (81% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:30, on 06.05.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesESETESET Smart Securityekrn.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32uphclean.exe
C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe
C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesESETESET Smart Securityegui.exe
C:WINDOWSSystem32spoolDRIVERSW32X863E_FATICAR.EXE
C:Program FilesMessengermsmsgs.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsUserРабочий столRSIT.exe
C:Program FilesTrend MicroHijackThisUser.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.APEHA.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: EpsonToolBandKicker Class — {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll
O3 — Toolbar: EPSON Web-To-Page — {EE5D279F-081B-4404-994D-C6B60AAEBA6D} — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [Adobe Photo Downloader] «C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe»
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [egui] «C:Program FilesESETESET Smart Securityegui.exe» /hide /waitservice
O4 — HKCU..Run: [EPSON Stylus CX4300 Series] C:WINDOWSSystem32spoolDRIVERSW32X863E_FATICAR.EXE /FU «C:WINDOWSsystem32configSYSTEM~1LOCALS~1TempE_SA2.tmp» /EF «HKCU»
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_02] rundll32 advpack.dll,DelNodeRunDLL32 «%SystemRoot%System32dllcache» (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_06] cmd.exe /c md «%USERPROFILE%Local SettingsTemp» (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_07] rundll32 advpack.dll,DelNodeRunDLL32 «%SystemRoot%NLDRV» (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_08] rundll32 advpack.dll,LaunchINFSection nlite.inf,I (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_09] cmd.exe /C move /Y «%SystemRoot%System32syssetub.dll» «%SystemRoot%System32syssetup.dll» (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_10] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_11] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [nlpo_02] rundll32 advpack.dll,DelNodeRunDLL32 «%SystemRoot%System32dllcache» (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [tscuninstall] %systemroot%system32tscupgrd.exe (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [tscuninstall] %systemroot%system32tscupgrd.exe (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~1OFFICE11EXCEL.EXE/3000
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~1OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Eset HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET Smart SecurityEHttpSrv.exe
O23 — Service: Eset Service (ekrn) — ESET — C:Program FilesESETESET Smart Securityekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 6038 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll [2005-02-21 368640][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} — EPSON Web-To-Page — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll [2005-02-21 368640][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2006-07-01 155648]
«Adobe Photo Downloader»=C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe [2005-06-06 57344]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2007-03-23 227328]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2006-06-30 577536]
«egui»=C:Program FilesESETESET Smart Securityegui.exe [2008-07-01 1447168][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«EPSON Stylus CX4300 Series»=C:WINDOWSSystem32spoolDRIVERSW32X863E_FATICAR.EXE [2007-03-01 180736]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-08-17 1667584][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2007-07-28 118784][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalprocexp90.Sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkprocexp90.Sys]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«DisableStatusMessages»=0
«InstallVisualStyle»=C:WINDOWSResourcesThemesRoyaleRoyale.msstyles
«InstallTheme»=C:WINDOWSResourcesThemesRoyale.theme[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoWindowsUpdate»=1
«NoSMConfigurePrograms»=1
«NoResolveTrack»=1
«NoResolveSearch»=1
«NoInstrumentation»=1
«NoStartMenuMFUprogramsList»=1
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-05-06 21:41:16 —-D—- C:_OTMoveIt
2009-04-21 20:03:49 —-RASHD—- C:autorun.inf
2009-04-19 14:03:53 —-D—- C:rsit
2009-04-19 14:00:08 —-D—- C:ComboFix
2009-04-19 14:00:08 —-A—- C:WINDOWSsystem32CF28221.exe
2009-04-19 13:59:13 —-D—- C:WINDOWSERDNT
2009-04-19 13:59:12 —-A—- C:WINDOWSsystem32CF28038.exe
2009-04-19 13:59:11 —-D—- C:Qoobox
2009-04-19 13:53:52 —-D—- C:WINDOWSsystem32appmgmt
2009-04-19 13:48:36 —-D—- C:WINDOWSSoftwareDistribution
2009-04-19 13:48:33 —-D—- C:WINDOWSPrefetch
2009-04-19 13:45:06 —-D—- C:WINDOWSsystem32xircom
2009-04-19 13:45:06 —-D—- C:Program Filesxerox
2009-04-19 13:45:06 —-D—- C:Program Filesmsn gaming zone
2009-04-19 13:45:06 —-D—- C:Program Filesmicrosoft frontpage
2009-04-19 13:44:20 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-04-19 13:44:14 —-HD—- C:Program FilesWindowsUpdate
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuweb.dll
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wups.dll
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wucltui.dll
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuapi.dll
2009-04-19 13:43:25 —-D—- C:Program FilesMessenger
2009-04-19 13:36:35 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-04-19 13:36:35 —-A—- C:WINDOWSsystem32irclass.dll
2009-04-19 13:36:18 —-RA—- C:WINDOWSSETBA.tmp
2009-04-19 13:36:16 —-RA—- C:WINDOWSSETAE.tmp
2009-04-19 13:36:15 —-RA—- C:WINDOWSSETAB.tmp
2009-04-19 13:30:48 —-RSHD—- C:WINDOWSsystem32dllcache
2009-04-19 13:25:44 —-SHD—- C:FOUND.010
2009-04-18 18:20:08 —-D—- C:Documents and SettingsUserApplication DataESET
2009-04-18 18:19:15 —-D—- C:Program FilesESET
2009-04-18 18:19:15 —-D—- C:Documents and SettingsAll UsersApplication DataESET
2009-04-18 18:11:12 —-SHD—- C:FOUND.009
2009-04-18 18:03:48 —-SHD—- C:FOUND.008
2009-04-18 17:52:26 —-SHD—- C:FOUND.007
2009-04-18 17:38:28 —-D—- C:Program FilesTrend Micro
2009-04-17 23:00:23 —-D—- C:Documents and SettingsUserApplication DataKingston======List of files/folders modified in the last 1 months======
2009-05-06 21:49:16 —-A—- C:WINDOWSSchedLgU.Txt
2009-04-25 16:27:52 —-A—- C:WINDOWSNeroDigital.ini
2009-04-19 13:50:08 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-04-19 13:49:10 —-A—- C:WINDOWSsetuplog.txt
2009-04-19 13:44:52 —-A—- C:WINDOWSOEWABLog.txt
2009-04-19 13:44:50 —-A—- C:WINDOWSODBCINST.INI
2009-04-19 13:44:22 —-RD—- C:WINDOWSWeb
2009-04-19 13:44:22 —-RD—- C:Program Files
2009-04-19 13:44:18 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-04-19 13:44:12 —-A—- C:WINDOWSwin.ini
2009-04-19 13:42:54 —-SH—- C:boot.ini
2009-04-19 13:36:40 —-A—- C:WINDOWSsystem.ini
2009-04-19 13:36:32 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-04-18 18:20:10 —-A—- C:WINDOWSkdcoms.dll
2009-04-15 15:03:58 —-A—- C:WINDOWSModemLog_Motorola USB Modem.txt======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:WINDOWSsystem32DRIVERSeasdrv.sys [2008-07-01 53256]
R1 epfwtdi;epfwtdi; C:WINDOWSsystem32DRIVERSepfwtdi.sys [2008-07-01 54280]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R2 eamon;EAMON; C:WINDOWSsystem32DRIVERSeamon.sys [2008-07-01 39944]
R2 epfw;epfw; C:WINDOWSsystem32DRIVERSepfw.sys [2008-07-01 71688]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2006-06-30 3846848]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2007-07-28 2371584]
R3 Epfwndis;Eset Personal Firewall; C:WINDOWSsystem32DRIVERSEpfwndis.sys [2008-07-01 30728]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-03 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 ENTECH;ENTECH; ??C:WINDOWSsystem32DRIVERSENTECH.sys []
S3 motmodem;Motorola USB CDC ACM Driver; C:WINDOWSsystem32DRIVERSmotmodem.sys [2007-02-27 21504]
S3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversnmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversnmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:WINDOWSsystem32driversnmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:WINDOWSsystem32driversnmwcdcm.sys [2007-02-22 12288]
S3 ssm_bus;Samsung Mobile USB Device II 1.0 driver (WDM); C:WINDOWSsystem32DRIVERSssm_bus.sys [2006-11-10 52416]
S3 ssm_mdfl;Samsung Mobile USB Modem II 1.0 Filter; C:WINDOWSsystem32DRIVERSssm_mdfl.sys [2005-11-10 6096]
S3 ssm_mdm;Samsung Mobile USB Modem II 1.0 Drivers; C:WINDOWSsystem32DRIVERSssm_mdm.sys [2005-11-10 84512]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 Wdf01000;Wdf01000; C:WINDOWSsystem32DRIVERSWdf01000.sys [2006-11-02 492000]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2007-07-28 483328]
R2 ekrn;Eset Service; C:Program FilesESETESET Smart Securityekrn.exe [2008-07-01 468224]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2006-07-01 322120]
R2 UPHClean;User Profile Hive Cleanup; C:WINDOWSsystem32uphclean.exe [2006-06-30 241725]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2007-03-26 292864]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2007-07-27 593920]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2004-07-15 32768]
S3 EhttpSrv;Eset HTTP Server; C:Program FilesESETESET Smart SecurityEHttpSrv.exe [2008-07-01 19200]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-07-01 89136]
S3 UMWdf;Компонент драйверов пользовательского режима Windows; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
EOF
Вот лог ОТMove It
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{02f19d8a-7837-11dd-82c3-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{03c685f4-3dfe-11dd-817c-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{08745aa4-9eb6-11dd-8356-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{0b99ceec-ebb6-11dd-8423-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2eb1950a-7a7c-11dd-82ca-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{35a0e8b8-cb83-11dd-83c7-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{583d4f6c-c6c7-11dd-83b8-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{768dd8f4-79cb-11dd-82c7-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{790f5dba-29bb-11dd-8124-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{7927a9b8-66ee-11dd-826d-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{87ffc85a-2b81-11de-84e4-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{cbbb8ab4-3b92-11dd-816e-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{dbb5e0c0-96c0-11dd-8324-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f0ed173e-188d-11de-84aa-000a48208b80}\ deleted successfully.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f4bba6e2-859d-11dd-82e6-000a48208b80}\ deleted successfully.
========== COMMANDS ==========
User’s Temp folder emptied.
User’s Internet Explorer cache folder emptied.
File delete failed. C:Documents and SettingsUserLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
User’s Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.11.0 log created on 05062009_214116
Files moved on Reboot…
СПАСИБО ВАМ БОЛЬШОЕ — ПРИОГРОМНОЕ!!! 😀 Комп стал работать быстрее! За счет удаления контрольных точек — освободилось 2 Гига на жестком диске!!1 ❗
лог info RSIT:
info.txt logfile of random’s system information tool 1.06 2009-04-19 14:03:55======Uninstall list======
«Prey» версии 1.0.103—>D:GamesPreyunins000.exe
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
3DMark05—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}setup.exe» -l0x9
Adobe® Photoshop® Album Starter Edition 3.0—>MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
ATI — Утилита деинсталляции—>C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe
ATI Display Driver—>rundll32 C:WINDOWSsystem32atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avanquest update—>C:Program FilesInstallShield Installation Information{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}setup.exe -runfromtemp -l0x0019 -removeonly
BloodRayne 2—>D:GAMESBLOODR~1UNWISE.EXE D:GAMESBLOODR~1INSTALL.LOG
Call of Duty 2—>D:GAMESCALLOF~1UNWISE.EXE D:GAMESCALLOF~1INSTALL.LOG
Camera RAW Plug-In for EPSON Creativity Suite—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}SETUP.EXE» -l0x19 UNINST
CX4300_5500_DX4400 Руководство—>C:Program FilesEPSONTPMANUALCX4300_5500_DX4400RUSUSE_GDOCUNINS.EXE
Disc2Phone—>MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
EPSON Attach To Email—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{67EDD823-135A-4D59-87BD-950616D6E857}SETUP.EXE» -l0x19 -UnInstall
EPSON Easy Photo Print—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}SETUP.EXE» -l0x19 UNINST
EPSON File Manager—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2EB81825-E9EE-44F4-8F51-1240C3898DC6}Setup.exe» -l0x19 UNINST
EPSON Printer Software—>C:WINDOWSSystem32spoolDRIVERSW32X863EPUPDATE.EXE /R
EPSON Scan Assistant—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}Setup.exe» -l0x19 -u
EPSON Scan—>C:Program Filesepsonescndvsetupsetup.exe /r
EPSON Web-To-Page—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}SETUP.EXE» -l0x19 -anything
FlatOut—>D:GAMESFLATOUTUNWISE.EXE D:GAMESFLATOUTINSTALL.LOG
Foxit PDF Reader—>»C:Program FilesFoxit SoftwareFoxit Readerunins000.exe»
Gish—>»D:GamesGishuninstall.exe»
GTA San Andreas—>D:GAMESGTA_SA~1UNWISE.EXE D:GAMESGTA_SA~1INSTALL.LOG
HijackThis 2.0.2—>»C:Program FilesTrend MicroHijackThisHijackThis.exe» /uninstall
K-Lite Codec Pack 2.72 Full—>»C:Program FilesK-Lite Codec Packunins000.exe»
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Office — профессиональный выпуск версии 2003—>MsiExec.exe /I{90110419-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Millionaire—>C:WINDOWSunvise32.exe d:gamesмиллионерuninstal.log
Motorola Driver Installation—>MsiExec.exe /I{3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7}
Motorola Phone Tools—>C:Program FilesInstallShield Installation Information{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}setup.exe -runfromtemp -l0x0019 -removeonly
Need for Speed™ ProStreet—>D:GamesNFSProunwise.exe
Need for Speed™ ProStreet—>D:GAMESNFSPROUNWISE.EXE D:GAMESNFSPROINSTALL.LOG
Nero 6 Ultra Edition—>C:Program FilesAheadnerouninstallUNNERO.exe /UNINSTALL
Nokia Connectivity Cable Driver—>MsiExec.exe /X{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}
Nokia PC Suite—>C:Documents and SettingsAll UsersApplication DataInstallations{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}Nokia_PC_Suite_683_rel_14_1_EA.exe /LANG=»1049″
Nokia PC Suite—>MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
OpenAL—>»C:Program FilesOpenALoalinst.exe» /U
PC Connectivity Solution—>MsiExec.exe /I{066D65EA-ED53-44E4-A96A-F81B6E409D2E}
Pirates of the Caribbean—>D:GAMESPIRATESUNWISE.EXE D:GAMESPIRATESINSTALL.LOG
PowerDVD—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}Setup.exe» -uninstall
Realtek AC’97 Audio—>Alcrmv.exe -r -m
Samsung USB Driver (MCCI 4.24)—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{77F09242-A107-4CB6-A295-D8656C2C3795}
Sniper Elite—>D:GAMESSNIPER~1UNWISE.EXE D:GAMESSNIPER~1INSTALL.LOG
The Sims™ 2 FreeTime + addons—>MsiExec.exe /X{D741A683-B283-4BDC-B9FF-4309028E56A0}
Total Commander 6.54—>MsiExec.exe /X{7355D82D-E4D3-492C-BA09-28ADFA70BFB8}
Windows Driver Package — Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)—>C:PROGRA~1DIFXD6ACC4BE676423A2B130B78A4B627FC457D98997dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33Epccswpddriver.inf
Windows Driver Package — Nokia Modem (02/15/2007 3.1)—>C:PROGRA~1DIFXD6ACC4BE676423A2B130B78A4B627FC457D98997dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293Bpccs_bluetooth.inf
XnView 1.80—>»C:Program FilesXnViewunins000.exe»
Архиватор WinRAR—>C:Program FilesWINRARuninstall.exe
Пакет драйверов Windows — Nokia Modem (11/03/2006 6.82.0.1)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567nokbtmdm.inf=====HijackThis Backups=====
F2 — REG:system.ini: UserInit=C:WINDOWSuserinit.exe [2009-04-18]
O4 — HKCU..Run: [amva] C:WINDOWSsystem32amvo.exe [2009-04-18]
F2 — REG:system.ini: UserInit=C:WINDOWSuserinit.exe [2009-04-18]
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe [2009-04-19]
O4 — HKCU..Run: [amva] C:WINDOWSsystem32amvo.exe [2009-04-19]Securitycenter WMI appears to be broken
======System event log======
Computer Name: COMPUTER
Event Code: 62486
Message: Invalid parametersRecord Number: 43233
Source Name: ati2mtag
Time Written: 20090404150352.000000+240
Event Type: информация
User:Computer Name: COMPUTER
Event Code: 62486
Message: Invalid parametersRecord Number: 43232
Source Name: ati2mtag
Time Written: 20090404150352.000000+240
Event Type: информация
User:Computer Name: COMPUTER
Event Code: 62486
Message: Invalid parametersRecord Number: 43231
Source Name: ati2mtag
Time Written: 20090404150352.000000+240
Event Type: информация
User:Computer Name: COMPUTER
Event Code: 62486
Message: Invalid parametersRecord Number: 43230
Source Name: ati2mtag
Time Written: 20090404150352.000000+240
Event Type: информация
User:Computer Name: COMPUTER
Event Code: 62486
Message: Invalid parametersRecord Number: 43229
Source Name: ati2mtag
Time Written: 20090404150352.000000+240
Event Type: информация
User:=====Application event log=====
Computer Name: COMPUTER
Event Code: 105
Message: The service was started.Record Number: 4777
Source Name: ATI Smart
Time Written: 20090417195209.000000+240
Event Type: информация
User:Computer Name: COMPUTER
Event Code: 1010
Message: User profile hive cleanup service stopped successfully.Record Number: 4776
Source Name: UPHClean
Time Written: 20090416225354.000000+240
Event Type: информация
User:Computer Name: COMPUTER
Event Code: 0
Message:
Record Number: 4775
Source Name: ServiceLayer
Time Written: 20090416202928.000000+240
Event Type: информация
User:Computer Name: COMPUTER
Event Code: 1001
Message: User profile hive cleanup service version 1.6.30.0 started successfully.Record Number: 4774
Source Name: UPHClean
Time Written: 20090416202914.000000+240
Event Type: информация
User:Computer Name: COMPUTER
Event Code: 105
Message: The service was started.Record Number: 4773
Source Name: ATI Smart
Time Written: 20090416202912.000000+240
Event Type: информация
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%system32WBEM;C:Program FilesPC Connectivity Solution
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 6 Stepping 5, GenuineIntel
«PROCESSOR_REVISION»=0605
«NUMBER_OF_PROCESSORS»=2
«TEMP»=%USERPROFILE%Local SettingsTemp
«TMP»=%USERPROFILE%Local SettingsTemp
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
EOF
Лог RSIT:
Logfile of random’s system information tool 1.06 (written by random/random)
Run by User at 2009-04-19 14:03:53
Microsoft Windows XP Professional Service Pack 2
System drive C: has 56 GB (64%) free of 88 GB
Total RAM: 2046 MB (83% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:03:54, on 19.04.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32uphclean.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32wscntfy.exe
C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSSystem32spoolDRIVERSW32X863E_FATICAR.EXE
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Documents and SettingsUserРабочий столRSIT.exe
C:Program FilesTrend MicroHijackThisUser.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.APEHA.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: EpsonToolBandKicker Class — {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll
O3 — Toolbar: EPSON Web-To-Page — {EE5D279F-081B-4404-994D-C6B60AAEBA6D} — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll
O4 — HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 — HKLM..Run: [Adobe Photo Downloader] «C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe»
O4 — HKLM..Run: [PCSuiteTrayApplication] C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKCU..Run: [EPSON Stylus CX4300 Series] C:WINDOWSSystem32spoolDRIVERSW32X863E_FATICAR.EXE /FU «C:WINDOWSsystem32configSYSTEM~1LOCALS~1TempE_SA2.tmp» /EF «HKCU»
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_02] rundll32 advpack.dll,DelNodeRunDLL32 «%SystemRoot%System32dllcache» (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_06] cmd.exe /c md «%USERPROFILE%Local SettingsTemp» (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_07] rundll32 advpack.dll,DelNodeRunDLL32 «%SystemRoot%NLDRV» (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_08] rundll32 advpack.dll,LaunchINFSection nlite.inf,I (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_09] cmd.exe /C move /Y «%SystemRoot%System32syssetub.dll» «%SystemRoot%System32syssetup.dll» (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_10] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nlpo_11] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [nlpo_02] rundll32 advpack.dll,DelNodeRunDLL32 «%SystemRoot%System32dllcache» (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [tscuninstall] %systemroot%system32tscupgrd.exe (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [tscuninstall] %systemroot%system32tscupgrd.exe (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~1OFFICE11EXCEL.EXE/3000
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~1OFFICE11REFIEBAR.DLL
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 5402 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll [2005-02-21 368640][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} — EPSON Web-To-Page — C:Program FilesEPSONEPSON Web-To-PageEPSON Web-To-Page.dll [2005-02-21 368640][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2006-07-01 155648]
«Adobe Photo Downloader»=C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe [2005-06-06 57344]
«PCSuiteTrayApplication»=C:Program FilesNokiaNokia PC Suite 6LaunchApplication.exe [2007-03-23 227328]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2006-06-30 577536][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«EPSON Stylus CX4300 Series»=C:WINDOWSSystem32spoolDRIVERSW32X863E_FATICAR.EXE [2007-03-01 180736][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2007-07-28 118784][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalprocexp90.Sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkprocexp90.Sys]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«DisableStatusMessages»=0
«InstallVisualStyle»=C:WINDOWSResourcesThemesRoyaleRoyale.msstyles
«InstallTheme»=C:WINDOWSResourcesThemesRoyale.theme[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoWindowsUpdate»=1
«NoSMConfigurePrograms»=1
«NoResolveTrack»=1
«NoResolveSearch»=1
«NoInstrumentation»=1
«NoStartMenuMFUprogramsList»=1[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{02f19d8a-7837-11dd-82c3-000a48208b80}]
shellAutoRuncommand — F:n1deiect.com
shellexplorecommand — F:n1deiect.com
shellopencommand — F:n1deiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{03c685f4-3dfe-11dd-817c-000a48208b80}]
shellAutoRuncommand — F:n1deiect.com
shellexplorecommand — F:n1deiect.com
shellopencommand — F:n1deiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{08745aa4-9eb6-11dd-8356-000a48208b80}]
shellAutoRuncommand — F:n1deiect.com
shellexplorecommand — F:n1deiect.com
shellopencommand — F:n1deiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{0b99ceec-ebb6-11dd-8423-000a48208b80}]
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Secret.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2eb1950a-7a7c-11dd-82ca-000a48208b80}]
shellAutoRuncommand — F:
shellexplorecommand — F:n1deiect.com
shellopencommand — F:n1deiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{35a0e8b8-cb83-11dd-83c7-000a48208b80}]
shellAutoRuncommand — F:n1deiect.com
shellexplorecommand — F:n1deiect.com
shellopencommand — F:n1deiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{583d4f6c-c6c7-11dd-83b8-000a48208b80}]
shellAutoRuncommand — F:oufddh.exe
shellexplorecommand — F:oufddh.exe
shellopencommand — F:oufddh.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{768dd8f4-79cb-11dd-82c7-000a48208b80}]
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Secret.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{790f5dba-29bb-11dd-8124-000a48208b80}]
shellAutoRuncommand — F:n1deiect.com
shellexplorecommand — F:n1deiect.com
shellopencommand — F:n1deiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{7927a9b8-66ee-11dd-826d-000a48208b80}]
shellAutoRuncommand — F:n1deiect.com
shellexplorecommand — F:n1deiect.com
shellopencommand — F:n1deiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{87ffc85a-2b81-11de-84e4-000a48208b80}]
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Secret.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{cbbb8ab4-3b92-11dd-816e-000a48208b80}]
shellAutoRuncommand — u.bat
shellexplorecommand — u.bat
shellopencommand — u.bat[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{dbb5e0c0-96c0-11dd-8324-000a48208b80}]
shellAutoRuncommand — F:n1deiect.com
shellexplorecommand — F:n1deiect.com
shellopencommand — F:n1deiect.com[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f0ed173e-188d-11de-84aa-000a48208b80}]
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Secret.exe[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f4bba6e2-859d-11dd-82e6-000a48208b80}]
shellAutoRuncommand — F:n1deiect.com
shellexplorecommand — F:n1deiect.com
shellopencommand — F:n1deiect.com======List of files/folders created in the last 1 months======
2009-04-19 14:03:53 —-D—- C:rsit
2009-04-19 14:00:08 —-D—- C:ComboFix
2009-04-19 14:00:08 —-A—- C:WINDOWSsystem32CF28221.exe
2009-04-19 13:59:13 —-D—- C:WINDOWSERDNT
2009-04-19 13:59:12 —-A—- C:WINDOWSsystem32CF28038.exe
2009-04-19 13:59:11 —-D—- C:Qoobox
2009-04-19 13:53:52 —-D—- C:WINDOWSsystem32appmgmt
2009-04-19 13:48:36 —-D—- C:WINDOWSSoftwareDistribution
2009-04-19 13:48:33 —-D—- C:WINDOWSPrefetch
2009-04-19 13:45:06 —-D—- C:WINDOWSsystem32xircom
2009-04-19 13:45:06 —-D—- C:Program Filesxerox
2009-04-19 13:45:06 —-D—- C:Program Filesmsn gaming zone
2009-04-19 13:45:06 —-D—- C:Program Filesmicrosoft frontpage
2009-04-19 13:44:20 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-04-19 13:44:14 —-HD—- C:Program FilesWindowsUpdate
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuweb.dll
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wups.dll
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wucltui.dll
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-04-19 13:44:05 —-A—- C:WINDOWSsystem32wuapi.dll
2009-04-19 13:43:25 —-D—- C:Program FilesMessenger
2009-04-19 13:36:35 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-04-19 13:36:35 —-A—- C:WINDOWSsystem32irclass.dll
2009-04-19 13:36:18 —-RA—- C:WINDOWSSETBA.tmp
2009-04-19 13:36:16 —-RA—- C:WINDOWSSETAE.tmp
2009-04-19 13:36:15 —-RA—- C:WINDOWSSETAB.tmp
2009-04-19 13:30:48 —-RSHD—- C:WINDOWSsystem32dllcache
2009-04-19 13:25:44 —-SHD—- C:FOUND.010
2009-04-18 18:20:08 —-D—- C:Documents and SettingsUserApplication DataESET
2009-04-18 18:19:15 —-D—- C:Program FilesESET
2009-04-18 18:19:15 —-D—- C:Documents and SettingsAll UsersApplication DataESET
2009-04-18 18:11:12 —-SHD—- C:FOUND.009
2009-04-18 18:03:48 —-SHD—- C:FOUND.008
2009-04-18 17:52:26 —-SHD—- C:FOUND.007
2009-04-18 17:38:28 —-D—- C:Program FilesTrend Micro
2009-04-17 23:00:23 —-D—- C:Documents and SettingsUserApplication DataKingston
2009-04-06 22:20:52 —-SHD—- C:FOUND.006======List of files/folders modified in the last 1 months======
2009-04-19 13:54:00 —-A—- C:WINDOWSSchedLgU.Txt
2009-04-19 13:50:08 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-04-19 13:49:10 —-A—- C:WINDOWSsetuplog.txt
2009-04-19 13:44:52 —-A—- C:WINDOWSOEWABLog.txt
2009-04-19 13:44:50 —-A—- C:WINDOWSODBCINST.INI
2009-04-19 13:44:22 —-RD—- C:WINDOWSWeb
2009-04-19 13:44:22 —-RD—- C:Program Files
2009-04-19 13:44:18 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-04-19 13:44:12 —-A—- C:WINDOWSwin.ini
2009-04-19 13:42:54 —-SH—- C:boot.ini
2009-04-19 13:36:40 —-A—- C:WINDOWSsystem.ini
2009-04-19 13:36:32 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-04-18 18:20:10 —-A—- C:WINDOWSkdcoms.dll
2009-04-18 17:04:24 —-A—- C:WINDOWSNeroDigital.ini
2009-04-15 15:03:58 —-A—- C:WINDOWSModemLog_Motorola USB Modem.txt======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2006-06-30 3846848]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2007-07-28 2371584]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-03 20992]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 ENTECH;ENTECH; ??C:WINDOWSsystem32DRIVERSENTECH.sys []
S3 motmodem;Motorola USB CDC ACM Driver; C:WINDOWSsystem32DRIVERSmotmodem.sys [2007-02-27 21504]
S3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversnmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversnmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:WINDOWSsystem32driversnmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:WINDOWSsystem32driversnmwcdcm.sys [2007-02-22 12288]
S3 ssm_bus;Samsung Mobile USB Device II 1.0 driver (WDM); C:WINDOWSsystem32DRIVERSssm_bus.sys [2006-11-10 52416]
S3 ssm_mdfl;Samsung Mobile USB Modem II 1.0 Filter; C:WINDOWSsystem32DRIVERSssm_mdfl.sys [2005-11-10 6096]
S3 ssm_mdm;Samsung Mobile USB Modem II 1.0 Drivers; C:WINDOWSsystem32DRIVERSssm_mdm.sys [2005-11-10 84512]
S3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 Wdf01000;Wdf01000; C:WINDOWSsystem32DRIVERSWdf01000.sys [2006-11-02 492000]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2007-07-28 483328]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2006-07-01 322120]
R2 UPHClean;User Profile Hive Cleanup; C:WINDOWSsystem32uphclean.exe [2006-06-30 241725]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2007-03-26 292864]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2007-07-27 593920]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_state.exe [2004-07-15 32768]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-07-01 89136]
S3 UMWdf;Компонент драйверов пользовательского режима Windows; C:WINDOWSsystem32wdfmgr.exe [2005-01-28 38912]
EOF
По завершении работы RSIT выдал только лог log.txt. второго нет. я что-то не так делаю? 😕
Лог вот он:
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Сальниковы at 2009-04-16 17:10:34
Microsoft Windows XP Professional Service Pack 2
System drive C: has 12 GB (60%) free of 20 GB
Total RAM: 511 MB (39% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:10:37, on 16.04.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSSOUNDMAN.EXE
C:Program FilesEsetnod32kui.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesWinampwinampa.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:Program FilesPunto Switcherpunto.exe
C:Program FilesCommon FilesYandexYupdateyupdate.exe
C:Program FilesBridge to EnglishOxford DictionaryDict.exe
C:Program FilesEsetnod32krn.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe
C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe
C:Program FilesWinampwinamp.exe
C:Program FilesOperaopera.exe
C:Documents and SettingsСальниковыРабочий столRSIT.exe
C:Program FilesTrend MicroHijackThisСальниковы.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.rambler.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [nod32kui] «C:Program FilesEsetnod32kui.exe» /WAITSERVICE
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [FineReader7NewsReaderPro] «C:Program FilesABBYY FineReader 7.0 Professional EditionAbbyyNewsReader.exe»
O4 — HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 — HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 — HKLM..Run: [Intense Registry Service] IntEdReg.exe /CHECK
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [PC Suite Tray] «C:Program FilesNokiaNokia PC Suite 7PCSuite.exe» -onlytray
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe»
O4 — HKCU..Run: [BTE_Oxford_Dictionary] IntEdReg.exe /DICT
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NOD32 Kernel Service (NOD32krn) — Eset — C:Program FilesEsetnod32krn.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 6188 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll [2003-11-04 54248][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} — Яндекс.Бар — C:Program FilesYandexYandexBarIEyndbar.dll [2008-10-15 1561864][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2005-10-10 7286784]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2005-10-10 86016]
«SoundMan»=C:WINDOWSSOUNDMAN.EXE [2004-07-01 67584]
«nod32kui»=C:Program FilesEsetnod32kui.exe [2008-01-10 921600]
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2006-01-12 155648]
«FineReader7NewsReaderPro»=C:Program FilesABBYY FineReader 7.0 Professional EditionAbbyyNewsReader.exe [2003-12-10 278528]
«HP Software Update»=C:Program FilesHPHP Software UpdateHPWuSchd2.exe [2007-03-11 49152]
«WinampAgent»=C:Program FilesWinampwinampa.exe [2004-12-20 33792]
«Intense Registry Service»=IntEdReg.exe /CHECK [][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2004-08-17 15360]
«MSMSGS»=C:Program FilesMessengermsmsgs.exe [2004-10-13 1694208]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2006-04-21 94208]
«PC Suite Tray»=C:Program FilesNokiaNokia PC Suite 7PCSuite.exe [2008-12-03 1205760]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-16 735016]
«Yupdate!»=C:Program FilesCommon FilesYandexYupdateyupdate.exe [2008-09-01 479496]
«BTE_Oxford_Dictionary»=IntEdReg.exe /DICT [][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«NoDriveAutoRun»=FFFFFFFF[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
«C:Program FilesQIP Infiuminfium.exe»=»C:Program FilesQIP Infiuminfium.exe:*:Enabled:QIP Infium»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c37dd804-2820-11de-ac64-00016cbadcba}]
shellAutoRuncommand — C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Secret.exe======List of files/folders created in the last 1 months======
2009-04-16 09:42:40 —-D—- C:WINDOWSLastGood
2009-04-14 21:39:41 —-A—- C:WINDOWShpfccopy.INI
2009-04-14 20:32:49 —-D—- C:UniScan
2009-04-14 20:32:45 —-RA—- C:WINDOWSsystem32hp2436co.dll
2009-04-14 09:41:41 —-HDC—- C:WINDOWS$NtUninstallKB927891$
2009-04-13 23:18:35 —-RASHD—- C:autorun.inf
2009-04-13 19:55:13 —-D—- C:Program FilesReadManiac
2009-04-13 12:41:16 —-A—- C:WINDOWSsystem32ptpusb.dll
2009-04-13 12:41:13 —-A—- C:WINDOWSsystem32ptpusd.dll
2009-04-12 23:32:58 —-HDC—- C:WINDOWS$NtUninstallKB899587$
2009-04-12 23:32:47 —-HDC—- C:WINDOWS$NtUninstallKB927779$
2009-04-12 23:32:36 —-HDC—- C:WINDOWS$NtUninstallKB927802$
2009-04-12 23:32:25 —-HDC—- C:WINDOWS$NtUninstallKB885835$
2009-04-12 23:32:14 —-HDC—- C:WINDOWS$NtUninstallKB885836$
2009-04-12 23:32:02 —-HDC—- C:WINDOWS$NtUninstallKB937894$
2009-04-12 23:31:49 —-HDC—- C:WINDOWS$NtUninstallKB928255$
2009-04-12 23:31:39 —-HDC—- C:WINDOWS$NtUninstallKB911927$
2009-04-12 23:31:28 —-HDC—- C:WINDOWS$NtUninstallKB901017$
2009-04-12 23:31:18 —-HDC—- C:WINDOWS$NtUninstallKB899591$
2009-04-12 23:31:08 —-HDC—- C:WINDOWS$NtUninstallKB933729$
2009-04-12 23:30:57 —-HDC—- C:WINDOWS$NtUninstallKB920685$
2009-04-12 23:30:46 —-HDC—- C:WINDOWS$NtUninstallKB893756$
2009-04-12 23:30:35 —-HDC—- C:WINDOWS$NtUninstallKB923980$
2009-04-12 23:30:25 —-HDC—- C:WINDOWS$NtUninstallKB911280$
2009-04-12 23:30:15 —-HDC—- C:WINDOWS$NtUninstallKB911562$
2009-04-12 23:30:05 —-HDC—- C:WINDOWS$NtUninstallKB938828$
2009-04-12 23:29:55 —-HDC—- C:WINDOWS$NtUninstallKB924667$
2009-04-12 23:29:45 —-HDC—- C:WINDOWS$NtUninstallKB896423$
2009-04-12 23:29:36 —-HDC—- C:WINDOWS$NtUninstallKB900485$
2009-04-12 23:29:20 —-HDC—- C:WINDOWS$NtUninstallKB924270$
2009-04-12 23:29:11 —-HDC—- C:WINDOWS$NtUninstallKB931261$
2009-04-12 23:29:02 —-HDC—- C:WINDOWS$NtUninstallKB936782_WMP9$
2009-04-12 23:28:15 —-HDC—- C:WINDOWS$NtUninstallKB873339$
2009-04-12 23:28:05 —-HDC—- C:WINDOWS$NtUninstallKB936357$
2009-04-12 23:27:55 —-HDC—- C:WINDOWS$NtUninstallKB887472$
2009-04-12 23:27:45 —-HDC—- C:WINDOWS$NtUninstallKB946026$
2009-04-12 23:27:35 —-HDC—- C:WINDOWS$NtUninstallKB896358$
2009-04-12 23:27:26 —-HDC—- C:WINDOWS$NtUninstallKB925398_WMP64$
2009-04-12 23:26:41 —-HDC—- C:WINDOWS$NtUninstallKB910437$
2009-04-12 23:26:31 —-HDC—- C:WINDOWS$NtUninstallKB911564$
2009-04-12 23:25:46 —-HDC—- C:WINDOWS$NtUninstallKB925902$
2009-04-12 23:25:35 —-HDC—- C:WINDOWS$NtUninstallKB929123$
2009-04-12 23:25:25 —-HDC—- C:WINDOWS$NtUninstallKB920670$
2009-04-12 23:25:16 —-HDC—- C:WINDOWS$NtUninstallKB891781$
2009-04-12 23:25:06 —-HDC—- C:WINDOWS$NtUninstallKB918439$
2009-04-12 23:24:51 —-HDC—- C:WINDOWS$NtUninstallKB902400$
2009-04-12 23:24:39 —-HDC—- C:WINDOWS$NtUninstallKB890046$
2009-04-12 23:24:30 —-HDC—- C:WINDOWS$NtUninstallKB926436$
2009-04-12 23:24:21 —-HDC—- C:WINDOWS$NtUninstallKB920872$
2009-04-12 23:24:06 —-HDC—- C:WINDOWS$NtUninstallKB930178$
2009-04-12 23:23:57 —-HDC—- C:WINDOWS$NtUninstallKB914388$
2009-04-12 23:23:48 —-HDC—- C:WINDOWS$NtUninstallKB941569$
2009-04-12 23:22:58 —-HDC—- C:WINDOWS$NtUninstallKB905414$
2009-04-12 23:22:49 —-HDC—- C:WINDOWS$NtUninstallKB932168$
2009-04-12 23:22:40 —-HDC—- C:WINDOWS$NtUninstallKB901214$
2009-04-12 23:22:30 —-HDC—- C:WINDOWS$NtUninstallKB923191$
2009-04-12 23:22:21 —-HDC—- C:WINDOWS$NtUninstallKB922582$
2009-04-12 23:22:05 —-HDC—- C:WINDOWS$NtUninstallKB918118$
2009-04-12 23:21:55 —-HDC—- C:WINDOWS$NtUninstallKB926255$
2009-04-12 23:21:45 —-HDC—- C:WINDOWS$NtUninstallKB888302$
2009-04-12 23:21:35 —-HDC—- C:WINDOWS$NtUninstallKB900725$
2009-04-12 23:21:26 —-HDC—- C:WINDOWS$NtUninstallKB920213$
2009-04-12 23:21:16 —-HDC—- C:WINDOWS$NtUninstallKB943485$
2009-04-12 23:21:08 —-HDC—- C:WINDOWS$NtUninstallKB945553$
2009-04-12 23:20:58 —-HDC—- C:WINDOWS$NtUninstallKB886185$
2009-04-12 23:20:49 —-HDC—- C:WINDOWS$NtUninstallKB916595$
2009-04-12 23:20:41 —-HDC—- C:WINDOWS$NtUninstallKB930916$
2009-04-12 23:20:28 —-HDC—- C:WINDOWS$NtUninstallKB950749$
2009-04-12 23:20:16 —-HDC—- C:WINDOWS$NtUninstallKB932823-v3$
2009-04-12 23:20:07 —-HDC—- C:WINDOWS$NtUninstallKB908531$
2009-04-12 23:19:57 —-HDC—- C:WINDOWS$NtUninstallKB905749$
2009-04-12 23:19:48 —-HDC—- C:WINDOWS$NtUninstallKB913580$
2009-04-12 23:19:38 —-HDC—- C:WINDOWS$NtUninstallKB896428$
2009-04-12 23:19:29 —-HDC—- C:WINDOWS$NtUninstallKB935839$
2009-04-12 23:19:20 —-HDC—- C:WINDOWS$NtUninstallKB943055$
2009-04-12 23:19:11 —-HDC—- C:WINDOWS$NtUninstallKB894391$
2009-04-12 23:19:02 —-HDC—- C:WINDOWS$NtUninstallKB908519$
2009-04-12 23:18:53 —-HDC—- C:WINDOWS$NtUninstallKB920683$
2009-04-12 23:18:45 —-HDC—- C:WINDOWS$NtUninstallKB914389$
2009-04-12 23:18:35 —-HDC—- C:WINDOWS$NtUninstallKB944653$
2009-04-12 23:18:25 —-HDC—- C:WINDOWS$NtUninstallKB890859$
2009-04-12 23:18:08 —-HDC—- C:WINDOWS$NtUninstallKB928843$
2009-04-12 17:34:13 —-HDC—- C:WINDOWS$MSI31Uninstall_KB893803v2$
2009-04-11 23:53:45 —-D—- C:Program FilesMSXML 4.0
2009-04-11 17:37:01 —-D—- C:Program FilesBridge to English
2009-04-10 23:23:40 —-D—- C:Program FilesAdobe
2009-04-10 23:17:02 —-D—- C:WINDOWSCache
2009-04-10 22:50:07 —-D—- C:Documents and SettingsAll UsersApplication DataAdobe
2009-04-10 22:49:57 —-D—- C:Program FilesCommon FilesAdobe
2009-04-10 20:59:55 —-D—- C:Documents and SettingsСальниковыApplication DataQIP
2009-04-10 20:59:33 —-D—- C:Program FilesQIP Infium
2009-04-10 20:17:30 —-D—- C:rsit
2009-04-10 20:16:22 —-D—- C:Program FilesTrend Micro
2009-04-10 19:58:34 —-N—- C:WINDOWSsystem32vxblock.dll
2009-04-10 19:58:34 —-N—- C:WINDOWSsystem32pxwave.dll
2009-04-10 19:58:34 —-N—- C:WINDOWSsystem32pxmas.dll
2009-04-10 19:58:34 —-N—- C:WINDOWSsystem32pxhpinst.exe
2009-04-10 19:58:34 —-N—- C:WINDOWSsystem32pxdrv.dll
2009-04-10 19:58:34 —-N—- C:WINDOWSsystem32px.dll
2009-04-10 19:58:23 —-D—- C:Program FilesWinamp
2009-04-10 19:58:23 —-A—- C:WINDOWSwinamp.ini
2009-04-10 19:55:58 —-D—- C:Program FilesYandex
2009-04-10 19:55:58 —-D—- C:Program FilesCommon FilesYandex
2009-04-10 19:55:58 —-D—- C:Documents and SettingsСальниковыApplication DataMozilla
2009-04-10 19:55:51 —-D—- C:Program FilesPunto Switcher
2009-04-10 19:55:51 —-D—- C:Documents and SettingsСальниковыApplication DataYandex
2009-04-10 19:41:12 —-N—- C:WINDOWSsystem32spmsgXP_2k3.dll
2009-04-10 19:41:07 —-HDC—- C:WINDOWS$NtUninstallWdf01007$
2009-04-10 19:39:10 —-D—- C:Documents and SettingsСальниковыApplication DataNokia
2009-04-10 19:39:08 —-D—- C:Documents and SettingsСальниковыApplication DataPC Suite
2009-04-10 19:39:06 —-D—- C:Documents and SettingsAll UsersApplication DataPC Suite
2009-04-10 19:38:38 —-D—- C:Program FilesCommon FilesPCSuite
2009-04-10 19:38:33 —-D—- C:Program FilesCommon FilesNokia
2009-04-10 19:38:18 —-D—- C:Program FilesDIFX
2009-04-10 19:38:09 —-D—- C:Program FilesPC Connectivity Solution
2009-04-10 19:38:00 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-04-10 19:38:00 —-A—- C:WINDOWSsystem32wdfcoinstaller01007.dll
2009-04-10 19:38:00 —-A—- C:WINDOWSsystem32nmwcdcocls.dll
2009-04-10 19:37:59 —-A—- C:WINDOWSsystem32nmwcdcls.dll
2009-04-10 19:37:57 —-D—- C:Program FilesNokia
2009-04-10 19:25:03 —-D—- C:Documents and SettingsAll UsersApplication DataInstallations
2009-04-10 19:21:53 —-D—- C:Documents and SettingsAll UsersApplication DataWEBREG
2009-04-10 19:04:28 —-D—- C:Program FilesCommon FilesHP
2009-04-10 19:03:04 —-D—- C:Documents and SettingsAll UsersApplication DataHP Product Assistant
2009-04-10 19:03:03 —-D—- C:Documents and SettingsAll UsersApplication DataHP
2009-04-10 19:02:20 —-D—- C:Program FilesCommon FilesHewlett-Packard
2009-04-10 19:02:19 —-D—- C:Program FilesHewlett-Packard
2009-04-10 19:01:29 —-HD—- C:Config.Msi
2009-04-10 19:01:11 —-D—- C:Program FilesHP
2009-04-10 18:19:59 —-D—- C:Documents and SettingsСальниковыApplication DataMacromedia
2009-04-10 18:19:59 —-D—- C:Documents and SettingsСальниковыApplication DataAdobe
2009-04-10 18:15:35 —-A—- C:WINDOWScfgedit.INI
2009-04-10 18:12:11 —-RD—- C:Documents and SettingsСальниковыApplication DataBrother
2009-04-10 18:09:32 —-A—- C:WINDOWSBRWMARK.INI
2009-04-10 18:09:12 —-A—- C:WINDOWSBRVIDEO.INI
2009-04-10 18:09:12 —-A—- C:WINDOWSBrownie.ini
2009-04-10 18:09:12 —-A—- C:WINDOWSBRDIAG.INI
2009-04-10 18:09:02 —-N—- C:WINDOWSsystem32BRVPDNTA.DLL
2009-04-10 18:09:02 —-N—- C:WINDOWSsystem32BRVPD95A.DLL
2009-04-10 18:09:02 —-N—- C:WINDOWSsystem32BRRBTOOL.EXE
2009-04-10 18:09:02 —-N—- C:WINDOWSsystem32BROSNMP.DLL
2009-04-10 18:09:02 —-N—- C:WINDOWSsystem32brlm03a.dll
2009-04-10 18:09:02 —-N—- C:WINDOWSsystem32BRGSRC32.DLL
2009-04-10 18:09:02 —-N—- C:WINDOWSsystem32BRGSRC16.DLL
2009-04-10 18:09:02 —-N—- C:WINDOWSsystem32Brdiag2.exe
2009-04-10 18:09:00 —-D—- C:Program FilesBrownie
2009-04-10 18:09:00 —-A—- C:WINDOWSHL-2030.INI
2009-04-10 18:06:48 —-N—- C:WINDOWSsystem32Pdrvinst.dll
2009-04-10 18:06:48 —-D—- C:Program FilesBrother
2009-04-10 18:06:47 —-N—- C:WINDOWSsystem32BRWEBUP.EXE
2009-04-10 18:06:47 —-N—- C:WINDOWSsystem32BrWebIns.dll
2009-04-10 18:02:05 —-A—- C:WINDOWSRtlRack.ini
2009-04-10 17:57:41 —-A—- C:WINDOWSODBC.INI
2009-04-10 17:57:35 —-N—- C:WINDOWSsystem32mdimon.dll
2009-04-10 17:56:46 —-D—- C:Program FilesMicrosoft.NET
2009-04-10 17:55:53 —-D—- C:Program FilesCommon FilesDESIGNER
2009-04-10 17:55:33 —-D—- C:WINDOWSSHELLNEW
2009-04-10 17:55:27 —-D—- C:Program FilesMicrosoft Office
2009-04-10 17:45:34 —-D—- C:Documents and SettingsСальниковыApplication DataACD Systems
2009-04-10 17:44:48 —-D—- C:Documents and SettingsAll UsersApplication DataACD Systems
2009-04-10 17:44:47 —-D—- C:Program FilesCommon FilesACD Systems
2009-04-10 17:44:47 —-D—- C:Program FilesACD Systems
2009-04-10 17:43:59 —-D—- C:WINDOWSDownloaded Installations
2009-04-10 17:29:05 —-D—- C:Program FilesuTorrent
2009-04-10 17:29:04 —-D—- C:Documents and SettingsСальниковыApplication DatauTorrent
2009-04-10 17:22:25 —-D—- C:Program FilesABBYY FineReader 7.0 Professional Edition
2009-04-10 17:04:43 —-D—- C:WINDOWSie7updates
2009-04-10 17:04:03 —-D—- C:WINDOWSWBEM
2009-04-10 17:04:02 —-D—- C:WINDOWSsystem32ru-ru
2009-04-10 17:02:49 —-HDC—- C:WINDOWSie7
2009-04-10 17:02:29 —-HDC—- C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$
2009-04-10 17:02:00 —-HDC—- C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$
2009-04-10 17:01:25 —-HDC—- C:WINDOWS$NtUninstallKB915865$
2009-04-10 17:01:22 —-N—- C:WINDOWSsystem32xmllite.dll
2009-04-10 17:00:31 —-D—- C:WINDOWSnetwork diagnostic
2009-04-10 17:00:30 —-HDC—- C:WINDOWS$NtUninstallKB914440$
2009-04-10 17:00:16 —-HDC—- C:WINDOWS$NtUninstallKB904942$
2009-04-10 16:57:22 —-D—- C:Documents and SettingsAll UsersApplication DatanView_Profiles
2009-04-10 16:55:47 —-A—- C:WINDOWSNeroDigital.ini
2009-04-10 16:51:51 —-N—- C:WINDOWSsystem32MRT.exe
2009-04-10 16:51:16 —-D—- C:WINDOWSsystem32appmgmt
2009-04-10 16:41:21 —-D—- C:Documents and SettingsСальниковыApplication DataABBYY
2009-04-10 16:40:34 —-D—- C:Documents and SettingsAll UsersApplication DataABBYY
2009-04-10 16:34:18 —-D—- C:Documents and SettingsСальниковыApplication DataAhead
2009-04-10 16:31:36 —-D—- C:Program FilesNero
2009-04-10 16:31:36 —-D—- C:Program FilesCommon FilesAhead
2009-04-10 16:25:24 —-D—- C:Program FilesWinRAR
2009-04-10 16:21:40 —-D—- C:totalcmd
2009-04-10 16:21:40 —-A—- C:WINDOWSwincmd.ini
2009-04-10 15:43:12 —-A—- C:WINDOWSntbtlog.txt
2009-04-10 15:35:11 —-HDC—- C:WINDOWS$NtUninstallKB958215$
2009-04-10 15:35:01 —-HDC—- C:WINDOWS$NtUninstallKB950974$
2009-04-10 15:34:54 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-04-10 15:34:43 —-HDC—- C:WINDOWS$NtUninstallKB967715$
2009-04-10 15:34:34 —-HDC—- C:WINDOWS$NtUninstallKB951748$
2009-04-10 15:34:26 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-04-10 15:34:15 —-HDC—- C:WINDOWS$NtUninstallKB944338-v2$
2009-04-10 14:44:41 —-D—- C:Documents and SettingsСальниковыApplication DataOpera
2009-04-10 14:44:28 —-D—- C:Program FilesOpera
2009-04-10 14:38:53 —-D—- C:WINDOWSsystem32CatRoot_bak
2009-04-10 12:49:21 —-HDC—- C:WINDOWS$NtUninstallKB951376-v2$
2009-04-10 12:49:16 —-HDC—- C:WINDOWS$NtUninstallKB952954$
2009-04-10 12:49:10 —-HDC—- C:WINDOWS$NtUninstallKB946648$
2009-04-10 12:49:04 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-04-10 12:48:59 —-HDC—- C:WINDOWS$NtUninstallKB951698$
2009-04-10 12:48:48 —-HDC—- C:WINDOWS$NtUninstallKB956841$
2009-04-10 12:48:37 —-HDC—- C:WINDOWS$NtUninstallKB960714$
2009-04-10 12:48:32 —-HDC—- C:WINDOWS$NtUninstallKB938464-v2$
2009-04-10 12:48:25 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-04-10 12:48:20 —-HDC—- C:WINDOWS$NtUninstallKB950762$
2009-04-10 12:48:14 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-04-10 12:48:09 —-HDC—- C:WINDOWS$NtUninstallKB960715$
2009-04-10 12:48:03 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-04-10 12:47:58 —-HDC—- C:WINDOWS$NtUninstallKB952287$
2009-04-10 12:47:52 —-HDC—- C:WINDOWS$NtUninstallKB950760$
2009-04-10 12:47:42 —-HDC—- C:WINDOWS$NtUninstallKB951066$
2009-04-10 12:47:30 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-04-10 12:47:24 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-04-10 12:47:19 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-04-10 12:47:06 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-04-10 12:34:15 —-HDC—- C:WINDOWS$NtUninstallKB955839$
2009-04-10 01:37:50 —-N—- C:WINDOWSsystem32h323log.txt
2009-04-10 01:33:19 —-N—- C:WINDOWSsystem32usbui.dll
2009-04-10 01:32:16 —-A—- C:WINDOWSimsins.BAK
2009-04-10 01:32:13 —-SHD—- C:WINDOWSInstaller
2009-04-10 01:32:13 —-D—- C:Program FilesCommon FilesODBC
2009-04-10 01:32:13 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-04-10 01:32:13 —-A—- C:WINDOWSODBCINST.INI
2009-04-10 01:32:08 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-04-10 01:32:07 —-RD—- C:Program Files
2009-04-10 01:32:07 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-04-10 01:32:07 —-D—- C:Program FilesCommon Files
2009-04-10 01:32:02 —-N—- C:WINDOWSsystem32kbdtuq.dll
2009-04-10 01:32:02 —-N—- C:WINDOWSsystem32kbdtuf.dll
2009-04-10 01:32:02 —-N—- C:WINDOWSsystem32kbdazel.dll
2009-04-10 01:31:59 —-N—- C:WINDOWSsystem32kbdhept.dll
2009-04-10 01:31:59 —-N—- C:WINDOWSsystem32kbdhela3.dll
2009-04-10 01:31:59 —-N—- C:WINDOWSsystem32kbdhela2.dll
2009-04-10 01:31:59 —-N—- C:WINDOWSsystem32kbdhe319.dll
2009-04-10 01:31:59 —-N—- C:WINDOWSsystem32kbdhe220.dll
2009-04-10 01:31:59 —-N—- C:WINDOWSsystem32kbdhe.dll
2009-04-10 01:31:59 —-N—- C:WINDOWSsystem32kbdgkl.dll
2009-04-10 01:31:56 —-N—- C:WINDOWSsystem32kbdlv1.dll
2009-04-10 01:31:56 —-N—- C:WINDOWSsystem32kbdlv.dll
2009-04-10 01:31:56 —-N—- C:WINDOWSsystem32kbdlt1.dll
2009-04-10 01:31:56 —-N—- C:WINDOWSsystem32kbdlt.dll
2009-04-10 01:31:56 —-N—- C:WINDOWSsystem32kbdest.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32kbdycl.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32kbdsl1.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32kbdsl.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32kbdro.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32kbdpl1.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32kbdpl.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32kbdhu1.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32kbdhu.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32kbdcz2.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32kbdcz1.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32kbdcz.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32kbdcr.dll
2009-04-10 01:31:53 —-N—- C:WINDOWSsystem32KBDAL.DLL
2009-04-10 01:31:48 —-N—- C:WINDOWSsystem32kbdtat.dll
2009-04-10 01:31:48 —-N—- C:WINDOWSsystem32kbdmon.dll
2009-04-10 01:31:48 —-N—- C:WINDOWSsystem32kbdkyr.dll
2009-04-10 01:31:47 —-N—- C:WINDOWSsystem32kbdycc.dll
2009-04-10 01:31:47 —-N—- C:WINDOWSsystem32kbduzb.dll
2009-04-10 01:31:47 —-N—- C:WINDOWSsystem32kbdur.dll
2009-04-10 01:31:47 —-N—- C:WINDOWSsystem32kbdkaz.dll
2009-04-10 01:31:47 —-N—- C:WINDOWSsystem32kbdbu.dll
2009-04-10 01:31:47 —-N—- C:WINDOWSsystem32kbdblr.dll
2009-04-10 01:31:47 —-N—- C:WINDOWSsystem32kbdaze.dll
2009-04-10 01:31:45 —-N—- C:WINDOWSsystem32spxcoins.dll
2009-04-10 01:31:45 —-N—- C:WINDOWSsystem32irclass.dll
2009-04-10 01:31:45 —-N—- C:WINDOWSsystem32dgsetup.dll
2009-04-10 01:31:45 —-N—- C:WINDOWSsystem32dgrpsetu.dll
2009-04-10 01:31:44 —-N—- C:WINDOWSsystem32EqnClass.Dll
2009-04-10 01:31:41 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-04-10 01:31:41 —-A—- C:WINDOWSTASKMAN.EXE
2009-04-10 01:31:40 —-N—- C:WINDOWSsystem32batt.dll
2009-04-10 01:31:39 —-A—- C:WINDOWSNOTEPAD.EXE
2009-04-10 01:31:38 —-N—- C:WINDOWSsystem32storprop.dll
2009-04-10 01:31:30 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-04-10 01:31:24 —-RA—- C:WINDOWSSET8.tmp
2009-04-10 01:31:21 —-RA—- C:WINDOWSSET4.tmp
2009-04-10 01:31:20 —-RA—- C:WINDOWSSET3.tmp
2009-04-10 01:31:13 —-D—- C:WINDOWSsystem32CatRoot2
2009-04-10 01:31:13 —-D—- C:WINDOWSsystem32CatRoot
2009-04-10 01:31:08 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-04-10 01:30:38 —-A—- C:WINDOWSsetuplog.txt
2009-04-10 01:30:34 —-SHD—- C:System Volume Information
2009-04-10 01:30:34 —-D—- C:Documents and Settings
2009-04-10 01:29:06 —-SH—- C:boot.ini
2009-04-10 01:23:33 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-04-10 01:23:33 —-RSD—- C:WINDOWSFonts
2009-04-10 01:23:33 —-RD—- C:WINDOWSWeb
2009-04-10 01:23:33 —-HD—- C:WINDOWSinf
2009-04-10 01:23:33 —-D—- C:WINDOWSWinSxS
2009-04-10 01:23:33 —-D—- C:WINDOWStwain_32
2009-04-10 01:23:33 —-D—- C:WINDOWSTemp
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32wins
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32wbem
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32usmt
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32spool
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32ShellExt
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32Setup
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32ras
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32oobe
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32npp
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32mui
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32inetsrv
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32IME
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32icsxml
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32ias
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32export
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32drivers
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32dhcp
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32config
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem323com_dmi
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem323076
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem322052
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem321054
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem321049
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem321042
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem321041
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem321037
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem321033
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem321031
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem321028
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem321025
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem32
2009-04-10 01:23:33 —-D—- C:WINDOWSsystem
2009-04-10 01:23:33 —-D—- C:WINDOWSsecurity
2009-04-10 01:23:33 —-D—- C:WINDOWSResources
2009-04-10 01:23:33 —-D—- C:WINDOWSrepair
2009-04-10 01:23:33 —-D—- C:WINDOWSProvisioning
2009-04-10 01:23:33 —-D—- C:WINDOWSPeerNet
2009-04-10 01:23:33 —-D—- C:WINDOWSpchealth
2009-04-10 01:23:33 —-D—- C:WINDOWSmui
2009-04-10 01:23:33 —-D—- C:WINDOWSmsapps
2009-04-10 01:23:33 —-D—- C:WINDOWSmsagent
2009-04-10 01:23:33 —-D—- C:WINDOWSMedia
2009-04-10 01:23:33 —-D—- C:WINDOWSjava
2009-04-10 01:23:33 —-D—- C:WINDOWSime
2009-04-10 01:23:33 —-D—- C:WINDOWSHelp
2009-04-10 01:23:33 —-D—- C:WINDOWSehome
2009-04-10 01:23:33 —-D—- C:WINDOWSDriver Cache
2009-04-10 01:23:33 —-D—- C:WINDOWSDebug
2009-04-10 01:23:33 —-D—- C:WINDOWSCursors
2009-04-10 01:23:33 —-D—- C:WINDOWSConnection Wizard
2009-04-10 01:23:33 —-D—- C:WINDOWSConfig
2009-04-10 01:23:33 —-D—- C:WINDOWSAppPatch
2009-04-10 01:23:33 —-D—- C:WINDOWSaddins
2009-04-10 01:23:33 —-D—- C:WINDOWS
2009-04-09 23:08:42 —-D—- C:WINDOWSsystem32PreInstall
2009-04-09 23:08:41 —-N—- C:WINDOWSsystem32spmsg.dll
2009-04-09 23:08:41 —-A—- C:WINDOWSsystem32spupdsvc.exe
2009-04-09 23:08:40 —-HDC—- C:WINDOWS$NtUninstallKB898461$
2009-04-09 23:08:40 —-HD—- C:WINDOWS$hf_mig$
2009-04-09 22:55:11 —-N—- C:WINDOWSsystem32tzchange.exe
2009-04-09 22:49:26 —-N—- C:WINDOWSsystem32imon.dll
2009-04-09 22:48:54 —-D—- C:WINDOWSsystem32SoftwareDistribution
2009-04-09 22:48:30 —-D—- C:Program FilesESET
2009-04-09 22:32:38 —-SHD—- C:RECYCLER
2009-04-09 22:02:14 —-D—- C:Documents and SettingsСальниковыApplication DataSymantec
2009-04-09 22:01:55 —-D—- C:Documents and SettingsAll UsersApplication DataSymantec
2009-04-09 21:57:50 —-D—- C:WINDOWSOPTIONS
2009-04-09 21:56:48 —-N—- C:WINDOWSsystem32ksuser.dll
2009-04-09 21:56:45 —-D—- C:Program FilesRealtek Sound Manager
2009-04-09 21:56:43 —-N—- C:WINDOWSavrack.ini
2009-04-09 21:56:43 —-D—- C:Program FilesAvRack
2009-04-09 21:56:40 —-N—- C:WINDOWSsystem32Audio3D.dll
2009-04-09 21:56:40 —-N—- C:WINDOWSsystem32a3d.dll
2009-04-09 21:56:38 —-N—- C:WINDOWSsystem32RTLCPAPI.dll
2009-04-09 21:56:38 —-N—- C:WINDOWSsystem32ChCfg.exe
2009-04-09 21:56:38 —-A—- C:WINDOWSSOUNDMAN.EXE
2009-04-09 21:56:36 —-N—- C:WINDOWSsystem32RTLCPL.EXE
2009-04-09 21:56:31 —-N—- C:WINDOWSalcupd.exe
2009-04-09 21:56:31 —-N—- C:WINDOWSalcrmv.exe
2009-04-09 21:55:44 —-D—- C:Program FilesIntel
2009-04-09 21:55:12 —-D—- C:WINDOWSsystem32ReinstallBackups
2009-04-09 21:55:08 —-HD—- C:Program FilesInstallShield Installation Information
2009-04-09 21:52:45 —-N—- C:WINDOWSsystem32nvudisp.exe
2009-04-09 21:52:45 —-D—- C:WINDOWSnview
2009-04-09 21:52:36 —-N—- C:WINDOWSsystem32NVUNINST.EXE
2009-04-09 21:52:28 —-D—- C:Program FilesCommon FilesInstallShield
2009-04-09 21:49:51 —-D—- C:Documents and SettingsСальниковыApplication DataIdentities
2009-04-09 21:49:50 —-HD—- C:Program FilesUninstall Information
2009-04-09 21:49:43 —-ASH—- C:Documents and SettingsСальниковыApplication Datadesktop.ini
2009-04-09 21:49:42 —-SD—- C:Documents and SettingsСальниковыApplication DataMicrosoft
2009-04-09 21:48:37 —-D—- C:WINDOWSSoftwareDistribution
2009-04-09 21:48:36 —-D—- C:WINDOWSPrefetch
2009-04-09 21:48:35 —-SD—- C:WINDOWSsystem32Microsoft
2009-04-09 21:48:35 —-A—- C:WINDOWSSchedLgU.Txt
2009-04-09 21:44:52 —-D—- C:WINDOWSsystem32xircom
2009-04-09 21:44:52 —-D—- C:Program Filesxerox
2009-04-09 21:44:52 —-D—- C:Program Filesmicrosoft frontpage
2009-04-09 21:44:29 —-A—- C:WINDOWScontrol.ini
2009-04-09 21:44:29 —-A—- C:AUTOEXEC.BAT
2009-04-09 21:44:13 —-A—- C:WINDOWSOEWABLog.txt
2009-04-09 21:44:09 —-N—- C:WINDOWSsystem32mapi32.dll
2009-04-09 21:43:09 —-SD—- C:WINDOWSDownloaded Program Files
2009-04-09 21:43:09 —-RD—- C:WINDOWSOffline Web Pages
2009-04-09 21:43:09 —-N—- C:WINDOWSsystem32logonui.exe.manifest
2009-04-09 21:43:02 —-N—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-04-09 21:42:57 —-HD—- C:Program FilesWindowsUpdate
2009-04-09 21:42:53 —-D—- C:Program FilesOnline Services
2009-04-09 21:42:36 —-D—- C:WINDOWSsystem32DirectX
2009-04-09 21:42:16 —-N—- C:WINDOWSsystem32atrace.dll
2009-04-09 21:42:14 —-N—- C:WINDOWSsystem32desktop.ini
2009-04-09 21:42:14 —-A—- C:WINDOWSdesktop.ini
2009-04-09 21:42:09 —-N—- C:WINDOWSsystem32nmevtmsg.dll
2009-04-09 21:42:08 —-N—- C:WINDOWSsystem32acctres.dll
2009-04-09 21:42:07 —-D—- C:Program FilesCommon FilesServices
2009-04-09 21:42:05 —-SD—- C:WINDOWSTasks
2009-04-09 21:42:05 —-N—- C:WINDOWSsystem32icfgnt5.dll
2009-04-09 21:42:04 —-D—- C:Program FilesCommon FilesMSSoap
2009-04-09 21:42:01 —-D—- C:WINDOWSsystem32Macromed
2009-04-09 21:42:01 —-D—- C:WINDOWSsrchasst
2009-04-09 21:41:58 —-N—- C:WINDOWSsystem32wuweb.dll
2009-04-09 21:41:58 —-N—- C:WINDOWSsystem32wups.dll
2009-04-09 21:41:58 —-N—- C:WINDOWSsystem32wucltui.dll
2009-04-09 21:41:58 —-N—- C:WINDOWSsystem32wuauserv.dll
2009-04-09 21:41:58 —-N—- C:WINDOWSsystem32wuaueng1.dll
2009-04-09 21:41:58 —-N—- C:WINDOWSsystem32wuaueng.dll
2009-04-09 21:41:57 —-N—- C:WINDOWSsystem32wuauclt1.exe
2009-04-09 21:41:57 —-N—- C:WINDOWSsystem32wuauclt.exe
2009-04-09 21:41:57 —-N—- C:WINDOWSsystem32wuapi.dll
2009-04-09 21:41:57 —-N—- C:WINDOWSsystem32qmgrprxy.dll
2009-04-09 21:41:57 —-N—- C:WINDOWSsystem32qmgr.dll
2009-04-09 21:41:57 —-N—- C:WINDOWSsystem32bitsprx3.dll
2009-04-09 21:41:57 —-N—- C:WINDOWSsystem32bitsprx2.dll
2009-04-09 21:41:54 —-D—- C:Program FilesMovie Maker
2009-04-09 21:41:51 —-N—- C:WINDOWSsystem32safrslv.dll
2009-04-09 21:41:51 —-N—- C:WINDOWSsystem32safrdm.dll
2009-04-09 21:41:51 —-N—- C:WINDOWSsystem32safrcdlg.dll
2009-04-09 21:41:50 —-N—- C:WINDOWSsystem32racpldlg.dll
2009-04-09 21:41:41 —-A—- C:WINDOWSsystem32fltmc.exe
2009-04-09 21:41:41 —-A—- C:WINDOWSsystem32fltlib.dll
2009-04-09 21:41:40 —-N—- C:WINDOWSsystem32srsvc.dll
2009-04-09 21:41:40 —-N—- C:WINDOWSsystem32srrstr.dll
2009-04-09 21:41:40 —-N—- C:WINDOWSsystem32srclient.dll
2009-04-09 21:41:40 —-D—- C:WINDOWSsystem32Restore
2009-04-09 21:41:39 —-N—- C:WINDOWSsystem32ils.dll
2009-04-09 21:41:38 —-N—- C:WINDOWSsystem32nmmkcert.dll
2009-04-09 21:41:38 —-N—- C:WINDOWSsystem32mnmsrvc.exe
2009-04-09 21:41:38 —-N—- C:WINDOWSsystem32mnmdd.dll
2009-04-09 21:41:38 —-N—- C:WINDOWSsystem32isrdbg32.dll
2009-04-09 21:41:37 —-N—- C:WINDOWSsystem32msconf.dll
2009-04-09 21:41:33 —-N—- C:WINDOWSsystem32msoert2.dll
2009-04-09 21:41:33 —-N—- C:WINDOWSsystem32msoeacct.dll
2009-04-09 21:41:33 —-D—- C:Program FilesNetMeeting
2009-04-09 21:41:31 —-N—- C:WINDOWSsystem32inetres.dll
2009-04-09 21:41:30 —-N—- C:WINDOWSsystem32inetcomm.dll
2009-04-09 21:41:27 —-N—- C:WINDOWSsystem32schedsvc.dll
2009-04-09 21:41:27 —-N—- C:WINDOWSsystem32mstinit.exe
2009-04-09 21:41:27 —-N—- C:WINDOWSsystem32mstask.dll
2009-04-09 21:41:27 —-D—- C:Program FilesOutlook Express
2009-04-09 21:41:26 —-N—- C:WINDOWSsystem32isign32.dll
2009-04-09 21:41:26 —-N—- C:WINDOWSsystem32inetcfg.dll
2009-04-09 21:41:26 —-N—- C:WINDOWSsystem32icwphbk.dll
2009-04-09 21:41:26 —-N—- C:WINDOWSsystem32icwdial.dll
2009-04-09 21:41:16 —-D—- C:Program FilesCommon FilesSystem
2009-04-09 21:41:14 —-D—- C:Program FilesInternet Explorer
2009-04-09 21:40:36 —-D—- C:Program FilesComPlus Applications
2009-04-09 21:40:34 —-A—- C:WINDOWSvbaddin.ini
2009-04-09 21:40:34 —-A—- C:WINDOWSvb.ini
2009-04-09 21:40:29 —-D—- C:WINDOWSRegistration
2009-04-09 21:40:22 —-D—- C:Program FilesWindows Media Player
2009-04-09 21:40:16 —-D—- C:Program FilesMessenger
2009-04-09 21:40:11 —-N—- C:WINDOWSsystem32write.exe
2009-04-09 21:40:11 —-D—- C:Program FilesMSN Gaming Zone
2009-04-09 21:39:56 —-N—- C:WINDOWSsystem32sndvol32.exe
2009-04-09 21:39:56 —-N—- C:WINDOWSsystem32hticons.dll
2009-04-09 21:39:55 —-N—- C:WINDOWSsystem32avwav.dll
2009-04-09 21:39:55 —-N—- C:WINDOWSsystem32avtapi.dll
2009-04-09 21:39:55 —-N—- C:WINDOWSsystem32avmeter.dll
2009-04-09 21:39:54 —-N—- C:WINDOWSsystem32winchat.exe
2009-04-09 21:39:41 —-N—- C:WINDOWSsystem32getuname.dll
2009-04-09 21:39:41 —-N—- C:WINDOWSsystem32charmap.exe
2009-04-09 21:39:40 —-N—- C:WINDOWSsystem32sol.exe
2009-04-09 21:39:40 —-N—- C:WINDOWSsystem32calc.exe
2009-04-09 21:39:39 —-N—- C:WINDOWSsystem32winmine.exe
2009-04-09 21:39:39 —-N—- C:WINDOWSsystem32mshearts.exe
2009-04-09 21:39:38 —-N—- C:WINDOWSsystem32usrlogon.cmd
2009-04-09 21:39:38 —-N—- C:WINDOWSsystem32tsshutdn.exe
2009-04-09 21:39:38 —-N—- C:WINDOWSsystem32tslabels.ini
2009-04-09 21:39:38 —-N—- C:WINDOWSsystem32tskill.exe
2009-04-09 21:39:38 —-N—- C:WINDOWSsystem32tsdiscon.exe
2009-04-09 21:39:38 —-N—- C:WINDOWSsystem32tscon.exe
2009-04-09 21:39:38 —-N—- C:WINDOWSsystem32reset.exe
2009-04-09 21:39:38 —-N—- C:WINDOWSsystem32freecell.exe
2009-04-09 21:39:37 —-N—- C:WINDOWSsystem32shadow.exe
2009-04-09 21:39:37 —-N—- C:WINDOWSsystem32rwinsta.exe
2009-04-09 21:39:37 —-N—- C:WINDOWSsystem32regini.exe
2009-04-09 21:39:37 —-N—- C:WINDOWSsystem32rdpcfgex.dll
2009-04-09 21:39:37 —-N—- C:WINDOWSsystem32qwinsta.exe
2009-04-09 21:39:36 —-N—- C:WINDOWSsystem32qappsrv.exe
2009-04-09 21:39:36 —-N—- C:WINDOWSsystem32msg.exe
2009-04-09 21:39:36 —-N—- C:WINDOWSsystem32logoff.exe
2009-04-09 21:39:36 —-N—- C:WINDOWSsystem32cdmodem.dll
2009-04-09 21:39:35 —-N—- C:WINDOWSsystem32msdtcprf.ini
2009-04-09 21:39:34 —-N—- C:WINDOWSsystem32mtxlegih.dll
2009-04-09 21:39:34 —-N—- C:WINDOWSsystem32mtxex.dll
2009-04-09 21:39:34 —-N—- C:WINDOWSsystem32mtxdm.dll
2009-04-09 21:39:34 —-N—- C:WINDOWSsystem32dcomcnfg.exe
2009-04-09 21:39:34 —-N—- C:WINDOWSsystem32comrepl.dll
2009-04-09 21:39:34 —-N—- C:WINDOWSsystem32comaddin.dll
2009-04-09 21:39:33 —-N—- C:WINDOWSsystem32stclient.dll
2009-04-09 21:39:33 —-N—- C:WINDOWSsystem32comsnap.dll
2009-04-09 21:39:24 —-N—- C:WINDOWSsystem32wmimgmt.msc
2009-04-09 21:39:23 —-N—- C:WINDOWSsystem32sndrec32.exe
2009-04-09 21:39:23 —-N—- C:WINDOWSsystem32accwiz.exe
2009-04-09 21:39:22 —-N—- C:WINDOWSsystem32mplay32.exe
2009-04-09 21:39:22 —-N—- C:WINDOWSsystem32hypertrm.dll
2009-04-09 21:39:21 —-N—- C:WINDOWSsystem32mspaint.exe
2009-04-09 21:39:21 —-N—- C:WINDOWSsystem32clipbrd.exe
2009-04-09 21:39:21 —-D—- C:Program FilesWindows NT
2009-04-09 21:39:20 —-N—- C:WINDOWSsystem32spider.exe
2009-04-09 21:39:19 —-N—- C:WINDOWSsystem32tscfgwmi.dll
2009-04-09 21:39:19 —-N—- C:WINDOWSsystem32mstscax.dll
2009-04-09 21:39:19 —-N—- C:WINDOWSsystem32mstsc.exe
2009-04-09 21:39:18 —-N—- C:WINDOWSsystem32tscupgrd.exe
2009-04-09 21:39:18 —-N—- C:WINDOWSsystem32sessmgr.exe
2009-04-09 21:39:18 —-N—- C:WINDOWSsystem32remotepg.dll
2009-04-09 21:39:18 —-N—- C:WINDOWSsystem32rdshost.exe
2009-04-09 21:39:18 —-N—- C:WINDOWSsystem32rdsaddin.exe
2009-04-09 21:39:18 —-N—- C:WINDOWSsystem32rdchost.dll
2009-04-09 21:39:17 —-N—- C:WINDOWSsystem32termsrv.dll
2009-04-09 21:39:17 —-N—- C:WINDOWSsystem32rdpwsx.dll
2009-04-09 21:39:17 —-N—- C:WINDOWSsystem32rdpsnd.dll
2009-04-09 21:39:17 —-N—- C:WINDOWSsystem32rdpclip.exe
2009-04-09 21:39:17 —-N—- C:WINDOWSsystem32qprocess.exe
2009-04-09 21:39:16 —-N—- C:WINDOWSsystem32mtxoci.dll
2009-04-09 21:39:16 —-N—- C:WINDOWSsystem32msdtcuiu.dll
2009-04-09 21:39:16 —-N—- C:WINDOWSsystem32icaapi.dll
2009-04-09 21:39:16 —-N—- C:WINDOWSsystem32cfgbkend.dll
2009-04-09 21:39:16 —-D—- C:WINDOWSsystem32MsDtc
2009-04-09 21:39:15 —-N—- C:WINDOWSsystem32msdtctm.dll
2009-04-09 21:39:15 —-N—- C:WINDOWSsystem32msdtcprx.dll
2009-04-09 21:39:14 —-N—- C:WINDOWSsystem32xolehlp.dll
2009-04-09 21:39:14 —-N—- C:WINDOWSsystem32msdtclog.dll
2009-04-09 21:39:14 —-N—- C:WINDOWSsystem32msdtc.exe
2009-04-09 21:39:13 —-N—- C:WINDOWSsystem32clbcatex.dll
2009-04-09 21:39:13 —-N—- C:WINDOWSsystem32catsrvps.dll
2009-04-09 21:39:13 —-D—- C:WINDOWSsystem32Com
2009-04-09 21:39:13 —-A—- C:WINDOWSsystem32colbact.dll
2009-04-09 21:39:12 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-04-09 21:39:12 —-A—- C:WINDOWSsystem32catsrv.dll
2009-04-09 21:39:11 —-N—- C:WINDOWSsystem32comuid.dll
2009-04-09 21:39:11 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-04-09 21:39:10 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-04-09 21:39:01 —-N—- C:WINDOWSsystem32servdeps.dll
2009-04-09 21:39:01 —-N—- C:WINDOWSsystem32mmfutil.dll
2009-04-09 21:39:01 —-N—- C:WINDOWSsystem32licwmi.dll
2009-04-09 21:39:00 —-N—- C:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-04-10 17:57:17 —-A—- C:WINDOWSwin.ini
2009-04-10 01:32:06 —-A—- C:WINDOWSsystem.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-20 12032]
R2 AMON;AMON; ??C:WINDOWSsystem32driversamon.sys []
R2 BrPar;BrPar; C:WINDOWSSystem32driversBrPar.sys [2000-07-24 19537]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:WINDOWSsystem32driversALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2004-07-01 626977]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2005-10-10 3530432]
R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:WINDOWSsystem32DRIVERSRtlnic51.sys [2003-08-13 65280]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
S3 FXDRV;FXDRV; ??E:Fxdrv.sys []
S3 nmwcd;Nokia USB Phone Parent; C:WINDOWSsystem32driversccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:WINDOWSsystem32driversccdcmbo.sys [2008-09-15 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:WINDOWSsystem32DRIVERSpccsmcfd.sys [2008-08-26 18816]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-04 20992]
S3 upperdev;upperdev; C:WINDOWSsystem32DRIVERSusbser_lowerflt.sys [2008-09-15 8064]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:WINDOWSsystem32driversusbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:WINDOWSsystem32DRIVERSusbser_lowerfltj.sys [2008-09-15 8064]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:WINDOWSSystem32Driverswdf01000.sys [2008-03-27 503008]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 NOD32krn;NOD32 Kernel Service; C:Program FilesEsetnod32krn.exe [2008-01-10 507904]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2005-10-10 131139]
R3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2008-11-11 620544]
S3 hpqcxs08;hpqcxs08; C:WINDOWSsystem32svchost.exe [2004-08-17 14336]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
EOF
Надоел, этот Userinit! Скажите, что мой комп здоров, а то, я уже не знаю, что делать!!!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:25:38, on 13.04.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSSOUNDMAN.EXE
C:Program FilesEsetnod32kui.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesWinampwinampa.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:Program FilesNokiaNokia PC Suite 7PCSuite.exe
C:Program FilesPunto Switcherpunto.exe
C:Program FilesCommon FilesYandexYupdateyupdate.exe
C:Program FilesBridge to EnglishOxford DictionaryDict.exe
C:Program FilesEsetnod32krn.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe
C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe
C:Program FilesQIP Infiuminfium.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesOperaopera.exe
C:Program FilesTrend MicroHijackThisHijackThis.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.rambler.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O3 — Toolbar: Яндекс.Бар — {91397D20-1446-11D4-8AF4-0040CA1127B6} — C:Program FilesYandexYandexBarIEyndbar.dll
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [nod32kui] «C:Program FilesEsetnod32kui.exe» /WAITSERVICE
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [FineReader7NewsReaderPro] «C:Program FilesABBYY FineReader 7.0 Professional EditionAbbyyNewsReader.exe»
O4 — HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 — HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 — HKLM..Run: [Intense Registry Service] IntEdReg.exe /CHECK
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [MSMSGS] «C:Program FilesMessengermsmsgs.exe» /background
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [PC Suite Tray] «C:Program FilesNokiaNokia PC Suite 7PCSuite.exe» -onlytray
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [Yupdate!] «C:Program FilesCommon FilesYandexYupdateyupdate.exe»
O4 — HKCU..Run: [BTE_Oxford_Dictionary] IntEdReg.exe /DICT
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NOD32 Kernel Service (NOD32krn) — Eset — C:Program FilesEsetnod32krn.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 6218 bytesЗа прошлый раз спасибо, правда так и не дождался вашего ответа — Виду переустанавливал, но зато, хоть теперь знаю что делать, Прошу о помощи еще раз — вставил чужую флешку антивирь опять про userinit что-то сказал, — проверял вроде чисто, но не спокойно…. помогите, пожалуйста!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:00:07, on 07.04.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesWinampwinampa.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesABBYY FineReader 7.0 Professional EditionAbbyyNewsReader.exe
C:Program FilesEsetnod32kui.exe
C:PROGRA~1KEMailKbKEMailKb.EXE
C:WINDOWSSOUNDMAN.EXE
C:Program FilesJavajre6binjusched.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:Program FilesPunto Switcherpunto.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesNokiaNokia PC Suite 7PCSuite.exe
C:Program FilesGoogleUpdateGoogleUpdate.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesEsetnod32krn.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCanonCALCALMAIN.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesBridge to EnglishOxford DictionaryDict.exe
C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe
C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe
C:Program FilesQIP Infiuminfium.exe
C:Program FilesOperaopera.exe
C:Program FilesTrend MicroHijackThisHijackThis.exeR0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.rambler.ru/
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
F2 — REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe,C:WINDOWSuserinit.exe
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: CMVideoPlugin — {08DEA348-F510-45FD-A6EC-CF3BE0917C5E} — C:WINDOWSsystem32CMVideo.dll (file missing)
O2 — BHO: IeCatch5 Class — {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} — C:PROGRA~1FlashGetjccatch.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program FilesJavajre6binjp2ssv.dll
O2 — BHO: JQSIEStartDetectorImpl — {E7E6F031-17CE-4C07-BC86-EABFE594F69C} — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 — Toolbar: &Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 — Toolbar: FlashGet Bar — {E0E899AB-F487-11D5-8D29-0050BA6940E3} — C:PROGRA~1FlashGetfgiebar.dll
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 — HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 — HKLM..Run: [Intense Registry Service] IntEdReg.exe /CHECK
O4 — HKLM..Run: [QuickTime Task] «C:Program FilesQuickTimeqttask.exe» -atboottime
O4 — HKLM..Run: [FineReader7NewsReaderPro] «C:Program FilesABBYY FineReader 7.0 Professional EditionAbbyyNewsReader.exe»
O4 — HKLM..Run: [nod32kui] «C:Program FilesEsetnod32kui.exe» /WAITSERVICE
O4 — HKLM..Run: [KEMailKb] C:PROGRA~1KEMailKbKEMailKb.EXE
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program FilesJavajre6binjusched.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKCU..Run: [BTE_Oxford_Dictionary] IntEdReg.exe /DICT
O4 — HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 — HKCU..Run: [DriverCure] C:Program FilesParetoLogicDriverCureDriverCure.exe -scan
O4 — HKCU..Run: [PC Suite Tray] «C:Program FilesNokiaNokia PC Suite 7PCSuite.exe» -onlytray
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Закачать все при помощи FlashGet — C:Program FilesFlashGetjc_all.htm
O8 — Extra context menu item: Закачать при помощи FlashGet — C:Program FilesFlashGetjc_link.htm
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 — Extra button: FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:PROGRA~1FlashGetflashget.exe
O9 — Extra ‘Tools’ menuitem: &FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:PROGRA~1FlashGetflashget.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O23 — Service: Adobe LM Service — Adobe Systems — C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 — Service: Canon Camera Access Library 8 (CCALib8) — Canon Inc. — C:Program FilesCanonCALCALMAIN.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Google Update Service (gupdate1c9a70257069b56) (gupdate1c9a70257069b56) — Google Inc. — C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: Java Quick Starter (JavaQuickStarterService) — Sun Microsystems, Inc. — C:Program FilesJavajre6binjqs.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NOD32 Kernel Service (NOD32krn) — Eset — C:Program FilesEsetnod32krn.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: StarWind iSCSI Service (StarWindService) — Rocket Division Software — D:GamesAlcohol 120Alcohol 120StarWindStarWindService.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 8557 bytesЗаранее спасибо, полезный сайт, уже порекомендовал его своим друзьям!
