SPYWARE-RU.COM

Созданные ответы форума

Просмотр 4 сообщений - с 1 по 4 (из 4 всего)

Автор

Сообщения
10 мая, 2009 в 10:02 пп в ответ на: autorun.inf вирус!! Не справляюсь :'( #23667
Valent
Participant
- Темы:1
- Сообщений:5
здаствуйте!
вот содержимое..

ComboFix 09-05-09.05 — Администратор 11.05.2009 1:30.2 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.2047.1542 [GMT 4:00]
Running from: c:documents and settingsАдминистраторРабочий столComboFix.exe
AV: Антивирусная система Eset NOD32 2.70 *On-access scanning enabled* (Outdated)
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-04-10 to 2009-05-10 )))))))))))))))))))))))))))))))
.

2009-05-02 21:54 . 2009-05-02 21:54

d

w C:_OTMoveIt
2009-05-01 08:17 . 2001-08-17 17:58 22912 -c—a-w c:windowssystem32dllcacheumaxpcls.sys
2009-05-01 08:17 . 2001-10-19 17:06 50176 -c—a-w c:windowssystem32dllcacheumaxp60.dll
2009-05-01 08:17 . 2001-10-19 17:06 47616 -c—a-w c:windowssystem32dllcacheumaxcam.dll
2009-05-01 08:17 . 2001-10-19 17:06 212480 -c—a-w c:windowssystem32dllcacheum54scan.dll
2009-05-01 08:17 . 2001-10-19 17:06 216576 -c—a-w c:windowssystem32dllcacheum34scan.dll
2009-05-01 08:17 . 2001-08-17 17:52 36736 -c—a-w c:windowssystem32dllcacheultra.sys
2009-05-01 07:57 . 2001-10-19 17:05 59104 -c—a-w c:windowssystem32dllcachen9i128v2.dll
2009-05-01 07:49 . 2001-08-17 16:12 20573 -c—a-w c:windowssystem32dllcachelne100.sys
2009-05-01 07:49 . 2001-08-17 16:11 25065 -c—a-w c:windowssystem32dllcachelmndis3.sys
2009-05-01 07:49 . 2001-10-19 16:25 15872 -c—a-w c:windowssystem32dllcachelit220p.sys
2009-05-01 07:49 . 2008-04-13 20:10 34688 -c—a-w c:windowssystem32dllcachelbrtfdc.sys
2009-05-01 07:49 . 2001-10-19 16:25 26442 -c—a-w c:windowssystem32dllcachelanepic5.sys
2009-05-01 07:43 . 2001-10-19 17:06 43520 -c—a-w c:windowssystem32dllcacheEXCH_fcachdll.dll
2009-05-01 06:25 . 2009-05-02 22:19

d

w c:program filestrend micro
2009-05-01 06:25 . 2009-05-01 06:25

d

w C:rsit
2009-04-30 19:59 . 2009-02-09 03:37 91136 —-a-w c:windowssystem32nmwcdcls.dll
2009-04-30 18:30 . 2009-04-30 19:23

d

w c:documents and settingsАдминистраторTracing
2009-04-30 18:30 . 2009-04-30 19:23

d

w c:documents and settingsАдминистраторTracing
2009-04-30 18:09 . 2009-02-06 14:08 55152 —-a-w c:windowssystem32driversfssfltr_tdi.sys
2009-04-30 18:09 . 2009-04-30 18:09

d

w c:program filesMicrosoft Sync Framework
2009-04-30 18:08 . 2009-04-30 18:08

d

w c:program filesMicrosoft SQL Server Compact Edition
2009-04-30 18:07 . 2009-04-30 18:07

d

w c:program filesWindows Live SkyDrive
2009-04-30 18:07 . 2009-04-30 18:09

d

w c:program filesWindows Live
2009-04-30 17:36 . 2009-04-30 17:36

d

w c:program filesCommon FilesWindows Live
2009-04-30 17:36 . 2009-04-30 17:36

d

w c:program filesMicrosoft Silverlight
2009-04-30 17:29 . 2009-04-30 17:29

d

w C:b7ab394506d18d7bf726278705c92173
2009-04-30 17:29 . 2009-04-30 19:21

d

w c:windowsSxsCaPendDel
2009-04-30 17:25 . 2009-04-30 18:07

d

w c:program filesMicrosoft
2009-04-30 17:25 . 2009-04-30 17:25

d

w c:documents and settingsАдминистраторApplication DataWindows Desktop Search
2009-04-30 16:34 . 2009-04-30 16:34

d-sh—w c:documents and settingsАдминистраторPrivacIE
2009-04-30 16:34 . 2009-04-30 16:34

d-sh—w c:documents and settingsАдминистраторPrivacIE
2009-04-30 16:30 . 2009-04-30 16:30

d-sh—w c:documents and settingsLocalServiceIETldCache
2009-04-30 16:29 . 2009-04-30 16:29

d-sh—w c:documents and settingsАдминистраторIETldCache
2009-04-30 16:29 . 2009-04-30 16:29

d-sh—w c:documents and settingsАдминистраторIETldCache
2009-04-30 16:14 . 2009-04-30 16:14

d

w c:windowsie8updates
2009-04-30 16:14 . 2009-02-28 04:55 105984 -c—-w c:windowssystem32dllcacheiecompat.dll
2009-04-30 16:12 . 2009-04-30 16:13

dc-h—w c:windowsie8
2009-04-20 17:08 . 2009-05-10 18:05

d—h—w c:windowssystem32629FA8
2009-04-20 17:08 . 2009-05-10 18:05

d—h—w c:windowssystem3263C801
2009-04-20 17:08 . 2009-05-10 18:05

d—h—w c:windowssystem32A171FA
2009-04-20 17:08 . 2009-05-04 05:04

d—h—w c:windowssystem32EE8CB2

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-02 22:14 . 2007-07-12 15:50

d

w c:program filesCommon FilesSymantec Shared
2009-05-02 22:14 . 2007-07-12 15:50

d

w c:program filesSymantec
2009-05-02 22:14 . 2007-07-12 15:50

d

w c:program filesSymantec AntiVirus
2009-05-02 21:59 . 2007-07-24 06:23 131544 —-a-w c:documents and settingsАдминистраторLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-04-30 20:01 . 2008-09-04 19:46

d

w c:program filesNokia
2009-04-30 20:01 . 2007-08-24 21:08

d

w c:program filesCommon FilesNokia
2009-04-30 20:00 . 2008-09-02 20:34

d

w c:program filesPC Connectivity Solution
2009-04-30 19:26 . 2004-08-18 12:00 96164 —-a-w c:windowssystem32perfc019.dat
2009-04-30 19:26 . 2004-08-18 12:00 511864 —-a-w c:windowssystem32perfh019.dat
2009-04-30 17:24 . 2008-09-14 12:17

d

w c:program filesWindows Desktop Search
2009-04-30 16:11 . 2008-12-03 13:55

d

w c:program filesMyCentria
2009-04-30 16:07 . 2008-09-14 11:23

d

w c:program filesMicrosoft Works
2009-04-28 20:35 . 2008-11-17 08:37

d

w c:program filesESET
2009-04-27 21:55 . 2007-12-20 21:50 139984 —-a-w c:windowssystem32driversPnkBstrK.sys
2009-04-27 21:55 . 2007-12-20 21:49 189496 —-a-w c:windowssystem32PnkBstrB.exe
2009-04-27 14:48 . 2007-12-13 09:17

d

w c:program filesQIP Infium
2009-04-13 21:55 . 2007-12-20 21:50 75064 —-a-w c:windowssystem32PnkBstrA.exe
2009-04-13 18:15 . 2008-03-18 20:51 22328 —-a-w c:documents and settingsАдминистраторApplication DataPnkBstrK.sys
2009-04-13 18:05 . 2008-12-11 08:41

d

w c:program filesActivision
2009-03-31 20:13 . 2007-08-19 21:31

d

w c:program filesCommon FilesWise Installation Wizard
2009-03-31 20:13 . 2007-08-19 21:31

d

w c:program filesAGEIA Technologies
2009-03-31 20:11 . 2009-03-31 20:11

d

w c:program filesOpenAL
2009-03-31 20:11 . 2007-07-16 11:04 115432 —-a-w c:windowssystem32OpenAL32.dll
2009-03-31 20:11 . 2007-07-16 11:04 418480 —-a-w c:windowssystem32wrap_oal.dll
2009-03-31 20:06 . 2007-07-12 15:52

d—h—w c:program filesInstallShield Installation Information
2009-03-30 13:52 . 2007-09-28 20:43

d

w c:program filesICQ
2009-03-08 00:34 . 2004-08-18 12:00 914944 —-a-w c:windowssystem32wininet.dll
2009-03-08 00:34 . 2004-08-18 12:00 43008 —-a-w c:windowssystem32licmgr10.dll
2009-03-08 00:33 . 2004-08-18 12:00 18944 —-a-w c:windowssystem32corpol.dll
2009-03-08 00:33 . 2004-08-18 12:00 420352 —-a-w c:windowssystem32vbscript.dll
2009-03-08 00:32 . 2004-08-18 12:00 72704 —-a-w c:windowssystem32admparse.dll
2009-03-08 00:32 . 2004-08-18 12:00 71680 —-a-w c:windowssystem32iesetup.dll
2009-03-08 00:31 . 2004-08-18 12:00 34816 —-a-w c:windowssystem32imgutil.dll
2009-03-08 00:31 . 2004-08-18 12:00 48128 —-a-w c:windowssystem32mshtmler.dll
2009-03-08 00:31 . 2004-08-18 12:00 45568 —-a-w c:windowssystem32mshta.exe
2009-03-08 00:22 . 2004-08-18 12:00 156160 —-a-w c:windowssystem32msls31.dll
2009-03-06 14:23 . 2004-08-18 12:00 284672 —-a-w c:windowssystem32pdh.dll
2009-02-16 19:17 . 2009-03-29 20:32 453152 —-a-w c:windowssystem32NVUNINST.EXE
2009-01-23 21:37 . 2009-01-23 21:37 3022 —-a-w c:program filesCommon Filesunins000.dat
2009-01-23 21:35 . 2009-01-23 21:37 729520 —-a-w c:program filesCommon Filesunins000.exe
2007-09-16 07:53 . 2007-09-18 05:04 66408 —-a-w c:program filesmozilla firefoxcomponentsjar50.dll
2007-09-16 07:53 . 2007-09-18 05:04 54112 —-a-w c:program filesmozilla firefoxcomponentsjsd3250.dll
2007-09-16 07:53 . 2007-09-18 05:04 34688 —-a-w c:program filesmozilla firefoxcomponentsmyspell.dll
2007-09-16 07:53 . 2007-09-18 05:04 46456 —-a-w c:program filesmozilla firefoxcomponentsspellchk.dll
2007-09-16 07:53 . 2007-09-18 05:04 171880 —-a-w c:program filesmozilla firefoxcomponentsxpinstal.dll
2008-11-27 11:19 . 2007-11-08 21:02 848 —sha-w c:windowssystem32KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2008-04-14 15360]
«Punto Switcher»=»c:program filesPunto Switcherpunto.exe» [2008-10-16 735016]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«JMB36X IDE Setup»=»c:windowsJMJMInsIDE.exe» [2006-10-30 36864]
«36X Raid Configurer»=»c:windowssystem32JMRaidSetup.exe» [2006-11-16 1953792]
«Gainward»=»c:program filesVDOToolTBPanel.exe» [2007-02-01 2154496]
«ISUSPM Startup»=»c:program filesCommon FilesInstallShieldUpdateServiceISUSPM.exe» [2005-08-11 249856]
«ISUSScheduler»=»c:program filesCommon FilesInstallShieldUpdateServiceissch.exe» [2005-08-11 81920]
«MAgent»=»c:program filesMail.RuAgentMAgent.exe» [2009-04-13 6210744]
«nod32kui»=»c:program filesEsetnod32kui.exe» [2008-11-24 949376]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2009-02-18 13680640]
«90093A»=»c:windowssystem32EE8CB290093A.EXE» [2009-05-04 1407888]
«RTHDCPL»=»RTHDCPL.EXE» — c:windowsRTHDCPL.exe [2006-11-15 16270848]

[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2008-04-14 15360]
«Nokia.PCSync»=»c:program filesNokiaNokia PC Suite 6PcSync2.exe» [2007-11-07 1294336]

c:documents and settingsЂ¤¬ЁЁбва в®аѓ« ў®Ґ ¬ҐоЏа®Ја ¬¬лЂўв®§ Јаг§Є
90093A.lnk — c:windowssystem32EE8CB290093A.EXE [2009-5-3 1407888]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«ForceClassicControlPanel»= 1 (0x1)

[HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«ForceClassicControlPanel»= 1 (0x1)

[hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks]
«{56F9679E-7826-4C84-81F3-532071A8BCC5}»= «c:program filesWindows Desktop SearchMSNLNamespaceMgr.dll» [2008-05-26 304128]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@=»Driver»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-]
«PcSync»=c:program filesNokiaNokia PC Suite 6PcSync2.exe /NoDialog
«MSMSGS»=»c:program filesMessengermsmsgs.exe» /background
«swg»=c:program filesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
«PC Suite Tray»=»c:program filesNokiaNokia PC Suite 7PCSuite.exe» -onlytray
«Nokia.PCSync»=»c:program filesNokiaNokia PC Suite 7PCSync2.exe» /NoDialog
«msnmsgr»=»c:program filesWindows LiveMessengermsnmsgr.exe» /background

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun-]
«DataLayer»=c:program filesCommon FilesPCSuiteDataLayerDataLayer.exe
«NBKeyScan»=»c:program filesNeroNero8Nero BackItUpNBKeyScan.exe»
«NeroFilterCheck»=c:program filesCommon FilesNeroLibNeroCheck.exe
«HPDJ Taskbar Utility»=c:windowssystem32spooldriversw32x863hpztsb05.exe
«NvMediaCenter»=RUNDLL32.EXE c:windowssystem32NvMcTray.dll,NvTaskbarInit
«nwiz»=nwiz.exe /install
«GrooveMonitor»=»c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe»
«Easy-PrintToolBox»=c:program filesCanonEasy-PrintToolBoxBJPSMAIN.EXE /logon
«90093A»=c:windowssystem32EE8CB290093A.EXE

[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\system32\sessmgr.exe»=
«d:\Новые Игрушки — 2\Tom Clancy’s Rainbow Six Vegas\Binaries\R6Vegas_Game.exe»=
«c:\Program Files\ICQ\Icq.exe»=
«c:\Program Files\ApexDC++\ApexDC.exe»=
«f:\internet_temp\Downloads\ApexDC++_1.0.0_Beta4\bin\ApexDC.exe»=
«c:\Program Files\Maxthon\Maxthon.exe»=
«c:\WINDOWS\system32\PnkBstrA.exe»=
«c:\WINDOWS\system32\PnkBstrB.exe»=
«c:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE»=
«c:\Program Files\Microsoft Office\Office12\GROOVE.EXE»=
«c:\Program Files\Microsoft Office\Office12\ONENOTE.EXE»=
«c:\Program Files\Activision\Call of Duty — World at War\CoDWaWmp.exe»=
«c:\Program Files\Activision\Call of Duty — World at War\CoDWaW.exe»=
«c:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe»=
«c:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe»=
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«c:\SPARK-DC\SPARK-DC.exe»=
«d:\Новые Игрушки — 2\Call of Duty 2\CoD2MP_s.exe»=
«c:\Program Files\Common Files\Nero\Nero Web\SetupX.exe»=
«c:\Program Files\Activision\Call of Duty 4 — Modern Warfare\iw3mp.exe»=
«c:\Program Files\Windows Live\Messenger\msnmsgr.exe»=
«c:\Program Files\Windows Live\Sync\WindowsLiveSync.exe»=

R0 pe3ak36b;Rainbow Six. Vegas Environment Driver (pe3ak36b);c:windowssystem32driverspe3ak36b.sys [11.05.2007 10:41 65424]
R0 ps6ak36b;Rainbow Six. Vegas Synchronization Driver (ps6ak36b);c:windowssystem32driversps6ak36b.sys [11.05.2007 10:40 53144]
R1 nod32drv;nod32drv;c:windowssystem32driversnod32drv.sys [25.11.2008 1:39 15424]
R2 fssfltr;FssFltr;c:windowssystem32driversfssfltr_tdi.sys [30.04.2009 22:09 55152]
R2 SeaPort;SeaPort;c:program filesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe [14.01.2009 17:53 226656]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:windowssystem32driversatl01_xp.sys [12.07.2007 20:21 35840]
S2 pr2ak36b;Rainbow Six. Vegas Drivers Auto Removal (pr2ak36b);c:windowssystem32pr2ak36b.exe svc —> c:windowssystem32pr2ak36b.exe svc [?]
S3 fsssvc;Семейная безопасность Windows Live;c:program filesWindows LiveFamily Safetyfsssvc.exe [06.02.2009 18:08 533360]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
«c:windowssystem32rundll32.exe» «c:windowssystem32iedkcs32.dll»,BrandIEActiveSetup SIGNUP
.
Contents of the ‘Scheduled Tasks’ folder

2009-05-10 c:windowsTasksБыстрое решение проблем.job
— c:program filesTuneUp_Utilities_2009OneClickStarter.exe [2009-01-21 18:36]
.
.

Supplementary Scan

.
uStart Page = hxxp://03compu.ru/start
IE: &Экспорт в Microsoft Excel — c:progra~1MICROS~2Office12EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List — c:program filesCanonEasy-WebPrintResource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print — c:program filesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview — c:program filesCanonEasy-WebPrintResource.dll/RC_Preview.html
IE: Easy-WebPrint Print — c:program filesCanonEasy-WebPrintResource.dll/RC_Print.html
IE: Закачать все при помощи FlashGet — c:program filesFlashGetjc_all.htm
IE: Закачать при помощи FlashGet — c:program filesFlashGetjc_link.htm
IE: Поиск@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll/282
IE: Словари@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll/283
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} — c:program filesMail.RuAgentmagent.exe
LSP: c:windowssystem32imon.dll
FF — ProfilePath —
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-11 01:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes …

scanning hidden autostart entries …

scanning hidden files …

scan completed successfully
hidden files: 0

**************************************************************************
.

LOCKED REGISTRY KEYS

[HKEY_USERSS-1-5-21-861567501-790525478-839522115-500SoftwareMicrosoftInternet ExplorerUser Preferences]
@Denied: (2) (Administrator)
«88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977″=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,35,8a,ba,eb,c2,f1,2d,42,b5,70,d6,
«2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81″=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,35,8a,ba,eb,c2,f1,2d,42,b5,70,d6,
.

DLLs Loaded Under Running Processes

— — — — — — — > ‘explorer.exe'(3740)
c:windowssystem32webcheck.dll
c:windowssystem32IEFRAME.dll
c:program filesPunto Switcherpshook.dll
c:program filesWindows Desktop Searchdeskbar.dll
c:program filesWindows Desktop Searchru-rudbres.dll.mui
c:program filesWindows Desktop Searchdbres.dll
c:program filesWindows Desktop Searchwordwheel.dll
c:program filesWindows Desktop Searchru-rumsnlExtRes.dll.mui
c:program filesWindows Desktop SearchmsnlExtRes.dll
c:windowssystem32msls31.dll
c:windowssystem32WPDShServiceObj.dll
c:windowssystem32PortableDeviceTypes.dll
c:windowssystem32PortableDeviceApi.dll
.
Completion time: 2009-05-10 1:32
ComboFix-quarantined-files.txt 2009-05-10 21:32
ComboFix2.txt 2009-05-10 18:30

Pre-Run: 7 922 323 456 байт свободно
Post-Run: 7 905 189 888 байт свободно

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
246 — E O F — 2009-05-02 17:48
4 мая, 2009 в 5:13 дп в ответ на: autorun.inf вирус!! Не справляюсь :'( #23665
Valent
Participant
- Темы:1
- Сообщений:5
Здрвствуйте.
прошу прощения, а предложеный вами скрипт должен был задавить вирус?, или это элемент диагностики?..
пока ничего положительного не произошло.
при подключении флешки скрытым становится даже созданный «дезинфектором» каталог autorun.inf
2 мая, 2009 в 10:25 пп в ответ на: autorun.inf вирус!! Не справляюсь :'( #23664
Valent
Participant
- Темы:1
- Сообщений:5
Здравствуйте! усё сделал как положено!
логи..

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
ServiceDriver a469al1i not found.
ServiceDriver a469al1i not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\90093A deleted successfully.
========== FILES ==========
C:Documents and SettingsАдминистраторГлавное менюПрограммыАвтозагрузка90093A.lnk moved successfully.
File move failed. C:WINDOWSsystem32EE8CB290093A.EXE scheduled to be moved on reboot.
========== COMMANDS ==========
File delete failed. C:DOCUME~19335~1LOCALS~1TempE_N4dp1.fne scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1TempE_N4eAPI.fne scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1TempE_N4HtmlView.fne scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1TempE_N4internet.fne scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1TempE_N4krnln.fnr scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1TempE_N4shell.fne scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1TempPerflib_Perfdata_f20.dat scheduled to be deleted on reboot.
File delete failed. C:DOCUME~19335~1LOCALS~1Temp~DFFF8F.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Internet Explorer cache folder emptied.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.Word~WRS{809FDE0C-11C9-42D3-BDDA-88C535A309FB}.tmp scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5XHDXXZ5Tdefault[1].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5XHDXXZ5Tprice[1].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5XHDXXZ5Tsearch[6].txt scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5WYN2YT34ads[1].txt scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5WYN2YT34price[1].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5WYN2YT34scheme[1].htm scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5UL9N1XH9default[2].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5UL9N1XH9ScriptResource[1].axd scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5TU22EAADgetimg[1].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5TU22EAADm113[1].jpg scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5TU22EAADviewtopic[1].htm scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5PS2D0X2112_11[1].htm scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5PS2D0X21price[2].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5OMTQ5YSZforiframe[1].htm scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5OMTQ5YSZvideoByTag[1].xml scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5MI6D8FWLgetimg[1].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5LE8IFYYXads[2].txt scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5JUB3IY3Dfelicia[1].htm scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5JUB3IY3Dforiframe[1].htm scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5JUB3IY3Dprice[1].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5JUB3IY3Dsearch[4].txt scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5JUB3IY3DStatistikaNeispravnostejj[1].txt scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5JUB3IY3Dviewtopic[1].php scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5DEADNT4Bads[1].txt scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE591YZZ81Odefault[1].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE57VP3LGOKdefault[1].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE57VP3LGOKindex[1].php scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE57VP3LGOKrubric[1].html scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE57VP3LGOKScriptResource[1].axd scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE54KSNG4OVgetimg[1].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE54KSNG4OVprice[1].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE54KSNG4OVScriptResource[1].axd scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE53BH9XS4Acomplect[1].aspx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE53BH9XS4Aparts[1].htm scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE53BH9XS4Aparts[2].htm scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE51NGDD4X1SkodaClub[1].htm scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE51NGDD4X1yandsearch[2].txt scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5V2UN7J8en_stat[1].htm scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5V2UN7J8index[1].php scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
User’s Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer — Version 1.0.11.0 log created on 05032009_015449

Files moved on Reboot…
C:WINDOWSsystem32EE8CB290093A.EXE moved successfully.
C:DOCUME~19335~1LOCALS~1TempE_N4dp1.fne moved successfully.
C:DOCUME~19335~1LOCALS~1TempE_N4eAPI.fne moved successfully.
C:DOCUME~19335~1LOCALS~1TempE_N4HtmlView.fne moved successfully.
C:DOCUME~19335~1LOCALS~1TempE_N4internet.fne moved successfully.
C:DOCUME~19335~1LOCALS~1TempE_N4krnln.fnr moved successfully.
C:DOCUME~19335~1LOCALS~1TempE_N4shell.fne moved successfully.
File C:DOCUME~19335~1LOCALS~1TempPerflib_Perfdata_f20.dat not found!
C:DOCUME~19335~1LOCALS~1Temp~DFFF8F.tmp moved successfully.
C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.Word~WRS{809FDE0C-11C9-42D3-BDDA-88C535A309FB}.tmp moved successfully.
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5XHDXXZ5Tdefault[1].aspx not found!
C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5XHDXXZ5Tprice[1].aspx moved successfully.
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5XHDXXZ5Tsearch[6].txt not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5WYN2YT34ads[1].txt not found!
C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5WYN2YT34price[1].aspx moved successfully.
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5WYN2YT34scheme[1].htm not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5UL9N1XH9default[2].aspx not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5UL9N1XH9ScriptResource[1].axd not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5TU22EAADgetimg[1].aspx not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5TU22EAADm113[1].jpg not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5TU22EAADviewtopic[1].htm not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5PS2D0X2112_11[1].htm not found!
C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5PS2D0X21price[2].aspx moved successfully.
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5OMTQ5YSZforiframe[1].htm not found!
C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5OMTQ5YSZvideoByTag[1].xml moved successfully.
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5MI6D8FWLgetimg[1].aspx not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5LE8IFYYXads[2].txt not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5JUB3IY3Dfelicia[1].htm not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5JUB3IY3Dforiframe[1].htm not found!
C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5JUB3IY3Dprice[1].aspx moved successfully.
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5JUB3IY3Dsearch[4].txt not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5JUB3IY3DStatistikaNeispravnostejj[1].txt not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5JUB3IY3Dviewtopic[1].php not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5DEADNT4Bads[1].txt not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE591YZZ81Odefault[1].aspx not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE57VP3LGOKdefault[1].aspx not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE57VP3LGOKindex[1].php not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE57VP3LGOKrubric[1].html not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE57VP3LGOKScriptResource[1].axd not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE54KSNG4OVgetimg[1].aspx not found!
C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE54KSNG4OVprice[1].aspx moved successfully.
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE54KSNG4OVScriptResource[1].axd not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE53BH9XS4Acomplect[1].aspx not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE53BH9XS4Aparts[1].htm not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE53BH9XS4Aparts[2].htm not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE51NGDD4X1SkodaClub[1].htm not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE51NGDD4X1yandsearch[2].txt not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5V2UN7J8en_stat[1].htm not found!
File C:Documents and SettingsАдминистраторLocal SettingsTemporary Internet FilesContent.IE5V2UN7J8index[1].php not found!
__________________________________________________________________________________________________________
__________________________________________________________________________________________________________

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Администратор at 2009-05-03 02:19:27
Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (14%) free of 50 GB
Total RAM: 2047 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:19:31, on 03.05.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesNeroNero8Nero BackItUpNBService.exe
C:WINDOWSExplorer.EXE
C:Program FilesEsetnod32krn.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32PnkBstrA.exe
C:WINDOWSsystem32PnkBstrB.exe
C:Program FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe
C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32SearchIndexer.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesVDOToolTBPanel.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMail.RuAgentMAgent.exe
C:Program FilesEsetnod32kui.exe
C:WINDOWSsystem32EE8CB290093A.EXE
C:Program FilesPunto Switcherpunto.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsАдминистраторРабочий столRSIT.exe
C:Program Filestrend microАдминистратор.exe

R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://03compu.ru/start
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll
R3 — URLSearchHook: (no name) — {83821C2B-32A8-4DD7-B6D4-44309A78E668} — C:Program FilesMail.RuAgentMradllnewmrasearch.dll
F2 — REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe
O2 — BHO: AcroIEHlprObj Class — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 — BHO: IeCatch5 Class — {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} — C:PROGRA~1FlashGetjccatch.dll
O2 — BHO: Search Helper — {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} — C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — c:program filesmail.rusputnikMailRuSputnik.dll
O2 — BHO: Помощник по входу в Windows Live — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar2.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O2 — BHO: Windows Live Toolbar Helper — {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} — C:Program FilesWindows LiveToolbarwltcore.dll
O3 — Toolbar: FlashGet Bar — {E0E899AB-F487-11D5-8D29-0050BA6940E3} — C:PROGRA~1FlashGetfgiebar.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar2.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — c:program filesmail.rusputnikMailRuSputnik.dll
O3 — Toolbar: Easy-WebPrint — {327C2873-E90D-4c37-AA9D-10AC9BABA46C} — C:Program FilesCanonEasy-WebPrintToolband.dll
O3 — Toolbar: &Windows Live Toolbar — {21FA44EF-376D-4D53-9B0F-8A89D3229068} — C:Program FilesWindows LiveToolbarwltcore.dll
O4 — HKLM..Run: [JMB36X IDE Setup] C:WINDOWSJMJMInsIDE.exe
O4 — HKLM..Run: [36X Raid Configurer] C:WINDOWSsystem32JMRaidSetup.exe boot
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [Gainward] C:Program FilesVDOToolTBPanel.exe /A
O4 — HKLM..Run: [ISUSPM Startup] «C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe» -startup
O4 — HKLM..Run: [ISUSScheduler] «C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe» -start
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [nod32kui] «C:Program FilesEsetnod32kui.exe» /WAITSERVICE
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [90093A] C:WINDOWSsystem32EE8CB290093A.EXE
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [Punto Switcher] C:Program FilesPunto Switcherpunto.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe (User ‘Default user’)
O4 — Startup: 90093A.lnk = C:WINDOWSsystem32EE8CB290093A.EXE
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 — Extra context menu item: Easy-WebPrint Add To Print List — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 — Extra context menu item: Easy-WebPrint High Speed Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 — Extra context menu item: Easy-WebPrint Preview — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O8 — Extra context menu item: Easy-WebPrint Print — res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O8 — Extra context menu item: Закачать все при помощи FlashGet — C:Program FilesFlashGetjc_all.htm
O8 — Extra context menu item: Закачать при помощи FlashGet — C:Program FilesFlashGetjc_link.htm
O8 — Extra context menu item: Поиск@Mail.Ru — res://c:program filesmail.rusputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Словари@Mail.Ru — res://c:program filesmail.rusputnikMailRuSputnik.dll/283
O9 — Extra button: Отправка в блог — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 — Extra ‘Tools’ menuitem: &Отправка в блог Windows Live Writer — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 — Extra button: Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: &Отправить в OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 — Extra button: ICQ Pro — {6224f700-cba3-4071-b251-47cb894244cd} — C:PROGRA~1ICQICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ — {6224f700-cba3-4071-b251-47cb894244cd} — C:PROGRA~1ICQICQ.exe
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:PROGRA~1FlashGetflashget.exe
O9 — Extra ‘Tools’ menuitem: &FlashGet — {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} — C:PROGRA~1FlashGetflashget.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O9 — Extra ‘Tools’ menuitem: Windows Messenger — {FB5F1910-F110-11d2-BB9E-00C04F795683} — C:Program FilesMessengermsmsgs.exe
O16 — DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) — http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1221393203281
O16 — DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) — http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1221393178546
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O23 — Service: Autodesk Licensing Service — Autodesk, Inc. — C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Google Updater Service (gusvc) — Google — C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: Nero BackItUp Scheduler 3 — Nero AG — C:Program FilesNeroNero8Nero BackItUpNBService.exe
O23 — Service: NMIndexingService — Nero AG — C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 — Service: NOD32 Kernel Service (NOD32krn) — Eset — C:Program FilesEsetnod32krn.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: PnkBstrA — Unknown owner — C:WINDOWSsystem32PnkBstrA.exe
O23 — Service: PnkBstrB — Unknown owner — C:WINDOWSsystem32PnkBstrB.exe
O23 — Service: Rainbow Six. Vegas Drivers Auto Removal (pr2ak36b) (pr2ak36b) — Russobit-M — C:WINDOWSsystem32pr2ak36b.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: ServiceLayer — Nokia. — C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 — Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) — Protection Technology (StarForce) — C:WINDOWSsystem32sfrem01.exe
O23 — Service: StarWind AE Service (StarWindServiceAE) — Rocket Division Software — C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: TuneUp Drive Defrag Service (TuneUp.Defrag) — TuneUp Software — C:WINDOWSSystem32TuneUpDefragService.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 11465 bytes

======Scheduled tasks folder======

C:WINDOWStasksБыстрое решение проблем.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class — C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll [2006-01-13 63128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class — C:PROGRA~1FlashGetjccatch.dll [2006-05-16 81920]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper — C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — c:program filesmail.rusputnikMailRuSputnik.dll [2009-04-14 680624]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Помощник по входу в Windows Live — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar2.dll [2007-01-19 2427968]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll [2008-09-19 737776]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper — C:Program FilesWindows LiveToolbarwltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} — FlashGet Bar — C:PROGRA~1FlashGetfgiebar.dll [2005-06-07 86016]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar2.dll [2007-01-19 2427968]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — c:program filesmail.rusputnikMailRuSputnik.dll [2009-04-14 680624]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} — Easy-WebPrint — C:Program FilesCanonEasy-WebPrintToolband.dll [2004-08-26 405504]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} — &Windows Live Toolbar — C:Program FilesWindows LiveToolbarwltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«JMB36X IDE Setup»=C:WINDOWSJMJMInsIDE.exe [2006-10-31 36864]
«36X Raid Configurer»=C:WINDOWSsystem32JMRaidSetup.exe [2006-11-16 1953792]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-11-15 16270848]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-04 69632]
«Gainward»=C:Program FilesVDOToolTBPanel.exe [2007-02-01 2154496]
«ISUSPM Startup»=C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe [2005-08-11 249856]
«ISUSScheduler»=C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe [2005-08-11 81920]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-04-14 6210744]
«nod32kui»=C:Program FilesEsetnod32kui.exe [2008-11-25 949376]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2009-02-18 13680640]
«90093A»=C:WINDOWSsystem32EE8CB290093A.EXE [2009-05-03 1407888]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
«Punto Switcher»=C:Program FilesPunto Switcherpunto.exe [2008-10-16 735016]

C:Documents and SettingsАдминистраторГлавное менюПрограммыАвтозагрузка
90093A.lnk — C:WINDOWSsystem32EE8CB290093A.EXE

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyNavLogon]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2009-02-12 2217848]
«{56F9679E-7826-4C84-81F3-532071A8BCC5}»=C:Program FilesWindows Desktop SearchMSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=36
«ForceClassicControlPanel»=1
«DisallowRun»=1
«NoDriveAutoRun»=FFFFFFFF

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«D:Новые Игрушки — 2Tom Clancy’s Rainbow Six VegasBinariesR6Vegas_Game.exe»=»D:Новые Игрушки — 2Tom Clancy’s Rainbow Six VegasBinariesR6Vegas_Game.exe:*:Enabled:R6Vegas_Game»
«C:Program FilesICQIcq.exe»=»C:Program FilesICQIcq.exe:*:Enabled:ICQ»
«C:Program FilesApexDC++ApexDC.exe»=»C:Program FilesApexDC++ApexDC.exe:*:Enabled:ApexDC++»
«F:internet_tempDownloadsApexDC++_1.0.0_Beta4binApexDC.exe»=»F:internet_tempDownloadsApexDC++_1.0.0_Beta4binApexDC.exe:*:Enabled:ApexDC++»
«C:Program FilesMaxthonMaxthon.exe»=»C:Program FilesMaxthonMaxthon.exe:*:Enabled:Maxthon Web Browser»
«C:WINDOWSsystem32PnkBstrA.exe»=»C:WINDOWSsystem32PnkBstrA.exe:*:Enabled:PnkBstrA»
«C:WINDOWSsystem32PnkBstrB.exe»=»C:WINDOWSsystem32PnkBstrB.exe:*:Enabled:PnkBstrB»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE»=»C:Program FilesMicrosoft OfficeOffice12GROOVE.EXE:*:Enabled:Microsoft Office Groove»
«C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE»=»C:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE:*:Enabled:Microsoft Office OneNote»
«C:Program FilesActivisionCall of Duty — World at WarCoDWaWmp.exe»=»C:Program FilesActivisionCall of Duty — World at WarCoDWaWmp.exe:*:Enabled:Call of Duty(R) — World at War(TM)»
«C:Program FilesActivisionCall of Duty — World at WarCoDWaW.exe»=»C:Program FilesActivisionCall of Duty — World at WarCoDWaW.exe:*:Enabled:Call of Duty(R) — World at War(TM)»
«C:Program FilesNokiaNokia Software Updaternsu_ui_client.exe»=»C:Program FilesNokiaNokia Software Updaternsu_ui_client.exe:*:Enabled:Nokia Software Updater»
«C:Program FilesCommon FilesNokiaService LayerAnsl_host_process.exe»=»C:Program FilesCommon FilesNokiaService LayerAnsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process «
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:SPARK-DCSPARK-DC.exe»=»C:SPARK-DCSPARK-DC.exe:*:Enabled:SPARK-DC»
«D:Новые Игрушки — 2Call of Duty 2CoD2MP_s.exe»=»D:Новые Игрушки — 2Call of Duty 2CoD2MP_s.exe:*:Enabled:CoD2MP_s»
«C:Program FilesCommon FilesNeroNero WebSetupX.exe»=»C:Program FilesCommon FilesNeroNero WebSetupX.exe:*:Disabled:Nero ControlCenter»
«C:Program FilesActivisionCall of Duty 4 — Modern Warfareiw3mp.exe»=»C:Program FilesActivisionCall of Duty 4 — Modern Warfareiw3mp.exe:*:Enabled:Call of Duty(R) 4 — Modern Warfare(TM)»
«C:Program FilesWindows LiveMessengermsnmsgr.exe»=»C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger»
«C:Program FilesWindows LiveSyncWindowsLiveSync.exe»=»C:Program FilesWindows LiveSyncWindowsLiveSync.exe:*:Enabled:Windows Live Sync»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesWindows LiveMessengermsnmsgr.exe»=»C:Program FilesWindows LiveMessengermsnmsgr.exe:*:Enabled:Windows Live Messenger»
«C:Program FilesWindows LiveSyncWindowsLiveSync.exe»=»C:Program FilesWindows LiveSyncWindowsLiveSync.exe:*:Enabled:Windows Live Sync»

======File associations======

.scr — open — «C:WINDOWSnotepad.exe» «%1»
.scr — install —
.scr — config —

======List of files/folders created in the last 1 months======

2009-05-03 02:13:45 —-SHD—- C:Config.Msi
2009-05-03 01:54:49 —-D—- C:_OTMoveIt
2009-05-02 21:48:36 —-HDC—- C:WINDOWS$NtUninstallKB961503$
2009-05-02 21:48:19 —-HDC—- C:WINDOWS$NtUninstallKB961118$
2009-05-02 21:48:13 —-HDC—- C:WINDOWS$NtUninstallKB939683$
2009-05-02 21:47:50 —-HDC—- C:WINDOWS$NtUninstallKB959772_WM11$
2009-05-02 21:47:40 —-HDC—- C:WINDOWS$NtUninstallKB936782_WMP11$
2009-05-01 10:25:11 —-D—- C:rsit
2009-05-01 10:25:11 —-D—- C:Program Filestrend micro
2009-05-01 00:37:40 —-RASHD—- C:autorun.inf
2009-04-30 23:59:56 —-A—- C:WINDOWSsystem32nmwcdcls.dll
2009-04-30 22:09:28 —-D—- C:Program FilesMicrosoft Sync Framework
2009-04-30 22:08:45 —-D—- C:Program FilesMicrosoft SQL Server Compact Edition
2009-04-30 22:07:33 —-D—- C:Program FilesWindows Live SkyDrive
2009-04-30 22:07:21 —-D—- C:Program FilesWindows Live
2009-04-30 21:36:56 —-D—- C:Program FilesCommon FilesWindows Live
2009-04-30 21:36:36 —-D—- C:Program FilesMicrosoft Silverlight
2009-04-30 21:29:24 —-D—- C:b7ab394506d18d7bf726278705c92173
2009-04-30 21:29:11 —-D—- C:WINDOWSSxsCaPendDel
2009-04-30 21:25:45 —-D—- C:Program FilesMicrosoft
2009-04-30 21:25:10 —-D—- C:Documents and SettingsАдминистраторApplication DataWindows Desktop Search
2009-04-30 21:24:06 —-N—- C:WINDOWSsystem32spmsg.dll
2009-04-30 21:23:37 —-HDC—- C:WINDOWS$NtUninstallwmp11$
2009-04-30 20:14:06 —-D—- C:WINDOWSie8updates
2009-04-30 20:12:14 —-HDC—- C:WINDOWSie8
2009-04-20 21:08:57 —-HD—- C:WINDOWSsystem32EE8CB2
2009-04-20 21:08:57 —-HD—- C:WINDOWSsystem32A171FA
2009-04-20 21:08:57 —-HD—- C:WINDOWSsystem3263C801
2009-04-20 21:08:57 —-HD—- C:WINDOWSsystem32629FA8
2009-04-15 02:18:27 —-HDC—- C:WINDOWS$NtUninstallKB959426$
2009-04-15 02:18:21 —-HDC—- C:WINDOWS$NtUninstallKB961373$
2009-04-15 02:16:12 —-HDC—- C:WINDOWS$NtUninstallKB956572$
2009-04-15 02:16:02 —-HDC—- C:WINDOWS$NtUninstallKB952004$
2009-04-15 02:15:17 —-HDC—- C:WINDOWS$NtUninstallKB960803$
2009-04-15 02:15:09 —-HDC—- C:WINDOWS$NtUninstallKB923561$

======List of files/folders modified in the last 1 months======

2009-05-03 02:16:45 —-D—- C:WINDOWSTemp
2009-05-03 02:16:40 —-A—- C:WINDOWSModemLog_Nokia 7260 Cable.txt
2009-05-03 02:16:39 —-A—- C:WINDOWSDFC.INI
2009-05-03 02:15:14 —-A—- C:WINDOWSSchedLgU.Txt
2009-05-03 02:14:25 —-D—- C:Program FilesCommon FilesSymantec Shared
2009-05-03 02:14:24 —-D—- C:WINDOWSsystem32drivers
2009-05-03 02:14:24 —-D—- C:WINDOWSsystem32
2009-05-03 02:14:24 —-D—- C:Program FilesSymantec
2009-05-03 02:14:23 —-D—- C:Program FilesSymantec AntiVirus
2009-05-03 02:14:23 —-D—- C:Documents and SettingsAll UsersApplication DataSymantec
2009-05-03 02:13:40 —-SHD—- C:WINDOWSInstaller
2009-05-03 01:59:51 —-D—- C:WINDOWSPrefetch
2009-05-03 01:57:12 —-D—- C:WINDOWS
2009-05-02 22:35:53 —-D—- C:WINDOWSMicrosoft.NET
2009-05-02 21:48:39 —-D—- C:WINDOWSinf
2009-05-02 21:48:38 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-05-02 21:48:33 —-A—- C:WINDOWSimsins.BAK
2009-05-02 21:48:32 —-D—- C:WINDOWSsystem32CatRoot2
2009-05-02 21:48:31 —-D—- C:WINDOWSsystem32CatRoot
2009-05-02 21:46:31 —-HD—- C:WINDOWS$hf_mig$
2009-05-01 12:20:28 —-D—- C:Program FilesWindows Media Player
2009-05-01 10:56:06 —-D—- C:Documents and SettingsАдминистраторApplication DataAIMP
2009-05-01 10:25:11 —-D—- C:Program Files
2009-05-01 03:13:35 —-D—- C:WINDOWSsystem32config
2009-05-01 00:01:16 —-DC—- C:WINDOWSsystem32DRVSTORE
2009-05-01 00:01:05 —-D—- C:Program FilesNokia
2009-05-01 00:01:04 —-D—- C:Program FilesCommon FilesNokia
2009-05-01 00:00:24 —-D—- C:Program FilesPC Connectivity Solution
2009-04-30 23:59:40 —-D—- C:Documents and SettingsAll UsersApplication DataInstallations
2009-04-30 23:26:21 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-04-30 22:31:13 —-D—- C:Documents and SettingsAll UsersApplication DataMicrosoft Help
2009-04-30 22:30:56 —-SD—- C:Documents and SettingsАдминистраторApplication DataMicrosoft
2009-04-30 22:09:28 —-D—- C:WINDOWSWinSxS
2009-04-30 22:09:20 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-04-30 22:08:50 —-D—- C:WINDOWSsystem32DirectX
2009-04-30 22:08:46 —-RSD—- C:WINDOWSassembly
2009-04-30 22:07:40 —-D—- C:Program FilesCommon FilesMicrosoft Shared
2009-04-30 21:36:56 —-D—- C:Program FilesCommon Files
2009-04-30 21:35:57 —-D—- C:WINDOWSsystem32XPSViewer
2009-04-30 21:35:57 —-D—- C:WINDOWSsystem32ru-ru
2009-04-30 21:30:07 —-D—- C:WINDOWSsystem32en-us
2009-04-30 21:30:04 —-RSD—- C:WINDOWSFonts
2009-04-30 21:24:39 —-D—- C:Program FilesWindows Desktop Search
2009-04-30 21:24:37 —-D—- C:WINDOWSsystem32wbem
2009-04-30 21:24:34 —-HDC—- C:WINDOWS$NtUninstallKB940157$
2009-04-30 21:23:41 —-D—- C:WINDOWSHelp
2009-04-30 20:29:25 —-D—- C:WINDOWSMedia
2009-04-30 20:29:25 —-D—- C:Program FilesInternet Explorer
2009-04-30 20:11:44 —-D—- C:Program FilesMyCentria
2009-04-30 20:07:09 —-D—- C:Program FilesMicrosoft Works
2009-04-29 00:45:14 —-D—- C:WINDOWSMinidump
2009-04-29 00:35:12 —-D—- C:Program FilesESET
2009-04-29 00:27:42 —-D—- C:Downloads
2009-04-28 01:55:30 —-A—- C:WINDOWSsystem32PnkBstrB.exe
2009-04-27 18:48:20 —-D—- C:Program FilesQIP Infium
2009-04-18 23:21:05 —-D—- C:WINDOWSsystem32Macromed
2009-04-17 17:21:27 —-SD—- C:WINDOWSDownloaded Program Files
2009-04-15 09:34:44 —-D—- C:WINDOWSAppPatch
2009-04-14 02:46:07 —-D—- C:Documents and SettingsАдминистраторApplication DataMra
2009-04-14 01:55:54 —-A—- C:WINDOWSsystem32PnkBstrA.exe
2009-04-13 22:15:31 —-A—- C:WINDOWSgame.ini
2009-04-13 22:05:18 —-D—- C:Program FilesActivision
2009-04-11 11:49:24 —-D—- C:Documents and SettingsАдминистраторApplication DataMxBoost
2009-04-06 18:57:24 —-A—- C:WINDOWSsystem32MRT.exe
2009-04-05 23:06:07 —-A—- C:WINDOWSNeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cdrbsdrv;cdrbsdrv; C:WINDOWSsystem32driverscdrbsdrv.sys [2004-03-08 13567]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-14 40704]
R1 nod32drv;nod32drv; C:WINDOWSsystem32driversnod32drv.sys [2008-11-25 15424]
R1 StarOpen;StarOpen; C:WINDOWSsystem32driversStarOpen.sys [2006-07-24 5632]
R1 WS2IFSL;Среда Windows Socket 2.0 поддержки поставщиков не-IFS служб; C:WINDOWSSystem32driversws2ifsl.sys [2004-08-18 12032]
R2 AMON;AMON; C:WINDOWSsystem32driversamon.sys [2008-11-25 512096]
R2 atksgt;atksgt; C:WINDOWSsystem32DRIVERSatksgt.sys [2008-06-20 278984]
R2 ElbyCDIO;ElbyCDIO Driver; C:WINDOWSSystem32DriversElbyCDIO.sys [2005-04-21 10624]
R2 fssfltr;FssFltr; C:WINDOWSsystem32DRIVERSfssfltr_tdi.sys [2009-02-06 55152]
R2 hardlock;hardlock; ??C:WINDOWSsystem32drivershardlock.sys []
R2 Haspnt;Haspnt; ??C:WINDOWSsystem32driversHaspnt.sys []
R2 irda;ИК-протокол IrDA; C:WINDOWSsystem32DRIVERSirda.sys [2008-04-14 88192]
R2 lirsgt;lirsgt; C:WINDOWSsystem32DRIVERSlirsgt.sys [2007-07-16 25416]
R2 TBPanel;TBPanel; C:WINDOWSsystem32driversTBPanel.sys [2002-07-27 5306]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-04-14 60800]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:WINDOWSsystem32DRIVERSatl01_xp.sys [2006-10-31 35840]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-11-16 4225920]
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-04-14 61824]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2009-02-18 6308224]
R3 Rasirda;Минипорт WAN (IrDA); C:WINDOWSsystem32DRIVERSrasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:WINDOWSSystem32DriversRootMdm.sys [2004-08-18 5888]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-04-14 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
S1 cdrbsvsd;cdrbsvsd; C:WINDOWSsystem32driverscdrbsvsd.sys []
S3 ane0jgfu;ane0jgfu; C:WINDOWSsystem32driversane0jgfu.sys []
S3 Cardex;Cardex; ??C:WINDOWSsystem32driversTBPANEL.SYS []
S3 ElbyCDFL;ElbyCDFL; C:WINDOWSSystem32DriversElbyCDFL.sys [2005-05-03 27392]
S3 HidUsb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-14 10368]
S3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-19 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:WINDOWSsystem32DRIVERSMSIRCOMM.sys [2008-04-14 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:WINDOWSsystem32DRIVERSpccsmcfd.sys [2008-08-26 18816]
S3 Pcouffin;Low level access layer for CD devices; C:WINDOWSSystem32DriversPcouffin.sys []
S3 PnkBstrK;PnkBstrK; ??C:WINDOWSsystem32driversPnkBstrK.sys []
S3 Ser2pl;Prolific Serial port driver; C:WINDOWSsystem32DRIVERSser2pl.sys [2003-07-16 43264]
S3 SONYPVU1;Драйвер Sony USB фильтра (SONYPVU1); C:WINDOWSsystem32DRIVERSSONYPVU1.SYS [2001-08-17 7552]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:WINDOWSsystem32DRIVERSss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:WINDOWSsystem32DRIVERSss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:WINDOWSsystem32DRIVERSss_mdm.sys [2005-08-30 94000]
S3 STIrUsb;STIrUsb.sys USB-IrDA Adapter; C:WINDOWSsystem32DRIVERSstirusb.sys [2001-09-24 30088]
S3 upperdev;upperdev; C:WINDOWSsystem32DRIVERSusbser_lowerflt.sys []
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2008-04-14 25856]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Wdf01000; C:WINDOWSsystem32DRIVERSWdf01000.sys [2008-03-27 503008]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []
S4 sr;Драйвер фильтра восстановления системы; C:WINDOWSsystem32DRIVERSsr.sys [2008-04-14 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
R2 Irmon;Монитор инфракрасной связи; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2006-10-26 335872]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:Program FilesNeroNero8Nero BackItUpNBService.exe [2007-12-03 869672]
R2 NOD32krn;NOD32 Kernel Service; C:Program FilesEsetnod32krn.exe [2008-11-25 552064]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2009-02-18 163908]
R2 PnkBstrA;PnkBstrA; C:WINDOWSsystem32PnkBstrA.exe [2009-04-14 75064]
R2 PnkBstrB;PnkBstrB; C:WINDOWSsystem32PnkBstrB.exe [2009-04-28 189496]
R2 SeaPort;SeaPort; C:Program FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe [2009-01-14 226656]
R2 StarWindServiceAE;StarWind AE Service; C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe [2007-05-28 275968]
R2 WSearch;Windows Search; C:WINDOWSsystem32SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
S2 Fax;Fax; C:WINDOWSsystem32fxssvc.exe [2008-04-14 268288]
S2 pr2ak36b;Rainbow Six. Vegas Drivers Auto Removal (pr2ak36b); C:WINDOWSsystem32pr2ak36b.exe [2007-05-11 407176]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:WINDOWSsystem32sfrem01.exe [2006-07-05 358008]
S3 aspnet_state;Служба состояний ASP.NET; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe [2007-08-19 74360]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Семейная безопасность Windows Live; C:Program FilesWindows LiveFamily Safetyfsssvc.exe [2009-02-06 533360]
S3 gusvc;Google Updater Service; C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2007-09-23 138168]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:Program FilesCommon FilesNeroLibNMIndexingService.exe [2007-12-13 447784]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:Program FilesPC Connectivity SolutionServiceLayer.exe [2009-03-04 621056]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:WINDOWSSystem32TuneUpDefragService.exe [2009-01-22 360192]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-02 914944]
S4 NetTcpPortSharing;Служба общего доступа к портам Net.Tcp; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]

EOF
1 мая, 2009 в 8:51 дп в ответ на: autorun.inf вирус!! Не справляюсь :'( #23662
Valent
Participant
- Темы:1
- Сообщений:5
info.txt logfile of random’s system information tool 1.06 2009-05-01 10:25:26

======Uninstall list======

—>C:Program FilesNeroNero8\nerouninstallUNNERO.exe /UNINSTALL
—>C:WINDOWSUNNeroBackItUp.exe /UNINSTALL
—>C:WINDOWSUNNeroMediaHome.exe /UNINSTALL
—>C:WINDOWSUNNeroShowTime.exe /UNINSTALL
—>C:WINDOWSUNNeroVision.exe /UNINSTALL
—>C:WINDOWSUNRecode.exe /UNINSTALL
—>msiexec /package {90120000-0015-0419-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-0016-0419-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-0018-0419-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-0019-0419-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-001A-0419-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-001B-0419-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-001F-0419-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-001F-0422-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-0044-0419-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-006E-0419-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-00A1-0419-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>msiexec /package {90120000-00BA-0419-0000-0000000FF1CE} /uninstall {2869874B-1A6E-4785-81C6-55FEFCF4B4FA}
—>MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
Adem 7.1 CAD/CAM/CAPP—>C:Program FilesCommon FilesInstallShieldDriver8Intel 32IDriver.exe /M{8D76D9CA-5DFB-48CB-9B4C-53E8BDAD1C68} /l1049
Adobe Flash Player 10 ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Reader 7.0.7—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70700000002}
Ahead Nero Add-on Pack—>C:Program FilesAheadNerouninstall-addonpack.exe
Ahead Nero Burning Rom PlugIn Pack 2.0.2 by MadHacker2k4—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{2715D1D6-2B81-4DD5-A9DC-6EFF4D5E0993}setup.exe» -l0x7 -removeonly
AIMP2—>C:Program FilesAIMP2Uninstall.exe
AnyTV Free 2.27—>»C:Program FilesAnyTVunins000.exe»
ApexDC++ 1.1.0—>C:Program FilesApexDC++uninst.exe
Attansic Giga Ethernet Utility—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime700Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1F698102-5739-441E-96F0-74F4EA540F06}setup.exe» -l0x9
Attansic L1 Gigabit Ethernet Driver—>rundll32.exe C:WINDOWSsystem32AttansicL1atcInst.dll,AtcUninst C:WINDOWSsystem32AttansicL1 x86 1969 1048 L1
AusLogics Disk Defrag—>»C:Program FilesAuslogicsAusLogics Disk Defragunins000.exe»
AutoCAD 2005 — English—>MsiExec.exe /I{5783F2D7-0301-0409-0002-0060B0CE6BBA}
Autodesk DWF Viewer—>C:PROGRA~1AutodeskAUTODE~1Setup.exe /remove
AVIcodec (remove only)—>»C:Program FilesAVIcodecuninst.exe»
AviSynth 2.5—>»C:Program FilesAviSynth 2.5Uninstall.exe»
Call of Duty 2—>C:PROGRA~1COMMON~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{A1BEEC49-4F66-4DCC-8F35-EB6F76C8BC96}
Call of Duty(R) — World at War(TM)—>C:Program FilesInstallShield Installation Information{D80A6A73-E58A-4673-AFF5-F12D7110661F}setup.exe -runfromtemp -l0x0419
Call of Duty(R) 4 — Modern Warfare(TM)—>C:Program FilesInstallShield Installation Information{E48469CC-635E-4FD5-A122-1497C286D217}setup.exe -runfromtemp -l0x0419
Canon PhotoRecord—>MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}
Canon PIXMA iP1000—>C:WINDOWSsystem32CNMCP6e.exe «-PRINTERNAMECanon PIXMA iP1000» «-HELPERDLLC:BJPrinterCNMWINDOWSCanon PIXMA iP1000 InstallerInst2cnmis.dll» «-RCDLLC:BJPrinterCNMWINDOWSCanon PIXMA iP1000 InstallerInst2cnmi0419.dll»
Canon Utilities Easy-PhotoPrint—>C:Program FilesCanonEasy-PhotoPrintuninst.exe C:Program FilesCanonEasy-PhotoPrintuninst.ini
Canon Utilities Easy-PrintToolBox—>C:WINDOWSBJPSUNST.EXE
Choice Guard—>MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
CloneCD—>»C:Program FilesCloneCDccd-uninst.exe» /D=»C:Program FilesCloneCD»
CorelDRAW Graphics Suite X3—>MsiExec.exe /I{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}
Data Access Objects (DAO) 3.5—>C:Program FilesCommon FilesMicrosoft SharedDAORemove.EXE C:WINDOWSUNINST.EXE -fC:PROGRA~1COMMON~1MICROS~1DAODeIsL5.isu
DFX for Winamp—>C:PROGRA~1DFXWIN~1UNWISE.EXE C:PROGRA~1DFXWIN~1INSTALL.LOG
DirectX10 LV (Last Version)—>»C:Program FilesCommon Filesunins000.exe»
DVD Audio Extractor 3.4.1—>»C:Program FilesDVD Audio Extractorunins000.exe»
Easy-WebPrint—>C:WINDOWSIsUninst.exe -f»C:Program FilesCanonEasy-WebPrintUninst.isu»
FlashGet(JetCar)—>C:PROGRA~1FlashGetUNWISE.EXE C:PROGRA~1FlashGetINSTALL.LOG
FontNav—>MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}
FormatFactory—>MsiExec.exe /X{46CAABB0-2A4F-4E41-A80B-73B233C21E1A}
Google Toolbar for Internet Explorer—>regsvr32 /u /s «c:program filesgooglegoogletoolbar2.dll»
GTA San Andreas—>»D:Новые ИгрушкиGTA San Andreasunins000.exe»
Heroes of Might and Magic V — Tribes of the East—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{66FF4C48-0083-4E60-8556-B883AB212392}setup.exe» -l0x19
Heroes of Might and Magic V: Владыки Севера—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{C4AC308A-38BF-44F0-879F-29E6B8ADD268}setup.exe» -l0x19
Heroes of Might and Magic V—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{CB9A636A-AF2D-4B03-AE8B-8FE99AC197E8}setup.exe» -l0x19
HijackThis 2.0.2—>»C:Program Filestrend microHijackThis.exe» /uninstall
Homespun Collection—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{62201736-0A1F-4C6F-9C59-1AA3360CEA50}Setup.exe»
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=»»
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=»»
Hotfix for Windows XP (KB915800-v4)—>»C:WINDOWS$NtUninstallKB915800-v4$spuninstspuninst.exe»
ICQ—>C:PROGRA~1ICQICQUninstall.EXE
JMB36X Raid Configurer—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}setup.exe» -l0x19 -removeonly
Junk Mail filter update—>MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Kingdia Video to AVI DIVX WMV DVD MOV ASF MPEG FLV Converter V3—>»C:Program FilesKingdia Video Converterunins000.exe»
K-Lite Mega Codec Pack 4.1.0—>»C:Program FilesK-Lite Codec Packunins000.exe»
LiveUpdate 2.6 (Symantec Corporation)—>C:Program FilesSymantecLiveUpdateLSETUP.EXE /U
Macromedia Extension Manager—>MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 Video Encoder—>MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8—>MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash Player 8 Plugin—>MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B}
Mail.Ru Агент 5.4 (сборка 2647, для всех пользователей)—>C:Program FilesMail.RuAgentmagentsetup.exe -uninstalllm
Mail.Ru Спутник 2.0.1.90—>c:program filesmail.rusputnikSputnikInstaller.exe -uninstall
Maxthon 1.52—>C:Program FilesMaxthonUninstall_Maxthon.exe
Microsoft .NET Framework 1.1 Hotfix (KB928366)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «C:WINDOWSMicrosoft.NETFrameworkv1.1.4322UpdatesM928366M928366Uninstall.msp»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack — RUS—>MsiExec.exe /I{736D8DEB-66C6-3655-9D59-DF6493A81F77}
Microsoft .NET Framework 2.0 Service Pack 2—>MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack — RUS—>MsiExec.exe /I{6CF6A814-CE65-39FC-BBBC-6CB340A4028B}
Microsoft .NET Framework 3.0 Service Pack 2—>MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 — rus—>MsiExec.exe /I{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}
Microsoft .NET Framework 3.5 SP1—>C:WINDOWSMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5 SP1setup.exe
Microsoft .NET Framework 3.5 SP1—>MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Games for Windows — LIVE Redistributable—>MsiExec.exe /X{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}
Microsoft Internationalized Domain Names Mitigation APIs—>»C:WINDOWS$NtServicePackUninstallIDNMitigationAPIs$spuninstspuninst.exe»
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5—>»C:WINDOWS$NtUninstallWdf01005$spuninstspuninst.exe»
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7—>»C:WINDOWS$NtUninstallWdf01007$spuninstspuninst.exe»
Microsoft National Language Support Downlevel APIs—>»C:WINDOWS$NtServicePackUninstallNLSDownlevelMapping$spuninstspuninst.exe»
Microsoft Office 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Russian) 2007—>MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel 2007 Help Обновление (KB963678)—>msiexec /package {90120000-0016-0419-0000-0000000FF1CE} /uninstall {420938DB-BF97-4664-BE29-0C68B4802C00}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007—>MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007—>MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3—>MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (Russian) 2007—>MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office Powerpoint 2007 Help Обновление (KB963669)—>msiexec /package {90120000-0018-0419-0000-0000000FF1CE} /uninstall {BD1C2AC7-63F3-4C75-8B44-DE3D700B3BC8}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)—>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Publisher MUI (Russian) 2007—>MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word 2007 Help Обновление (KB963665)—>msiexec /package {90120000-001B-0419-0000-0000000FF1CE} /uninstall {D3A002FB-0F62-4840-80AD-2D2C63F83449}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft Search Enhancement Pack—>MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight—>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]—>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)—>MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)—>MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (2.0.0.7)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSVC80_x86—>MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVCRT—>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)—>MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK—>MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser—>MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
MSXML 6.0 SDK—>MsiExec.exe /I{DF67E8C2-1D4C-44E1-93DC-7E26E2D74D00}
Need For Speed High Stakes—>C:WINDOWSIsUninst.exe -f»d:новые игрушки — 2Need For Speed High StakesUninst.isu»
Need for Speed Hot Pursuit 2—>C:WINDOWSIsUninst.exe -f»d:новые игрушки — 2Need for Speed Hot Pursuit 2Uninst.isu»
Need for Speed™ ProStreet—>MsiExec.exe /X{CC419DDC-E0F0-4013-B25A-6FA036516F0D}
Nero 8—>MsiExec.exe /X{E2C00C8C-3D0C-40DF-BC67-44321C9E1049}
Nero Reloaded PlugIn Pack 2.0.4 by GEAR—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F3D7915D-6B42-49FA-9FC8-5020479A6A57}setup.exe» -l0x9 -removeonly
neroxml—>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NOD32 FiX v2.1—>»C:Program FilesEsetunins000.exe»
Nokia Connectivity Cable Driver—>C:PROGRA~1COMMON~1INSTAL~1Driver9INTEL3~1IDriver.exe /M{4AD35E01-9BA9-4F0C-B6B7-09C6C8F20D15}
Nokia Connectivity Cable Driver—>MsiExec.exe /I{82427977-8776-4087-90CA-9F65174D3C4D}
Nokia PC Suite—>C:Documents and SettingsAll UsersApplication DataInstallations{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}Nokia_PC_Suite_7_1_26_0_rus.exe
Nokia PC Suite—>C:PROGRA~1COMMON~1INSTAL~1Driver9INTEL3~1IDriver.exe /M{1267949C-73FC-4692-AA22-176F5E909647}
Nokia PC Suite—>MsiExec.exe /I{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}
Nokia Software Updater—>MsiExec.exe /X{59367F7E-D7C1-4629-8AEC-71AA24A68F31}
Norton WinDoctor 2005—>C:Program FilesNorton WinDoctoruninst.exe
Np2008w—>»F:упрощёнкаNp2008wuninstall.exe»
NVIDIA Drivers—>C:WINDOWSsystem32nvuninst.exe UninstallGUI
NVIDIA PhysX—>MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
OpenAL—>»C:Program FilesOpenALoalinst.exe» /U
PC Connectivity Solution—>MsiExec.exe /I{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}
PC Inspector File Recovery—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{0DD140D3-9563-481E-AA75-BA457CBDAEF2}Setup.exe» -l0x9
Picture Package—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime701Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}setup.exe» -l0x19 UNINSTALL
PL-2303 USB-to-Serial—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}Setup.exe» -l0x9 Installed
Print Artist 2003—>C:WINDOWSIsUninst.exe -f»c:program filesPrint Artist 2003HiUninst.isu» -c»c:program filesPrint Artist 2003Uninstpa.DLL»
PunkBuster Services—>C:WINDOWSsystem32pbsvc.exe -u
Punto Switcher 3.0—>C:Program FilesPunto Switcheruninstall.exe
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}setup.exe» -l0x19 -removeonly
RU—>MsiExec.exe /I{01AE68B4-C785-4865-BC7E-78456372BB75}
SAMSUNG CDMA Modem Driver Set—>C:WINDOWSsystem32Samsung_USB_Drivers3SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software—>C:WINDOWSsystem32Samsung_USB_Drivers6SSBCUninstall.exe
Samsung Mobile phone USB driver Software—>C:WINDOWSsystem32Samsung_USB_Drivers5SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software—>C:WINDOWSsystem32Samsung_USB_Drivers1SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software—>C:WINDOWSsystem32Samsung_USB_Drivers2SSM_Uninstall.exe
Samsung PC Studio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{C4A4722E-79F9-417C-BD72-8D359A090C97}setup.exe» -l0x19 -removeonly
Samsung Samples Installer—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7AC15160-A49B-4A89-B181-D4619C025FFF}setup.exe» -l0x19 -removeonly
Security Update for CAPICOM (KB931906)—>MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)—>MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI—>MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SierraAddressBook 3.0—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{7CE979C6-E5FF-41C5-B6CC-4EE18071563B}setup.exe»
Sony Noise Reduction Plug-In 2.0e—>MsiExec.exe /X{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}
Sony Sound Forge 9.0—>MsiExec.exe /X{6842DCCB-2840-4E46-8AF3-BEA9CFF3455B}
Sony USB Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}Setup.exe» UNINSTALL
SPARK-DC 1.33—>»C:SPARK-DCunins000.exe»
SpeechRedist—>MsiExec.exe /X{8795CBED-55E2-4693-9F14-84EC446935BE}
Symantec AntiVirus—>MsiExec.exe /I{46B63F23-2B4A-4525-A827-688026BE5E40}
TranslateIt! 1.3 final—>»C:Program FilesTranslateIt! 1.3 finalunins000.exe»
TV Player Classic 5.4—>»C:Program FilesTVPlayerClassicunins000.exe»
Update for 2007 Microsoft Office System (KB967642)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office Outlook 2007 Help (KB957246)—>msiexec /package {90120000-001A-0419-0000-0000000FF1CE} /uninstall {A7C6A9C6-5FB9-4B5A-8E72-63BAD4E91D11}
Update for Outlook 2007 Junk Email Filter (kb968503)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}
Update Manager—>MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
USB-IrDA Adapter—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{10F5D9BB-E2F2-4B18-A65D-928B73D22E6F}Setup.exe» -l0x9
VBA—>MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}
VCRedistSetup—>MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VDOTool 4.7—>»C:Program FilesVDOToolunins000.exe»
Video Converter 3—>C:Program FilesXilisoftVideo Converter 3Uninstall.exe
Wanted: Weapons of Fate—>»C:Program FilesInstallShield Installation Information{9312191B-30A5-44E1-8D8D-6936FE06CDE8}setup.exe» -runfromtemp -l0x0009 -removeonly
Winamp (remove only)—>»C:Program FilesWinampUninstWA.exe»
Windows Internet Explorer 8—>»C:WINDOWSie8spuninstspuninst.exe»
Windows Live Communications Platform—>MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger—>MsiExec.exe /X{4740F152-2F61-4DEF-80C4-BFDEC8D928C3}
Windows Live Sync—>MsiExec.exe /X{E911BE56-F8DB-48BB-B9AA-217F5096122F}
Windows Live Toolbar—>MsiExec.exe /X{BECFBF9A-9BCD-4AA6-B131-7326166648E5}
Windows Live Writer—>MsiExec.exe /X{AF8CFA6B-3365-412D-A272-807D23B7BB59}
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»C:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
Windows Search 4.0—>»C:WINDOWS$NtUninstallKB940157$spuninstspuninst.exe»
XML Paper Specification Shared Components Language Pack 1.0—>»C:WINDOWS$NtUninstallXPSEPSCLP$spuninstspuninst.exe»
XviD MPEG4 Video Codec (remove only)—>»C:WINDOWSsystem32xvid-uninstall.exe»
XviD4PSP 5.0—>C:Program FilesWinnydowsXviD4PSP5Uninstall.exe
Антивирусная система NOD32—>C:Program FilesEsetSetupsetup.exe /UNINSTALL
Армада танков—>C:Program FilesAlawar.ruАрмада танковUninstall.exe
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Букашечная схватка—>D:Новые Игрушки — 2Alawar.ruAlawar.ruБукашечная схваткаuninstal.exe
Бухсофт МиниУпрощенка 2009—>»F:упрощёнкаУпрощенкаБухсофт МиниУпрощенка 2009uninstall.exe»
Великая морская баталия—>D:Новые Игрушки — 2Alawar.ruAlawar.ruВеликая морская баталияuninstal.exe
Властелин Колец™ — Противостояние™—>MsiExec.exe /X{628C3D50-F524-4C49-A958-672CE7953756}
Гиперболоид II. Лабиринт времени—>D:Новые Игрушки — 2Alawar.ruAlawar.ruГиперболоид II. Лабиринт времениuninstal.exe
Защитники Азгарда—>D:Новые Игрушки — 2Alawar.ruЗащитники АзгардаUninstall.exe
Интернет помощник MyCentria—>C:Program FilesMyCentriaMyCentriaUninstall.exe
Налогоплательщик ЮЛ—>MsiExec.exe /I{54AA72B4-41BE-459D-AC1D-FB4B9725D2EF}
Обновление безопасности для Windows Internet Explorer 7 (KB938127-v2)—>»C:WINDOWSie7updatesKB938127-v2-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB958215)—>»C:WINDOWSie7updatesKB958215-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB960714)—>»C:WINDOWSie7updatesKB960714-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB961260)—>»C:WINDOWSie7updatesKB961260-IE7spuninstspuninst.exe»
Обновление безопасности для Windows Internet Explorer 7 (KB963027)—>»C:WINDOWSie7updatesKB963027-IE7spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB923561)—>»C:WINDOWS$NtUninstallKB923561$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB950582)—>»C:WINDOWS$NtUninstallKB950582$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB952004)—>»C:WINDOWS$NtUninstallKB952004$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB956572)—>»C:WINDOWS$NtUninstallKB956572$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB958690)—>»C:WINDOWS$NtUninstallKB958690$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB959426)—>»C:WINDOWS$NtUninstallKB959426$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960225)—>»C:WINDOWS$NtUninstallKB960225$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB960803)—>»C:WINDOWS$NtUninstallKB960803$spuninstspuninst.exe»
Обновление безопасности для Windows XP (KB961373)—>»C:WINDOWS$NtUninstallKB961373$spuninstspuninst.exe»
Обновление для Windows Internet Explorer 8 (KB968220)—>»C:WINDOWSie8updatesKB968220-IE8spuninstspuninst.exe»
Основные компоненты Windows Live—>C:Program FilesWindows LiveInstallerwlarp.exe
Основные компоненты Windows Live—>MsiExec.exe /I{9091E58F-3A35-45BA-BE8A-BEAB0E236BBB}
Пакет драйверов Windows — Nokia Modem (02/23/2009 7.01.0.2)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_171C10620CF14FA76859E310DF8C6CF642D81C73nokbtmdm.inf
Пакет драйверов Windows — Nokia Modem (02/24/2009 4.0)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokia_blue_5929FEDBB724B17D4BCDD74361BD95262BE1608Bnokia_bluetooth.inf
Пакет драйверов Windows — Nokia Modem (05/22/2008 3.8)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181Enokia_bluetooth.inf
Пакет драйверов Windows — Nokia Modem (05/22/2008 7.00.0.1)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9nokbtmdm.inf
Пакет драйверов Windows — Nokia Modem (08/03/2007 6.84.0.2)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokbtmdm_1EB5F2E6F54A6BEDE9F436D1BA5D830FC71739BEnokbtmdm.inf
Пакет драйверов Windows — Nokia Modem (10/12/2007 3.6)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREnokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7nokia_bluetooth.inf
Пакет драйверов Windows — Nokia pccsmcfd (08/22/2008 7.0.0.0)—>C:PROGRA~1DIFX270581355A767BF1dpinst.exe /u C:WINDOWSsystem32DRVSTOREpccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294pccsmcfd.inf
Первая мировая. Рыцари неба—>C:Program FilesAlawar.ruПервая мировая. Рыцари небаUninstall.exe
Печать НД с PDF417 3.0.8—>MsiExec.exe /I{14FA2F5A-B75A-4F5B-AB22-B3274FA976FA}
Помощник по входу в Windows Live—>MsiExec.exe /I{518A8485-E038-4A8C-A76B-1C868D95F13E}
Почта Windows Live—>MsiExec.exe /I{9F70456A-2D46-4C6D-803C-1513BABD2E5B}
Проигрыватель Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
Семейная безопасность Windows Live—>MsiExec.exe /X{5EFBE2A8-6586-4F02-85C0-6FA876D660E7}
Смешарики — Параллельные миры—>»D:Новые Игрушки — 2ВАЛЕНТИНСмешарики Параллельные мирыunins000.exe»
Соло на Клавиатуре 8.1—>»C:Program FilesSolo8Uninstall.exe» «C:Program FilesSolo8install.log»
Средство передачи Windows Live—>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Туртикс. Спасательная экспедиция—>D:Новые Игрушки — 2Alawar.ruТуртикс. Спасательная экспедицияUninstall.exe
Фотоальбом Windows Live—>MsiExec.exe /X{D7349BBF-A382-4130-823D-EEF5B3003BD3}
Языковой пакет Microsoft .NET Framework 3.5 SP1 — RUS—>C:WINDOWSMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5 Language Pack SP1 — russetup.exe

======Hosts File======

127.0.0.1 serial.alcohol-soft.com
127.0.0.1 http://www.alcohol-soft.com
127.0.0.1 images.alcohol-soft.com
127.0.0.1 trial.alcohol-soft.com
127.0.0.1 alcohol-soft.com

======Security center information======

AV: Антивирусная система Eset NOD32 2.70 (outdated)
AV: Symantec AntiVirus Corporate Edition (disabled) (outdated)

======System event log======

Computer Name: PC
Event Code: 7036
Message: Служба «Совместимость быстрого переключения пользователей» перешла в состояние Работает.

Record Number: 65536
Source Name: Service Control Manager
Time Written: 20091101134928.000000+180
Event Type: информация
User:

Computer Name: PC
Event Code: 7035
Message: Служба «Диспетчер подключений удаленного доступа» успешно отправила управляющий элемент «запустить».

Record Number: 65535
Source Name: Service Control Manager
Time Written: 20091101134928.000000+180
Event Type: информация
User: PCАдминистратор

Computer Name: PC
Event Code: 7035
Message: Служба «Совместимость быстрого переключения пользователей» успешно отправила управляющий элемент «запустить».

Record Number: 65534
Source Name: Service Control Manager
Time Written: 20091101134928.000000+180
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: PC
Event Code: 6005
Message: Запущена служба журнала событий.

Record Number: 65533
Source Name: EventLog
Time Written: 20091101134806.000000+180
Event Type: информация
User:

Computer Name: PC
Event Code: 6009
Message: Microsoft (R) Windows 2000 (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 65532
Source Name: EventLog
Time Written: 20091101134806.000000+180
Event Type: информация
User:

=====Application event log=====

Computer Name: PC
Event Code: 0
Message:
Record Number: 14595
Source Name: Nero BackItUp Scheduler 3
Time Written: 20091101134826.000000+180
Event Type: информация
User:

Computer Name: PC
Event Code: 35
Message: Служба ‘Symantec Event Manager’ запущена.

Record Number: 14594
Source Name: ccEvtMgr
Time Written: 20091101134816.000000+180
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: PC
Event Code: 34
Message: Служба ‘Symantec Event Manager’ запускается.

Record Number: 14593
Source Name: ccEvtMgr
Time Written: 20091101134815.000000+180
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: PC
Event Code: 35
Message: Служба ‘Symantec Settings Manager’ запущена.

Record Number: 14592
Source Name: ccSetMgr
Time Written: 20091101134815.000000+180
Event Type: информация
User: NT AUTHORITYSYSTEM

Computer Name: PC
Event Code: 34
Message: Служба ‘Symantec Settings Manager’ запускается.

Record Number: 14591
Source Name: ccSetMgr
Time Written: 20091101134814.000000+180
Event Type: информация
User: NT AUTHORITYSYSTEM

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=C:Program FilesPC Connectivity Solution;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesCommon FilesAutodesk Shared;C:Program FilesSamsungSamsung PC Studio 3
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 2, GenuineIntel
«PROCESSOR_REVISION»=0f02
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP

EOF
Автор

Сообщения

Просмотр 4 сообщений - с 1 по 4 (из 4 всего)

Valent

Созданные ответы форума

Добро пожаловать

Поиск

Важные инструкции

Как восстановить зашифрованные файлы (Инструкция)

Какой лучший антивирус ? Как выбрать антивирус ?

Как удалить рекламный вирус в браузере (Chrome, Opera, Firefox, Internet Explorer, Edge)

Как запустить компьютер в безопасном режиме (Safe Mode)

Установлено в соответствии с корпоративным правилом (Удалить из Хрома)

СПАЙВАРЕ РУ

Нужна помощь?

Ссылки