Созданные ответы форума
-
Сообщения
-
К сожалению, не помогло. И лрайвера сетевой карты теперь ставятся криво: при установке возникает сообщение о том, что файлы, необходимые для правильной работы Windows были заменены и для их восстановления необходимо вставить установочный диск. После нажатия ОТМЕНА драйвера устанавливаются, но устройство называется не MPE Decoder Adapter, как ранее, а Microsoft видео или ТВ подключение.
(продолжение)
[HKEY_USERSS-1-5-21-1606980848-963894560-839522115-1003SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145
«NoSMMyPictures»=1
«NoStartBanner»=1
«NoRecentDocsMenu»=1
«NoRecentDocsHistory»=1
«NoResolveTrack»=1
«LinkResolveIgnoreLinkInfo»=1
«NoResolveSearch»=1
«NoLowDiskSpaceChecks»=1
«NoDrives»=0========== (O8) IE Context Menu Extensions ==========
[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExt]
&Экспорт в Microsoft Excel: C:Program FilesMicrosoft OfficeOffice12EXCEL.EXE [2006.10.27 14:07:36 | 17,891,112 | —- | M] (Microsoft Corporation)
Закачать &все при помощи ReGet Deluxe: C:Program FilesCommon FilesReGet Sharedcc_all.htm [2003.05.21 15:48:18 | 00,000,805 | —- | M] ()
Закачать при помощи Re&Get Deluxe: C:Program FilesCommon FilesReGet Sharedcc_link.htm [2003.05.21 15:48:18 | 00,002,168 | —- | M] ()[HKEY_USERSS-1-5-21-1606980848-963894560-839522115-1003SoftwareMicrosoftInternet ExplorerMenuExt]
&Экспорт в Microsoft Excel: C:Program FilesMicrosoft OfficeOffice12EXCEL.EXE [2006.10.27 14:07:36 | 17,891,112 | —- | M] (Microsoft Corporation)
Закачать &все при помощи ReGet Deluxe: C:Program FilesCommon FilesReGet Sharedcc_all.htm [2003.05.21 15:48:18 | 00,000,805 | —- | M] ()
Закачать при помощи Re&Get Deluxe: C:Program FilesCommon FilesReGet Sharedcc_link.htm [2003.05.21 15:48:18 | 00,002,168 | —- | M] ()========== (O9) IE Extensions ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions]
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}: Button: Create Mobile Favorite — %ProgramFiles%Microsoft ActiveSyncINetRepl.dll [2006.11.13 17:21:42 | 00,158,504 | —- | M] (Microsoft Corporation)
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}: Menu: Добавить в избранное мобильного устройства… — %ProgramFiles%Microsoft ActiveSyncINetRepl.dll [2006.11.13 17:21:42 | 00,158,504 | —- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research — %ProgramFiles%Microsoft OfficeOffice12REFIEBAR.DLL [2006.10.26 19:12:22 | 00,040,424 | —- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Menu: Spybot — Search & Destroy Configuration — %ProgramFiles%Spybot — Search & DestroySDHelper.dll [2008.09.15 14:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited)========== (O12) Internet Explorer Plugins ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerPlugins]
PluginsPage: «» = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: «» = Microsoft ActiveX Gallery========== (O13) Default Prefixes ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionURLDefaultPrefix]
«»=http://========== (O15) Trusted Sites ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomains]
48 domain(s) and sub-domain(s) not assigned to a zone.[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomains]
48 domain(s) and sub-domain(s) not assigned to a zone.[HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomains]
48 domain(s) and sub-domain(s) not assigned to a zone.[HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomains]
48 domain(s) and sub-domain(s) not assigned to a zone.[HKEY_USERSS-1-5-21-1606980848-963894560-839522115-1003SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomains]
48 domain(s) and sub-domain(s) not assigned to a zone.========== (O16) DPF ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab — Java Plug-in 1.6.0_01
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab — Java Plug-in 1.6.0_01
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab — Java Plug-in 1.6.0_01========== (O17) DNS Name Servers ==========
{03F8692C-F1A3-48D5-9970-49514C8EDFB7} (Servers: | Description: Windows Mobile-based Device)
{4484C18B-DCE9-4E5A-AC83-EDFA4EB798E9} (Servers: | Description: )
{6BAA8EC6-E664-4FFD-B28F-A7F618AC4433} (Servers: | Description: )
{92600C54-4462-4A65-A85C-7F87E490A216} (Servers: | Description: Адаптер Microsoft замыкания на себя)
{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6} (Servers: | Description: Virtual MPE Decoder Adapter)
{A9166C06-1C63-43EF-BC4D-6E6D8EF1B02D} (Servers: | Description: )
{D0C3DA80-29CA-4F46-B820-A14A19FB74CF} (Servers: | Description: Realtek RTL8139 Family PCI Fast Ethernet NIC)
{EF72D319-C3F9-46B0-BC92-D26824A081C3} (Servers: | Description: Windows Mobile-based Internet Sharing Device)========== (O20) HKLM Winlogon Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]
«Shell»=Explorer.exe
>[2007.03.20 03:19:37 | 01,607,680 | —- | M] (Корпорация Майкрософт) — C:WINDOWSexplorer.exe«UserInit»=C:WINDOWSsystem32userinit.exe,
>[2004.08.17 17:05:10 | 00,025,088 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32userinit.exe«UIHost»=logonui.exe
>[2007.03.20 03:19:47 | 03,514,880 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32logonui.exe«VMApplet»=rundll32 shell32,Control_RunDLL «sysdm.cpl»
>[2007.03.20 03:20:30 | 12,792,832 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32shell32.dll
>[2007.03.20 02:52:58 | 01,614,336 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32sysdm.cpl========== (O20) Winlogon Notify Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotify]
crypt32chain: «DllName» = crypt32.dll — C:WINDOWSsystem32crypt32.dll (Корпорация Майкрософт)
cscdll: «DllName» = cscdll.dll — C:WINDOWSsystem32cscdll.dll (Корпорация Майкрософт)
mute32: «DllName» = mute32.dll — C:WINDOWSsystem32mute32.dll (IBIK)
ScCertProp: «DllName» = wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
Schedule: «DllName» = wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
sclgntfy: «DllName» = sclgntfy.dll — C:WINDOWSsystem32sclgntfy.dll (Корпорация Майкрософт)
SensLogn: «DllName» = WlNotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
termsrv: «DllName» = wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)
wlballoon: «DllName» = wlnotify.dll — C:WINDOWSsystem32wlnotify.dll (Корпорация Майкрософт)========== (O21) SSODL Settings ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«CDBurn»={fbeb8a05-beee-4442-804e-409d6c4515e9} (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«PostBootReminder»={7849596a-48ea-486e-8937-a2a3009f31a9} (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
«SysTray»={35CEC8A3-2BE6-11D2-8773-92E220524153} (HKLM) — C:WINDOWSsystem32stobject.dll (Корпорация Майкрософт)========== (O22) Shared Task Scheduler ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerSharedTaskScheduler]
«{438755C2-A8BA-11D1-B96B-00A0C90312E1}» (HKLM) = Предзагрузчик Browseui — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerSharedTaskScheduler]
«{8C7461EF-2B13-11d2-BE35-3078302C2030}» (HKLM) = Демон кэша категорий компонентов — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)========== Shell Execute Hooks ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{AEB6717E-7E19-11d0-97EE-00C04FD91972}» (HKLM) — C:WINDOWSsystem32shell32.dll (Корпорация Майкрософт)========== HKLM *SecurityProviders* ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProviders]
«SecurityProviders»=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
>[2004.08.17 17:04:14 | 00,068,608 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32digest.dll
>[2004.08.17 17:04:24 | 00,290,816 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32msnsspc.dll========== Safeboot Options ==========
«AlternateShell»=cmd.exe
========== CDRom AutoRun Settings ==========
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCdrom]
«AutoRun» = 1========== Autorun Files on Drives ==========
AUTOEXEC.BAT []
[2008.06.26 11:24:00 | 00,000,000 | —- | M] () — C:AUTOEXEC.BAT — [ NTFS ]AutoPlay []
[2008.03.12 22:55:11 | 00,000,000 | R—D | M] — I:AutoPlay — [ CDFS ]autorun.exe [MZђ | ]
[2007.11.01 07:02:40 | 02,607,104 | R— | M] () — I:autorun.exe — [ CDFS ]autorun.inf [[AutoRun] | OPEN=autorun.exe | ICON=cd.ico | ]
[2008.03.12 22:55:11 | 00,000,042 | R— | M] () — I:autorun.inf — [ CDFS ]========== MountPoints2 ==========
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2IShell]
«»=AutoRun[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorerMountPoints2IShellAutoRuncommand]
«»=I:autorun.exe — [2007.11.01 07:02:40 | 02,607,104 | R— | M] ()========== Files/Folders — Created Within 30 Days ==========
[1 C:WINDOWSSystem32*.tmp files]
[3 C:WINDOWS*.tmp files]
[2009.02.01 18:13:38 | 00,422,912 | —- | C] (OldTimer Tools) — C:WINDOWSDocuments and SettingsПользовательРабочий столOTViewIt.exe
[2009.02.01 17:39:42 | 01,103,726 | —- | C] () — D:Мои документыBeasts_King_Love_story (1).mp3
[2009.02.01 17:19:24 | 00,585,813 | —- | C] () — D:Мои документыBeasts_King_Love_story.mp3
[2009.02.01 15:57:07 | 07,268,588 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столpapa.wav
[2009.01.31 14:10:21 | 01,292,539 | —- | C] () — D:Мои документыSkafelnikof_Kombinaciya_Buhgalter2008_CLUB_Version.mp3
[2009.01.31 14:08:29 | 00,664,341 | —- | C] () — D:Мои документыPlamya_Zacvetaet_krasnotal_DJ_Skafelnikof_house_remix.mp3
[2009.01.31 14:06:54 | 00,440,419 | —- | C] () — D:Мои документыDamian_Light_Pust_Skafelnikof_Remix.mp3
[2009.01.31 14:04:59 | 00,512,520 | —- | C] () — D:Мои документыSkafelnikof_ft_Damian_Light_Lyubit_LIVE.mp3
[2009.01.31 14:03:32 | 00,958,970 | —- | C] () — D:Мои документыSkafelnikof_ft_Damian_Light_Podmoskovnie_vechera.mp3
[2009.01.31 12:58:57 | 00,000,000 | -HSD | C] — C:RECYCLER
[2009.01.30 20:26:08 | 00,000,000 | —D | C] — C:WINDOWSSystem32xircom
[2009.01.30 20:26:08 | 00,000,000 | —D | C] — C:WINDOWSSystem32oobe
[2009.01.30 20:26:08 | 00,000,000 | —D | C] — C:Program Filesxerox
[2009.01.30 20:26:07 | 00,000,000 | —D | C] — C:Program Filesmicrosoft frontpage
[2009.01.30 20:15:00 | 00,000,214 | —- | C] () — C:Boot.bak
[2009.01.30 20:14:57 | 00,261,376 | —- | C] () — C:cmldr
[2009.01.30 20:14:49 | 00,000,000 | RHSD | C] — C:cmdcons
[2009.01.30 20:13:50 | 00,000,000 | —D | C] — C:WINDOWSERDNT
[2009.01.30 19:22:06 | 00,979,487 | —- | C] () — D:Мои документыpromodj_SAKSOFON.mp3
[2009.01.30 18:50:52 | 00,413,227 | —- | C] () — D:Мои документыpromodj_Dj_Rosko_Happy_Resonans.mp3
[2009.01.30 18:47:35 | 00,681,353 | —- | C] () — D:Мои документыpromodj_Mika_Denn_Chilled_maniac_All_for_laughing.mp3
[2009.01.30 18:44:58 | 00,571,495 | —- | C] () — D:Мои документыpromodj_Mika_Denn_ZooGangster.mp3
[2009.01.30 18:44:10 | 00,684,831 | —- | C] () — D:Мои документыpromodj_Mika_Denn_Pro_lyubov.mp3
[2009.01.30 16:04:18 | 00,033,482 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столРабочий стол.rar
[2009.01.30 09:37:01 | 00,261,686 | —- | C] () — D:Мои документыpromodj_Aleh_Team_Lightning_Of_Crisis_Original_Mix_Promo_Cut.mp3
[2009.01.30 09:31:19 | 00,698,533 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столоткрытка.png
[2009.01.30 09:31:19 | 00,109,031 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столоткрытка.jpg
[2009.01.29 13:53:29 | 00,029,159 | —- | C] () — D:Мои документыsearch
[2009.01.28 17:58:24 | 00,936,680 | —- | C] () — D:Мои документыpromodj_Progulki_po_nebesam.mp3
[2009.01.28 17:57:30 | 00,846,501 | —- | C] () — D:Мои документыpromodj_Vip_project_Dj_Proland_Novie_Grani_feat_Dj_DiLight_VIP_project_dream_house_remix.mp3
[2009.01.28 17:56:33 | 00,490,395 | —- | C] () — D:Мои документыpromodj_Vip_project_Dj_Proland_Novie_Grani_feat_Dj_DiLight.mp3
[2009.01.28 17:56:08 | 00,001,870 | —- | C] () — D:Мои документыdefault (1).htm
[2009.01.28 17:55:56 | 00,001,870 | —- | C] () — D:Мои документыdefault.htm
[2009.01.28 17:54:18 | 00,827,791 | —- | C] () — D:Мои документыpromodj_Zastivaya_pod_lunnim_nebom.mp3
[2009.01.28 17:52:44 | 00,501,685 | —- | C] () — D:Мои документыpromodj_Vip_project_Forever_and_one_night.mp3
[2009.01.28 17:51:29 | 00,769,387 | —- | C] () — D:Мои документыpromodj_Vip_project_Novie_grani_Minimal_Organ_mix.mp3
[2009.01.28 16:18:17 | 01,018,434 | —- | C] () — D:Мои документыpromodj_D_Power_Diamond_In_Depth.mp3
[2009.01.28 16:11:35 | 01,107,603 | —- | C] () — D:Мои документыpromodj_Excess_Shel_soldat_po_doroge.mp3
[2009.01.28 16:05:17 | 00,291,004 | —- | C] () — D:Мои документыpromodj_New_Tone_Sad_Song_Babyman_Funky_Remix_Demo_Cut.mp3
[2009.01.28 14:48:41 | 01,064,905 | —- | C] () — D:Мои документыpromodj_Walter.mp3
[2009.01.28 14:47:19 | 00,411,835 | —- | C] () — D:Мои документыpromodj_Leonid_M_Zhest_Night_4.mp3
[2009.01.28 14:46:38 | 00,217,737 | —- | C] () — D:Мои документыpromodj_Leonid_M_Zhest_Running_Rabbits_part_1.mp3
[2009.01.28 14:45:36 | 00,259,479 | —- | C] () — D:Мои документыpromodj_Leonid_M_Zhest_Cold_As_Stone.mp3
[2009.01.27 12:43:51 | 00,079,527 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столtask468545_dr_mail_158.swf
[2009.01.26 23:16:35 | 00,270,039 | —- | C] () — D:Мои документыpromodj_Crystall_B_remix_2009.mp3
[2009.01.25 22:08:23 | 00,547,308 | —- | C] () — D:Мои документыpromodj_Racing_club.mp3
[2009.01.25 22:04:59 | 00,685,496 | —- | C] () — D:Мои документыpromodj_Golden_Autumn.mp3
[2009.01.25 21:53:22 | 00,582,749 | —- | C] () — D:Мои документыpromodj_Do_you_neel_the_cince_the_voas_t.mp3
[2009.01.25 21:50:51 | 00,544,732 | —- | C] () — D:Мои документыpromodj_Stalin_club_mix.mp3
[2009.01.25 21:47:53 | 00,629,992 | —- | C] () — D:Мои документыpromodj_Feel_right.mp3
[2009.01.25 15:23:12 | 00,223,692 | —- | C] () — D:Мои документыpromodj_Stargroove_and_Trox_Lonely_In_Motion_Yuriy_Poleg_remix_CUT.mp3
[2009.01.25 15:21:55 | 00,276,278 | —- | C] () — D:Мои документыpromodj_Dean_Saunders_feat_Nicole_Tyler_Changes_Yuriy_Poleg_remix_Cut.mp3
[2009.01.25 15:21:13 | 00,512,831 | —- | C] () — D:Мои документыpromodj_Eight_Gates_on_the_bluff_Yuriy_Poleg_remix_Demo_cut.mp3
[2009.01.25 15:18:34 | 00,312,223 | —- | C] () — D:Мои документыpromodj_Katy_Perry_I_Kissed_A_Girl_Yuriy_poleg_radio_pop_mix.mp3
[2009.01.25 15:13:35 | 00,508,428 | —- | C] () — D:Мои документыpromodj_Nikolay_Baskov_Taisiya_Povaliy_vs_Beat_M_Project_Ti_daleko_DCJ_ASmix_Remix.mp3
[2009.01.25 15:11:44 | 00,392,715 | —- | C] () — D:Мои документыpromodj_Banderos_vs_DJ_Smash_Moskovskaya_Zhizn_DCJ_ASmix_Remix.mp3
[2009.01.25 14:48:31 | 00,434,106 | —- | C] () — D:Мои документыpromodj_1coolbass_cat_in_the_sky_ambient_trip_versia_on_acappela_Olga_Koshka_Max_Kizima_Cat_In_The_Sky_Koshka_s_vocal.mp3
[2009.01.25 14:46:16 | 00,382,808 | —- | C] () — D:Мои документыpromodj_1coolbass_Odna_takaya.mp3
[2009.01.25 14:44:07 | 00,363,692 | —- | C] () — D:Мои документыpromodj_1coolbass_coffee_with_milk.mp3
[2009.01.24 15:29:48 | 00,000,360 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столКопия 1.html
[2009.01.24 13:31:09 | 00,001,366 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий стол1.html
[2009.01.23 23:47:56 | 00,000,046 | —- | C] () — C:WINDOWSSOL.INI
[2009.01.23 17:19:04 | 00,000,000 | —D | C] — C:WINDOWSDocuments and SettingsПользовательApplication DataMalwarebytes
[2009.01.23 17:19:02 | 00,015,504 | —- | C] (Malwarebytes Corporation) — C:WINDOWSSystem32driversmbam.sys
[2009.01.23 17:19:00 | 00,038,496 | —- | C] (Malwarebytes Corporation) — C:WINDOWSSystem32driversmbamswissarmy.sys
[2009.01.23 17:18:58 | 00,000,000 | —D | C] — C:WINDOWSDocuments and SettingsAll UsersApplication DataMalwarebytes
[2009.01.23 17:18:58 | 00,000,000 | —D | C] — C:Program FilesMalwarebytes’ Anti-Malware
[2009.01.23 12:46:33 | 00,000,000 | —D | C] — C:Dragonfly
[2009.01.23 11:41:01 | 00,538,099 | —- | C] () — D:Мои документыpromodj_Sam_Pause_Walk_on_Stars.mp3
[2009.01.22 13:37:34 | 00,184,237 | —- | C] () — D:Мои документыpromodj_IBICA.mp3
[2009.01.22 10:29:33 | 00,247,012 | —- | C] () — D:Мои документыpromodj_CITY_ZEN_feat_PAPRIKA_SOLNCA_SLEZI_Rick_Tyler_remix (1).mp3
[2009.01.22 10:19:16 | 00,716,402 | —- | C] () — D:Мои документыpromodj_The_Maneken_Space_Club_DJ_Lutique_Remix.mp3
[2009.01.20 22:37:46 | 00,000,000 | —D | C] — C:WINDOWSDocuments and SettingsПользовательLocal SettingsApplication DataMozilla
[2009.01.20 22:37:45 | 00,000,000 | —D | C] — C:WINDOWSDocuments and SettingsПользовательApplication DataMozilla
[2009.01.20 22:37:33 | 00,001,608 | —- | C] () — C:WINDOWSDocuments and SettingsAll UsersРабочий столMozilla Firefox.lnk
[2009.01.20 22:37:31 | 00,000,000 | —D | C] — C:Program FilesMozilla Firefox
[2009.01.19 11:50:33 | 00,477,576 | —- | C] () — D:Мои документыpromodj_Tina_Charlz_Belim_Belim_DJ_Jenya_Lenar_Remix.mp3
[2009.01.18 14:22:56 | 00,000,000 | —D | C] — C:Program FilesUniversal Viewer
[2009.01.18 14:18:28 | 00,000,000 | —D | C] — C:Program FilesFoxit PDF Reader
[2009.01.18 14:13:08 | 00,000,000 | —D | C] — C:WINDOWSDocuments and SettingsПользовательРабочий столКниженции
[2009.01.17 15:05:19 | 00,445,660 | —- | C] () — D:Мои документыpromodj_Infiniti_Gde_ti_radio_edit.mp3
[2009.01.17 15:04:47 | 00,407,219 | —- | C] () — D:Мои документыpromodj_Sveta_Ne_Govori_Infiniti_remix.mp3
[2009.01.17 14:28:55 | 00,345,173 | —- | C] () — D:Мои документыpromodj_Vel_Serie_glaza_DJ_Giga_Gabov_version.mp3
[2009.01.17 14:20:44 | 00,586,071 | —- | C] () — D:Мои документыpromodj_Sergey_Zhukov_Hocheca_DJ_Giga_Gabov_huligan_RMX.mp3
[2009.01.17 12:24:46 | 00,062,759 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столНа летящем коне.mid
[2009.01.17 10:17:37 | 01,947,509 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столdevicons.rar
[2009.01.16 21:18:19 | 09,932,800 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столmasterboy_-_dancin_forever_disco_mix.mp3
[2009.01.16 18:54:36 | 00,469,486 | —- | C] () — D:Мои документыpromodj_Sagittarius_Nina_Original_Mix_Cut.mp3
[2009.01.16 18:52:29 | 00,669,353 | —- | C] () — D:Мои документыpromodj_Sagittarius_Nina_Orlova_Cri_De_Coeur.mp3
[2009.01.16 18:52:00 | 00,746,211 | —- | C] () — D:Мои документыpromodj_SAGITTARIUS_Space_Dancer_Original_Mix_promo.mp3
[2009.01.16 18:48:44 | 00,715,541 | —- | C] () — D:Мои документыpromodj_Sagittarius_Nina_Orlova_Positive_Power_Vibration.mp3
[2009.01.16 18:43:37 | 00,490,864 | —- | C] () — D:Мои документыpromodj_Sagittarius_Nina_Orlova_Positive_Power_Vibration_mr_u_gyn_s_disco_mix.mp3
[2009.01.16 16:42:13 | 00,000,116 | —- | C] () — C:WINDOWSMP-3.pls
[2009.01.16 12:53:26 | 07,538,176 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столparadisio_-_vamos_a_la_discoteca_(diy_devilfeel_acapella).mp3
[2009.01.16 12:45:17 | 00,662,170 | —- | C] () — D:Мои документыpromodj_SAZH_Telki_club_mix.mp3
[2009.01.16 12:27:29 | 00,345,218 | —- | C] () — D:Мои документыpromodj_Rufus_K_MoonLight_Promo_Cut.mp3
[2009.01.16 12:09:51 | 04,935,724 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столpromodj_Next_time.mp3
[2009.01.16 12:07:36 | 00,585,446 | —- | C] () — D:Мои документыpromodj_Next_time.mp3
[2009.01.15 10:53:30 | 00,249,515 | —- | C] () — D:Мои документыpromodj_Groove_Gangsters_Funky_Beats_Andrey_Bel_DaBass_Demo_Mix.mp3
[2009.01.15 10:52:41 | 00,362,251 | —- | C] () — D:Мои документыpromodj_Dos_Buratinos_Control_U_Andrey_Bel_Remix.mp3
[2009.01.15 10:49:39 | 00,359,476 | —- | C] () — D:Мои документыpromodj_Pansku_Interlunar_Andrey_Bel_Atmospher_Mix.mp3
[2009.01.15 10:46:28 | 00,840,598 | —- | C] () — D:Мои документыpromodj_Andrey_Vakulenko_Faith_Mistral_Belligerant_remix.mp3
[2009.01.15 10:44:57 | 00,434,897 | —- | C] () — D:Мои документыpromodj_Andrey_Vakulenko_Faith_novu5_remix.mp3
[2009.01.15 10:43:02 | 00,528,635 | —- | C] () — D:Мои документыpromodj_Andrey_Vakulenko_Faith_Pavlov_Computers_remix.mp3
[2009.01.15 10:41:11 | 00,576,100 | —- | C] () — D:Мои документыpromodj_Andrey_Vakulenko_Faith_Dj_Novikoff_remix.mp3
[2009.01.13 21:27:14 | 00,413,060 | —- | C] () — D:Мои документыpromodj_Dj_Xclusive_ElectroTonik.mp3
[2009.01.13 21:25:55 | 00,407,966 | —- | C] () — D:Мои документыpromodj_Dj_Xclusive_A_freak_A_demo.mp3
[2009.01.13 13:56:38 | 00,527,918 | —- | C] () — D:Мои документыpromodj_Sasha_Project_Mne_ne_nuzhno_nichego_Dj_Master_Sailor_RMX.mp3
[2009.01.12 23:40:25 | 01,081,772 | —- | C] () — D:Мои документыpromodj_SCWEAR_Lightening.mp3
[2009.01.12 21:04:43 | 00,603,435 | —- | C] () — D:Мои документыpromodj_Babba_House_The_magic_vibrations_feat_Daniel_Bineo.mp3
[2009.01.12 21:01:13 | 00,464,770 | —- | C] () — D:Мои документыpromodj_Mari_Ferrari_No_Money_No_GAZ.mp3
[2009.01.12 18:27:00 | 00,015,294 | —- | C] () — D:Мои документыcat880img389.html
[2009.01.12 14:29:30 | 00,000,000 | —D | C] — C:Program FilesAlawar
[2009.01.10 20:02:04 | 00,821,766 | —- | C] () — D:Мои документыpromodj_Dos_Buratinos_Control_U_happy_u_mix_by_DzheySi (1).mp3
[2009.01.10 20:01:05 | 00,491,329 | —- | C] () — D:Мои документыpromodj_DzheySi_Nam_veselo.mp3
[2009.01.10 19:59:18 | 00,674,868 | —- | C] () — D:Мои документыpromodj_DzheySi_Dumaya_o_tebe_romantic_mix.mp3
[2009.01.10 19:54:45 | 01,046,810 | —- | C] () — D:Мои документыpromodj_DzheySi_Romantika.mp3
[2009.01.10 19:45:17 | 01,026,821 | —- | C] () — D:Мои документыpromodj_NoFrost_Soul_Cola_Work_It_Out.mp3
[2009.01.10 18:18:27 | 00,003,283 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столЗакругленные углы.html
[2009.01.10 13:25:21 | 00,000,000 | —D | C] — C:Program FilesThemes
[2009.01.08 19:49:25 | 00,692,373 | —- | C] () — D:Мои документыpromodj_Emergency_feat_Elina_Milan_Don_t_say_good_bye_Original_Vocal_Mix.mp3
[2009.01.08 11:08:46 | 00,000,000 | R—D | C] — C:WINDOWSDocuments and SettingsПользовательРабочий столФигня всякая
[2009.01.08 11:07:08 | 00,000,000 | R—D | C] — C:WINDOWSDocuments and SettingsПользовательРабочий столЗвук
[2009.01.08 11:05:30 | 00,000,000 | R—D | C] — C:WINDOWSDocuments and SettingsПользовательРабочий столБезопасность
[2009.01.07 16:51:52 | 00,398,475 | —- | C] () — D:Мои документыpromodj_Interlunar (3).mp3
[2009.01.07 16:28:43 | 00,458,188 | —- | C] () — D:Мои документыpromodj_NewTone_Sad_song_DJ_Kalipso_ReMix.mp3
[2009.01.07 16:27:20 | 00,753,664 | —- | C] () — D:Мои документыpromodj_NEWTONE_SAD_SONG_BASSUS_1997_MIX.mp3
[2009.01.07 12:16:30 | 00,735,713 | —- | C] () — D:Мои документыpromodj_Unknow_Artist_Zarisovka.mp3
[2009.01.07 12:08:08 | 01,357,218 | —- | C] () — D:Мои документыpromodj_MD_S_Pavlov_Lyubimaya_Skazka_Detyam_do_16_ti.mp3
[2009.01.07 11:37:15 | 00,404,781 | —- | C] () — D:Мои документыpromodj_Andrey_Vakulenko_vs_Alesandr_Vrtinskiy_Utomlennoe_Solnce.mp3
[2009.01.06 12:52:41 | 00,463,473 | —- | C] () — D:Мои документыpromodj_CITY_ZEN_feat_PAPRIKA_SOLNCA_SLEZI_The_highlights_remix.mp3
[2009.01.06 12:45:27 | 00,609,923 | —- | C] () — D:Мои документыpromodj_CITY_ZEN_feat_PAPRIKA_HOLODNO_Soulstate_remix.mp3
[2009.01.06 12:42:50 | 00,520,374 | —- | C] () — D:Мои документыpromodj_CITY_ZEN_feat_PAPRIKA_HOLODNO_DJ_Deniska_remix.mp3
[2009.01.05 11:36:22 | 00,143,902 | —- | C] () — D:Мои документыpromodj_City_Zen_feat_Paprika_Holodno_Dj_Starshiy_Remusix (1).mp3
[2009.01.05 11:35:12 | 00,946,386 | —- | C] () — D:Мои документыpromodj_Ksky_Its_Black_Pink_Dj_Starshiy_Vodka_Rmx.mp3
[2009.01.05 11:34:34 | 00,992,853 | —- | C] () — D:Мои документыpromodj_The_Politik_Saturn_Dj_Starshiy_Remix.mp3
[2009.01.05 11:33:20 | 00,864,431 | —- | C] () — D:Мои документыpromodj_Ralf_Gum_ft_Rachel_Claudio_If_No_Harm_Dj_Starshiy_Rmx.mp3
[2009.01.05 11:32:50 | 00,804,313 | —- | C] () — D:Мои документыpromodj_Tomato_Jaws_One_Sectret_Dj_Starshiy_Funky_Sound.mp3
[2009.01.04 20:23:20 | 00,725,567 | —- | C] () — D:Мои документыpromodj_City_Zen_feat_Paprika_Holodno_Dj_Starshiy_Remusix.mp3
[2009.01.04 20:22:06 | 00,779,472 | —- | C] () — D:Мои документыpromodj_CITY_ZEN_feat_Paprika_Holodno_Varda_Love_Making_remix.mp3
[2009.01.04 20:12:13 | 00,422,962 | —- | C] () — D:Мои документыpromodj_Shiny_Stars_Kings_of_the_Roads_Acapella.mp3
[2009.01.03 13:10:46 | 00,001,543 | —- | C] () — C:WINDOWSDocuments and SettingsПользовательРабочий столresizer.js========== Files — Modified Within 30 Days ==========
[1 C:WINDOWSSystem32*.tmp files]
[3 C:WINDOWS*.tmp files]
[2009.02.01 18:12:09 | 00,422,912 | —- | M] (OldTimer Tools) — C:WINDOWSDocuments and SettingsПользовательРабочий столOTViewIt.exe
[2009.02.01 17:40:25 | 01,103,726 | —- | M] () — D:Мои документыBeasts_King_Love_story (1).mp3
[2009.02.01 17:19:50 | 00,585,813 | —- | M] () — D:Мои документыBeasts_King_Love_story.mp3
[2009.02.01 15:57:07 | 07,268,588 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столpapa.wav
[2009.02.01 14:51:56 | 00,088,566 | —- | M] () — C:WINDOWSSystem32nvapps.xml
[2009.02.01 14:51:30 | 00,000,006 | -H— | M] () — C:WINDOWStasksSA.DAT
[2009.02.01 14:51:20 | 00,002,048 | —S- | M] () — C:WINDOWSbootstat.dat
[2009.01.31 20:39:31 | 00,000,069 | —- | M] () — C:WINDOWSNeroDigital.ini
[2009.01.31 18:08:21 | 00,002,255 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столЗапустить АСТЕР.lnk
[2009.01.31 14:11:05 | 01,292,539 | —- | M] () — D:Мои документыSkafelnikof_Kombinaciya_Buhgalter2008_CLUB_Version.mp3
[2009.01.31 14:08:53 | 00,664,341 | —- | M] () — D:Мои документыPlamya_Zacvetaet_krasnotal_DJ_Skafelnikof_house_remix.mp3
[2009.01.31 14:07:22 | 00,440,419 | —- | M] () — D:Мои документыDamian_Light_Pust_Skafelnikof_Remix.mp3
[2009.01.31 14:05:17 | 00,512,520 | —- | M] () — D:Мои документыSkafelnikof_ft_Damian_Light_Lyubit_LIVE.mp3
[2009.01.31 14:04:05 | 00,958,970 | —- | M] () — D:Мои документыSkafelnikof_ft_Damian_Light_Podmoskovnie_vechera.mp3
[2009.01.31 12:49:58 | 00,000,786 | —- | M] () — C:WINDOWSwin.ini
[2009.01.31 12:49:58 | 00,000,310 | —- | M] () — C:WINDOWSsystem.ini
[2009.01.30 20:15:00 | 00,000,284 | RHS- | M] () — C:boot.ini
[2009.01.30 19:38:31 | 00,033,482 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столРабочий стол.rar
[2009.01.30 19:22:41 | 00,979,487 | —- | M] () — D:Мои документыpromodj_SAKSOFON.mp3
[2009.01.30 18:53:06 | 00,413,227 | —- | M] () — D:Мои документыpromodj_Dj_Rosko_Happy_Resonans.mp3
[2009.01.30 18:48:04 | 00,681,353 | —- | M] () — D:Мои документыpromodj_Mika_Denn_Chilled_maniac_All_for_laughing.mp3
[2009.01.30 18:45:22 | 00,571,495 | —- | M] () — D:Мои документыpromodj_Mika_Denn_ZooGangster.mp3
[2009.01.30 18:44:41 | 00,684,831 | —- | M] () — D:Мои документыpromodj_Mika_Denn_Pro_lyubov.mp3
[2009.01.30 09:37:25 | 00,261,686 | —- | M] () — D:Мои документыpromodj_Aleh_Team_Lightning_Of_Crisis_Original_Mix_Promo_Cut.mp3
[2009.01.30 09:30:26 | 00,698,533 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столоткрытка.png
[2009.01.30 09:30:26 | 00,109,031 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столоткрытка.jpg
[2009.01.29 13:53:30 | 00,029,159 | —- | M] () — D:Мои документыsearch
[2009.01.29 12:03:12 | 00,000,042 | —- | M] () — C:WINDOWSmdv736.pls
[2009.01.28 17:58:56 | 00,936,680 | —- | M] () — D:Мои документыpromodj_Progulki_po_nebesam.mp3
[2009.01.28 17:58:00 | 00,846,501 | —- | M] () — D:Мои документыpromodj_Vip_project_Dj_Proland_Novie_Grani_feat_Dj_DiLight_VIP_project_dream_house_remix.mp3
[2009.01.28 17:56:46 | 00,490,395 | —- | M] () — D:Мои документыpromodj_Vip_project_Dj_Proland_Novie_Grani_feat_Dj_DiLight.mp3
[2009.01.28 17:56:08 | 00,001,870 | —- | M] () — D:Мои документыdefault (1).htm
[2009.01.28 17:55:56 | 00,001,870 | —- | M] () — D:Мои документыdefault.htm
[2009.01.28 17:54:47 | 00,827,791 | —- | M] () — D:Мои документыpromodj_Zastivaya_pod_lunnim_nebom.mp3
[2009.01.28 17:53:13 | 00,501,685 | —- | M] () — D:Мои документыpromodj_Vip_project_Forever_and_one_night.mp3
[2009.01.28 17:51:53 | 00,769,387 | —- | M] () — D:Мои документыpromodj_Vip_project_Novie_grani_Minimal_Organ_mix.mp3
[2009.01.28 16:18:51 | 01,018,434 | —- | M] () — D:Мои документыpromodj_D_Power_Diamond_In_Depth.mp3
[2009.01.28 16:12:11 | 01,107,603 | —- | M] () — D:Мои документыpromodj_Excess_Shel_soldat_po_doroge.mp3
[2009.01.28 16:06:01 | 00,291,004 | —- | M] () — D:Мои документыpromodj_New_Tone_Sad_Song_Babyman_Funky_Remix_Demo_Cut.mp3
[2009.01.28 16:03:30 | 00,000,355 | —- | M] () — C:WINDOWSSystem32qqp6bao.tgz
[2009.01.28 16:03:30 | 00,000,114 | —- | M] () — C:WINDOWSSystem32prsgrc.tgz
[2009.01.28 16:03:30 | 00,000,100 | —- | M] () — C:WINDOWSSystem32prsgrc.dll
[2009.01.28 16:03:30 | 00,000,086 | —- | M] () — C:WINDOWSSystem32ssprs.tgz
[2009.01.28 15:46:43 | 00,004,054 | —- | M] () — C:WINDOWSwincmd.ini
[2009.01.28 14:49:20 | 01,064,905 | —- | M] () — D:Мои документыpromodj_Walter.mp3
[2009.01.28 14:47:33 | 00,411,835 | —- | M] () — D:Мои документыpromodj_Leonid_M_Zhest_Night_4.mp3
[2009.01.28 14:46:44 | 00,217,737 | —- | M] () — D:Мои документыpromodj_Leonid_M_Zhest_Running_Rabbits_part_1.mp3
[2009.01.28 14:45:45 | 00,259,479 | —- | M] () — D:Мои документыpromodj_Leonid_M_Zhest_Cold_As_Stone.mp3
[2009.01.28 13:47:56 | 00,000,065 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательГлавное менюПрограммыАвтозагрузкаglobax.bat
@Alternate Data Stream — 88 bytes -> C:WINDOWSDocuments and SettingsПользовательГлавное менюПрограммыАвтозагрузкаglobax.bat:SummaryInformation
@Alternate Data Stream — 0 bytes -> C:WINDOWSDocuments and SettingsПользовательГлавное менюПрограммыАвтозагрузкаglobax.bat:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
[2009.01.27 13:41:11 | 00,000,042 | —- | M] () — C:WINDOWSстудия РУССКИЙ СТАНДАРТ представляет.pls
[2009.01.27 13:41:10 | 00,000,084 | —- | M] () — C:WINDOWSwinamp.ini
[2009.01.27 12:43:51 | 00,079,527 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столtask468545_dr_mail_158.swf
[2009.01.26 23:16:54 | 00,270,039 | —- | M] () — D:Мои документыpromodj_Crystall_B_remix_2009.mp3
[2009.01.25 22:08:33 | 00,547,308 | —- | M] () — D:Мои документыpromodj_Racing_club.mp3
[2009.01.25 22:05:11 | 00,685,496 | —- | M] () — D:Мои документыpromodj_Golden_Autumn.mp3
[2009.01.25 21:53:33 | 00,582,749 | —- | M] () — D:Мои документыpromodj_Do_you_neel_the_cince_the_voas_t.mp3
[2009.01.25 21:51:01 | 00,544,732 | —- | M] () — D:Мои документыpromodj_Stalin_club_mix.mp3
[2009.01.25 21:48:04 | 00,629,992 | —- | M] () — D:Мои документыpromodj_Feel_right.mp3
[2009.01.25 15:44:55 | 00,000,032 | —- | M] () — C:WINDOWSSystem32w3data.vss
[2009.01.25 15:44:55 | 00,000,032 | —- | M] () — C:WINDOWSSystem32msvcsv60.dll
[2009.01.25 15:44:55 | 00,000,032 | —- | M] () — C:WINDOWSmsocreg32.dat
[2009.01.25 15:23:18 | 00,223,692 | —- | M] () — D:Мои документыpromodj_Stargroove_and_Trox_Lonely_In_Motion_Yuriy_Poleg_remix_CUT.mp3
[2009.01.25 15:22:01 | 00,276,278 | —- | M] () — D:Мои документыpromodj_Dean_Saunders_feat_Nicole_Tyler_Changes_Yuriy_Poleg_remix_Cut.mp3
[2009.01.25 15:21:21 | 00,512,831 | —- | M] () — D:Мои документыpromodj_Eight_Gates_on_the_bluff_Yuriy_Poleg_remix_Demo_cut.mp3
[2009.01.25 15:18:40 | 00,312,223 | —- | M] () — D:Мои документыpromodj_Katy_Perry_I_Kissed_A_Girl_Yuriy_poleg_radio_pop_mix.mp3
[2009.01.25 15:13:49 | 00,508,428 | —- | M] () — D:Мои документыpromodj_Nikolay_Baskov_Taisiya_Povaliy_vs_Beat_M_Project_Ti_daleko_DCJ_ASmix_Remix.mp3
[2009.01.25 15:11:52 | 00,392,715 | —- | M] () — D:Мои документыpromodj_Banderos_vs_DJ_Smash_Moskovskaya_Zhizn_DCJ_ASmix_Remix.mp3
[2009.01.25 14:48:38 | 00,434,106 | —- | M] () — D:Мои документыpromodj_1coolbass_cat_in_the_sky_ambient_trip_versia_on_acappela_Olga_Koshka_Max_Kizima_Cat_In_The_Sky_Koshka_s_vocal.mp3
[2009.01.25 14:46:22 | 00,382,808 | —- | M] () — D:Мои документыpromodj_1coolbass_Odna_takaya.mp3
[2009.01.25 14:44:14 | 00,363,692 | —- | M] () — D:Мои документыpromodj_1coolbass_coffee_with_milk.mp3
[2009.01.24 18:56:59 | 00,000,154 | —- | M] () — C:WINDOWSODBC.INI
[2009.01.24 18:56:59 | 00,000,049 | —- | M] () — C:WINDOWStransp.gif
[2009.01.24 15:46:59 | 00,000,360 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столКопия 1.html
[2009.01.24 15:26:41 | 00,001,366 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий стол1.html
[2009.01.23 23:47:56 | 00,000,046 | —- | M] () — C:WINDOWSSOL.INI
[2009.01.23 15:53:17 | 00,000,214 | —- | M] () — C:Boot.bak
[2009.01.23 11:41:10 | 00,538,099 | —- | M] () — D:Мои документыpromodj_Sam_Pause_Walk_on_Stars.mp3
[2009.01.22 13:37:37 | 00,184,237 | —- | M] () — D:Мои документыpromodj_IBICA.mp3
[2009.01.22 10:29:37 | 00,247,012 | —- | M] () — D:Мои документыpromodj_CITY_ZEN_feat_PAPRIKA_SOLNCA_SLEZI_Rick_Tyler_remix (1).mp3
[2009.01.22 10:19:28 | 00,716,402 | —- | M] () — D:Мои документыpromodj_The_Maneken_Space_Club_DJ_Lutique_Remix.mp3
[2009.01.20 23:48:56 | 00,001,472 | —- | M] () — C:WINDOWSwcx_ftp.ini
[2009.01.20 22:37:33 | 00,001,608 | —- | M] () — C:WINDOWSDocuments and SettingsAll UsersРабочий столMozilla Firefox.lnk
[2009.01.19 11:50:41 | 00,477,576 | —- | M] () — D:Мои документыpromodj_Tina_Charlz_Belim_Belim_DJ_Jenya_Lenar_Remix.mp3
[2009.01.17 15:05:27 | 00,445,660 | —- | M] () — D:Мои документыpromodj_Infiniti_Gde_ti_radio_edit.mp3
[2009.01.17 15:04:55 | 00,407,219 | —- | M] () — D:Мои документыpromodj_Sveta_Ne_Govori_Infiniti_remix.mp3
[2009.01.17 14:29:02 | 00,345,173 | —- | M] () — D:Мои документыpromodj_Vel_Serie_glaza_DJ_Giga_Gabov_version.mp3
[2009.01.17 14:20:55 | 00,586,071 | —- | M] () — D:Мои документыpromodj_Sergey_Zhukov_Hocheca_DJ_Giga_Gabov_huligan_RMX.mp3
[2009.01.17 12:24:46 | 00,062,759 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столНа летящем коне.mid
[2009.01.17 10:17:57 | 01,947,509 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столdevicons.rar
[2009.01.16 21:24:39 | 09,932,800 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столmasterboy_-_dancin_forever_disco_mix.mp3
[2009.01.16 18:54:46 | 00,469,486 | —- | M] () — D:Мои документыpromodj_Sagittarius_Nina_Original_Mix_Cut.mp3
[2009.01.16 18:52:41 | 00,669,353 | —- | M] () — D:Мои документыpromodj_Sagittarius_Nina_Orlova_Cri_De_Coeur.mp3
[2009.01.16 18:52:15 | 00,746,211 | —- | M] () — D:Мои документыpromodj_SAGITTARIUS_Space_Dancer_Original_Mix_promo.mp3
[2009.01.16 18:48:56 | 00,715,541 | —- | M] () — D:Мои документыpromodj_Sagittarius_Nina_Orlova_Positive_Power_Vibration.mp3
[2009.01.16 18:43:45 | 00,490,864 | —- | M] () — D:Мои документыpromodj_Sagittarius_Nina_Orlova_Positive_Power_Vibration_mr_u_gyn_s_disco_mix.mp3
[2009.01.16 16:42:13 | 00,000,116 | —- | M] () — C:WINDOWSMP-3.pls
[2009.01.16 12:55:27 | 07,538,176 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столparadisio_-_vamos_a_la_discoteca_(diy_devilfeel_acapella).mp3
[2009.01.16 12:45:27 | 00,662,170 | —- | M] () — D:Мои документыpromodj_SAZH_Telki_club_mix.mp3
[2009.01.16 12:27:34 | 00,345,218 | —- | M] () — D:Мои документыpromodj_Rufus_K_MoonLight_Promo_Cut.mp3
[2009.01.16 12:11:02 | 04,935,724 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столpromodj_Next_time.mp3
[2009.01.16 12:07:46 | 00,585,446 | —- | M] () — D:Мои документыpromodj_Next_time.mp3
[2009.01.15 10:53:34 | 00,249,515 | —- | M] () — D:Мои документыpromodj_Groove_Gangsters_Funky_Beats_Andrey_Bel_DaBass_Demo_Mix.mp3
[2009.01.15 10:52:47 | 00,362,251 | —- | M] () — D:Мои документыpromodj_Dos_Buratinos_Control_U_Andrey_Bel_Remix.mp3
[2009.01.15 10:49:45 | 00,359,476 | —- | M] () — D:Мои документыpromodj_Pansku_Interlunar_Andrey_Bel_Atmospher_Mix.mp3
[2009.01.15 10:46:41 | 00,840,598 | —- | M] () — D:Мои документыpromodj_Andrey_Vakulenko_Faith_Mistral_Belligerant_remix.mp3
[2009.01.15 10:45:03 | 00,434,897 | —- | M] () — D:Мои документыpromodj_Andrey_Vakulenko_Faith_novu5_remix.mp3
[2009.01.15 10:43:10 | 00,528,635 | —- | M] () — D:Мои документыpromodj_Andrey_Vakulenko_Faith_Pavlov_Computers_remix.mp3
[2009.01.15 10:41:21 | 00,576,100 | —- | M] () — D:Мои документыpromodj_Andrey_Vakulenko_Faith_Dj_Novikoff_remix.mp3
[2009.01.14 16:11:32 | 00,038,496 | —- | M] (Malwarebytes Corporation) — C:WINDOWSSystem32driversmbamswissarmy.sys
[2009.01.14 16:11:28 | 00,015,504 | —- | M] (Malwarebytes Corporation) — C:WINDOWSSystem32driversmbam.sys
[2009.01.13 21:27:21 | 00,413,060 | —- | M] () — D:Мои документыpromodj_Dj_Xclusive_ElectroTonik.mp3
[2009.01.13 21:26:02 | 00,407,966 | —- | M] () — D:Мои документыpromodj_Dj_Xclusive_A_freak_A_demo.mp3
[2009.01.13 13:56:47 | 00,527,918 | —- | M] () — D:Мои документыpromodj_Sasha_Project_Mne_ne_nuzhno_nichego_Dj_Master_Sailor_RMX.mp3
[2009.01.12 23:40:47 | 01,081,772 | —- | M] () — D:Мои документыpromodj_SCWEAR_Lightening.mp3
[2009.01.12 21:04:53 | 00,603,435 | —- | M] () — D:Мои документыpromodj_Babba_House_The_magic_vibrations_feat_Daniel_Bineo.mp3
[2009.01.12 21:01:21 | 00,464,770 | —- | M] () — D:Мои документыpromodj_Mari_Ferrari_No_Money_No_GAZ.mp3
[2009.01.12 18:27:00 | 00,015,294 | —- | M] () — D:Мои документыcat880img389.html
[2009.01.11 12:18:21 | 00,002,206 | —- | M] () — C:WINDOWSSystem32wpa.dbl
[2009.01.10 20:02:20 | 00,821,766 | —- | M] () — D:Мои документыpromodj_Dos_Buratinos_Control_U_happy_u_mix_by_DzheySi (1).mp3
[2009.01.10 20:01:14 | 00,491,329 | —- | M] () — D:Мои документыpromodj_DzheySi_Nam_veselo.mp3
[2009.01.10 19:59:30 | 00,674,868 | —- | M] () — D:Мои документыpromodj_DzheySi_Dumaya_o_tebe_romantic_mix.mp3
[2009.01.10 19:55:03 | 01,046,810 | —- | M] () — D:Мои документыpromodj_DzheySi_Romantika.mp3
[2009.01.10 19:45:38 | 01,026,821 | —- | M] () — D:Мои документыpromodj_NoFrost_Soul_Cola_Work_It_Out.mp3
[2009.01.10 18:18:27 | 00,003,283 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столЗакругленные углы.html
[2009.01.08 19:49:44 | 00,692,373 | —- | M] () — D:Мои документыpromodj_Emergency_feat_Elina_Milan_Don_t_say_good_bye_Original_Vocal_Mix.mp3
[2009.01.08 11:12:02 | 00,001,421 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столЗарница.lnk
[2009.01.07 16:51:58 | 00,398,475 | —- | M] () — D:Мои документыpromodj_Interlunar (3).mp3
[2009.01.07 16:28:52 | 00,458,188 | —- | M] () — D:Мои документыpromodj_NewTone_Sad_song_DJ_Kalipso_ReMix.mp3
[2009.01.07 16:27:42 | 00,753,664 | —- | M] () — D:Мои документыpromodj_NEWTONE_SAD_SONG_BASSUS_1997_MIX.mp3
[2009.01.07 12:16:42 | 00,735,713 | —- | M] () — D:Мои документыpromodj_Unknow_Artist_Zarisovka.mp3
[2009.01.07 12:08:30 | 01,357,218 | —- | M] () — D:Мои документыpromodj_MD_S_Pavlov_Lyubimaya_Skazka_Detyam_do_16_ti.mp3
[2009.01.07 11:37:21 | 00,404,781 | —- | M] () — D:Мои документыpromodj_Andrey_Vakulenko_vs_Alesandr_Vrtinskiy_Utomlennoe_Solnce.mp3
[2009.01.06 12:52:48 | 00,463,473 | —- | M] () — D:Мои документыpromodj_CITY_ZEN_feat_PAPRIKA_SOLNCA_SLEZI_The_highlights_remix.mp3
[2009.01.06 12:45:38 | 00,609,923 | —- | M] () — D:Мои документыpromodj_CITY_ZEN_feat_PAPRIKA_HOLODNO_Soulstate_remix.mp3
[2009.01.06 12:42:58 | 00,520,374 | —- | M] () — D:Мои документыpromodj_CITY_ZEN_feat_PAPRIKA_HOLODNO_DJ_Deniska_remix.mp3
[2009.01.05 11:36:26 | 00,143,902 | —- | M] () — D:Мои документыpromodj_City_Zen_feat_Paprika_Holodno_Dj_Starshiy_Remusix (1).mp3
[2009.01.05 11:35:27 | 00,946,386 | —- | M] () — D:Мои документыpromodj_Ksky_Its_Black_Pink_Dj_Starshiy_Vodka_Rmx.mp3
[2009.01.05 11:34:50 | 00,992,853 | —- | M] () — D:Мои документыpromodj_The_Politik_Saturn_Dj_Starshiy_Remix.mp3
[2009.01.05 11:33:35 | 00,864,431 | —- | M] () — D:Мои документыpromodj_Ralf_Gum_ft_Rachel_Claudio_If_No_Harm_Dj_Starshiy_Rmx.mp3
[2009.01.05 11:33:03 | 00,804,313 | —- | M] () — D:Мои документыpromodj_Tomato_Jaws_One_Sectret_Dj_Starshiy_Funky_Sound.mp3
[2009.01.04 20:23:34 | 00,725,567 | —- | M] () — D:Мои документыpromodj_City_Zen_feat_Paprika_Holodno_Dj_Starshiy_Remusix.mp3
[2009.01.04 20:22:19 | 00,779,472 | —- | M] () — D:Мои документыpromodj_CITY_ZEN_feat_Paprika_Holodno_Varda_Love_Making_remix.mp3
[2009.01.04 20:12:20 | 00,422,962 | —- | M] () — D:Мои документыpromodj_Shiny_Stars_Kings_of_the_Roads_Acapella.mp3
[2009.01.03 13:10:46 | 00,001,543 | —- | M] () — C:WINDOWSDocuments and SettingsПользовательРабочий столresizer.js
[2009.01.02 19:42:06 | 02,645,660 | -H— | M] () — C:WINDOWSDocuments and SettingsПользовательLocal SettingsApplication DataIconCache.db
< End of report >Да, DHCP включен и запускается автоматически.
Логи делю на несколько сообщений.
OTViewIt.Txt:
OTViewIt logfile created on: 01.02.2009 18:17:24 — Run 2
OTViewIt by OldTimer — Version 1.0.21.0 Folder = C:WINDOWSDocuments and SettingsПользовательРабочий стол
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) — Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000419 | Country: Россия | Language: RUS | Date Format: dd.MM.yyyy1023,48 Mb Total Physical Memory | 522,04 Mb Available Physical Memory | 51,01% Memory free
2,40 Gb Paging File | 1,69 Gb Available in Paging File | 70,48% Paging File free
Paging file location(s): C:pagefile.sys 1536 3072;%SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files
Drive C: | 39,06 Gb Total Space | 5,67 Gb Free Space | 14,52% Space Free | Partition Type: NTFS
Drive D: | 259,02 Gb Total Space | 245,36 Gb Free Space | 94,73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 196,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive Z: | 259,02 Gb Total Space | 245,36 Gb Free Space | 94,73% Space Free | Partition Type: NTFSComputer Name: КОМПЬЮТЕР
Current User Name: Пользователь
Logged in as Administrator.Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days========== Processes ==========
[2004.08.17 17:05:06 | 00,050,688 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32smss.exe
[2004.08.17 17:05:10 | 00,503,808 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32winlogon.exe
[2004.08.17 17:05:04 | 00,108,544 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32services.exe
[2007.12.04 16:36:33 | 00,017,272 | —- | M] (ALWIL Software) — C:Program FilesAvast4aswUpdSv.exe
[2007.12.04 15:00:16 | 00,140,664 | —- | M] (ALWIL Software) — C:Program FilesAvast4ashServ.exe
[2007.03.20 03:19:37 | 01,607,680 | —- | M] (Корпорация Майкрософт) — C:WINDOWSexplorer.exe
[2008.08.30 21:01:38 | 00,577,024 | —- | M] (http://tortoisesvn.net) — C:Program FilesTortoiseSVNbinTSVNCache.exe
[2006.02.28 11:42:38 | 00,229,376 | —- | M] (Apple Computer, Inc.) — C:Program FilesBonjourmDNSResponder.exe
[2004.08.17 17:05:04 | 00,033,280 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32rundll32.exe
[2007.03.12 17:54:10 | 00,931,376 | —- | M] (Nero AG) — C:Program FilesNero 7InCDInCDsrv.exe
[2007.04.12 16:33:10 | 16,132,608 | —- | M] (Realtek Semiconductor Corp.) — C:WINDOWSRTHDCPL.exe
[2007.12.04 15:00:23 | 00,079,224 | —- | M] (ALWIL Software) — C:Program FilesAvast4ashDisp.exe
[2007.03.12 17:54:20 | 01,626,160 | —- | M] (Nero AG) — C:Program FilesNero 7InCDNBHGui.exe
[2004.08.17 17:05:04 | 00,033,280 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32rundll32.exe
[2006.10.26 12:40:34 | 00,335,872 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
[2007.03.12 12:49:26 | 00,153,136 | —- | M] (Nero AG) — C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
[2004.08.17 17:05:04 | 00,033,280 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32rundll32.exe
[2006.10.22 11:22:00 | 00,159,810 | —- | M] (NVIDIA Corporation) — C:WINDOWSsystem32nvsvc32.exe
[2006.11.13 17:21:56 | 01,289,000 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft ActiveSyncwcescomm.exe
[2006.11.13 17:21:46 | 00,199,464 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft ActiveSyncrapimgr.exe
[2008.06.26 21:02:41 | 00,103,444 | —- | M] () — C:Program Filesglobaxglobax_daemon.exe
[2007.12.04 14:59:53 | 00,247,160 | —- | M] (ALWIL Software) — C:Program FilesAvast4ashMaiSv.exe
[2007.12.04 14:59:01 | 00,345,464 | —- | M] (ALWIL Software) — C:Program FilesAvast4ashWebSv.exe
[2007.03.12 12:49:46 | 00,271,920 | —- | M] (Nero AG) — C:Program FilesCommon FilesAheadLibNMIndexingService.exe
[2007.03.12 12:49:46 | 01,209,904 | —- | M] (Nero AG) — C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
[2007.04.03 18:32:06 | 00,079,360 | —- | M] (Opera Software) — C:Program FilesOperaOpera.exe
[2008.02.10 18:25:16 | 00,375,808 | —- | M] (Image-Line) — C:Program FilesFL Studio 8FL.exe
[2006.03.20 17:37:50 | 05,689,344 | —- | M] (Gabest) — C:Program FilesK-Lite Codec PackMedia Player Classicmplayerc.exe
[2008.03.12 19:45:27 | 00,212,992 | —- | M] (Omicom Technologies | Russian by micol) — C:Program FilesOmicom IP Servicess4ip.exe
[2007.03.20 03:19:37 | 01,607,680 | —- | M] (Корпорация Майкрософт) — C:WINDOWSexplorer.exe
[2009.02.01 18:12:09 | 00,422,912 | —- | M] (OldTimer Tools) — C:WINDOWSDocuments and SettingsПользовательРабочий столOTViewIt.exe========== (O23) Win32 Services ==========
[2005.09.23 06:28:32 | 00,029,896 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe — (aspnet_state [On_Demand | Stopped])
[2007.12.04 16:36:33 | 00,017,272 | —- | M] (ALWIL Software) — C:Program FilesAvast4aswUpdSv.exe — (aswUpdSv [Auto | Running])
[2007.12.04 15:00:16 | 00,140,664 | —- | M] (ALWIL Software) — C:Program FilesAvast4ashServ.exe — (avast! Antivirus [Auto | Running])
[2007.12.04 14:59:53 | 00,247,160 | —- | M] (ALWIL Software) — C:Program FilesAvast4ashMaiSv.exe — (avast! Mail Scanner [On_Demand | Running])
[2007.12.04 14:59:01 | 00,345,464 | —- | M] (ALWIL Software) — C:Program FilesAvast4ashWebSv.exe — (avast! Web Scanner [On_Demand | Running])
[2006.02.28 11:42:38 | 00,229,376 | —- | M] (Apple Computer, Inc.) — C:Program FilesBonjourmDNSResponder.exe — (Bonjour Service [Auto | Running])
[2005.09.23 06:28:56 | 00,066,240 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe — (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2004.08.17 17:05:04 | 00,108,544 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32services.exe — (Eventlog [Auto | Running])
[2008.06.27 13:15:24 | 00,654,848 | —- | M] (Macrovision Europe Ltd.) — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe — (FLEXnet Licensing Service [On_Demand | Stopped])
[2006.09.08 19:26:58 | 00,036,864 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe — (FontCache3.0.0.0 [On_Demand | Stopped])
[2006.09.11 01:08:52 | 00,741,376 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe — (idsvc [Unknown | Stopped])
[2007.03.12 17:54:10 | 00,931,376 | —- | M] (Nero AG) — C:Program FilesNero 7InCDInCDsrv.exe — (InCDsrv [Auto | Running])
[2006.10.26 12:40:34 | 00,335,872 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe — (MDM [Auto | Running])
[2004.08.17 17:04:54 | 00,032,768 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32mnmsrvc.exe — (mnmsrvc [On_Demand | Stopped])
[2007.01.15 16:14:38 | 00,774,144 | —- | M] (Nero AG) — C:Program FilesNero 7Nero BackItUpNBService.exe — (NBService [On_Demand | Stopped])
[2004.08.17 17:04:58 | 00,113,664 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32netdde.exe — (NetDDE [Disabled | Stopped])
[2004.08.17 17:04:58 | 00,113,664 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32netdde.exe — (NetDDEdsdm [Disabled | Stopped])
[2006.09.11 01:08:56 | 00,122,880 | —- | M] (Microsoft Corporation) — C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe — (NetTcpPortSharing [Disabled | Stopped])
[2007.03.12 12:49:46 | 00,271,920 | —- | M] (Nero AG) — C:Program FilesCommon FilesAheadLibNMIndexingService.exe — (NMIndexingService [On_Demand | Running])
[2006.10.22 11:22:00 | 00,159,810 | —- | M] (NVIDIA Corporation) — C:WINDOWSsystem32nvsvc32.exe — (NVSvc [Auto | Running])
[2006.10.26 18:49:34 | 00,441,136 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE — (odserv [On_Demand | Stopped])
[2006.10.26 12:03:08 | 00,145,184 | —- | M] (Microsoft Corporation) — C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE — (ose [On_Demand | Stopped])
[2004.08.17 17:05:04 | 00,108,544 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32services.exe — (PlugPlay [Auto | Running])
[2004.08.17 17:05:06 | 00,141,312 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32sessmgr.exe — (RDSessMgr [On_Demand | Stopped])
[2004.08.17 17:05:04 | 00,096,768 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32scardsvr.exe — (SCardSvr [On_Demand | Stopped])
[2004.08.17 17:05:06 | 00,091,648 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32smlogsvc.exe — (SysmonLog [On_Demand | Stopped])
[2004.08.17 17:05:08 | 00,073,216 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32tlntsvr.exe — (TlntSvr [Disabled | Stopped])
[2004.08.17 17:05:10 | 00,290,304 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32vssvc.exe — (VSS [On_Demand | Stopped])
[2004.08.17 17:05:12 | 00,126,464 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32wbemwmiapsrv.exe — (WmiApSrv [On_Demand | Stopped])
[2006.11.02 22:06:32 | 00,914,944 | —- | M] (Microsoft Corporation) — C:Program FilesWindows Media Playerwmpnetwk.exe — (WMPNetworkSvc [On_Demand | Stopped])========== Driver Services ==========
[2007.12.04 16:49:02 | 00,026,624 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaavmker4.sys — (Aavmker4 [System | Running])
[2004.08.17 16:46:54 | 00,188,288 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversacpi.sys — (ACPI [Boot | Running])
[2001.10.20 17:00:00 | 00,011,776 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversacpiec.sys — (ACPIEC [Disabled | Stopped])
[2007.12.04 16:55:46 | 00,094,544 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaswmon2.sys — (aswMon2 [Auto | Running])
[2007.12.04 16:53:39 | 00,023,152 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaswRdr.sys — (aswRdr [On_Demand | Running])
[2007.12.04 16:51:52 | 00,042,912 | —- | M] (ALWIL Software) — C:WINDOWSSystem32driversaswTdi.sys — (aswTdi [System | Running])
[2004.08.03 23:10:40 | 00,017,024 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversBthEnum.sys — (BthEnum [On_Demand | Stopped])
[2004.08.03 23:10:40 | 00,038,016 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversbthmodem.sys — (BTHMODEM [On_Demand | Stopped])
[2004.08.03 22:58:40 | 00,100,992 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversbthpan.sys — (BthPan [On_Demand | Stopped])
[2004.08.17 15:50:16 | 00,274,688 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversbthport.sys — (BTHPORT [On_Demand | Stopped])
[2004.08.03 23:10:36 | 00,018,944 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversBTHUSB.SYS — (BTHUSB [On_Demand | Stopped])
[2001.10.20 17:00:00 | 00,034,944 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversfips.sys — (Fips [System | Running])
[2001.10.20 17:00:00 | 00,125,440 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversftdisk.sys — (Ftdisk [Boot | Running])
[2005.01.07 16:07:18 | 00,138,752 | —- | M] (Windows (R) Server 2003 DDK provider) — C:WINDOWSsystem32driversHdaudbus.sys — (HDAudBus [On_Demand | Running])
[2004.08.17 16:51:24 | 00,053,376 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversi8042prt.sys — (i8042prt [System | Running])
[2007.03.12 17:53:50 | 00,118,064 | —- | M] (Nero AG) — C:WINDOWSsystem32driversInCDfs.sys — (InCDfs [Disabled | Running])
[2007.03.12 17:54:00 | 00,037,040 | —- | M] (Nero AG) — C:WINDOWSsystem32driversInCDPass.sys — (InCDPass [System | Running])
[2007.03.12 17:54:10 | 00,038,576 | —- | M] (Nero AG) — C:WINDOWSsystem32driversInCDRm.sys — (incdrm [System | Running])
[2007.04.23 17:12:28 | 04,402,176 | —- | M] (Realtek Semiconductor Corp.) — C:WINDOWSsystem32driversRtkHDAud.sys — (IntcAzAudAddService [On_Demand | Running])
[2001.10.19 19:22:20 | 00,036,096 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversisapnp.sys — (isapnp [Boot | Running])
[2004.08.17 16:54:38 | 00,024,832 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverskbdclass.sys — (Kbdclass [System | Running])
[2004.08.17 15:54:38 | 00,014,848 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverskbdhid.sys — (kbdhid [System | Running])
[2007.03.20 03:28:51 | 00,030,208 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversmodem.sys — (Modem [On_Demand | Running])
[2007.06.18 14:19:50 | 00,017,920 | —- | M] (Motorola) — C:WINDOWSsystem32driversmotccgp.sys — (motccgp [On_Demand | Stopped])
[2007.01.22 18:33:00 | 00,007,680 | —- | M] (Motorola) — C:WINDOWSsystem32driversmotccgpfl.sys — (motccgpfl [On_Demand | Stopped])
[2007.05.07 14:11:22 | 00,042,112 | —- | M] (Motorola Inc) — C:WINDOWSsystem32driversmotodrv.sys — (MotDev [On_Demand | Stopped])
[2007.06.18 14:18:26 | 00,023,680 | —- | M] (Motorola) — C:WINDOWSsystem32driversmotmodem.sys — (motmodem [On_Demand | Running])
[2007.03.20 03:28:51 | 00,023,296 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversmouclass.sys — (Mouclass [System | Running])
[2001.10.19 20:33:10 | 00,012,160 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversmouhid.sys — (mouhid [On_Demand | Running])
[2004.08.03 22:10:14 | 00,015,360 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversMPE.sys — (MPE [On_Demand | Stopped])
[2008.02.29 15:51:32 | 00,100,528 | —- | M] (Omicom Technologies) — C:WINDOWSsystem32driversMPEVirtual.sys — (MPEVirtual [On_Demand | Running])
[2001.08.17 20:53:42 | 00,004,992 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversloop.sys — (msloop [On_Demand | Running])
[2007.09.26 09:37:28 | 00,113,696 | —- | M] (IBIK) — C:WINDOWSsystem32mute2x.sys — (MUTE2X_SERVICE [Boot | Running])
[2006.10.22 11:22:00 | 03,994,624 | —- | M] (NVIDIA Corporation) — C:WINDOWSsystem32driversnv4_mini.sys — (nv [On_Demand | Running])
[2008.03.11 22:03:02 | 00,232,576 | —- | M] (Omicom Technologies Co,.Ltd) — C:WINDOWSsystem32driversss4bda.sys — (Omicom [On_Demand | Running])
[2007.03.20 03:28:51 | 00,080,128 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversparport.sys — (Parport [On_Demand | Running])
[2001.10.20 17:00:00 | 00,006,912 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversparvdm.sys — (ParVdm [Auto | Running])
[2004.08.17 14:46:56 | 00,068,480 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverspci.sys — (PCI [Boot | Running])
[2001.10.19 19:32:14 | 00,003,328 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverspciide.sys — (PCIIde [Boot | Running])
[2004.08.17 16:47:02 | 00,119,936 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driverspcmcia.sys — (Pcmcia [Disabled | Stopped])
[2001.10.20 17:00:00 | 00,017,792 | —- | M] (Parallel Technologies, Inc.) — C:WINDOWSsystem32driversptilink.sys — (Ptilink [On_Demand | Running])
[2007.03.08 02:51:00 | 00,043,528 | —- | M] (Sonic Solutions) — C:WINDOWSsystem32driversPxHelp20.sys — (PxHelp20 [Boot | Running])
[2004.08.17 18:49:32 | 00,058,112 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversredbook.sys — (redbook [System | Running])
[2004.08.03 23:10:40 | 00,059,648 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversrfcomm.sys — (RFCOMM [On_Demand | Stopped])
[2006.11.08 11:51:54 | 00,062,336 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversrspndr.sys — (rspndr [Auto | Running])
[2004.08.04 01:31:34 | 00,020,992 | —- | M] (Realtek Semiconductor Corporation) — C:WINDOWSsystem32driversRTL8139.sys — (rtl8139 [On_Demand | Stopped])
[2005.10.16 04:15:41 | 00,027,171 | —- | M] (PowerISO Computing, Inc.) — C:WINDOWSSystem32driversscdemu.sys — (SCDEmu [System | Running])
[2004.07.17 12:36:38 | 00,027,440 | —- | M] () — C:WINDOWSsystem32driverssecdrv.sys — (Secdrv [On_Demand | Stopped])
[2004.08.17 16:51:24 | 00,065,408 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driversserial.sys — (Serial [System | Running])
[2004.08.17 16:58:30 | 00,073,472 | —- | M] (Корпорация Майкрософт) — C:WINDOWSsystem32driverssr.sys — (Sr [Boot | Running])
[2007.10.24 10:47:26 | 00,023,288 | —- | M] (SIA Syncrosoft) — C:WINDOWSsystem32driverssynasUSB.sys — (SynasUSB [On_Demand | Stopped])
[2002.04.16 11:31:06 | 00,061,536 | —- | M] (PACE Anti-Piracy, Inc.) — C:WINDOWSSystem32driversTPkd.sys — (TPkd [Boot | Running])
[2005.10.21 04:47:05 | 00,012,800 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driversusb8023x.sys — (usb_rndisx [On_Demand | Stopped])
[2004.08.17 16:53:24 | 00,051,968 | —- | M] (Корпорация Майкрософт) — C:WINDOWSSystem32driversvolsnap.sys — (VolSnap [Boot | Running])
[2006.11.02 06:22:54 | 00,492,000 | —- | M] (Microsoft Corporation) — C:WINDOWSsystem32driverswdf01000.sys — (Wdf01000 [On_Demand | Running])========== (R ) Internet Explorer ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMain]
«Default_Page_URL»=http://go.microsoft.com/fwlink/?LinkId=69157
«Default_Search_URL»=http://go.microsoft.com/fwlink/?LinkId=54896
«Default_Secondary_Page_URL»=
«Extensions Off Page»=about:NoAdd-ons
«Search Page»=http://go.microsoft.com/fwlink/?LinkId=54896
«Security Risk Page»=about:SecurityRisk
«Start Page»=http://www.msn.com/[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearch]
«CustomizeSearch»=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
«SearchAssistant»=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm[HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerMain]
«Local Page»=C:WINDOWSsystem32blank.htm
«Page_Transitions»=
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Start Page»=about:blank[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchURLg]
«»=http://www.google.com/search?q=%s[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{CFBFAE00-17A6-11D0-99CB-00C04FD64497}» (HKLM) — C:WINDOWSsystem32ieframe.dll (Microsoft Corporation)[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 1
«ProxyOverride» = localhost;test1.ru;subdomain.test1.ru;[HKEY_USERS.DEFAULTSOFTWAREMicrosoftInternet ExplorerMain]
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Start Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome[HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerSearchURLg]
«»=http://www.google.com/search?q=%s[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-18SOFTWAREMicrosoftInternet ExplorerMain]
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Start Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome[HKEY_USERSS-1-5-18SoftwareMicrosoftInternet ExplorerSearchURLg]
«»=http://www.google.com/search?q=%s[HKEY_USERSS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-19SOFTWAREMicrosoftInternet ExplorerMain]
«Start Page»=about:blank[HKEY_USERSS-1-5-19SoftwareMicrosoftInternet ExplorerSearchURLg]
«»=http://www.google.com/search?q=%s[HKEY_USERSS-1-5-19SoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{CFBFAE00-17A6-11D0-99CB-00C04FD64497}» (HKLM) — C:WINDOWSsystem32ieframe.dll (Microsoft Corporation)[HKEY_USERSS-1-5-19SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-20SOFTWAREMicrosoftInternet ExplorerMain]
«Start Page»=about:blank[HKEY_USERSS-1-5-20SoftwareMicrosoftInternet ExplorerSearchURLg]
«»=http://www.google.com/search?q=%s[HKEY_USERSS-1-5-20SoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{CFBFAE00-17A6-11D0-99CB-00C04FD64497}» (HKLM) — C:WINDOWSsystem32ieframe.dll (Microsoft Corporation)[HKEY_USERSS-1-5-20SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 0[HKEY_USERSS-1-5-21-1606980848-963894560-839522115-1003SOFTWAREMicrosoftInternet ExplorerMain]
«Local Page»=C:WINDOWSsystem32blank.htm
«Page_Transitions»=
«Search Page»=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
«Start Page»=about:blank[HKEY_USERSS-1-5-21-1606980848-963894560-839522115-1003SoftwareMicrosoftInternet ExplorerSearchURLg]
«»=http://www.google.com/search?q=%s[HKEY_USERSS-1-5-21-1606980848-963894560-839522115-1003SoftwareMicrosoftInternet ExplorerURLSearchHooks]
«{CFBFAE00-17A6-11D0-99CB-00C04FD64497}» (HKLM) — C:WINDOWSsystem32ieframe.dll (Microsoft Corporation)[HKEY_USERSS-1-5-21-1606980848-963894560-839522115-1003SoftwareMicrosoftWindowsCurrentVersionInternet Settings]
«ProxyEnable» = 1
«ProxyOverride» = localhost;test1.ru;subdomain.test1.ru;========== (O1) Hosts File ==========
HOSTS File = (290187 bytes) — C:WINDOWSSystem32driversetcHosts
First 25 entries…
127.0.0.1 localhost
127.0.0.1 test1.ru
127.0.0.1 subdomain.localhost
127.0.0.1 subdomain.test1.ru
127.0.0.1 custom-host
127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com
127.0.0.1 http://www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 http://www.1000gratisproben.com
127.0.0.1 http://www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 http://www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 http://www.100sexlinks.com
127.0.0.1 100sexlinks.com
10020 more lines…========== (O2) BHO’s ==========
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll (Adobe Systems Incorporated)
{16664845-0E00-11D2-8059-000000000000} (HKLM) — C:Program FilesCommon FilesReGet SharedCatcher.dll (ReGet Software)
{53707962-6F74-2D53-2644-206D7942484F} (HKLM) — C:Program FilesSpybot — Search & DestroySDHelper.dll (Safer Networking Limited)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) — C:Program FilesJavajre1.6.0_01binssv.dll (Sun Microsystems, Inc.)========== (O3) Toolbars ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolBar]
«{17939A30-18E2-471E-9D3A-56DD725F1215}» (HKLM) — C:Program FilesReGetDxiebar.dll (ReGet Software)[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)[HKEY_USERSS-1-5-21-1606980848-963894560-839522115-1003SoftwareMicrosoftInternet ExplorerToolbarShellBrowser]
«{01E04581-4EEE-11D0-BFE9-00AA005B4383}» (HKLM) — C:WINDOWSsystem32browseui.dll (Корпорация Майкрософт)========== (O4) Run Keys ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«avast!»=C:PROGRA~1Avast4ashDisp.exe (ALWIL Software)
«BluetoothAuthenticationAgent»=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe (Nero AG)
«NvCplDaemon»=RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup (NVIDIA Corporation)
«NvMediaCenter»=RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
«nwiz»=nwiz.exe /install ()
«RTHDCPL»=RTHDCPL.EXE (Realtek Semiconductor Corp.)
«SecurDisc»=C:Program FilesNero 7InCDNBHGui.exe (Nero AG)[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=»C:Program FilesCommon FilesAheadLibNMBgMonitor.exe» (Nero AG)
«H/PC Connection Agent»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe» (Microsoft Corporation)
«OM2_Monitor»=»C:Program FilesOLYMPUSOLYMPUS Master 2MMonitor.exe» -NoStart (OLYMPUS IMAGING CORP.)[HKEY_USERSS-1-5-21-1606980848-963894560-839522115-1003SOFTWAREMicrosoftWindowsCurrentVersionRun]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=»C:Program FilesCommon FilesAheadLibNMBgMonitor.exe» (Nero AG)
«H/PC Connection Agent»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe» (Microsoft Corporation)
«OM2_Monitor»=»C:Program FilesOLYMPUSOLYMPUS Master 2MMonitor.exe» -NoStart (OLYMPUS IMAGING CORP.)========== (O4) RunOnce Keys ==========
[HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionRunOnce]
«nltide_2″=regsvr32 /s /n /i:U shell32 (Корпорация Майкрософт)
«nltide_3″=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)[HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionRunOnce]
«nltide_2″=regsvr32 /s /n /i:U shell32 (Корпорация Майкрософт)
«nltide_3″=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)[HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionRunOnce]
«nltide_2″=regsvr32 /s /n /i:U shell32 (Корпорация Майкрософт)
«nltide_3″=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)[HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionRunOnce]
«nltide_2″=regsvr32 /s /n /i:U shell32 (Корпорация Майкрософт)
«nltide_3″=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)========== (O6 & O7) Current Version Policies ==========
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDrives»=0[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«NoInternetOpenWith»=1
«DisableRegistryTools»=0[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145
«NoSMMyPictures»=1
«NoStartBanner»=1
«NoRecentDocsMenu»=1
«NoRecentDocsHistory»=1
«NoResolveTrack»=1
«LinkResolveIgnoreLinkInfo»=1
«NoResolveSearch»=1
«NoLowDiskSpaceChecks»=1
«NoDrives»=0[HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145
«NoSMMyPictures»=1
«NoStartBanner»=1
«NoRecentDocsMenu»=1
«NoRecentDocsHistory»=1
«NoResolveTrack»=1
«LinkResolveIgnoreLinkInfo»=1
«NoResolveSearch»=1
«NoLowDiskSpaceChecks»=1[HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145
«NoSMMyPictures»=1
«NoStartBanner»=1
«NoRecentDocsMenu»=1
«NoRecentDocsHistory»=1
«NoResolveTrack»=1
«LinkResolveIgnoreLinkInfo»=1
«NoResolveSearch»=1
«NoLowDiskSpaceChecks»=1[HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145
«NoSMMyPictures»=1
«NoStartBanner»=1
«NoRecentDocsMenu»=1
«NoRecentDocsHistory»=1
«NoResolveTrack»=1
«LinkResolveIgnoreLinkInfo»=1
«NoResolveSearch»=1
«NoLowDiskSpaceChecks»=1[HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer]
«NoDriveTypeAutoRun»=145
«NoSMMyPictures»=1
«NoStartBanner»=1
«NoRecentDocsMenu»=1
«NoRecentDocsHistory»=1
«NoResolveTrack»=1
«LinkResolveIgnoreLinkInfo»=1
«NoResolveSearch»=1
«NoLowDiskSpaceChecks»=1ComboFix 09-01-21.04 — Пользователь 2009-01-30 20:16:16.1 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1251.1.1049.18.1023.499 [GMT 3:00]
Running from: d:мои документыSoftwareComboFix.exe
Command switches used :: d:мои документыSoftwareWindowsXP-KB310994-SP2-Pro-BootDisk-RUS.exe
* Created a new restore point
.
— REDUCED FUNCTIONALITY MODE —
.
ADS — svchost.exe: deleted 88 bytes in 2 streams.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.C:autorun.inf
c:windowsa3kebook.ini
c:windowsakebook.ini
c:windowsANS2000.INI
D:Autorun.inf.
((((((((((((((((((((((((( Files Created from 2008-12-28 to 2009-01-30 )))))))))))))))))))))))))))))))
.2009-01-27 20:13 . 2009-01-27 20:13
d
C:rsit
2009-01-23 23:47 . 2009-01-23 23:47 46 —a
c:windowsSOL.INI
2009-01-23 17:19 . 2009-01-23 17:19d
c:windowsDocuments and SettingsПользовательApplication DataMalwarebytes
2009-01-23 17:19 . 2009-01-14 16:11 38,496 —a
c:windowssystem32driversmbamswissarmy.sys
2009-01-23 17:19 . 2009-01-14 16:11 15,504 —a
c:windowssystem32driversmbam.sys
2009-01-23 17:18 . 2009-01-23 17:18d
c:windowsDocuments and SettingsAll UsersApplication DataMalwarebytes
2009-01-23 17:18 . 2009-01-23 17:19d
c:program filesMalwarebytes’ Anti-Malware
2009-01-23 12:46 . 2009-01-23 12:47d
C:Dragonfly
2009-01-20 22:37 . 2009-01-20 22:37d
c:windowsDocuments and SettingsПользовательApplication DataMozilla
2009-01-18 14:22 . 2009-01-18 14:22d
c:program filesUniversal Viewer
2009-01-18 14:18 . 2009-01-18 14:18d
c:program filesFoxit PDF Reader
2009-01-16 16:42 . 2009-01-16 16:42 116 —a
c:windowsMP-3.pls
2009-01-12 14:29 . 2009-01-12 14:29d
c:program filesAlawar
2009-01-10 13:25 . 2009-01-10 13:25d
c:program filesThemes
2008-12-31 17:01 . 2008-12-31 17:07d
c:windowsDocuments and SettingsПользовательApplication DataSexy Dreams
2008-12-31 17:01 . 2008-12-31 17:01d
c:program filesSexy Dreams
2008-12-31 13:43 . 2008-12-31 13:43d
c:program filesEDIROL
2008-12-31 11:31 . 2008-12-31 11:31 77 —a
c:windowswininit.ini
2008-12-31 00:09 . 2008-12-31 11:12d
c:windowsDocuments and SettingsAll UsersApplication DataSpybot — Search & Destroy
2008-12-31 00:09 . 2008-12-31 11:11d
c:program filesSpybot — Search & Destroy
2008-12-30 20:20 . 2008-12-30 20:20d
c:program filesRegMon
2008-12-30 13:33 . 2008-12-30 13:33d
c:program filesDMoNsoft
2008-12-30 13:04 . 2008-12-30 13:04d
c:program filesjv16 PowerTools
2008-12-30 13:04 . 2008-12-30 13:04 5 —a
c:windowssystem32SndDrv32a_k.oxc
2008-12-30 13:04 . 2008-12-30 13:04 5 —ahs—- c:windowssystem32AuxDrv32b_k.oxc
2008-12-29 19:39 . 2008-12-29 19:40d
c:windowssystem32NtmsData
2008-12-29 16:17 . 2008-12-29 16:18d
c:program filesDeskMates
2008-12-28 11:44 . 2009-01-20 23:45d
c:program filesFreeCap
2008-12-27 23:00 . 2008-12-27 23:00d
c:windowsDocuments and SettingsЗарницаApplication DataShinycore
2008-12-27 22:40 . 2008-12-27 22:45d
c:windowsDocuments and SettingsЗарницаApplication DataImagenomic
2008-12-27 22:09 . 2008-12-27 22:09d
c:program filesImage Trends Inc
2008-12-27 22:04 . 2004-06-04 21:22 782,336 —a
c:windowssystem32IlmImf.dll
2008-12-27 22:04 . 2007-06-28 14:09 446,464 —a
c:windowssystem32Photomatix_jpg.dll
2008-12-27 22:04 . 2006-02-05 15:27 353,280 —a
c:windowssystem32pmtf2.dll
2008-12-27 22:04 . 2007-10-16 13:41 278,528 —a
c:windowssystem32Photomatix25Lib.dll
2008-12-27 22:04 . 2007-11-04 16:41 274,432 —a
c:windowssystem32Photomatix25Lib2.dll
2008-12-27 22:04 . 2007-01-02 13:13 274,432 —a
c:windowssystem32lcms.dll
2008-12-27 22:04 . 2006-02-05 16:23 205,824 —a
c:windowssystem32pmtf1.dll
2008-12-27 22:04 . 2006-11-29 11:55 204,288 —a
c:windowssystem32pmtf3.dll
2008-12-27 22:04 . 2007-09-06 04:35 95,525 —a
c:windowssystem32Photomatix25Lib3.dll
2008-12-27 22:04 . 2004-12-14 12:19 53,248 —a
c:windowssystem32pmexr.dll
2008-12-27 22:04 . 2003-11-26 10:47 11,776 —a
c:windowssystem32pmbm.dll
2008-12-27 22:03 . 2008-12-27 22:04d
c:program filesPhotomatix
2008-12-27 18:57 . 2008-12-27 18:57d
c:program filesTrend Micro
2008-12-22 20:55 . 2009-01-24 18:56 49 —a
c:windowstransp.gif
2008-12-22 20:46 . 2008-12-22 20:46 666,624 —a
c:windowsis-FDP29.exe
2008-12-22 20:46 . 2008-12-22 20:46 11,428 —a
c:windowsis-FDP29.msg
2008-12-22 20:46 . 2008-12-22 20:46 325 —a
c:windowsis-FDP29.lst
2008-12-22 20:46 . 2009-01-24 18:56 154 —a
c:windowsODBC.INI
2008-12-14 21:42 . 2008-12-14 21:42d
c:windowsDocuments and SettingsЗарницаApplication DataWinamp
2008-12-14 21:41 . 2008-12-14 21:41d
c:windowsDocuments and SettingsЗарницаApplication DataDivX
2008-12-12 20:18 . 2009-01-25 14:22d
c:program filesfreeview
2008-12-12 16:33 . 2006-07-26 21:15d-a
c:program filescrafty
2008-12-12 16:33 . 2006-10-09 16:31 225,280 —a
c:program filesChess3DR.exe
2008-12-09 18:13 . 2008-12-09 18:13d
c:windowsDocuments and SettingsПользовательApplication DataMiranda
2008-12-09 18:13 . 2008-12-09 18:13d
c:program filesMiranda IM
2008-12-09 16:05 . 2008-12-09 16:05d
c:windowsDocuments and SettingsПользовательApplication DataQIP
2008-12-06 10:30 . 2008-12-06 10:30d
c:program filesPowerISO
2008-12-04 16:41 . 2008-12-04 16:41d
c:program filesTumaSoft LLC
2008-12-01 12:50 . 2008-12-01 12:50d
c:windowsDocuments and SettingsЗарницаApplication DataWinRAR.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-30 16:56
d
w c:program filesReGetDx
2009-01-30 14:20
d
w c:program filesУправление АСТЕР
2009-01-25 18:57
d
w c:program filesRelease_NET20_2.0
2009-01-23 15:05
d
w c:program filesQIP
2009-01-23 14:47
d
w c:windowsDocuments and SettingsAll UsersApplication DataFLEXnet
2009-01-10 13:33
d
w c:program filesOpera
2009-01-01 14:51
d
w c:program filesCommon FilesAdobe
2008-12-31 10:43
d
w c:program filesVstPlugins
2008-12-31 08:48 14,336 —-a-w c:windowssystem32svchost.exe
2008-12-21 09:24
d
w c:windowsDocuments and SettingsAll UsersApplication DataMicrosoft Help
2008-12-18 11:36
d
w c:program filesskynet_ss4_60E
2008-12-18 10:19
d
w c:program filesnpp.4.9.2.bin
2008-12-12 13:21
d
w c:windowsDocuments and SettingsПользовательApplication DataDeckadance
2008-12-09 13:40
d—h—w c:program filesInstallShield Installation Information
2008-09-19 05:36 16,384 —sha-w c:windowsDocuments and SettingsАдминистраторCookiesindex.dat
2008-09-19 05:36 32,768 —sha-w c:windowsDocuments and SettingsАдминистраторLocal SettingsHistoryHistory.IE5index.dat
2008-09-19 05:32 32,768 —sha-w c:windowsDocuments and SettingsАдминистраторLocal SettingsHistoryHistory.IE5MSHist012008091920080920index.dat
.
Sigcheck
2007-03-20 03:20 577536 d836e87c1ecae37c1fc5baac62748156 c:windowssystem32user32.dll2007-03-20 03:20 943616 8461b677eb0bdc195945df290ff33070 c:windowssystem32wininet.dll
2007-03-20 03:19 1607680 214e0c336ce868949ed6f6ae45f2f9e2 c:windowsexplorer.exe
2007-03-20 03:19 30208 e6bbc5e0db1804acaef5902902679a6a c:windowssystem32ctfmon.exe
2007-03-20 03:20 114176 7880331219d76b81caec762e6491cf67 c:windowssystem32wuauclt.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers1TortoiseNormal]
@=»{C5994560-53D9-4125-87C9-F193FC689CB2}»
[HKEY_CLASSES_ROOTCLSID{C5994560-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 —a
c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers2TortoiseModified]
@=»{C5994561-53D9-4125-87C9-F193FC689CB2}»
[HKEY_CLASSES_ROOTCLSID{C5994561-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 —a
c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers3TortoiseConflict]
@=»{C5994562-53D9-4125-87C9-F193FC689CB2}»
[HKEY_CLASSES_ROOTCLSID{C5994562-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 —a
c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers4TortoiseLocked]
@=»{C5994563-53D9-4125-87C9-F193FC689CB2}»
[HKEY_CLASSES_ROOTCLSID{C5994563-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 —a
c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers5TortoiseReadOnly]
@=»{C5994564-53D9-4125-87C9-F193FC689CB2}»
[HKEY_CLASSES_ROOTCLSID{C5994564-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 —a
c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers6TortoiseDeleted]
@=»{C5994565-53D9-4125-87C9-F193FC689CB2}»
[HKEY_CLASSES_ROOTCLSID{C5994565-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 —a
c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers7TortoiseAdded]
@=»{C5994566-53D9-4125-87C9-F193FC689CB2}»
[HKEY_CLASSES_ROOTCLSID{C5994566-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 —a
c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers8TortoiseIgnored]
@=»{C5994567-53D9-4125-87C9-F193FC689CB2}»
[HKEY_CLASSES_ROOTCLSID{C5994567-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 —a
c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers9TortoiseUnversioned]
@=»{C5994568-53D9-4125-87C9-F193FC689CB2}»
[HKEY_CLASSES_ROOTCLSID{C5994568-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 —a
c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2007-03-20 30208]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=»c:program filesCommon FilesAheadLibNMBgMonitor.exe» [2007-03-12 153136]
«OM2_Monitor»=»c:program filesOLYMPUSOLYMPUS Master 2MMonitor.exe» [2007-05-28 95800]
«H/PC Connection Agent»=»c:program filesMicrosoft ActiveSyncwcescomm.exe» [2006-11-13 1289000][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2006-10-22 7700480]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2006-10-22 86016]
«avast!»=»c:progra~1Avast4ashDisp.exe» [2007-12-04 79224]
«NeroFilterCheck»=»c:program filesCommon FilesAheadLibNeroCheck.exe» [2007-03-09 153136]
«SecurDisc»=»c:program filesNero 7InCDNBHGui.exe» [2007-03-12 1626160]
«nwiz»=»nwiz.exe» [2006-10-22 c:windowssystem32nwiz.exe]
«RTHDCPL»=»RTHDCPL.EXE» [2007-04-12 c:windowsRTHDCPL.exe]
«BluetoothAuthenticationAgent»=»bthprops.cpl» [2004-08-17 c:windowssystem32bthprops.cpl][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2007-03-20 30208][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«nltide_2″=»shell32» [X]
«nltide_3″=»advpack.dll» [2007-03-20 c:windowssystem32advpack.dll]c:windowsDocuments and SettingsЏ®«м§®ў ⥫샫 ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
Create virtual drive for Denwer.lnk — d:webserversdenwerBoot.exe [2008-06-27 6656]
globax.bat [2009-01-28 65]
Omicom IP Service.lnk — c:program filesOmicom IP Servicess4ip.exe [2008-03-12 212992][HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoSMMyPictures»= 1 (0x1)
«NoResolveTrack»= 1 (0x1)[HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoSMMyPictures»= 1 (0x1)
«NoResolveTrack»= 1 (0x1)[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifymute32]
2007-09-26 09:37 34816 c:windowssystem32mute32.dll[HKLM~startupfolderC:^WINDOWS^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Ускоренный запуск Adobe Reader.lnk]
backup=c:windowspssУскоренный запуск Adobe Reader.lnkCommon Startup[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobeUpdater]
—a
2007-02-28 22:06 2321600 c:program filesCommon FilesAdobeUpdater5AdobeUpdater.exe[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregInCD]
—a
2007-03-12 17:53 1055792 c:program filesNero 7InCDInCD.exe[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSpybotSD TeaTimer]
-rahs—- 2008-09-16 12:16 1833296 c:program filesSpybot — Search & DestroyTeaTimer.exe[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«Dnscache»=3 (0x3)
«Dhcp»=2 (0x2)
«OutpostFirewall»=2 (0x2)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofile]
«EnableFirewall»= 0 (0x0)
«DisableUnicastResponsesToMulticastBroadcast»= 0 (0x0)[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«c:\Program Files\Bonjour\mDNSResponder.exe»=
«c:\Program Files\Skype\Skype.exe»=
«c:program filesMicrosoft ActiveSyncrapimgr.exe»= c:program filesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
«c:program filesMicrosoft ActiveSyncwcescomm.exe»= c:program filesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
«c:program filesMicrosoft ActiveSyncWCESMgr.exe»= c:program filesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList]
«26675:TCP»= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync ServiceR0 MUTE2X_SERVICE;MUTE2X_SERVICE;c:windowssystem32mute2x.sys [2007-09-26 113696]
R3 MPEVirtual;Virtual MPE Decoder Adapter Driver;c:windowssystem32driversMPEVirtual.sys [2008-06-26 100528]
R3 Omicom;%Omicom.DVBSDesc%;c:windowssystem32driversss4bda.sys [2008-06-26 232576]
S3 motccgp;Motorola USB Composite Device Driver;c:windowssystem32driversmotccgp.sys [2008-06-26 17920]
S3 motccgpfl;MotCcgpFlService;c:windowssystem32driversmotccgpfl.sys [2008-06-26 7680]
S3 MotDev;Motorola Inc. USB Device;c:windowssystem32driversmotodrv.sys [2008-06-26 42112]
S3 SynasUSB;SynasUSB;c:windowssystem32driverssynasUSB.sys [2008-08-28 23288][HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2I]
ShellAutoRuncommand — I:autorun.exe
.
— — — — ORPHANS REMOVED — — — —MSConfigStartUp-InternetConnect — (no file)
.
Supplementary Scan
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = localhost;test1.ru;subdomain.test1.ru;
uInternet Settings,ProxyServer = ftp=127.0.0.1:3128;http=127.0.0.1:3128;https=127.0.0.1:3128;socks=127.0.0.1:1080
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~1Office12EXCEL.EXE/3000
IE: Закачать &все при помощи ReGet Deluxe — c:program filesCommon FilesReGet SharedCC_All.htm
IE: Закачать при помощи Re&Get Deluxe — c:program filesCommon FilesReGet SharedCC_Link.htm
FF — ProfilePath — c:windowsDocuments and SettingsПользовательApplication DataMozillaFirefoxProfilesbec9dpux.default
FF — prefs.js: network.proxy.ftp — 127.0.0.1
FF — prefs.js: network.proxy.ftp_port — 3128
FF — prefs.js: network.proxy.gopher — 127.0.0.1
FF — prefs.js: network.proxy.gopher_port — 3128
FF — prefs.js: network.proxy.http — 127.0.0.1
FF — prefs.js: network.proxy.http_port — 3128
FF — prefs.js: network.proxy.socks — 127.0.0.1
FF — prefs.js: network.proxy.socks_port — 3128
FF — prefs.js: network.proxy.ssl — 127.0.0.1
FF — prefs.js: network.proxy.ssl_port — 3128
FF — prefs.js: network.proxy.type — 1
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnppl3260.dll
FF — plugin: c:program filesK-Lite Codec PackRealbrowserpluginsnprpjplug.dll
.**************************************************************************
catchme 0.3.1367 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-30 20:16:29
Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(600)
c:windowssystem32SETUPAPI.dll
c:windowssystem32Mute32.dll
c:windowssystem32cscui.dll— — — — — — — > ‘winlogon.exe'(2344)
c:windowssystem32SETUPAPI.dll
c:windowssystem32Mute32.dll
c:windowssystem32cscui.dll— — — — — — — > ‘lsass.exe'(664)
c:windowssystem32setupapi.dll
.
Completion time: 2009-01-30 20:17:58
ComboFix-quarantined-files.txt 2009-01-30 17:17:56Pre-Run: 5 134 364 672 байт свободно
Post-Run: 5,738,012,672 байт свободноWindowsXP-KB310994-SP2-Pro-BootDisk-RUS.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS
[operating systems]
c:cmdconsBOOTSECT.DAT=»Microsoft Windows Recovery Console» /cmdcons
multi(0)disk(0)rdisk(0)partition(1)WINDOWS=»Microsoft Windows XP Professional RU» /noexecute=optin /fastdetect273
DNS-клиент по-прежнему не включается
Вобщем, я проделал это с GPRS-соединением, DNS-клиент по-прежнему не запускается. А вот соединения DVB-карты и адаптер замыкания на себя почему-то удалить невозможно.
Logfile of random’s system information tool 1.05 (written by random/random)
Run by Пользователь at 2009-01-27 20:13:22
Microsoft Windows XP Professional Service Pack 2
System drive C: has 5 GB (13%) free of 40 GB
Total RAM: 1023 MB (33% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:13:36, on 27.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAvast4aswUpdSv.exe
C:Program FilesAvast4ashServ.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesTortoiseSVNbinTSVNCache.exe
C:Program FilesBonjourmDNSResponder.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesNero 7InCDInCDsrv.exe
C:WINDOWSRTHDCPL.EXE
C:PROGRA~1Avast4ashDisp.exe
C:Program FilesNero 7InCDNBHGui.exe
C:WINDOWSsystem32rundll32.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:WINDOWSsystem32rundll32.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesOmicom IP Servicess4ip.exe
C:Program Filesglobaxglobax_daemon.exe
C:Program FilesAvast4ashMaiSv.exe
C:Program FilesAvast4ashWebSv.exe
C:Program FilesCommon FilesAheadLibNMIndexingService.exe
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:Program Filesakelpadakelpad.exe
Z:usrlocalmysql5binmysqld.exe
Z:usrlocalapachebinTrayApache.exe
Z:usrlocalapachebinhttpd.exe
Z:denwertoolssendmailsendmail_daemon_start.exe
Z:usrlocalminiperlminiperl.exe
Z:usrlocalapachebinhttpd.exe
C:WINDOWSExplorer.EXE
C:Program Filesnpp.4.9.2.binnotepad++.exe
C:Program FilesQIPqip.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesOperaOpera.exe
D:Мои документыSoftwareRSIT.exe
C:Program FilesTrend MicroHijackThisПользователь.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = ftp=127.0.0.1:3128;http=127.0.0.1:3128;https=127.0.0.1:3128;socks=127.0.0.1:1080
R1 — HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost;test1.ru;subdomain.test1.ru;
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O1 — Hosts: 127.0.0.2 http://www.custom
O1 — Hosts: 127.0.0.2 custom
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: ClickCatcher MSIE handler — {16664845-0E00-11D2-8059-000000000000} — C:Program FilesCommon FilesReGet SharedCatcher.dll
O2 — BHO: Spybot-S&D IE Protection — {53707962-6F74-2D53-2644-206D7942484F} — C:PROGRA~1SPYBOT~1SDHelper.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_01binssv.dll
O3 — Toolbar: ReGet Bar — {17939A30-18E2-471E-9D3A-56DD725F1215} — C:Program FilesReGetDxiebar.dll
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [avast!] C:PROGRA~1Avast4ashDisp.exe
O4 — HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 — HKLM..Run: [SecurDisc] C:Program FilesNero 7InCDNBHGui.exe
O4 — HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] «C:Program FilesCommon FilesAheadLibNMBgMonitor.exe»
O4 — HKCU..Run: [OM2_Monitor] «C:Program FilesOLYMPUSOLYMPUS Master 2MMonitor.exe» -NoStart
O4 — HKCU..Run: [H/PC Connection Agent] «C:Program FilesMicrosoft ActiveSyncwcescomm.exe»
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-21-1606980848-963894560-839522115-1005..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe (User ‘Зарница’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘Default user’)
O4 — Startup: Create virtual drive for Denwer.lnk = d:WebServersdenwerBoot.exe
O4 — Startup: globax.bat
O4 — Startup: Omicom IP Service.lnk = C:Program FilesOmicom IP Servicess4ip.exe
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~1Office12EXCEL.EXE/3000
O8 — Extra context menu item: Закачать &все при помощи ReGet Deluxe — C:Program FilesCommon FilesReGet SharedCC_All.htm
O8 — Extra context menu item: Закачать при помощи Re&Get Deluxe — C:Program FilesCommon FilesReGet SharedCC_Link.htm
O9 — Extra button: Create Mobile Favorite — {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MI3AA1~1INetRepl.dll
O9 — Extra button: (no name) — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MI3AA1~1INetRepl.dll
O9 — Extra ‘Tools’ menuitem: Добавить в избранное мобильного устройства… — {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} — C:PROGRA~1MI3AA1~1INetRepl.dll
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~1Office12REFIEBAR.DLL
O9 — Extra button: (no name) — {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} — C:PROGRA~1SPYBOT~1SDHelper.dll
O9 — Extra ‘Tools’ menuitem: Spybot — Search & Destroy Configuration — {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} — C:PROGRA~1SPYBOT~1SDHelper.dll
O17 — HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 10.52.129.36 10.52.129.37
O20 — Winlogon Notify: mute32 — C:WINDOWSSYSTEM32mute32.dll
O23 — Service: avast! iAVS4 Control Service (aswUpdSv) — ALWIL Software — C:Program FilesAvast4aswUpdSv.exe
O23 — Service: avast! Antivirus — ALWIL Software — C:Program FilesAvast4ashServ.exe
O23 — Service: avast! Mail Scanner — ALWIL Software — C:Program FilesAvast4ashMaiSv.exe
O23 — Service: avast! Web Scanner — ALWIL Software — C:Program FilesAvast4ashWebSv.exe
O23 — Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) — Apple Computer, Inc. — C:Program FilesBonjourmDNSResponder.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: InCD Helper (InCDsrv) — Nero AG — C:Program FilesNero 7InCDInCDsrv.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NBService — Nero AG — C:Program FilesNero 7Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesAheadLibNMIndexingService.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 9247 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{16664845-0E00-11D2-8059-000000000000}]
ClickCatcher MSIE handler — C:Program FilesCommon FilesReGet SharedCatcher.dll [2004-09-27 291380][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection — C:PROGRA~1SPYBOT~1SDHelper.dll [2008-09-15 1562960][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_01binssv.dll [2007-03-14 501400][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{17939A30-18E2-471E-9D3A-56DD725F1215} — ReGet Bar — C:Program FilesReGetDxiebar.dll [2004-04-08 92160][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2006-10-22 7700480]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2006-10-22 86016]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2007-04-12 16132608]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«avast!»=C:PROGRA~1Avast4ashDisp.exe [2007-12-04 79224]
«NeroFilterCheck»=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2007-03-09 153136]
«SecurDisc»=C:Program FilesNero 7InCDNBHGui.exe [2007-03-12 1626160]
«BluetoothAuthenticationAgent»=C:WINDOWSsystem32bthprops.cpl [2004-08-17 110592][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2007-03-20 30208]
«BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}»=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2007-03-12 153136]
«OM2_Monitor»=C:Program FilesOLYMPUSOLYMPUS Master 2MMonitor.exe [2007-05-28 95800]
«H/PC Connection Agent»=C:Program FilesMicrosoft ActiveSyncwcescomm.exe [2006-11-13 1289000][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobeUpdater]
C:Program FilesCommon FilesAdobeUpdater5AdobeUpdater.exe [2007-02-28 2321600][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregInCD]
C:Program FilesNero 7InCDInCD.exe [2007-03-12 1055792][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregInternetConnect.exe]
[][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSpybotSD TeaTimer]
C:Program FilesSpybot — Search & DestroyTeaTimer.exe [2008-09-16 1833296][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^WINDOWS^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Ускоренный запуск Adobe Reader.lnk]
C:PROGRA~1AdobeACROBA~1.0ReaderREADER~1.EXE [2005-09-24 29696][HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
«Dnscache»=3
«Dhcp»=2
«OutpostFirewall»=2C:WINDOWSDocuments and SettingsПользовательГлавное менюПрограммыАвтозагрузка
Create virtual drive for Denwer.lnk — d:WebServersdenwerBoot.exe
globax.bat
Omicom IP Service.lnk — C:Program FilesOmicom IP Servicess4ip.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifymute32]
C:WINDOWSsystem32mute32.dll [2007-09-26 34816][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoSMMyPictures»=1
«NoResolveTrack»=1
«NoResolveSearch»=1[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesBonjourmDNSResponder.exe»=»C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour»
«C:Program FilesSkypeSkype.exe»=»C:Program FilesSkypeSkype.exe:*:Enabled:Skype»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«C:Program FilesMicrosoft ActiveSyncrapimgr.exe»=»C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager»
«C:Program FilesMicrosoft ActiveSyncwcescomm.exe»=»C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager»
«C:Program FilesMicrosoft ActiveSyncWCESMgr.exe»=»C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application»[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2I]
shellAutoRuncommand — I:autorun.exe======List of files/folders created in the last 1 months======
2009-01-27 20:13:22 —-D—- C:rsit
2009-01-23 23:47:56 —-A—- C:WINDOWSSOL.INI
2009-01-23 17:19:04 —-D—- C:WINDOWSDocuments and SettingsПользовательApplication DataMalwarebytes
2009-01-23 17:18:58 —-D—- C:WINDOWSDocuments and SettingsAll UsersApplication DataMalwarebytes
2009-01-23 17:18:58 —-D—- C:Program FilesMalwarebytes’ Anti-Malware
2009-01-23 12:46:33 —-D—- C:Dragonfly
2009-01-20 22:37:45 —-D—- C:WINDOWSDocuments and SettingsПользовательApplication DataMozilla
2009-01-20 22:37:31 —-D—- C:Program FilesMozilla Firefox
2009-01-18 14:22:56 —-D—- C:Program FilesUniversal Viewer
2009-01-18 14:18:28 —-D—- C:Program FilesFoxit PDF Reader
2009-01-12 14:29:30 —-D—- C:Program FilesAlawar
2009-01-10 13:25:21 —-D—- C:Program FilesThemes
2008-12-31 17:01:44 —-D—- C:WINDOWSDocuments and SettingsПользовательApplication DataSexy Dreams
2008-12-31 17:01:44 —-D—- C:Program FilesSexy Dreams
2008-12-31 15:38:35 —-D—- C:WINDOWSMinidump
2008-12-31 13:43:10 —-D—- C:Program FilesEDIROL
2008-12-31 11:31:41 —-A—- C:WINDOWSwininit.ini
2008-12-31 00:09:24 —-D—- C:WINDOWSDocuments and SettingsAll UsersApplication DataSpybot — Search & Destroy
2008-12-31 00:09:24 —-D—- C:Program FilesSpybot — Search & Destroy
2008-12-30 20:20:20 —-D—- C:Program FilesRegMon
2008-12-30 13:33:22 —-D—- C:Program FilesDMoNsoft
2008-12-30 13:04:00 —-D—- C:Program Filesjv16 PowerTools
2008-12-29 19:39:54 —-D—- C:WINDOWSsystem32NtmsData
2008-12-29 16:17:22 —-D—- C:Program FilesDeskMates
2008-12-28 11:44:53 —-D—- C:Program FilesFreeCap======List of files/folders modified in the last 1 months======
2009-01-27 20:13:24 —-D—- C:WINDOWSTemp
2009-01-27 19:46:08 —-A—- C:WINDOWSModemLog_Motorola USB Modem.txt
2009-01-27 19:45:53 —-D—- C:Program FilesУправление АСТЕР
2009-01-27 16:46:23 —-A—- C:WINDOWSSchedLgU.Txt
2009-01-27 13:41:10 —-A—- C:WINDOWSwinamp.ini
2009-01-27 12:32:42 —-D—- C:Program FilesReGetDx
2009-01-26 18:32:14 —-D—- C:WINDOWS
2009-01-26 15:11:25 —-A—- C:WINDOWSsystem32prsgrc.dll
2009-01-25 21:57:06 —-D—- C:Program FilesRelease_NET20_2.0
2009-01-25 15:44:55 —-A—- C:WINDOWSsystem32msvcsv60.dll
2009-01-25 14:22:16 —-D—- C:Program Filesfreeview
2009-01-25 12:00:24 —-SHD—- C:System Volume Information
2009-01-25 12:00:24 —-D—- C:WINDOWSsystem32Restore
2009-01-25 11:57:30 —-RD—- C:Program Files
2009-01-24 18:56:59 —-A—- C:WINDOWSODBC.INI
2009-01-23 23:58:40 —-A—- C:WINDOWSNeroDigital.ini
2009-01-23 18:05:23 —-D—- C:Program FilesQIP
2009-01-23 17:48:55 —-D—- C:WINDOWSsystem32CatRoot2
2009-01-23 17:47:39 —-D—- C:WINDOWSDocuments and SettingsAll UsersApplication DataFLEXnet
2009-01-23 17:30:29 —-D—- C:WINDOWSsystem32drivers
2009-01-23 17:28:45 —-D—- C:WINDOWSsystem32
2009-01-23 15:53:17 —-SH—- C:boot.ini
2009-01-23 15:53:17 —-A—- C:WINDOWSwin.ini
2009-01-23 15:53:17 —-A—- C:WINDOWSsystem.ini
2009-01-21 13:33:20 —-D—- C:Program FilesCommon Files
2009-01-20 23:58:44 —-A—- C:WINDOWSwincmd.ini
2009-01-20 23:48:56 —-A—- C:WINDOWSwcx_ftp.ini
2009-01-18 14:24:18 —-SD—- C:WINDOWSDocuments and SettingsПользовательApplication DataMicrosoft
2009-01-10 16:33:17 —-D—- C:Program FilesOpera
2009-01-02 10:41:46 —-A—- C:WINDOWSntbtlog.txt
2009-01-01 17:51:33 —-D—- C:Program FilesCommon FilesAdobe
2008-12-31 13:43:12 —-D—- C:Program FilesVstPlugins
2008-12-31 13:09:33 —-D—- C:TEMP
2008-12-31 11:48:52 —-A—- C:WINDOWSsystem32svchost.exe
2008-12-29 19:39:54 —-SD—- C:WINDOWSDocuments and SettingsAll UsersApplication DataMicrosoft
2008-12-29 18:13:03 —-RAD—- C:My Downloads======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2007-12-04 26624]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2007-12-04 42912]
R1 InCDPass;InCDPass; C:WINDOWSsystem32driversInCDPass.sys [2007-03-12 37040]
R1 incdrm;InCD Reader; C:WINDOWSsystem32driversInCDRm.sys [2007-03-12 38576]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-17 14848]
R1 SCDEmu;SCDEmu; C:WINDOWSsystem32driversSCDEmu.sys [2005-10-16 27171]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2007-12-04 94544]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2006-11-08 62336]
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2007-12-04 23152]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-04-23 4402176]
R3 motmodem;Motorola USB CDC ACM Driver; C:WINDOWSsystem32DRIVERSmotmodem.sys [2007-06-18 23680]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
R3 MPEVirtual;Virtual MPE Decoder Adapter Driver; C:WINDOWSsystem32DRIVERSMPEVirtual.sys [2008-02-29 100528]
R3 msloop;Драйвер адаптера Microsoft замыкания на себя; C:WINDOWSsystem32DRIVERSloop.sys [2001-08-17 4992]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2006-10-22 3994624]
R3 Omicom;%Omicom.DVBSDesc%; C:WINDOWSsystem32driversss4bda.sys [2008-03-11 232576]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2006-04-19 30080]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2006-09-01 59264]
R3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2006-04-19 20608]
R3 Wdf01000;Wdf01000; C:WINDOWSsystem32DRIVERSWdf01000.sys [2006-11-02 492000]
R4 InCDfs;InCD File System; C:WINDOWSsystem32driversInCDFs.sys [2007-03-12 118064]
S3 BthEnum;Драйвер блока запроса Bluetooth; C:WINDOWSsystem32DRIVERSBthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Драйвер для устройства связи по последовательному каналу Bluetooth; C:WINDOWSsystem32DRIVERSbthmodem.sys [2004-08-03 38016]
S3 BthPan;Bluetooth Device (Personal Area Network); C:WINDOWSsystem32DRIVERSbthpan.sys [2004-08-03 100992]
S3 BTHPORT;Драйвер порта Bluetooth; C:WINDOWSSystem32DriversBTHport.sys [2004-08-17 274688]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WINDOWSSystem32DriversBTHUSB.sys [2004-08-03 18944]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 motccgp;Motorola USB Composite Device Driver; C:WINDOWSsystem32DRIVERSmotccgp.sys [2007-06-18 17920]
S3 motccgpfl;MotCcgpFlService; C:WINDOWSsystem32DRIVERSmotccgpfl.sys [2007-01-22 7680]
S3 MotDev;Motorola Inc. USB Device; C:WINDOWSsystem32DRIVERSmotodrv.sys [2007-05-07 42112]
S3 MPE;BDA MPE фильтр; C:WINDOWSsystem32DRIVERSMPE.sys [2004-08-03 15360]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:WINDOWSsystem32DRIVERSrfcomm.sys [2004-08-03 59648]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 SynasUSB;SynasUSB; C:WINDOWSsystem32driversSynasUSB.sys [2007-10-24 23288]
S3 usb_rndisx;USB RNDIS Adapter; C:WINDOWSsystem32DRIVERSusb8023x.sys [2005-10-21 12800]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAvast4aswUpdSv.exe [2007-12-04 17272]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAvast4ashServ.exe [2007-12-04 140664]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:Program FilesBonjourmDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; C:WINDOWSsystem32svchost.exe [2008-12-31 14336]
R2 InCDsrv;InCD Helper; C:Program FilesNero 7InCDInCDsrv.exe [2007-03-12 931376]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe [2006-10-26 335872]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2006-10-22 159810]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAvast4ashMaiSv.exe [2007-12-04 247160]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAvast4ashWebSv.exe [2007-12-04 345464]
R3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesAheadLibNMIndexingService.exe [2007-03-12 271920]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2008-06-27 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2006-09-08 36864]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2006-09-11 741376]
S3 NBService;NBService; C:Program FilesNero 7Nero BackItUpNBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-12-31 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2006-09-11 122880]
EOF
Извините, остальное в сообщение текстом не помещается. Чуть позже файл прикреплю
Да, так выглядит сообщение об ошибке при запуске службы.
info.txt logfile of random’s system information tool 1.05 2009-01-27 20:13:38
======Uninstall list======
—>C:Program FilesNero 7\nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSNuNInst.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {47E0C2A9-2FE6-4045-8998-FEB8E49D9B35}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
3D SexVilla—>C:PROGRA~13DSEXV~1UNWISE.EXE C:PROGRA~13DSEXV~1INSTALL.LOG
3D Shadow by Lokas Software—>C:WINDOWSAWuninstall.exe SoftwareLokas Ltd3D Shadow
3D-GoGo Plugin—>»C:Program FilesThriXXXuninstgo2.exe»
4Front Rhode 1.0 VSTi—>»C:Program FilesVstPluginspianounins000.exe»
Ableton Live v6.0.7—>»C:Program FilesAbletonLive 6.0.7unins000.exe»
Acoustica Effects Pack—>C:PROGRA~1ACOUST~2UNWISE.EXE C:PROGRA~1ACOUST~2INSTALL.LOG
Adobe Anchor Service CS3—>MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3—>MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3—>MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting—>MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0—>MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps—>MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color — Photoshop Specific—>MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings—>MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings—>MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings—>MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings—>MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3—>MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3—>MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2—>C:Program FilesCommon FilesAdobeInstallers3e054d2218e7aa282c2369d939e58ffSetup.exe
Adobe ExtendScript Toolkit 2—>MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash Player 9 ActiveX—>C:WINDOWSsystem32MacromedFlashUninstFl.exe
Adobe Flash Player Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Fonts All—>MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3—>MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3—>MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files—>MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3—>C:Program FilesCommon FilesAdobeInstallers719d6f144d0c086a0dfa7ff76bb9ac1Setup.exe
Adobe Photoshop CS3—>MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Reader 7.0.5 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A70500000002}
Adobe Setup—>MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Setup—>MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Stock Photos CS3—>MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support—>MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3—>MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client—>MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin—>MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3—>MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Applied Accoustics String Studio VS 1 VST DX v1.0—>C:PROGRA~1VSTPLU~1STRING~1.0UNWISE.EXE C:PROGRA~1VSTPLU~1STRING~1.0INSTALL.LOG
AV Bros. Page Curl Pro 2.2 (Remove Only)—>C:Program FilesAdobeAdobe Photoshop CS3Plug-InsAV Bros Page Curl Pro 2.2AVUninstall.exe
avast! Antivirus—>rundll32 C:PROGRA~1Avast4Setupsetiface.dll,RunSetup
Bluetooth Stack for Windows—>MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
CAMagic Mobile for Bluetooth—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime�9�1Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{A047546B-1FC0-42AB-972E-EC689D9CF08D}setup.exe» -l0x19
CANTOR 2—>MsiExec.exe /I{0EF0223B-1EE2-4D79-8668-9E1FE7E23C50}
Color Efex Pro 3.0 Complete—>C:Program FilesAdobeAdobe Photoshop CS3Plug-InsNik SoftwareColor Efex Pro 3.0 Completeuninstall.exe
Cool Edit Pro 2.0—>C:Program Filescoolpro2cep2unin.exe
Deckadance—>C:Program FilesVstPluginsDeckadanceuninstall.exe
discoDSP HighLife v1.4—>»C:Program FilesVstPluginsdiscoDSPunins000.exe»
DJ Twist & Burn—>C:PROGRA~1ACOUST~1UNWISE.EXE C:PROGRA~1ACOUST~1INSTALL.LOG
DVB Dream version 1.4d (updated)—>»C:Program Filesdvbdreamunins000.exe»
Edirol HQ Orchestral VSTi v1.03—>C:PROGRA~1EDIROLORCHES~1.03UNWISE.EXE C:PROGRA~1EDIROLORCHES~1.03INSTALL.LOG
eJay DJMixStation — Deinstallation—>C:eJayDJMixStationdeinstal.exe
FL Studio 8—>C:Program FilesFL Studio 8uninstall.exe
Foxit PDF Reader 1.3 build 0708—>»C:Program FilesFoxit PDF Readerunins000.exe»
FreeCap version 3.18—>»C:Program FilesFreeCapunins000.exe»
freeview—>»C:Program FilesfreeviewUninstall.exe»
GoldWave v5.07—>»C:Program FilesGoldWaveunstall.exe» «GoldWave v5.07» «C:Program FilesGoldWaveunstall.log»
High Definition Audio — KB888111—>»C:WINDOWS$NtUninstallKB888111WXPSP2$spuninstspuninst.exe»
HijackThis 2.0.2—>»C:Program FilesTrend MicroHijackThisHijackThis.exe» /uninstall
Hotfix for Windows XP (KB909394)—>»C:WINDOWS$NtUninstallKB909394$spuninstspuninst.exe»
IK Multimedia SampleTank XL v2.0.6—>C:PROGRA~1VSTPLU~1SAMPLE~1UNWISE.EXE C:PROGRA~1VSTPLU~1SAMPLE~1INSTALL.LOG
IL Download Manager—>C:Program FilesImage-LineDownloaderuninstall.exe
Image Trends’ ShineOff Plug-In 1.0.2—>MsiExec.exe /I{022B0C16-18C9-464A-8BC6-2B2CC6342E5F}
IrfanView (remove only)—>C:Program FilesIrfanViewiv_uninstall.exe
iZotope Ozone 3—>»C:Program FilesVstPluginsOzone 3unins000.exe»
iZotope Spectron—>»C:Program FilesVstPluginsSpectronunins000.exe»
Java(TM) SE Runtime Environment 6 Update 1—>MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Jupiter-8V 1.0—>»C:Program FilesArturiaJupiter-8Vunins000.exe»
jv16 PowerTools 2005—>»C:Program Filesjv16 PowerToolsunins000.exe»
KARI2—>C:WINDOWSKARI2 Uninstaller.exe
K-Lite Mega Codec Pack 2.1.0—>»C:Program FilesK-Lite Codec Packunins000.exe»
KPT(R) effects(TM)—>C:WINDOWSIsUninst.exe -f»c:program filesadobeadobe photoshop cs3plug-insfiltersKPT effectsKPTUnins.isu»
L&H TTS3000 British English—>RunDll32 advpack.dll,LaunchINFSection C:WINDOWSINFLHTTSENG.inf, Uninstall
Linplug Albino v2.1—>C:PROGRA~1VSTPLU~1ALBINO~1ALBINO~1UNWISE.EXE C:PROGRA~1VSTPLU~1ALBINO~1ALBINO~1INSTALL.LOG
Malwarebytes’ Anti-Malware—>»C:Program FilesMalwarebytes’ Anti-Malwareunins000.exe»
Melodyne 3.1—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime10�1Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}setup.exe» -l0x9 -removeonly
Microsoft .NET Framework 2.0—>C:WINDOWSMicrosoft.NETFrameworkv2.0.50727Microsoft .NET Framework 2.0install.exe
Microsoft .NET Framework 3.0—>C:WINDOWSMicrosoft.NETFrameworkv3.0Microsoft .NET Framework 3.0setup.exe
Microsoft .NET Framework 3.0—>MsiExec.exe /X{0A942F60-4ED2-4E1E-ACA8-33586BB77497}
Microsoft ActiveSync—>MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5—>»C:WINDOWS$NtUninstallWdf01005$spuninstspuninst.exe»
Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Miranda IM 0.7.3—>C:Program FilesMiranda IMuninstall.exe
Miroslav Philharmonik—>C:Program FilesInstallShield Installation Information{BA0D0121-A3BA-487D-9C78-7AB0E676C722}setup.exe -runfromtemp -l0x0009 uninstall -removeonly
MixVibes PRO 4 uninstall—>C:Program FilesMixVibesPro4uninstall.exe
Motorola Driver Installation—>MsiExec.exe /I{75A0EB9D-2D1E-4FB7-BF61-498E33C73EB4}
Mozilla Firefox (3.0.5)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSXML 4.0 SP2 Parser and SDK—>MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser—>MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
MusicLab RealGuitar 2.0—>»C:Program FilesMusicLabRealGuitar2Uninstall.exe» «C:Program FilesMusicLabRealGuitar2install.log»
Native Instruments Absynth 2—>C:PROGRA~1NATIVE~1ABSYNT~1UNINST~1UNWISE.EXE C:PROGRA~1NATIVE~1ABSYNT~1UNINST~1INSTALL.LOG
Native Instruments Kontakt 2—>C:PROGRA~1NATIVE~1KONTAK~1UNWISE.EXE C:PROGRA~1NATIVE~1KONTAK~1INSTALL.LOG
Native Instruments Traktor DJ Studio v2.6.1.022—>C:PROGRA~1NATIVE~1TRAKTO~1UNWISE.EXE C:PROGRA~1NATIVE~1TRAKTO~1INSTALL.LOG
Nero 7 Premium—>MsiExec.exe /I{400348D1-032F-4717-A840-D52F975C1049}
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NI Service Center—>C:PROGRA~1NATIVE~1NISERV~1UNWISE.EXE C:PROGRA~1NATIVE~1NISERV~1INSTALL.LOG
Noiseware Professional Plug-in—>MsiExec.exe /I{7C515D87-2DCD-422B-B993-3FE8A71B3DDB}
NVIDIA Drivers—>C:WINDOWSsystem32nvudisp.exe UninstallGUI
OLYMPUS Master 2—>MsiExec.exe /X{CBC85F2E-1981-4C55-9418-908D08D2C6E8}
OLYMPUS muvee theaterPack—>MsiExec.exe /X{DDDE47E5-C711-4D17-9FA6-E3D7C340192A}
Omicom IP Service 2.0.0.5—>»C:Program FilesOmicom IP Serviceunins000.exe»
Omicom SkyStar 4 DVB-S/S2 1.0.2.1—>»C:WINDOWSunins000.exe»
Opera 9.20—>MsiExec.exe /X{FC0C72DD-A491-43FF-B377-67273E4D94D7}
OrangeVocoder v2.0-OxYGeN—>C:WINDOWSvocoderUNWISE.EXE C:WINDOWSvocoderINSTALL.LOG
Paint.NET v3.0—>MsiExec.exe /X{267AB309-8021-4CAE-9698-D9A0BEEF7FBA}
PDF Settings—>MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Photomatix Pro version 2.5.4—>»C:Program FilesPhotomatixunins000.exe»
PHPNotepad—>»C:Program FilesPHPNotepadUninstall.exe»
Pocket RAR documentation—>C:Program FilesPocketRARuninstall.exe
PoiZone—>C:Program FilesImage-LinePoiZoneuninstall.exe
Portraiture Plug-in—>MsiExec.exe /I{8F378798-88D8-4FA1-AB74-F035542133A6}
PowerISO—>»C:Program FilesPowerISOuninstall.exe»
Preset Viewer DEMO—>MsiExec.exe /I{19C6524F-9266-4D26-AF7E-428CFD016C06}
ProgDVB Elecard edition—>»C:Program FilesElecardProgDVB Elecard editionUninstall.exe» «C:Program FilesElecardProgDVB Elecard editioninstall.log» -u
ProgDVB—>C:Program FilesProgDVBUninstall.exe
PROSONIQ Timefactory II—>C:WINDOWSuninst.exe -f»C:Program FilesPROSONIQ PRODUCTS SOFTWAREPROSONIQ Timefactory IIDeIsL1.isu» -c»C:Program FilesPROSONIQ PRODUCTS SOFTWAREPROSONIQ Timefactory II_ISREG32.DLL»
PROWiSe Manager 1.8—>»%SystemRoot%system32mshta.exe» «res://C:Program FilesDMoNsoftPROWiSePROWiSe.exe/uninstall.hta»
Punto Switcher 3.0—>C:Program FilesPunto Switcheruninstall.exe
QIP 2005 8081—>»C:Program FilesQIPunins000.exe»
QIP 2005 Uninstall—>»C:Program FilesQIPunqip.exe»
Quest3D Viewers 3.0e—>»C:Program FilesAct-3DQuest3D Viewers 3.0eunins000.exe»
RealStrat 1.0—>»C:Program FilesVstPluginsrealstratUninstall.exe» «C:Program FilesVstPluginsrealstratinstall.log» -u
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}setup.exe» -l0x19 -removeonly
ReGet Deluxe 4.1—>C:Program FilesReGetDxregetdx.exe -uninstall
Retail Virtual EVE—>MsiExec.exe /X{EDA2E9CA-8B7E-4BC0-9B0F-34B299555BF3}
ReValver Mk II—>»C:Program FilesAlien ConnectionsReValver Mk IIunins000.exe»
rgc:audio sfz VSTi v1.96—>»C:Program FilesVstPluginsunins002.exe»
rgc:audio z3ta+ VSTi v1.00—>»C:Program FilesVstPluginsunins000.exe»
Rob Papen Albino 3—>C:Program FilesVstPluginsUninstalAlbino3.exe
Rob Papen Blue VSTi v1.01 —>C:PROGRA~1VSTPLU~1\BlueUNWISE.EXE C:PROGRA~1VSTPLU~1\BlueINSTALL.LOG
Rob Papen Predator V1.1.1—>»C:Program FilesVstPluginsunins001.exe»
Rob Papen RG—>»C:Program FilesVstPluginsRob Papenunins000.exe»
Sexy Dreams—>»C:Program FilesSexy Dreamsunins000.exe»
Shinycore Path Styler Pro 1.5 for Photoshop—>C:Program FilesAdobeAdobe Photoshop CS3Plug-InsPath Styler Pro PSUninstall.exe
Skype 1.3—>»C:Program FilesSkypeunins000.exe»
Spybot — Search & Destroy—>»C:Program FilesSpybot — Search & Destroyunins000.exe»
STV Tools 2.0—>C:Program FilesSTVuninst.exe
Swiff Player 1.1—>»C:Program FilesSwiff Playerunins000.exe»
Syncrosoft License Control—>C:PROGRA~1SYNCRO~1UNWISE.EXE C:PROGRA~1SYNCRO~1INSTALL.LOG
Synful Orchestra v2.31—>C:PROGRA~1VSTPLU~1ORCHES~1INSTAL~1UNWISE.EXE C:PROGRA~1VSTPLU~1ORCHES~1INSTAL~1INSTALL.LOG
Tau Bassline Mk2 VSTi 1.0—>C:WINDOWSiun6002.exe «C:Program FilesVstPluginsirunin.ini»
thriXXX Hentai3D2-052.003—>»C:Program FilesthriXXXHentai 3D 2 — Cry of PleasureBinariesUninstall-Hentai3D2-CryofPleasure-052.003.exe»
thriXXX VirtuallyJenna-029.002—>»C:Program FilesthriXXXVirtuallyJennaBinariesUninstall-VirtuallyJenna-029.002.exe»
TortoiseSVN 1.5.3.13783 (32 bit)—>MsiExec.exe /X{8922F418-1066-4FED-AF92-278EAF8DE5B2}
Total Commander (Remove or Repair)—>C:Program Filestotalcmdtcuninst.exe
Toxic Biohazard—>C:Program FilesImage-LineToxic Biohazarduninstall.exe
T-RackS 1.x—>C:Program FilesInstallShield Installation Information{37BCCAE2-A3AD-4E03-B4FD-A1BE1FE6365A}setup.exe -runfromtemp -l0x0009 uninstall -removeonly
Tunatic—>»C:WINDOWSlsb_un20.exe» /C=UC /N=Tunatic
Universal Viewer—>»C:Program FilesUniversal ViewerUninstall.exe»
Vertus Fluid Mask 3 3.0.8—>»C:Program FilesAdobeAdobe Photoshop CS3Plug-InsUninstall.exe»
Waves Restoration 3.5—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EABACFC4-1CB1-438E-A418-0A3B21CD30D3}Setup.exe» -l0x9
Winamp—>»C:Program FilesWinampUninstWA.exe»
Windows Communication Foundation—>MsiExec.exe /X{418D87C0-D8F8-4967-BC37-DE52EAC070E7}
Windows Imaging Component—>»C:WINDOWS$NtUninstallWIC$spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Mobile® Руководство по устройству—>C:Program FilesWindows Mobile Device HandbookWindows Mobile Device HandbookBinDHUninstall.exe
Windows Presentation Foundation—>MsiExec.exe /X{5526CB1D-7CE4-40AB-8E52-9783D7C831B5}
Windows Workflow Foundation—>MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
XML Paper Specification Shared Components Pack 1.0—>»C:WINDOWS$NtUninstallXpsEPSC$spuninstspuninst.exe»
Zero-X BeatCreator—>C:WINDOWSUzerox_bc.EXE /A C:WINDOWSUzerox_bc.LOG «Zero-X BeatCreator Uninstall»
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Карта звездного неба 1.3—>C:PROGRA~1STARFI~1Setup.exe /remove /q0
многопользовательское расширение АСТЕР—>MsiExec.exe /I{5971FA39-5EC8-4405-8B60-981171532CBF}
Подарки из Сказки. Новогоднее подарочное издание—>C:Program FilesAlawarПодарки из Сказки. Новогоднее подарочное изданиеUninstall.exe
Проигрыватель Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
СТВ-Кабинет Онлайн—>C:Program FilesСТВ-ИнтернетUninstall.exe=====HijackThis Backups=====
O17 — HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS1ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS1ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS3ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS1ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{6BAA8EC6-E664-4FFD-B28F-A7F618AC4433}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 85.255.114.68;85.255.112.150
O23 — Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) — Apple Computer, Inc. — C:Program FilesBonjourmDNSResponder.exe
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS3ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS3ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS3ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O23 — Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) — Apple Computer, Inc. — C:Program FilesBonjourmDNSResponder.exe
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O20 — AppInit_DLLs: C:PROGRA~1AgnitumOUTPOS~1wl_hook.dll
O20 — Winlogon Notify: mute32 — C:WINDOWSSYSTEM32mute32.dll
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS3ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O3 — Toolbar: (no name) — {E0E899AB-F487-11D5-8D29-0050BA6940E3} — (no file)
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS3ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS3ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 10.52.129.36 10.52.129.37
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{A01ED402-817E-448D-ACC8-D4D9F9FC9DF6}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{92600C54-4462-4A65-A85C-7F87E490A216}: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS3ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCS3ServicesTcpipParameters: NameServer = 85.255.114.68;85.255.112.150
O17 — HKLMSystemCCSServicesTcpip..{6BAA8EC6-E664-4FFD-B28F-A7F618AC4433}: NameServer = 85.255.114.68;85.255.112.150
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157======Hosts File======
127.0.0.1 localhost
127.0.0.1 test1.ru
127.0.0.1 subdomain.localhost
127.0.0.1 subdomain.test1.ru
127.0.0.1 custom-host
127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.comSecuritycenter WMI appears to be broken
System event log
Computer Name: КОМПЬЮТЕР
Event Code: 20159
Message: Подключение пользователя «» к «MegaFon», выполненное с помощью устройства «COM3», было прервано.Record Number: 18055
Source Name: RemoteAccess
Time Written: 20090108132812.000000+180
Event Type: информация
User:Computer Name: КОМПЬЮТЕР
Event Code: 29
Message: The NTP-клиент поставщика времени настроен на получение времени из одного
или нескольких источников, однако ни один из этих источников недоступен.
Попытки подключения к источнику не будут выполняться в течение 59 мин.
NTP-клиент не имеет источника правильного времени.Record Number: 18054
Source Name: W32Time
Time Written: 20090108130309.000000+180
Event Type: ошибка
User:Computer Name: КОМПЬЮТЕР
Event Code: 17
Message: NTP-клиент поставщика времени: произошла ошибка при поиске в DNS
настроенного вручную узла ‘time.windows.com,0x1’. NTP-клиент вновь повторит поиск в DNS
через 60 мин.
Ошибка: Сделана попытка выполнить операцию на сокете для недоступного хоста. (0x80072751)Record Number: 18053
Source Name: W32Time
Time Written: 20090108130309.000000+180
Event Type: ошибка
User:Computer Name: КОМПЬЮТЕР
Event Code: 29
Message: The NTP-клиент поставщика времени настроен на получение времени из одного
или нескольких источников, однако ни один из этих источников недоступен.
Попытки подключения к источнику не будут выполняться в течение 29 мин.
NTP-клиент не имеет источника правильного времени.Record Number: 18052
Source Name: W32Time
Time Written: 20090108123309.000000+180
Event Type: ошибка
User:Computer Name: КОМПЬЮТЕР
Event Code: 17
Message: NTP-клиент поставщика времени: произошла ошибка при поиске в DNS
настроенного вручную узла ‘time.windows.com,0x1’. NTP-клиент вновь повторит поиск в DNS
через 30 мин.
Ошибка: Сделана попытка выполнить операцию на сокете для недоступного хоста. (0x80072751)Record Number: 18051
Source Name: W32Time
Time Written: 20090108123309.000000+180
Event Type: ошибка
User:Application event log
Computer Name: КОМПЬЮТЕР
Event Code: 3
Message:
Record Number: 7105
Source Name: Adobe Version Cue CS3
Time Written: 20080912155358.000000+240
Event Type: ошибка
User:Computer Name: КОМПЬЮТЕР
Event Code: 3
Message:
Record Number: 7104
Source Name: Adobe Version Cue CS3
Time Written: 20080912155358.000000+240
Event Type: ошибка
User:Computer Name: КОМПЬЮТЕР
Event Code: 3
Message:
Record Number: 7103
Source Name: Adobe Version Cue CS3
Time Written: 20080912155358.000000+240
Event Type: ошибка
User:Computer Name: КОМПЬЮТЕР
Event Code: 3
Message:
Record Number: 7102
Source Name: Adobe Version Cue CS3
Time Written: 20080912155358.000000+240
Event Type: ошибка
User:Computer Name: КОМПЬЮТЕР
Event Code: 3
Message:
Record Number: 7101
Source Name: Adobe Version Cue CS3
Time Written: 20080912155358.000000+240
Event Type: ошибка
User:======Environment variables======
«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesCommon FilesiZotopeRuntimes;C:Program FilesTortoiseSVNbin
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=15
«PROCESSOR_IDENTIFIER»=x86 Family 15 Model 6 Stepping 5, GenuineIntel
«PROCESSOR_REVISION»=0605
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
EOF
К сожалению, это еще не всё. Оказывается, служба DNS-клиент отключена и не желает запускаться,
«потому что была отключена, или все связанные с ней устройства отключены.»
Что делать? Я не могу нормально работать без неё 🙁
Теперь все в порядке, еще раз спасибо! Есть только пара вопросов.
1) msqpdxserv.sys остался в списке устройств. Его удалить?
2) после деятельности вируса осталось еще кое-что: в системном трее висит состояние DVB-карты: получение сетевого адреса. Может быть, нужно отключить DHCP в настройках этого подключения?RSIT
Logfile of random's system information tool 1.05 (written by random/random)
Run by Пользователь at 2009-01-23 17:41:01
Microsoft Windows XP Professional Service Pack 2
System drive C: has 4 GB (10%) free of 40 GB
Total RAM: 1023 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:41:12, on 23.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAvast4aswUpdSv.exe
C:Program FilesAvast4ashServ.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesTortoiseSVNbinTSVNCache.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSRTHDCPL.EXE
C:WINDOWSsystem32rundll32.exe
C:PROGRA~1Avast4ashDisp.exe
C:Program FilesNero 7InCDNBHGui.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesAgnitumOutpost Firewalloutpost.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesOmicom IP Servicess4ip.exe
C:Program Filesglobaxglobax_daemon.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesNero 7InCDInCDsrv.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAvast4ashMaiSv.exe
C:Program FilesAvast4ashWebSv.exe
C:Program FilesCommon FilesAheadLibNMIndexingService.exe
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:Program FilesOperaOpera.exe
D:Мои документыSoftwareRSIT.exe
C:Program FilesTrend MicroHijackThisПользователь.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = ftp=127.0.0.1:3128;http=127.0.0.1:3128;https=127.0.0.1:3128;socks=127.0.0.1:1080
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost;test1.ru;subdomain.test1.ru;
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:Program FilesCommon FilesReGet SharedCatcher.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - C:Program FilesReGetDxiebar.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [avast!] C:PROGRA~1Avast4ashDisp.exe
O4 - HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 - HKLM..Run: [SecurDisc] C:Program FilesNero 7InCDNBHGui.exe
O4 - HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM..Run: [Outpost Firewall] C:Program FilesAgnitumOutpost Firewalloutpost.exe /waitservice
O4 - HKLM..Run: [OutpostFeedBack] C:Program FilesAgnitumOutpost Firewallfeedback.exe /dump:os_startup
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesCommon FilesAheadLibNMBgMonitor.exe"
O4 - HKCU..Run: [OM2_Monitor] "C:Program FilesOLYMPUSOLYMPUS Master 2MMonitor.exe" -NoStart
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft ActiveSyncwcescomm.exe"
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-19..RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-20..RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUSS-1-5-18..RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - HKUS.DEFAULT..RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Create virtual drive for Denwer.lnk = d:WebServersdenwerBoot.exe
O4 - Startup: globax.bat
O4 - Startup: Omicom IP Service.lnk = C:Program FilesOmicom IP Servicess4ip.exe
O8 - Extra context menu item: &Экспорт в Microsoft Excel - res://C:PROGRA~1MICROS~1Office12EXCEL.EXE/3000
O8 - Extra context menu item: Закачать &все при помощи ReGet Deluxe - C:Program FilesCommon FilesReGet SharedCC_All.htm
O8 - Extra context menu item: Закачать при помощи Re&Get Deluxe - C:Program FilesCommon FilesReGet SharedCC_Link.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra 'Tools' menuitem: Добавить в избранное мобильного устройства... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: Быстрая настройка Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:Program FilesAgnitumOutpost FirewallPluginsBrowserBarie_bar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~1Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O17 - HKLMSystemCCSServicesTcpip..{B216CC19-A6C0-43CC-937E-B20DC7AA480E}: NameServer = 10.52.129.36 10.52.129.37
O20 - AppInit_DLLs: C:PROGRA~1AgnitumOUTPOS~1wl_hook.dll
O20 - Winlogon Notify: mute32 - C:WINDOWSSYSTEM32mute32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAvast4ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:Program FilesBonjourmDNSResponder.exe
O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - C:WINDOWSsystem32services.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program FilesNero 7InCDInCDsrv.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Корпорация Майкрософт - C:WINDOWSsystem32mnmsrvc.exe
O23 - Service: NBService - Nero AG - C:Program FilesNero 7Nero BackItUpNBService.exe
O23 - Service: NMIndexingService - Nero AG - C:Program FilesCommon FilesAheadLibNMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - C:WINDOWSsystem32services.exe
O23 - Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) - Корпорация Майкрософт - C:WINDOWSsystem32sessmgr.exe
O23 - Service: Смарт-карты (SCardSvr) - Корпорация Майкрософт - C:WINDOWSSystem32SCardSvr.exe
O23 - Service: Журналы и оповещения производительности (SysmonLog) - Корпорация Майкрософт - C:WINDOWSsystem32smlogsvc.exe
O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - C:WINDOWSSystem32vssvc.exe
O23 - Service: Адаптер производительности WMI (WmiApSrv) - Корпорация Майкрософт - C:WINDOWSsystem32wbemwmiapsrv.exe
--
End of file - 9233 bytes
======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{16664845-0E00-11D2-8059-000000000000}]
ClickCatcher MSIE handler - C:Program FilesCommon FilesReGet SharedCatcher.dll [2004-09-27 291380]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:PROGRA~1SPYBOT~1SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:Program FilesJavajre1.6.0_01binssv.dll [2007-03-14 501400]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{17939A30-18E2-471E-9D3A-56DD725F1215} - ReGet Bar - C:Program FilesReGetDxiebar.dll [2004-04-08 92160]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
"NvCplDaemon"=C:WINDOWSsystem32NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:WINDOWSsystem32NvMcTray.dll [2006-10-22 86016]
"RTHDCPL"=C:WINDOWSRTHDCPL.EXE [2007-04-12 16132608]
"Alcmtr"=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
"avast!"=C:PROGRA~1Avast4ashDisp.exe [2007-12-04 79224]
"NeroFilterCheck"=C:Program FilesCommon FilesAheadLibNeroCheck.exe [2007-03-09 153136]
"SecurDisc"=C:Program FilesNero 7InCDNBHGui.exe [2007-03-12 1626160]
"BluetoothAuthenticationAgent"=C:WINDOWSsystem32bthprops.cpl [2004-08-17 110592]
"Outpost Firewall"=C:Program FilesAgnitumOutpost Firewalloutpost.exe [2006-02-13 91648]
"OutpostFeedBack"=C:Program FilesAgnitumOutpost Firewallfeedback.exe [2006-02-14 352324]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
"CTFMON.EXE"=C:WINDOWSsystem32ctfmon.exe [2007-03-20 30208]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:Program FilesCommon FilesAheadLibNMBgMonitor.exe [2007-03-12 153136]
"OM2_Monitor"=C:Program FilesOLYMPUSOLYMPUS Master 2MMonitor.exe [2007-05-28 95800]
"H/PC Connection Agent"=C:Program FilesMicrosoft ActiveSyncwcescomm.exe [2006-11-13 1289000]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobeUpdater]
C:Program FilesCommon FilesAdobeUpdater5AdobeUpdater.exe [2007-02-28 2321600]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregInCD]
C:Program FilesNero 7InCDInCD.exe [2007-03-12 1055792]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregInternetConnect.exe]
[]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSpybotSD TeaTimer]
C:Program FilesSpybot - Search & DestroyTeaTimer.exe [2008-09-16 1833296]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^WINDOWS^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Ускоренный запуск Adobe Reader.lnk]
C:PROGRA~1AdobeACROBA~1.0ReaderREADER~1.EXE [2005-09-24 29696]
[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]
"Dnscache"=3
"Dhcp"=2
"OutpostFirewall"=2
C:WINDOWSDocuments and SettingsПользовательГлавное менюПрограммыАвтозагрузка
Create virtual drive for Denwer.lnk - d:WebServersdenwerBoot.exe
globax.bat
Omicom IP Service.lnk - C:Program FilesOmicom IP Servicess4ip.exe
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
"AppInit_DLLS"="C:PROGRA~1AgnitumOUTPOS~1wl_hook.dll"
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifymute32]
C:WINDOWSsystem32mute32.dll [2007-09-26 34816]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworknm.sys]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
"NoDriveTypeAutoRun"=145
"NoSMMyPictures"=1
"NoResolveTrack"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
"%windir%system32sessmgr.exe"="%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:Program FilesBonjourmDNSResponder.exe"="C:Program FilesBonjourmDNSResponder.exe:*:Enabled:Bonjour"
"C:Program FilesSkypeSkype.exe"="C:Program FilesSkypeSkype.exe:*:Enabled:Skype"
"C:Program FilesMicrosoft ActiveSyncrapimgr.exe"="C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:Program FilesMicrosoft ActiveSyncwcescomm.exe"="C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:Program FilesMicrosoft ActiveSyncWCESMgr.exe"="C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
"%windir%system32sessmgr.exe"="%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:Program FilesMicrosoft ActiveSyncrapimgr.exe"="C:Program FilesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:Program FilesMicrosoft ActiveSyncwcescomm.exe"="C:Program FilesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:Program FilesMicrosoft ActiveSyncWCESMgr.exe"="C:Program FilesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2I]
shellAutoRuncommand - I:autorun.exe
======List of files/folders created in the last 1 months======
2009-01-23 17:19:04 ----D---- C:WINDOWSDocuments and SettingsПользовательApplication DataMalwarebytes
2009-01-23 17:18:58 ----D---- C:WINDOWSDocuments and SettingsAll UsersApplication DataMalwarebytes
2009-01-23 17:18:58 ----D---- C:Program FilesMalwarebytes' Anti-Malware
2009-01-23 12:46:33 ----D---- C:Dragonfly
2009-01-21 21:08:03 ----D---- C:rsit
2009-01-21 13:33:20 ----D---- C:Program FilesCommon FilesAgnitum Shared
2009-01-21 13:33:20 ----D---- C:Program FilesAgnitum
2009-01-20 22:37:45 ----D---- C:WINDOWSDocuments and SettingsПользовательApplication DataMozilla
2009-01-20 22:37:31 ----D---- C:Program FilesMozilla Firefox
2009-01-18 14:22:56 ----D---- C:Program FilesUniversal Viewer
2009-01-18 14:18:28 ----D---- C:Program FilesFoxit PDF Reader
2009-01-12 14:29:30 ----D---- C:Program FilesAlawar
2009-01-10 13:25:21 ----D---- C:Program FilesThemes
2008-12-31 17:01:44 ----D---- C:WINDOWSDocuments and SettingsПользовательApplication DataSexy Dreams
2008-12-31 17:01:44 ----D---- C:Program FilesSexy Dreams
2008-12-31 15:38:35 ----D---- C:WINDOWSMinidump
2008-12-31 13:43:10 ----D---- C:Program FilesEDIROL
2008-12-31 11:31:41 ----A---- C:WINDOWSwininit.ini
2008-12-31 00:09:24 ----D---- C:WINDOWSDocuments and SettingsAll UsersApplication DataSpybot - Search & Destroy
2008-12-31 00:09:24 ----D---- C:Program FilesSpybot - Search & Destroy
2008-12-30 20:20:20 ----D---- C:Program FilesRegMon
2008-12-30 13:33:22 ----D---- C:Program FilesDMoNsoft
2008-12-30 13:04:00 ----D---- C:Program Filesjv16 PowerTools
2008-12-30 12:29:18 ----D---- C:HaxFix
2008-12-29 23:15:27 ----D---- C:fixwareout
2008-12-29 19:39:54 ----D---- C:WINDOWSsystem32NtmsData
2008-12-29 16:17:22 ----D---- C:Program FilesDeskMates
2008-12-28 11:44:53 ----D---- C:Program FilesFreeCap
2008-12-27 22:09:48 ----D---- C:Program FilesImage Trends Inc
2008-12-27 22:04:00 ----A---- C:WINDOWSsystem32pmtf3.dll
2008-12-27 22:04:00 ----A---- C:WINDOWSsystem32pmtf2.dll
2008-12-27 22:04:00 ----A---- C:WINDOWSsystem32pmtf1.dll
2008-12-27 22:04:00 ----A---- C:WINDOWSsystem32pmexr.dll
2008-12-27 22:04:00 ----A---- C:WINDOWSsystem32pmbm.dll
2008-12-27 22:04:00 ----A---- C:WINDOWSsystem32Photomatix25Lib3.dll
2008-12-27 22:04:00 ----A---- C:WINDOWSsystem32Photomatix25Lib2.dll
2008-12-27 22:04:00 ----A---- C:WINDOWSsystem32Photomatix25Lib.dll
2008-12-27 22:04:00 ----A---- C:WINDOWSsystem32Photomatix_jpg.dll
2008-12-27 22:04:00 ----A---- C:WINDOWSsystem32lcms.dll
2008-12-27 22:04:00 ----A---- C:WINDOWSsystem32IlmImf.dll
2008-12-27 22:03:59 ----D---- C:Program FilesPhotomatix
2008-12-27 18:57:27 ----D---- C:Program FilesTrend Micro
======List of files/folders modified in the last 1 months======
2009-01-23 17:40:05 ----A---- C:WINDOWSModemLog_Motorola USB Modem.txt
2009-01-23 17:37:52 ----D---- C:WINDOWSTemp
2009-01-23 17:30:29 ----RD---- C:Program Files
2009-01-23 17:30:29 ----D---- C:WINDOWSsystem32drivers
2009-01-23 17:30:01 ----A---- C:WINDOWSSchedLgU.Txt
2009-01-23 17:28:45 ----D---- C:WINDOWSsystem32
2009-01-23 17:19:33 ----A---- C:WINDOWSODBC.INI
2009-01-23 17:05:41 ----D---- C:WINDOWSsystem32CatRoot2
2009-01-23 16:31:32 ----D---- C:Program FilesУправление АСТЕР
2009-01-23 15:53:17 ----SH---- C:boot.ini
2009-01-23 15:53:17 ----A---- C:WINDOWSwin.ini
2009-01-23 15:53:17 ----A---- C:WINDOWSsystem.ini
2009-01-23 15:31:17 ----D---- C:Program FilesReGetDx
2009-01-22 23:21:51 ----A---- C:WINDOWSsystem32msvcsv60.dll
2009-01-22 19:13:08 ----A---- C:WINDOWSsystem32prsgrc.dll
2009-01-22 19:04:52 ----A---- C:WINDOWSNeroDigital.ini
2009-01-21 20:31:53 ----D---- C:WINDOWS
2009-01-21 16:36:50 ----D---- C:Program FilesRelease_NET20_2.0
2009-01-21 13:33:20 ----D---- C:Program FilesCommon Files
2009-01-20 23:58:44 ----A---- C:WINDOWSwincmd.ini
2009-01-20 23:48:56 ----A---- C:WINDOWSwcx_ftp.ini
2009-01-18 14:24:18 ----SD---- C:WINDOWSDocuments and SettingsПользовательApplication DataMicrosoft
2009-01-16 16:13:14 ----A---- C:WINDOWSwinamp.ini
2009-01-10 16:33:17 ----D---- C:Program FilesOpera
2009-01-02 10:41:46 ----A---- C:WINDOWSntbtlog.txt
2009-01-01 17:51:33 ----D---- C:Program FilesCommon FilesAdobe
2008-12-31 13:43:12 ----D---- C:Program FilesVstPlugins
2008-12-31 13:09:33 ----D---- C:TEMP
2008-12-31 11:48:52 ----A---- C:WINDOWSsystem32svchost.exe
2008-12-29 19:39:54 ----SD---- C:WINDOWSDocuments and SettingsAll UsersApplication DataMicrosoft
2008-12-29 18:13:03 ----RAD---- C:My Downloads
2008-12-27 22:09:49 ----SHD---- C:WINDOWSInstaller
2008-12-26 16:09:00 ----RSD---- C:WINDOWSFonts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2007-12-04 26624]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2007-12-04 42912]
R1 InCDPass;InCDPass; C:WINDOWSsystem32driversInCDPass.sys [2007-03-12 37040]
R1 incdrm;InCD Reader; C:WINDOWSsystem32driversInCDRm.sys [2007-03-12 38576]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-17 40448]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-17 14848]
R1 SCDEmu;SCDEmu; C:WINDOWSsystem32driversSCDEmu.sys [2005-10-16 27171]
R1 VFILT;Outpost Firewall Kernel Driver; ??C:Program FilesAgnitumOutpost FirewallkernelFILTNT.SYS []
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2007-12-04 94544]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2006-11-08 62336]
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2007-12-04 23152]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-04-23 4402176]
R3 motmodem;Motorola USB CDC ACM Driver; C:WINDOWSsystem32DRIVERSmotmodem.sys [2007-06-18 23680]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
R3 MPEVirtual;Virtual MPE Decoder Adapter Driver; C:WINDOWSsystem32DRIVERSMPEVirtual.sys [2008-02-29 100528]
R3 msloop;Драйвер адаптера Microsoft замыкания на себя; C:WINDOWSsystem32DRIVERSloop.sys [2001-08-17 4992]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2006-10-22 3994624]
R3 Omicom;%Omicom.DVBSDesc%; C:WINDOWSsystem32driversss4bda.sys [2008-03-11 232576]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2006-04-19 30080]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2006-09-01 59264]
R3 usbstor;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2006-04-19 20608]
R3 Wdf01000;Wdf01000; C:WINDOWSsystem32DRIVERSWdf01000.sys [2006-11-02 492000]
R4 InCDfs;InCD File System; C:WINDOWSsystem32driversInCDFs.sys [2007-03-12 118064]
S3 ADBLOCK.DLL;Outpost Firewall PlugIn (ADBLOCK.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelADBLOCK.DLL []
S3 ARP.DLL;Outpost Firewall PlugIn (ARP.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelARP.DLL []
S3 BthEnum;Драйвер блока запроса Bluetooth; C:WINDOWSsystem32DRIVERSBthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Драйвер для устройства связи по последовательному каналу Bluetooth; C:WINDOWSsystem32DRIVERSbthmodem.sys [2004-08-03 38016]
S3 BthPan;Bluetooth Device (Personal Area Network); C:WINDOWSsystem32DRIVERSbthpan.sys [2004-08-03 100992]
S3 BTHPORT;Драйвер порта Bluetooth; C:WINDOWSSystem32DriversBTHport.sys [2004-08-17 274688]
S3 BTHUSB;Драйвер порта USB радиомодуля Bluetooth; C:WINDOWSSystem32DriversBTHUSB.sys [2004-08-03 18944]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2004-08-03 17024]
S3 CONTENT.DLL;Outpost Firewall PlugIn (CONTENT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelCONTENT.DLL []
S3 DNSCACHE.DLL;Outpost Firewall PlugIn (DNSCACHE.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelDNSCACHE.DLL []
S3 FTPFILT.DLL;Outpost Firewall PlugIn (FTPFILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelFTPFILT.DLL []
S3 HTMLFILT.DLL;Outpost Firewall PlugIn (HTMLFILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelHTMLFILT.DLL []
S3 HTTPFILT.DLL;Outpost Firewall PlugIn (HTTPFILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelHTTPFILT.DLL []
S3 IMAPFILT.DLL;Outpost Firewall PlugIn (IMAPFILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelIMAPFILT.DLL []
S3 MAILFILT.DLL;Outpost Firewall PlugIn (MAILFILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelMAILFILT.DLL []
S3 motccgp;Motorola USB Composite Device Driver; C:WINDOWSsystem32DRIVERSmotccgp.sys [2007-06-18 17920]
S3 motccgpfl;MotCcgpFlService; C:WINDOWSsystem32DRIVERSmotccgpfl.sys [2007-01-22 7680]
S3 MotDev;Motorola Inc. USB Device; C:WINDOWSsystem32DRIVERSmotodrv.sys [2007-05-07 42112]
S3 MPE;BDA MPE фильтр; C:WINDOWSsystem32DRIVERSMPE.sys [2004-08-03 15360]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2004-08-03 10880]
S3 NNTPFILT.DLL;Outpost Firewall PlugIn (NNTPFILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelNNTPFILT.DLL []
S3 POP3FILT.DLL;Outpost Firewall PlugIn (POP3FILT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelPOP3FILT.DLL []
S3 PROTECT.DLL;Outpost Firewall PlugIn (PROTECT.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelPROTECT.DLL []
S3 RFCOMM;Устройство Bluetooth (протокол RFCOMM TDI); C:WINDOWSsystem32DRIVERSrfcomm.sys [2004-08-03 59648]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet адаптер, драйвер для NT; C:WINDOWSsystem32DRIVERSRTL8139.SYS [2004-08-04 20992]
S3 SECRET.DLL;Outpost Firewall PlugIn (SECRET.DLL); ??C:Program FilesAgnitumOutpost FirewallkernelSECRET.DLL []
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2004-08-03 15360]
S3 SynasUSB;SynasUSB; C:WINDOWSsystem32driversSynasUSB.sys [2007-10-24 23288]
S3 usb_rndisx;USB RNDIS Adapter; C:WINDOWSsystem32DRIVERSusb8023x.sys [2005-10-21 12800]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAvast4aswUpdSv.exe [2007-12-04 17272]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAvast4ashServ.exe [2007-12-04 140664]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:Program FilesBonjourmDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; C:WINDOWSsystem32svchost.exe [2008-12-31 14336]
R2 InCDsrv;InCD Helper; C:Program FilesNero 7InCDInCDsrv.exe [2007-03-12 931376]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe [2006-10-26 335872]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2006-10-22 159810]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAvast4ashMaiSv.exe [2007-12-04 247160]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAvast4ashWebSv.exe [2007-12-04 345464]
R3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesAheadLibNMIndexingService.exe [2007-03-12 271920]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2008-06-27 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2006-09-08 36864]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2006-09-11 741376]
S3 NBService;NBService; C:Program FilesNero 7Nero BackItUpNBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-12-31 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2006-09-11 122880]
S4 OutpostFirewall;Outpost Firewall Service; C:Program FilesAgnitumOutpost Firewalloutpost.exe [2006-02-13 91648]
EOF
MBAM-Log:
Malwarebytes' Anti-Malware 1.33
Версия базы данных: 1683
Windows 5.1.2600 Service Pack 2
23.01.2009 17:28:45
mbam-log-2009-01-23 (17-28-45).txt
Тип проверки: Быстрая
Проверено объектов: 44504
Прошло времени: 4 minute(s), 23 second(s)
Заражено процессов в памяти: 0
Заражено модулей в памяти: 0
Заражено ключей реестра: 0
Заражено значений реестра: 0
Заражено параметров реестра: 15
Заражено папок: 0
Заражено файлов: 4
Заражено процессов в памяти:
(Вредоносные программы не обнаружены)
Заражено модулей в памяти:
(Вредоносные программы не обнаружены)
Заражено ключей реестра:
(Вредоносные программы не обнаружены)
Заражено значений реестра:
(Вредоносные программы не обнаружены)
Заражено параметров реестра:
HKEY_CLASSES_ROOTregfileshellopencommand (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersDhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersInterfaces{92600c54-4462-4a65-a85c-7f87e490a216}DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersInterfaces{a01ed402-817e-448d-acc8-d4d9f9fc9df6}DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersInterfaces{b216cc19-a6c0-43cc-937e-b20dc7aa480e}DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesTcpipParametersInterfaces{92600c54-4462-4a65-a85c-7f87e490a216}NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesTcpipParametersInterfaces{b216cc19-a6c0-43cc-937e-b20dc7aa480e}NameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMControlSet002ServicesTcpipParametersDhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMControlSet002ServicesTcpipParametersInterfaces{92600c54-4462-4a65-a85c-7f87e490a216}DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMControlSet002ServicesTcpipParametersInterfaces{a01ed402-817e-448d-acc8-d4d9f9fc9df6}DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMControlSet002ServicesTcpipParametersInterfaces{b216cc19-a6c0-43cc-937e-b20dc7aa480e}DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMControlSet003ServicesTcpipParametersDhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMControlSet003ServicesTcpipParametersInterfaces{92600c54-4462-4a65-a85c-7f87e490a216}DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMControlSet003ServicesTcpipParametersInterfaces{a01ed402-817e-448d-acc8-d4d9f9fc9df6}DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESYSTEMControlSet003ServicesTcpipParametersInterfaces{b216cc19-a6c0-43cc-937e-b20dc7aa480e}DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.68;85.255.112.150 -> Quarantined and deleted successfully.
Заражено папок:
(Вредоносные программы не обнаружены)
Заражено файлов:
C:WINDOWSsystem32msqpdxmtvearxx.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversmsqpdxmqltoiqh.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversmsqpdxmqltoiqt.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
