Созданные ответы форума
-
Сообщения
-
ComboFix 09-05-26.05 — Admin 28.05.2009 20:43.3 — NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.2046.1596 [GMT 4:00]
Running from: c:documents and settingsAdminРабочий столCombofixComboFix.exe
Command switches used :: c:documents and settingsAdminРабочий столCombofixWindowsXP-KB310994-SP2-Pro-BootDisk-RUS.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-28 )))))))))))))))))))))))))))))))
.2009-05-27 16:53 . 2009-05-27 16:54
d
w c:documents and settingsAdminApplication DataAuslogics
2009-05-27 16:52 . 2009-05-27 16:52
d
w c:program filesAuslogics
2009-05-24 06:16 . 2009-05-24 06:16
d
w c:program filesMSXML 4.0
2009-05-24 06:16 . 2009-05-24 06:19
d—h—w c:windows$hf_mig$
2009-05-24 03:20 . 2008-12-20 22:15 1289728 -c—-w c:windowssystem32dllcachequartz.dll
2009-05-24 03:20 . 2009-02-20 17:19 102912 -c—-w c:windowssystem32dllcacheoccache.dll
2009-05-24 03:20 . 2009-02-20 17:19 52224 -c—-w c:windowssystem32dllcachemsfeedsbs.dll
2009-05-24 03:20 . 2009-02-20 17:19 44544 -c—-w c:windowssystem32dllcacheiernonce.dll
2009-05-24 03:20 . 2009-02-20 17:19 268288 -c—-w c:windowssystem32dllcacheiertutil.dll
2009-05-24 03:20 . 2009-02-20 17:19 63488 -c—-w c:windowssystem32dllcacheicardie.dll
2009-05-24 03:20 . 2009-02-20 17:19 230400 -c—-w c:windowssystem32dllcacheieaksie.dll
2009-05-24 03:20 . 2009-02-20 10:24 13824 -c—-w c:windowssystem32dllcacheieudinit.exe
2009-05-24 03:20 . 2009-02-28 04:54 636088 -c—-w c:windowssystem32dllcacheiexplore.exe
2009-05-24 03:20 . 2009-02-20 17:19 459264 -c—-w c:windowssystem32dllcachemsfeeds.dll
2009-05-24 03:19 . 2009-02-20 17:19 1163264 -c—-w c:windowssystem32dllcacheurlmon.dll
2009-05-24 03:19 . 2009-02-20 17:19 105984 -c—-w c:windowssystem32dllcacheurl.dll
2009-05-24 03:19 . 2009-02-20 17:19 380928 -c—-w c:windowssystem32dllcacheieapfltr.dll
2009-05-24 03:19 . 2008-07-09 14:25 2455488 -c—-w c:windowssystem32dllcacheieapfltr.dat
2009-05-24 03:19 . 2009-03-03 00:16 828416 -c—-w c:windowssystem32dllcachewininet.dll
2009-05-24 03:19 . 2009-02-20 17:19 6068736 -c—-w c:windowssystem32dllcacheieframe.dll
2009-05-24 03:17 . 2009-02-09 11:18 2067968 -c—-w c:windowssystem32dllcachentkrnlpa.exe
2009-05-24 03:17 . 2009-02-09 11:18 2147328 -c—-w c:windowssystem32dllcachentkrnlmp.exe
2009-05-24 03:17 . 2009-02-09 11:18 2025984 -c—-w c:windowssystem32dllcachentkrpamp.exe
2009-05-24 03:16 . 2008-10-24 11:21 455296 -c—-w c:windowssystem32dllcachemrxsmb.sys
2009-05-24 03:13 . 2008-09-04 17:17 1106944 -c—-w c:windowssystem32dllcachemsxml3.dll
2009-05-24 03:12 . 2008-04-21 21:15 218624 -c—-w c:windowssystem32dllcachewordpad.exe
2009-05-24 03:10 . 2008-10-16 10:06 268648 —-a-w c:windowssystem32mucltui.dll
2009-05-23 12:54 . 2009-05-23 12:54
d
w c:documents and settingsLocalServiceLocal SettingsApplication DataESET
2009-05-23 08:32 . 2009-05-23 13:01
d
w c:program filestrend micro
2009-05-23 08:32 . 2009-05-23 08:33
d
w C:rsit
2009-05-23 07:08 . 2009-05-23 07:24
d
w c:program filesORT Clock
2009-05-23 07:08 . 2009-05-23 07:08 1223151 —-a-w c:windowssystem32ORT Clock.scr
2009-05-23 07:06 . 2009-05-23 07:06 12328 —-a-w c:documents and settingsAdminLocal SettingsApplication DataGDIPFONTCACHEV1.DAT
2009-05-22 23:23 . 2009-05-22 23:23
d
w c:program filesCommon FilesDirectX
2009-05-22 22:34 . 2009-05-28 09:47
d
w c:program filesArenaOnline3D
2009-05-22 22:32 . 2009-05-22 22:32
d
w c:program filesCommon FilesArsenal Shared
2009-05-22 22:32 . 2009-05-22 22:32
d
w c:program filesArsenal Company
2009-05-22 22:32 . 2009-05-22 22:32
d
w c:program filesCommon FilesInstallShield
2009-05-22 19:55 . 2009-05-24 07:00
d
w c:program filesUnlocker
2009-05-22 19:55 . 2009-05-22 19:56
d
w c:documents and settingsAdminApplication DataDesktopicon
2009-05-22 19:27 . 2009-05-22 19:27
d
w c:documents and settingsAdminLocal SettingsApplication DataESET
2009-05-22 19:25 . 2009-05-22 19:25
d
w c:program filesESET
2009-05-22 19:25 . 2009-05-22 19:25
d
w c:documents and settingsAll UsersApplication DataESET
2009-05-22 19:21 . 2009-05-22 20:58
d
w c:documents and settingsAdminApplication DatauTorrent
2009-05-22 19:12 . 2009-05-22 22:32
d—h—w c:program filesInstallShield Installation Information.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-27 15:22 . 2008-04-15 12:00 77078 —-a-w c:windowssystem32perfc019.dat
2009-05-27 15:22 . 2008-04-15 12:00 448934 —-a-w c:windowssystem32perfh019.dat
2009-05-23 20:44 . 2009-05-22 13:47 86327 —-a-w c:windowspchealthhelpctrOfflineCacheindex.dat
2009-05-22 20:02 . 2009-05-22 14:37
d
w c:documents and settingsAdminApplication DataDownload Master
2009-05-22 14:41 . 2009-05-22 14:37
d
w c:program filesDownload Master
2009-05-22 14:07 . 2009-05-22 14:07 0 —ha-w c:windowssystem32driversMsft_Kernel_winbondhidcir_01005.Wdf
2009-05-22 14:07 . 2009-05-22 14:07 0 —ha-w c:windowssystem32driversMsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-05-22 14:07 . 2009-05-22 14:07
d
w c:program filesCONEXANT
2009-05-22 13:57 . 2009-05-22 13:57
d
w c:program filesuTorrent
2009-05-22 13:57 . 2009-05-22 13:57
d
w c:program filesUltraISO
2009-05-22 13:57 . 2009-05-22 13:57
d
w c:program filesCommon FilesEZB Systems
2009-05-22 13:57 . 2009-05-22 13:57
d
w c:program filesEverest
2009-05-22 13:51 . 2009-05-22 13:51
d
w c:program filesVistaDriveIcon
2009-05-22 13:51 . 2009-05-22 13:51 717296 —-a-w c:windowssystem32driverssptd.sys
2009-05-22 13:51 . 2009-05-22 13:51
d
w c:program filesPaint.NET
2009-05-22 13:50 . 2009-05-22 13:50
d
w c:program filesJava
2009-05-22 13:50 . 2009-05-22 13:50
d
w c:program filesCommon FilesJava
2009-05-22 13:44 . 2009-05-22 13:44 22564 —-a-w c:windowssystem32emptyregdb.dat
2009-05-22 13:44 . 2009-05-22 13:44
d
w c:program filesWindows Media Connect 2
2009-03-19 07:45 . 2009-03-19 07:45 93848 —-a-w c:windowssystem32driversepfwtdir.sys
2009-03-19 07:44 . 2009-03-19 07:44 107256 —-a-w c:windowssystem32driversehdrv.sys
2009-03-19 07:41 . 2009-03-19 07:41 113960 —-a-w c:windowssystem32driverseamon.sys
2009-03-06 13:51 . 2008-04-15 12:00 284672 —-a-w c:windowssystem32pdh.dll
2009-03-03 00:16 . 2008-08-19 16:23 828416 —-a-w c:windowssystem32wininet.dll
.
Sigcheck
[-] 2008-08-19 16:23 579072 23B7D3F3F5EC8FEEA75EC381C71CBD5E c:windowssystem32user32.dll[-] 2008-08-19 16:20 361600 6A104BA98D99D53AB0C91825CE659FC6 c:windowssystem32driverstcpip.sys
[-] 2008-08-19 16:22 1721344 62EA07EDF5E3F3FF34EFF9BF7619BC64 c:windowsexplorer.exe
[-] 2008-08-19 16:21 30208 B8B35F99DADAA5459FBA639F20045FE2 c:windowssystem32ctfmon.exe
[-] 2008-08-21 17:34 1571840 66452823532746FA58EFEDBA320F46A2 c:windowssystem32sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32ctfmon.exe» [2008-08-19 30208]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
«NvCplDaemon»=»c:windowssystem32NvCpl.dll» [2007-06-06 8433664]
«NvMediaCenter»=»c:windowssystem32NvMcTray.dll» [2007-06-06 81920]
«egui»=»c:program filesESETESET NOD32 Antivirusegui.exe» [2009-03-19 2029640]
«RTHDCPL»=»RTHDCPL.EXE» — c:windowsRTHDCPL.EXE [2008-04-10 16861184][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=»c:windowssystem32CTFMON.EXE» [2008-08-19 30208]
«VistaIcon»=»c:program filesVistaDriveIconVistaDrv.exe» [2008-01-02 132096][HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunOnce]
«IE7_011″=»shell32» [X]
«ZZZZ2_FirstLogonSetting»=»advpack.dll» — c:windowssystem32advpack.dll [2009-02-20 124928]
«IE7_012″=»advpack.dll» — c:windowssystem32advpack.dll [2009-02-20 124928][HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoSMConfigurePrograms»= 1 (0x1)[HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer]
«NoSMConfigurePrograms»= 1 (0x1)[HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center]
«FirewallOverride»=dword:00000001
«UpdatesDisableNotify»=dword:00000001
«UpdatesOverride»=dword:00000001
«AntiVirusDisableNotify»=dword:00000001
«AntiVirusOverride»=dword:00000001[HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList]
«%windir%\Network Diagnostic\xpnetdiag.exe»=
«%windir%\system32\sessmgr.exe»=R0 iastor78;iastor78;c:windowssystem32driversiastor78.sys [21.08.2008 21:33 308248]
R1 ehdrv;ehdrv;c:windowssystem32driversehdrv.sys [19.03.2009 11:44 107256]
R1 epfwtdir;epfwtdir;c:windowssystem32driversepfwtdir.sys [19.03.2009 11:45 93848]
R2 ekrn;ESET Service;c:program filesESETESET NOD32 Antivirusekrn.exe [19.03.2009 11:44 731840]
R3 hidshim;Service for HID-KMDF Shim layer;c:windowssystem32drivershidshim.sys [22.05.2009 18:07 5632]
R3 winbondhidcir;Winbond HID CIR Receiver;c:windowssystem32driverswinbondhidcir.sys [22.05.2009 18:07 21504]— Other Services/Drivers In Memory —
*NewlyCreated* — SRSERVICE
.
.
Supplementary Scan
.
uStart Page = hxxp://www.mail.ru/
uInternet Connection Wizard,ShellNext = hxxp://www.yandex.ru/
IE: Закачать ВСЕ при помощи Download Master — c:program filesDownload Masterdmieall.htm
IE: Закачать при помощи Download Master — c:program filesDownload Masterdmie.htm
IE: Передать на удаленную закачку DM — c:program filesDownload Masterremdown.htm
IE: {{8DAE90AD-4583-4977-9DD4-4360F7A45C74} — c:program filesDownload Masterdmaster.exe
.**************************************************************************
catchme 0.3.1398 W2K/XP/Vista — rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-28 20:44
Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0**************************************************************************
.
DLLs Loaded Under Running Processes
— — — — — — — > ‘winlogon.exe'(1016)
c:windowssystem32SETUPAPI.dll
c:windowssystem32cscui.dll— — — — — — — > ‘lsass.exe'(1076)
c:windowssystem32setupapi.dll— — — — — — — > ‘explorer.exe'(3388)
c:windowssystem32SHDOCVW.dll
c:windowssystem32COMRes.dll
c:windowsSystem32cscui.dll
c:windowssystem32SETUPAPI.dll
c:windowssystem32NETSHELL.dll
c:windowssystem32wpdshserviceobj.dll
c:windowssystem32portabledevicetypes.dll
c:windowssystem32portabledeviceapi.dll
.
Completion time: 2009-05-28 20:44
ComboFix-quarantined-files.txt 2009-05-28 16:44
ComboFix2.txt 2009-05-28 16:41
ComboFix3.txt 2009-05-28 16:34Pre-Run: 51 220 819 968 байт свободно
Post-Run: 51 212 075 008 байт свободно173 — E O F — 2009-05-27 13:24
GMER 1.0.15.14972 — http://www.gmer.net
Rootkit scan 2009-05-26 14:43:22
Windows 5.1.2600 Service Pack 3—- System — GMER 1.0.15 —-
SSDT 8721B630 ZwAssignProcessToJobObject
SSDT spyr.sys ZwCreateKey [0xF74D70E0]
SSDT spyr.sys ZwEnumerateKey [0xF74F5CA2]
SSDT spyr.sys ZwEnumerateValueKey [0xF74F6030]
SSDT spyr.sys ZwOpenKey [0xF74D70C0]
SSDT 8721AA60 ZwOpenProcess
SSDT 8721AE80 ZwOpenThread
SSDT spyr.sys ZwQueryKey [0xF74F6108]
SSDT spyr.sys ZwQueryValueKey [0xF74F5F88]
SSDT spyr.sys ZwSetValueKey [0xF74F619A]
SSDT 8721B460 ZwSuspendProcess
SSDT 8721B280 ZwSuspendThread
SSDT 8721AC90 ZwTerminateProcess
SSDT 8721B0B0 ZwTerminateThreadINT 0x62 ? 89C0EBF8
INT 0x63 ? 89B9EBF8
INT 0x63 ? 89B4EF00
INT 0x63 ? 89B9EBF8
INT 0x82 ? 89C0EBF8
INT 0x83 ? 89B4EF00
INT 0x84 ? 89B4EF00
INT 0xA4 ? 89B4EF00
INT 0xB4 ? 89B4EF00—- Kernel code sections — GMER 1.0.15 —-
? spyr.sys Не удается найти указанный файл. !
.text USBPORT.SYS!DllUnload BA62D8AC 5 Bytes JMP 89B4E4E0
? C:WINDOWSsystem32DriversRKREVEAL150.SYS Не удается найти указанный файл. !—- User code sections — GMER 1.0.15 —-
.text C:Program FilesESETESET NOD32 Antivirusekrn.exe[1924] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00]
—- Kernel IAT/EAT — GMER 1.0.15 —-
IAT WINDOWSSystem32DriversSCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 89C112D8
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F74D8040] spyr.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F74D813C] spyr.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74D80BE] spyr.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74D87FC] spyr.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74D86D2] spyr.sys
IAT SystemRootsystem32DRIVERSUSBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 89B4E5E0—- Devices — GMER 1.0.15 —-
Device FileSystemNtfs Ntfs 89C0C1F8
AttachedDevice FileSystemNtfs Ntfs eamon.sys (Amon monitor/ESET)
Device DriverNetBT DeviceNetBT_Tcpip_{1E6AD3BB-47C5-486C-AE3D-90694474C875} 871E61F8
Device Driverusbuhci DeviceUSBPDO-0 89B4D500
Device Driverdmio DeviceDmControlDmIoDaemon 89B9F1F8
Device Driverdmio DeviceDmControlDmConfig 89B9F1F8
Device Driverdmio DeviceDmControlDmPnP 89B9F1F8
Device Driverdmio DeviceDmControlDmInfo 89B9F1F8
Device Driverusbuhci DeviceUSBPDO-1 89B4D500
Device Driverusbehci DeviceUSBPDO-2 89120500
Device Driverusbuhci DeviceUSBPDO-3 89B4D500
Device Driverusbuhci DeviceUSBPDO-4 89B4D500AttachedDevice DriverTcpip DeviceTcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET)
Device Driverusbuhci DeviceUSBPDO-5 89B4D500
Device Driverusbehci DeviceUSBPDO-6 89120500
Device DriverFtdisk DeviceHarddiskVolume1 89C0F1F8
Device DriverFtdisk DeviceHarddiskVolume2 89C0F1F8
Device DriverCdrom DeviceCdRom0 8902E1F8
Device DriverNetBT DeviceNetBt_Wins_Export 871E61F8
Device DriverNetBT DeviceNetbiosSmb 871E61F8
Device Driverusbuhci DeviceUSBFDO-0 89B4D500
Device Driverusbuhci DeviceUSBFDO-1 89B4D500
Device Driverusbehci DeviceUSBFDO-2 89120500
Device FileSystemMRxSmb DeviceLanmanDatagramReceiver 871CC1F8
Device FileSystemMRxSmb DeviceLanmanRedirector 871CC1F8
Device Driverusbuhci DeviceUSBFDO-3 89B4D500
Device Driverusbuhci DeviceUSBFDO-4 89B4D500
Device DriverFtdisk DeviceFtControl 89C0F1F8
Device Driverusbuhci DeviceUSBFDO-5 89B4D500
Device Driverusbehci DeviceUSBFDO-6 89120500
Device FileSystemCdfs Cdfs 871A41F8—- Threads — GMER 1.0.15 —-
Thread System [4:544] 87219790
—- Registry — GMER 1.0.15 —-
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@!0454B0450424>494 0000440404?4B0454@4 0010039004 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 ?4;0404=484@4>0424I484:0404 ?0404:0454B4>0424 1?2?3?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (L002TP) 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (PPTP) 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (PPPoE) 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@374@4O4494 ?0404@0404;4;0454;4L4=4K494 ?4>4@4B4 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (IP) 1?
Reg HKLMSYSTEMCurrentControlSetServicessptdCfg@s1 771343423
Reg HKLMSYSTEMCurrentControlSetServicessptdCfg@s2 285507792
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@!0454B0450424>494 0000440404?4B0454@4 0010039004 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 ?4;0404=484@4>0424I484:0404 ?0404:0454B4>0424 1?2?3?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (L002TP) 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (PPTP) 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (PPPoE) 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@374@4O4494 ?0404@0404;4;0454;4L4=4K494 ?4>4@4B4 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 WAN (IP) 1?—- EOF — GMER 1.0.15 —-
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Admin at 2009-05-23 12:56:50
Microsoft Windows XP Professional Service Pack 3
System drive C: has 49 GB (89%) free of 55 GB
Total RAM: 2046 MB (81% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:56:52, on 23.05.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20861)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSRTHDCPL.EXE
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesESETESET NOD32 Antivirusegui.exe
C:Program FilesUnlockerUnlockerAssistant.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesVistaDriveIconVistaDrv.exe
C:Program FilesESETESET NOD32 Antivirusekrn.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesInternet Exploreriexplore.exe
C:DownloadsПрограммыRSIT.exe
C:Program Filestrend microAdmin.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 — HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.yandex.ru/
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_07binssv.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [egui] «C:Program FilesESETESET NOD32 Antivirusegui.exe» /hide /waitservice
O4 — HKLM..Run: [UnlockerAssistant] «C:Program FilesUnlockerUnlockerAssistant.exe»
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,OnceFirstLogonInstall,0 (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..RunOnce: [IE7_012] rundll32 advpack.dll,LaunchINFSectionEx IE7int.inf,AfterUserStart,,4,N (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-20..RunOnce: [ZZZZ1_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,OnceFirstLogonInstall,0 (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘Default user’)
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Передать на удаленную закачку DM — C:Program FilesDownload Masterremdown.htm
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_07binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_07binssv.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O23 — Service: ESET HTTP Server (EhttpSrv) — ESET — C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 — Service: ESET Service (ekrn) — ESET — C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 6567 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_07binssv.dll [2008-06-10 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2009-04-16 158208][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2008-04-10 16861184]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2007-06-06 8433664]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2007-06-06 81920]
«egui»=C:Program FilesESETESET NOD32 Antivirusegui.exe [2009-03-19 2029640]
«UnlockerAssistant»=C:Program FilesUnlockerUnlockerAssistant.exe [2008-05-02 15872][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-08-19 30208]
«VistaIcon»=C:Program FilesVistaDriveIconVistaDrv.exe [2008-01-02 132096][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32wpdshserviceobj.dll [2008-03-02 133632][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«NoSharedDocuments»=1
«NoSMConfigurePrograms»=1[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======File associations======
.scr — open — «%1» /S «%3»
======List of files/folders created in the last 1 months======
2009-05-23 12:32:50 —-D—- C:rsit
2009-05-23 12:32:50 —-D—- C:Program Filestrend micro
2009-05-23 11:08:39 —-D—- C:Program FilesORT Clock
2009-05-23 03:23:57 —-D—- C:Program FilesCommon FilesDirectX
2009-05-23 02:34:39 —-D—- C:Program FilesArenaOnline3D
2009-05-23 02:32:34 —-D—- C:Program FilesCommon FilesArsenal Shared
2009-05-23 02:32:34 —-D—- C:Program FilesArsenal Company
2009-05-23 02:32:33 —-D—- C:Program FilesCommon FilesInstallShield
2009-05-23 02:32:24 —-A—- C:WINDOWSWPI_Log_2009.05.23_02.32.24.txt
2009-05-23 00:52:15 —-A—- C:WINDOWSUPGRADE.TXT
2009-05-22 23:55:50 —-D—- C:Program FilesUnlocker
2009-05-22 23:55:50 —-D—- C:Documents and SettingsAdminApplication DataDesktopicon
2009-05-22 23:25:24 —-D—- C:Program FilesESET
2009-05-22 23:25:24 —-D—- C:Documents and SettingsAll UsersApplication DataESET
2009-05-22 23:21:44 —-D—- C:Documents and SettingsAdminApplication DatauTorrent
2009-05-22 23:12:11 —-HD—- C:Program FilesInstallShield Installation Information
2009-05-22 23:11:34 —-D—- C:Documents and SettingsAdminApplication DataWinRAR
2009-05-22 21:42:32 —-A—- C:WINDOWSsystem32h323log.txt
2009-05-22 21:42:05 —-D—- C:WINDOWSsystem32RTCOM
2009-05-22 21:41:56 —-A—- C:WINDOWSsystem32vfwwdm32.dll
2009-05-22 21:41:56 —-A—- C:WINDOWSsystem32ksuser.dll
2009-05-22 21:41:20 —-D—- C:WINDOWSnview
2009-05-22 21:41:20 —-D—- C:WINDOWSNV3201560.TMP
2009-05-22 21:41:04 —-A—- C:WINDOWSsystem32usbui.dll
2009-05-22 21:39:55 —-A—- C:WINDOWSimsins.BAK
2009-05-22 21:39:53 —-SHD—- C:WINDOWSInstaller
2009-05-22 21:39:53 —-D—- C:Program FilesCommon FilesODBC
2009-05-22 21:39:53 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-05-22 21:39:53 —-A—- C:WINDOWSODBCINST.INI
2009-05-22 21:39:49 —-D—- C:Program FilesCommon FilesSpeechEngines
2009-05-22 21:39:48 —-AD—- C:Program FilesCommon FilesMicrosoft Shared
2009-05-22 21:39:48 —-AD—- C:Program FilesCommon Files
2009-05-22 21:39:48 —-AD—- C:Program Files
2009-05-22 21:39:44 —-RA—- C:WINDOWSsystem32kbdtuq.dll
2009-05-22 21:39:44 —-RA—- C:WINDOWSsystem32kbdtuf.dll
2009-05-22 21:39:44 —-RA—- C:WINDOWSsystem32kbdazel.dll
2009-05-22 21:39:42 —-RA—- C:WINDOWSsystem32kbdhept.dll
2009-05-22 21:39:42 —-RA—- C:WINDOWSsystem32kbdhela3.dll
2009-05-22 21:39:42 —-RA—- C:WINDOWSsystem32kbdhela2.dll
2009-05-22 21:39:42 —-RA—- C:WINDOWSsystem32kbdhe319.dll
2009-05-22 21:39:42 —-RA—- C:WINDOWSsystem32kbdhe220.dll
2009-05-22 21:39:41 —-RA—- C:WINDOWSsystem32kbdhe.dll
2009-05-22 21:39:41 —-RA—- C:WINDOWSsystem32kbdgkl.dll
2009-05-22 21:39:39 —-RA—- C:WINDOWSsystem32kbdlv1.dll
2009-05-22 21:39:39 —-RA—- C:WINDOWSsystem32kbdlv.dll
2009-05-22 21:39:39 —-RA—- C:WINDOWSsystem32kbdlt1.dll
2009-05-22 21:39:39 —-RA—- C:WINDOWSsystem32kbdlt.dll
2009-05-22 21:39:39 —-RA—- C:WINDOWSsystem32kbdest.dll
2009-05-22 21:39:36 —-RA—- C:WINDOWSsystem32kbdsl1.dll
2009-05-22 21:39:36 —-RA—- C:WINDOWSsystem32kbdsl.dll
2009-05-22 21:39:36 —-RA—- C:WINDOWSsystem32kbdro.dll
2009-05-22 21:39:36 —-RA—- C:WINDOWSsystem32kbdpl1.dll
2009-05-22 21:39:36 —-RA—- C:WINDOWSsystem32kbdpl.dll
2009-05-22 21:39:36 —-RA—- C:WINDOWSsystem32kbdhu1.dll
2009-05-22 21:39:36 —-RA—- C:WINDOWSsystem32kbdhu.dll
2009-05-22 21:39:36 —-RA—- C:WINDOWSsystem32kbdcz2.dll
2009-05-22 21:39:36 —-RA—- C:WINDOWSsystem32kbdcz1.dll
2009-05-22 21:39:36 —-RA—- C:WINDOWSsystem32kbdcz.dll
2009-05-22 21:39:36 —-RA—- C:WINDOWSsystem32kbdcr.dll
2009-05-22 21:39:35 —-RA—- C:WINDOWSsystem32kbdycl.dll
2009-05-22 21:39:35 —-RA—- C:WINDOWSsystem32KBDAL.DLL
2009-05-22 21:39:32 —-A—- C:WINDOWSsystem32kbdmon.dll
2009-05-22 21:39:32 —-A—- C:WINDOWSsystem32kbdkyr.dll
2009-05-22 21:39:31 —-A—- C:WINDOWSsystem32kbdycc.dll
2009-05-22 21:39:31 —-A—- C:WINDOWSsystem32kbduzb.dll
2009-05-22 21:39:31 —-A—- C:WINDOWSsystem32kbdur.dll
2009-05-22 21:39:31 —-A—- C:WINDOWSsystem32kbdtat.dll
2009-05-22 21:39:31 —-A—- C:WINDOWSsystem32kbdkaz.dll
2009-05-22 21:39:31 —-A—- C:WINDOWSsystem32kbdbu.dll
2009-05-22 21:39:31 —-A—- C:WINDOWSsystem32kbdblr.dll
2009-05-22 21:39:31 —-A—- C:WINDOWSsystem32kbdaze.dll
2009-05-22 21:39:29 —-A—- C:WINDOWSsystem32spxcoins.dll
2009-05-22 21:39:29 —-A—- C:WINDOWSsystem32irclass.dll
2009-05-22 21:39:29 —-A—- C:WINDOWSsystem32EqnClass.Dll
2009-05-22 21:39:29 —-A—- C:WINDOWSsystem32dgsetup.dll
2009-05-22 21:39:29 —-A—- C:WINDOWSsystem32dgrpsetu.dll
2009-05-22 21:39:26 —-N—- C:WINDOWSsystem32CONFIG.TMP
2009-05-22 21:39:26 —-A—- C:WINDOWSTASKMAN.EXE
2009-05-22 21:39:25 —-A—- C:WINDOWSsystem32batt.dll
2009-05-22 21:39:25 —-A—- C:WINDOWSNOTEPAD.EXE
2009-05-22 21:39:24 —-A—- C:WINDOWSsystem32storprop.dll
2009-05-22 21:39:21 —-ASH—- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-05-22 21:39:16 —-RA—- C:WINDOWSSET8.tmp
2009-05-22 21:39:14 —-RA—- C:WINDOWSSET4.tmp
2009-05-22 21:39:13 —-RA—- C:WINDOWSSET3.tmp
2009-05-22 21:39:08 —-D—- C:WINDOWSsystem32CatRoot2
2009-05-22 21:39:08 —-D—- C:WINDOWSsystem32CatRoot
2009-05-22 21:39:03 —-SD—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-05-22 21:38:29 —-A—- C:WINDOWSsetuplog.txt
2009-05-22 21:38:14 —-A—- C:WINDOWSsystem32NETw4r32.dll
2009-05-22 21:38:14 —-A—- C:WINDOWSsystem32NETw4c32.dll
2009-05-22 21:37:56 —-A—- C:WINDOWSSOUNDMAN.EXE
2009-05-22 21:37:56 —-A—- C:WINDOWSSkyTel.exe
2009-05-22 21:37:56 —-A—- C:WINDOWSRtlUpd.exe
2009-05-22 21:37:55 —-A—- C:WINDOWSRTLCPL.EXE
2009-05-22 21:37:54 —-A—- C:WINDOWSRTHDCPL.EXE
2009-05-22 21:37:54 —-A—- C:WINDOWSMicCal.exe
2009-05-22 21:37:53 —-A—- C:WINDOWSALCWZRD.EXE
2009-05-22 21:37:53 —-A—- C:WINDOWSALCMTR.EXE
2009-05-22 21:35:19 —-A—- C:WINDOWSsystem32nvcuda.dll
2009-05-22 21:35:17 —-A—- C:WINDOWSsystem32nv4_disp.dll
2009-05-22 21:34:12 —-D—- C:Documents and Settings
2009-05-22 21:34:11 —-SHD—- C:System Volume Information
2009-05-22 21:33:24 —-SH—- C:boot.ini
2009-05-22 21:27:24 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-05-22 21:27:24 —-RSD—- C:WINDOWSFonts
2009-05-22 21:27:24 —-RD—- C:WINDOWSWeb
2009-05-22 21:27:24 —-HD—- C:WINDOWSinf
2009-05-22 21:27:24 —-D—- C:WINDOWSWinSxS
2009-05-22 21:27:24 —-D—- C:WINDOWStwain_32
2009-05-22 21:27:24 —-D—- C:WINDOWSTemp
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32wins
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32wbem
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32usmt
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32spool
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32ShellExt
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32Setup
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32ru-ru
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32ru
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32ras
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32oobe
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32npp
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32mui
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32inetsrv
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32IME
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32icsxml
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32ias
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32export
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32drivers
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32dhcp
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem32config
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem323com_dmi
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem323076
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem322052
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem321054
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem321049
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem321042
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem321041
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem321037
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem321033
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem321031
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem321028
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem321025
2009-05-22 21:27:24 —-D—- C:WINDOWSsystem
2009-05-22 21:27:24 —-D—- C:WINDOWSsecurity
2009-05-22 21:27:24 —-D—- C:WINDOWSResources
2009-05-22 21:27:24 —-D—- C:WINDOWSrepair
2009-05-22 21:27:24 —-D—- C:WINDOWSProvisioning
2009-05-22 21:27:24 —-D—- C:WINDOWSPeerNet
2009-05-22 21:27:24 —-D—- C:WINDOWSpchealth
2009-05-22 21:27:24 —-D—- C:WINDOWSNetwork Diagnostic
2009-05-22 21:27:24 —-D—- C:WINDOWSmui
2009-05-22 21:27:24 —-D—- C:WINDOWSmsapps
2009-05-22 21:27:24 —-D—- C:WINDOWSmsagent
2009-05-22 21:27:24 —-D—- C:WINDOWSMedia
2009-05-22 21:27:24 —-D—- C:WINDOWSL2Schemas
2009-05-22 21:27:24 —-D—- C:WINDOWSjava
2009-05-22 21:27:24 —-D—- C:WINDOWSime
2009-05-22 21:27:24 —-D—- C:WINDOWSHelp
2009-05-22 21:27:24 —-D—- C:WINDOWSehome
2009-05-22 21:27:24 —-D—- C:WINDOWSDriver Cache
2009-05-22 21:27:24 —-D—- C:WINDOWSDebug
2009-05-22 21:27:24 —-D—- C:WINDOWSCursors
2009-05-22 21:27:24 —-D—- C:WINDOWSConnection Wizard
2009-05-22 21:27:24 —-D—- C:WINDOWSConfig
2009-05-22 21:27:24 —-D—- C:WINDOWSAppPatch
2009-05-22 21:27:24 —-D—- C:WINDOWSaddins
2009-05-22 21:27:24 —-D—- C:WINDOWS
2009-05-22 21:27:24 —-AD—- C:WINDOWSsystem32
2009-05-22 18:38:39 —-SHD—- C:RECYCLER
2009-05-22 18:37:33 —-D—- C:Downloads
2009-05-22 18:37:25 —-D—- C:Documents and SettingsAdminApplication DataDownload Master
2009-05-22 18:37:07 —-D—- C:Program FilesDownload Master
2009-05-22 18:10:07 —-D—- C:Documents and SettingsAdminApplication DataMacromedia
2009-05-22 18:10:07 —-D—- C:Documents and SettingsAdminApplication DataAdobe
2009-05-22 18:08:48 —-A—- C:WINDOWSsystem32hidserv.dll
2009-05-22 18:08:42 —-RA—- C:WINDOWSsystem32rixdicon.dll
2009-05-22 18:08:21 —-RA—- C:WINDOWSsystem32snymsico.dll
2009-05-22 18:07:56 —-N—- C:WINDOWSsystem32spmsg.dll
2009-05-22 18:07:56 —-A—- C:WINDOWSsystem32spupdsvc.exe
2009-05-22 18:07:55 —-HDC—- C:WINDOWS$NtUninstallWdf01005$
2009-05-22 18:07:49 —-RA—- C:WINDOWSsystem32wdfcoinstaller01005.dll
2009-05-22 18:07:38 —-RA—- C:WINDOWSsystem32UCI32M16.dll
2009-05-22 18:07:37 —-RA—- C:WINDOWSsystem32mdmxsdk.dll
2009-05-22 18:07:37 —-D—- C:Program FilesCONEXANT
2009-05-22 18:06:33 —-D—- C:WINDOWSNV836756.TMP
2009-05-22 18:06:33 —-D—- C:WINDOWSNV1952776.TMP
2009-05-22 18:06:33 —-A—- C:WINDOWSsystem32nvudisp.exe
2009-05-22 17:58:31 —-D—- C:WINDOWSsystem32Lang
2009-05-22 17:58:10 —-A—- C:WINDOWSsystem32wmpns.dll
2009-05-22 17:58:09 —-D—- C:Documents and SettingsAdminApplication DataIdentities
2009-05-22 17:58:05 —-HD—- C:Program FilesUninstall Information
2009-05-22 17:57:15 —-RD—- C:WINDOWSOemDrv
2009-05-22 17:57:09 —-D—- C:Program FilesuTorrent
2009-05-22 17:57:07 —-D—- C:Program FilesUltraISO
2009-05-22 17:57:07 —-D—- C:Program FilesCommon FilesEZB Systems
2009-05-22 17:57:04 —-D—- C:Program FilesWinRAR
2009-05-22 17:57:00 —-D—- C:Program FilesEverest
2009-05-22 17:56:55 —-D—- C:Documents and SettingsAdminApplication DataMozilla
2009-05-22 17:56:46 —-D—- C:Program FilesMozilla Firefox
2009-05-22 17:56:38 —-A—- C:WINDOWSWPI_Log_2009.05.22_17.56.38.txt
2009-05-22 17:55:01 —-ASH—- C:Documents and SettingsAdminApplication Datadesktop.ini
2009-05-22 17:55:00 —-SD—- C:Documents and SettingsAdminApplication DataMicrosoft
2009-05-22 17:54:34 —-A—- C:WINDOWSSchedLgU.Txt
2009-05-22 17:51:29 —-D—- C:WINDOWSsystem32xircom
2009-05-22 17:51:29 —-D—- C:Program Filesmsn gaming zone
2009-05-22 17:51:19 —-D—- C:Program FilesVistaDriveIcon
2009-05-22 17:51:05 —-D—- C:Program FilesPaint.NET
2009-05-22 17:51:05 —-A—- C:WINDOWSsystem32wiaaut.dll
2009-05-22 17:51:02 —-RA—- C:WINDOWSdel.bat
2009-05-22 17:50:59 —-RA—- C:WINDOWSsystem32OEMINFO.CMD
2009-05-22 17:50:59 —-A—- C:WINDOWSsystem32oeminfo.ini
2009-05-22 17:50:56 —-SD—- C:WINDOWSsystem32Microsoft
2009-05-22 17:50:56 —-A—- C:WINDOWSsystem32javaws.exe
2009-05-22 17:50:56 —-A—- C:WINDOWSsystem32javaw.exe
2009-05-22 17:50:56 —-A—- C:WINDOWSsystem32java.exe
2009-05-22 17:50:38 —-D—- C:Program FilesJava
2009-05-22 17:50:38 —-D—- C:Program FilesCommon FilesJava
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xinput9_1_0.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xinput1_3.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xinput1_2.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xinput1_1.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32XAudio2_2.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32XAudio2_1.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32XAudio2_0.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32XAPOFX1_1.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32XAPOFX1_0.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine3_2.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine3_1.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine3_0.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine2_9.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine2_8.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine2_7.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine2_6.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine2_5.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine2_4.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine2_3.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine2_2.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine2_10.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine2_1.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32xactengine2_0.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32X3DAudio1_4.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32X3DAudio1_3.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32x3daudio1_2.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32x3daudio1_1.dll
2009-05-22 17:50:20 —-A—- C:WINDOWSsystem32x3daudio1_0.dll
2009-05-22 17:50:19 —-A—- C:WINDOWSsystem32d3dx9_39.dll
2009-05-22 17:50:19 —-A—- C:WINDOWSsystem32d3dx9_38.dll
2009-05-22 17:50:19 —-A—- C:WINDOWSsystem32d3dx9_37.dll
2009-05-22 17:50:19 —-A—- C:WINDOWSsystem32d3dx9_36.dll
2009-05-22 17:50:19 —-A—- C:WINDOWSsystem32d3dx9_35.dll
2009-05-22 17:50:19 —-A—- C:WINDOWSsystem32d3dx9_34.dll
2009-05-22 17:50:19 —-A—- C:WINDOWSsystem32d3dx9_33.dll
2009-05-22 17:50:19 —-A—- C:WINDOWSsystem32d3dx9_32.dll
2009-05-22 17:50:19 —-A—- C:WINDOWSsystem32d3dx9_31.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx9_30.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx9_29.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx9_28.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx9_27.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx9_26.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx9_25.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx9_24.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx10_39.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx10_38.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx10_37.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx10_36.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx10_35.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx10_34.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx10_33.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dx10.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32D3DCompiler_39.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32D3DCompiler_38.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32D3DCompiler_37.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dcompiler_36.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dcompiler_35.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dcompiler_34.dll
2009-05-22 17:50:18 —-A—- C:WINDOWSsystem32d3dcompiler_33.dll
2009-05-22 17:48:45 —-RSD—- C:WINDOWSassembly
2009-05-22 17:48:45 —-D—- C:WINDOWSMicrosoft.NET
2009-05-22 17:48:43 —-D—- C:WINDOWSsystem32URTTemp
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32zlib1.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32wrap_oal.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32wnaspi32.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32Vbrun300.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32vbrun200.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32vbrun100.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32Vb40032.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32Vb40016.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32ssleay32.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32OpenAL32.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32msvcrt10.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32msvcr71.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32msvcr70.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32msvcp71.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MSVCP70.DLL
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32msvci70.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MSSTKPRP.DLL
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32msstdfmt.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MFC71u.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MFC71KOR.DLL
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MFC71JPN.DLL
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MFC71ITA.DLL
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MFC71FRA.DLL
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MFC71ESP.DLL
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MFC71ENU.DLL
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MFC71DEU.DLL
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MFC71CHT.DLL
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MFC71CHS.DLL
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32MFC71.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32mfc70u.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32mfc70kor.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32mfc70jpn.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32mfc70ita.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32mfc70fra.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32mfc70esp.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32mfc70enu.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32mfc70deu.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32mfc70cht.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32mfc70chs.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32mfc70.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32libssl32.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32libeay32.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32atl71.dll
2009-05-22 17:48:01 —-A—- C:WINDOWSsystem32atl70.dll
2009-05-22 17:47:43 —-A—- C:WINDOWScontrol.ini
2009-05-22 17:47:43 —-A—- C:AUTOEXEC.BAT
2009-05-22 17:47:38 —-A—- C:WINDOWSOEWABLog.txt
2009-05-22 17:47:35 —-A—- C:WINDOWSsystem32mapi32.dll
2009-05-22 17:46:58 —-RAH—- C:WINDOWSsystem32logonui.exe.manifest
2009-05-22 17:46:55 —-RAH—- C:WINDOWSsystem32cdplayer.exe.manifest
2009-05-22 17:46:50 —-HD—- C:Program FilesWindowsUpdate
2009-05-22 17:46:49 —-D—- C:Program FilesOnline Services
2009-05-22 17:46:40 —-A—- C:WINDOWSsystem32atrace.dll
2009-05-22 17:46:39 —-A—- C:WINDOWSsystem32desktop.ini
2009-05-22 17:46:39 —-A—- C:WINDOWSdesktop.ini
2009-05-22 17:46:29 —-D—- C:Program FilesCommon FilesServices
2009-05-22 17:46:29 —-A—- C:WINDOWSsystem32acctres.dll
2009-05-22 17:46:25 —-SD—- C:WINDOWSTasks
2009-05-22 17:46:25 —-A—- C:WINDOWSsystem32icfgnt5.dll
2009-05-22 17:46:24 —-D—- C:Program FilesCommon FilesMSSoap
2009-05-22 17:46:18 —-D—- C:WINDOWSsrchasst
2009-05-22 17:46:17 —-D—- C:WINDOWSsystem32Macromed
2009-05-22 17:46:14 —-A—- C:WINDOWSsystem32wuweb.dll
2009-05-22 17:46:13 —-A—- C:WINDOWSsystem32wups.dll
2009-05-22 17:46:13 —-A—- C:WINDOWSsystem32wucltui.dll
2009-05-22 17:46:13 —-A—- C:WINDOWSsystem32wuauserv.dll
2009-05-22 17:46:13 —-A—- C:WINDOWSsystem32wuaueng1.dll
2009-05-22 17:46:13 —-A—- C:WINDOWSsystem32wuaueng.dll
2009-05-22 17:46:12 —-A—- C:WINDOWSsystem32wuauclt1.exe
2009-05-22 17:46:12 —-A—- C:WINDOWSsystem32wuauclt.exe
2009-05-22 17:46:12 —-A—- C:WINDOWSsystem32wuapi.dll
2009-05-22 17:46:12 —-A—- C:WINDOWSsystem32bitsprx4.dll
2009-05-22 17:46:12 —-A—- C:WINDOWSsystem32bitsprx3.dll
2009-05-22 17:46:12 —-A—- C:WINDOWSsystem32bitsprx2.dll
2009-05-22 17:46:11 —-A—- C:WINDOWSsystem32qmgrprxy.dll
2009-05-22 17:46:11 —-A—- C:WINDOWSsystem32qmgr.dll
2009-05-22 17:46:06 —-D—- C:Program FilesMovie Maker
2009-05-22 17:45:45 —-A—- C:WINDOWSsystem32safrslv.dll
2009-05-22 17:45:45 —-A—- C:WINDOWSsystem32safrdm.dll
2009-05-22 17:45:45 —-A—- C:WINDOWSsystem32safrcdlg.dll
2009-05-22 17:45:45 —-A—- C:WINDOWSsystem32racpldlg.dll
2009-05-22 17:45:40 —-A—- C:WINDOWSsystem32fltMc.exe
2009-05-22 17:45:40 —-A—- C:WINDOWSsystem32fltlib.dll
2009-05-22 17:45:39 —-D—- C:WINDOWSsystem32Restore
2009-05-22 17:45:39 —-A—- C:WINDOWSsystem32srsvc.dll
2009-05-22 17:45:39 —-A—- C:WINDOWSsystem32srrstr.dll
2009-05-22 17:45:39 —-A—- C:WINDOWSsystem32srclient.dll
2009-05-22 17:45:38 —-A—- C:WINDOWSsystem32msoert2.dll
2009-05-22 17:45:38 —-A—- C:WINDOWSsystem32msoeacct.dll
2009-05-22 17:45:36 —-A—- C:WINDOWSsystem32inetres.dll
2009-05-22 17:45:36 —-A—- C:WINDOWSsystem32inetcomm.dll
2009-05-22 17:45:33 —-D—- C:Program FilesOutlook Express
2009-05-22 17:45:33 —-A—- C:WINDOWSsystem32schedsvc.dll
2009-05-22 17:45:33 —-A—- C:WINDOWSsystem32mstinit.exe
2009-05-22 17:45:32 —-A—- C:WINDOWSsystem32mstask.dll
2009-05-22 17:45:32 —-A—- C:WINDOWSsystem32isign32.dll
2009-05-22 17:45:32 —-A—- C:WINDOWSsystem32icwphbk.dll
2009-05-22 17:45:32 —-A—- C:WINDOWSsystem32icwdial.dll
2009-05-22 17:45:31 —-A—- C:WINDOWSsystem32inetcfg.dll
2009-05-22 17:45:24 —-D—- C:Program FilesCommon FilesSystem
2009-05-22 17:44:48 —-D—- C:Program FilesComPlus Applications
2009-05-22 17:44:47 —-A—- C:WINDOWSvbaddin.ini
2009-05-22 17:44:47 —-A—- C:WINDOWSvb.ini
2009-05-22 17:44:45 —-D—- C:WINDOWSRegistration
2009-05-22 17:44:37 —-D—- C:Program FilesWindows Media Player
2009-05-22 17:44:37 —-D—- C:Program FilesWindows Media Connect 2
2009-05-22 17:44:35 —-SD—- C:WINDOWSDownloaded Program Files
2009-05-22 17:44:35 —-RD—- C:WINDOWSOffline Web Pages
2009-05-22 17:44:35 —-D—- C:WINDOWSwbem
2009-05-22 17:44:35 —-A—- C:WINDOWSsystem32winfxdocobj.exe
2009-05-22 17:44:35 —-A—- C:WINDOWSsystem32msfeedssync.exe
2009-05-22 17:44:35 —-A—- C:WINDOWSsystem32msfeedsbs.dll
2009-05-22 17:44:34 —-D—- C:Program FilesInternet Explorer
2009-05-22 17:44:34 —-A—- C:WINDOWSsystem32ieframe.dll.mui
2009-05-22 17:44:34 —-A—- C:WINDOWSsystem32advpack.dll.mui
2009-05-22 17:44:33 —-A—- C:WINDOWSsystem32wul_lng.ini
2009-05-22 17:44:33 —-A—- C:WINDOWSsystem32wul.exe
2009-05-22 17:44:33 —-A—- C:WINDOWSsystem32TweakUI.exe
2009-05-22 17:44:32 —-D—- C:WINDOWSsystem32PreInstall
2009-05-22 17:44:32 —-D—- C:WINDOWSSoftwareDistribution
2009-05-22 17:44:32 —-A—- C:WINDOWSsystem32muweb.dll
2009-05-22 17:44:31 —-A—- C:WINDOWSsystem32write.exe
2009-05-22 17:44:31 —-A—- C:WINDOWSsystem32gpprefcl.dll
2009-05-22 17:44:20 —-A—- C:WINDOWSsystem32sndvol32.exe
2009-05-22 17:44:20 —-A—- C:WINDOWSsystem32hticons.dll
2009-05-22 17:44:20 —-A—- C:WINDOWSsystem32avwav.dll
2009-05-22 17:44:19 —-A—- C:WINDOWSsystem32winchat.exe
2009-05-22 17:44:19 —-A—- C:WINDOWSsystem32avtapi.dll
2009-05-22 17:44:19 —-A—- C:WINDOWSsystem32avmeter.dll
2009-05-22 17:44:11 —-A—- C:WINDOWSsystem32getuname.dll
2009-05-22 17:44:11 —-A—- C:WINDOWSsystem32charmap.exe
2009-05-22 17:44:10 —-A—- C:WINDOWSsystem32winmine.exe
2009-05-22 17:44:10 —-A—- C:WINDOWSsystem32sol.exe
2009-05-22 17:44:10 —-A—- C:WINDOWSsystem32calc.exe
2009-05-22 17:44:09 —-A—- C:WINDOWSsystem32reset.exe
2009-05-22 17:44:09 —-A—- C:WINDOWSsystem32mshearts.exe
2009-05-22 17:44:09 —-A—- C:WINDOWSsystem32freecell.exe
2009-05-22 17:44:08 —-A—- C:WINDOWSsystem32usrlogon.cmd
2009-05-22 17:44:08 —-A—- C:WINDOWSsystem32tsshutdn.exe
2009-05-22 17:44:08 —-A—- C:WINDOWSsystem32tslabels.ini
2009-05-22 17:44:08 —-A—- C:WINDOWSsystem32tskill.exe
2009-05-22 17:44:08 —-A—- C:WINDOWSsystem32tsdiscon.exe
2009-05-22 17:44:08 —-A—- C:WINDOWSsystem32tscon.exe
2009-05-22 17:44:08 —-A—- C:WINDOWSsystem32shadow.exe
2009-05-22 17:44:08 —-A—- C:WINDOWSsystem32rwinsta.exe
2009-05-22 17:44:07 —-A—- C:WINDOWSsystem32regini.exe
2009-05-22 17:44:07 —-A—- C:WINDOWSsystem32rdpcfgex.dll
2009-05-22 17:44:07 —-A—- C:WINDOWSsystem32qwinsta.exe
2009-05-22 17:44:07 —-A—- C:WINDOWSsystem32qappsrv.exe
2009-05-22 17:44:07 —-A—- C:WINDOWSsystem32msg.exe
2009-05-22 17:44:07 —-A—- C:WINDOWSsystem32logoff.exe
2009-05-22 17:44:07 —-A—- C:WINDOWSsystem32cdmodem.dll
2009-05-22 17:44:06 —-A—- C:WINDOWSsystem32msdtcprf.ini
2009-05-22 17:43:59 —-A—- C:WINDOWSsystem32wmimgmt.msc
2009-05-22 17:43:58 —-A—- C:WINDOWSsystem32sndrec32.exe
2009-05-22 17:43:58 —-A—- C:WINDOWSsystem32accwiz.exe
2009-05-22 17:43:57 —-A—- C:WINDOWSsystem32mplay32.exe
2009-05-22 17:43:57 —-A—- C:WINDOWSsystem32hypertrm.dll
2009-05-22 17:43:56 —-D—- C:Program FilesWindows NT
2009-05-22 17:43:56 —-A—- C:WINDOWSsystem32spider.exe
2009-05-22 17:43:56 —-A—- C:WINDOWSsystem32clipbrd.exe
2009-05-22 17:43:55 —-A—- C:WINDOWSsystem32tscfgwmi.dll
2009-05-22 17:43:54 —-A—- C:WINDOWSsystem32tsgqec.dll
2009-05-22 17:43:54 —-A—- C:WINDOWSsystem32rhttpaa.dll
2009-05-22 17:43:54 —-A—- C:WINDOWSsystem32aaclient.dll
2009-05-22 17:43:53 —-A—- C:WINDOWSsystem32mstscax.dll
2009-05-22 17:43:52 —-A—- C:WINDOWSsystem32sessmgr.exe
2009-05-22 17:43:52 —-A—- C:WINDOWSsystem32remotepg.dll
2009-05-22 17:43:52 —-A—- C:WINDOWSsystem32rdshost.exe
2009-05-22 17:43:52 —-A—- C:WINDOWSsystem32rdsaddin.exe
2009-05-22 17:43:52 —-A—- C:WINDOWSsystem32rdchost.dll
2009-05-22 17:43:52 —-A—- C:WINDOWSsystem32mstsc.exe
2009-05-22 17:43:51 —-A—- C:WINDOWSsystem32termsrv.dll
2009-05-22 17:43:51 —-A—- C:WINDOWSsystem32rdpwsx.dll
2009-05-22 17:43:51 —-A—- C:WINDOWSsystem32rdpsnd.dll
2009-05-22 17:43:51 —-A—- C:WINDOWSsystem32rdpclip.exe
2009-05-22 17:43:51 —-A—- C:WINDOWSsystem32qprocess.exe
2009-05-22 17:43:51 —-A—- C:WINDOWSsystem32icaapi.dll
2009-05-22 17:43:51 —-A—- C:WINDOWSsystem32cfgbkend.dll
2009-05-22 17:43:50 —-D—- C:WINDOWSsystem32MsDtc
2009-05-22 17:43:50 —-A—- C:WINDOWSsystem32mtxoci.dll
2009-05-22 17:43:50 —-A—- C:WINDOWSsystem32msdtcuiu.dll
2009-05-22 17:43:50 —-A—- C:WINDOWSsystem32msdtcprx.dll
2009-05-22 17:43:49 —-A—- C:WINDOWSsystem32xolehlp.dll
2009-05-22 17:43:49 —-A—- C:WINDOWSsystem32msdtctm.dll
2009-05-22 17:43:49 —-A—- C:WINDOWSsystem32msdtclog.dll
2009-05-22 17:43:49 —-A—- C:WINDOWSsystem32msdtc.exe
2009-05-22 17:43:47 —-D—- C:WINDOWSsystem32Com
2009-05-22 17:43:47 —-A—- C:WINDOWSsystem32mtxlegih.dll
2009-05-22 17:43:47 —-A—- C:WINDOWSsystem32mtxex.dll
2009-05-22 17:43:47 —-A—- C:WINDOWSsystem32mtxdm.dll
2009-05-22 17:43:47 —-A—- C:WINDOWSsystem32dcomcnfg.exe
2009-05-22 17:43:47 —-A—- C:WINDOWSsystem32comrepl.dll
2009-05-22 17:43:47 —-A—- C:WINDOWSsystem32comaddin.dll
2009-05-22 17:43:47 —-A—- C:WINDOWSsystem32colbact.dll
2009-05-22 17:43:46 —-A—- C:WINDOWSsystem32stclient.dll
2009-05-22 17:43:46 —-A—- C:WINDOWSsystem32clbcatex.dll
2009-05-22 17:43:46 —-A—- C:WINDOWSsystem32catsrvut.dll
2009-05-22 17:43:46 —-A—- C:WINDOWSsystem32catsrvps.dll
2009-05-22 17:43:46 —-A—- C:WINDOWSsystem32catsrv.dll
2009-05-22 17:43:45 —-A—- C:WINDOWSsystem32comuid.dll
2009-05-22 17:43:45 —-A—- C:WINDOWSsystem32comsvcs.dll
2009-05-22 17:43:44 —-A—- C:WINDOWSsystem32comsnap.dll
2009-05-22 17:43:44 —-A—- C:WINDOWSsystem32clbcatq.dll
2009-05-22 17:43:36 —-A—- C:WINDOWSsystem32servdeps.dll
2009-05-22 17:43:36 —-A—- C:WINDOWSsystem32mmfutil.dll
2009-05-22 17:43:36 —-A—- C:WINDOWSsystem32licwmi.dll
2009-05-22 17:43:36 —-A—- C:WINDOWSsystem32cmprops.dll======List of files/folders modified in the last 1 months======
2009-05-22 21:39:48 —-A—- C:WINDOWSsystem.ini
2009-05-22 17:47:31 —-A—- C:WINDOWSwin.ini======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ehdrv;ehdrv; C:WINDOWSsystem32DRIVERSehdrv.sys [2009-03-19 107256]
R1 epfwtdir;epfwtdir; C:WINDOWSsystem32DRIVERSepfwtdir.sys [2009-03-19 93848]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-08-19 14720]
R1 WmiAcpi;Интерфейс управления для ACPI Microsoft Windows; C:WINDOWSsystem32DRIVERSwmiacpi.sys [2008-08-20 8832]
R2 eamon;eamon; C:WINDOWSsystem32DRIVERSeamon.sys [2009-03-19 113960]
R2 mdmxsdk;mdmxsdk; C:WINDOWSsystem32DRIVERSmdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:WINDOWSsystem32DRIVERSrimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:WINDOWSsystem32DRIVERSrimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:WINDOWSsystem32DRIVERSrixdptsk.sys [2007-03-21 37376]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2008-07-08 62848]
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-08-19 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:WINDOWSsystem32DRIVERSb57xp32.sys [2007-10-22 161792]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Майкрософт); C:WINDOWSsystem32DRIVERSCmBatt.sys [2008-08-20 13952]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidshim;Service for HID-KMDF Shim layer; C:WINDOWSsystem32DRIVERShidshim.sys [2007-05-30 5632]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 HSF_DPV;HSF_DPV; C:WINDOWSsystem32DRIVERSHSF_DPV.sys [2006-12-22 988800]
R3 HSFHWAZL;HSFHWAZL; C:WINDOWSsystem32DRIVERSHSFHWAZL.sys [2006-12-22 209664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2008-04-17 4707328]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 NETw4x32;Драйвер адаптера Intel(R) Wireless WiFi Link для Windows XP 32 Bit; C:WINDOWSsystem32DRIVERSNETw4x32.sys [2008-03-13 2530176]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-08-19 61824]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2007-06-06 6349696]
R3 sdbus;sdbus; C:WINDOWSsystem32DRIVERSsdbus.sys [2008-04-15 79232]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-15 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-08-20 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-08-20 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-15 20608]
R3 usbvideo;USB-видеоустройство (WDM); C:WINDOWSSystem32Driversusbvideo.sys [2008-08-20 121984]
R3 Wdf01000;Wdf01000; C:WINDOWSsystem32DRIVERSWdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:WINDOWSsystem32DRIVERSHSF_CNXT.sys [2006-12-22 730112]
R3 winbondhidcir;Winbond HID CIR Receiver; C:WINDOWSsystem32DRIVERSwinbondhidcir.sys [2007-05-30 21504]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-08-20 17024]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-08-20 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-08-20 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-08-20 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-08-20 15232]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-08-20 19200]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2008-03-02 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2008-03-02 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:Program FilesESETESET NOD32 Antivirusekrn.exe [2009-03-19 731840]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2007-06-06 163908]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;ESET HTTP Server; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [2009-03-19 20680]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media Playerwmpnetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
EOF
Увы, порнобанер на месте. Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AAF01C24-2681-4FE6-9EDC-F7772F810E73}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DB3645BA-5C28-4E2D-8C99-41DC53D19B7C}\ deleted successfully.
========== FILES ==========
C:Documents and SettingsAll UsersApplication DataMicrosoftMedia Playereurrvqu.dll unregistered successfully.
C:Documents and SettingsAll UsersApplication DataMicrosoftMedia Playereurrvqu.dll moved successfully.
C:Documents and SettingsAll UsersApplication Datasowwrqu.dll unregistered successfully.
C:Documents and SettingsAll UsersApplication Datasowwrqu.dll moved successfully.
========== COMMANDS ==========
File delete failed. C:WINDOWSTEMPPerflib_Perfdata_f5c.dat scheduled to be deleted on reboot.
File delete failed. C:WINDOWSTEMPRtkBtMnt.exe scheduled to be deleted on reboot.
File delete failed. C:WINDOWSTEMP~DF4D7E.tmp scheduled to be deleted on reboot.
User’s Temp folder emptied.
User’s Internet Explorer cache folder emptied.
File delete failed. C:Documents and SettingsAdminLocal SettingsTemporary Internet FilesContent.IE5M7Q5IHLNindex9030[1].html scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsTemporary Internet Files0LRW2YW83PMCJKMOfflinex00000001_R scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsTemporary Internet Files0LRW2YW83PMCJKMOfflinex00000003_R scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsTemporary Internet Files0LRW2YW83PMCJKMOfflineHashFile.dat scheduled to be deleted on reboot.
User’s Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:Documents and SettingsLocalServiceLocal SettingsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:WINDOWStempPerflib_Perfdata_f5c.dat scheduled to be deleted on reboot.
File delete failed. C:WINDOWStempRtkBtMnt.exe scheduled to be deleted on reboot.
File delete failed. C:WINDOWStemp~DF4D7E.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps007adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps007md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps007url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps007w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps007wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps006adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps006md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps006url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps006w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps006wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001wb.vx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000adoc.bx scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000md.dat scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000url.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000w.ax scheduled to be deleted on reboot.
File delete failed. C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000wb.vx scheduled to be deleted on reboot.
Opera cache emptied.
Temp folders emptied.
Explorer started successfullyOTMoveIt3 by OldTimer — Version 1.0.10.0 log created on 04062009_090603
Files moved on Reboot…
File C:WINDOWSTEMPPerflib_Perfdata_f5c.dat not found!
C:WINDOWSTEMPRtkBtMnt.exe moved successfully.
C:WINDOWSTEMP~DF4D7E.tmp moved successfully.
C:Documents and SettingsAdminLocal SettingsTemporary Internet FilesContent.IE5M7Q5IHLNindex9030[1].html moved successfully.
C:Documents and SettingsAdminLocal SettingsTemporary Internet Files0LRW2YW83PMCJKMOfflinex00000001_R moved successfully.
C:Documents and SettingsAdminLocal SettingsTemporary Internet Files0LRW2YW83PMCJKMOfflinex00000003_R moved successfully.
C:Documents and SettingsAdminLocal SettingsTemporary Internet Files0LRW2YW83PMCJKMOfflineHashFile.dat moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009adoc.bx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009md.dat moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009url.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009w.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps009wb.vx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008adoc.bx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008md.dat moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008url.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008w.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps008wb.vx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps007adoc.bx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps007md.dat moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps007url.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps007w.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps007wb.vx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps006adoc.bx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps006md.dat moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps006url.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps006w.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps006wb.vx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005adoc.bx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005md.dat moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005url.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005w.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps005wb.vx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004adoc.bx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004md.dat moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004url.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004w.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps004wb.vx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003adoc.bx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003md.dat moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003url.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003w.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps003wb.vx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002adoc.bx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002md.dat moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002url.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002w.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps002wb.vx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001adoc.bx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001md.dat moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001url.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001w.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps001wb.vx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000adoc.bx moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000md.dat moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000url.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000w.ax moved successfully.
C:Documents and SettingsAdminLocal SettingsApplication DataOperaOperaProfilevps000wb.vx moved successfully.
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Admin at 2009-04-06 09:27:26
Microsoft Windows XP Professional Service Pack 3
System drive C: has 61 GB (86%) free of 71 GB
Total RAM: 2046 MB (74% free)Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:27:28, on 06.04.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: NormalRunning processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe
C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesSymantec AntiVirusDefWatch.exe
C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesCyberLinkShared FilesRichVideo.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesSymantec AntiVirusRtvscan.exe
C:Program FilesNeoSmart TechnologiesToolTipFixerToolTipFixer.exe
C:Program FilesCanonCALCALMAIN.exe
C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSRTHDCPL.EXE
C:Program FilesABBYY Lingvo 12Lvagent.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:PROGRA~1SYMANT~1VPTray.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesVistaDriveIconVistaDrv.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
C:Program FilesWindows Sidebarsidebar.exe
C:WINDOWSTEMPRtkBtMnt.exe
C:Program FilesOperaopera.exe
C:Documents and SettingsAdminРабочий столRSIT.exe
C:Program Filestrend microAdmin.exeR1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.qip.ru
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.qip.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.mail.ru/
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.qip.ru/ie
R1 — HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = Root: HKCU; Subkey: SoftwareMicrosoftInternet ExplorerSearchUrl; ValueType: string; ValueName: ‘; ValueData: ‘; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: QIPBHO Class — {95289393-33EA-4F8D-B952-483415B9C955} — C:Documents and SettingsAdminApplication DataMicrosoftInternet Explorerqipsearchbar.dll
R3 — URLSearchHook: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
R3 — URLSearchHook: (no name) — — (no file)
O2 — BHO: Adobe PDF Reader Link Helper — {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 — BHO: SSVHelper Class — {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} — C:Program FilesJavajre1.6.0_07binssv.dll
O2 — BHO: Спутник@Mail.Ru — {8984B388-A5BB-4DF7-B274-77B879E179DB} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O2 — BHO: QIPBHO — {95289393-33EA-4F8D-B952-483415B9C955} — C:Documents and SettingsAdminApplication DataMicrosoftInternet Explorerqipsearchbar.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — c:program filesgooglegoogletoolbar1.dll
O2 — BHO: eurrvquP — {AAF01C24-2681-4FE6-9EDC-F7772F810E73} — C:Documents and SettingsAll UsersApplication DataMicrosoftMedia Playereurrvqu.dll
O3 — Toolbar: &Google — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — c:program filesgooglegoogletoolbar1.dll
O3 — Toolbar: Спутник@Mail.Ru — {09900DE8-1DCA-443F-9243-26FF581438AF} — C:Program FilesMail.RuSputnikMailRuSputnik.dll
O3 — Toolbar: Rambler-Ассистент — {468CD8A9-7C25-45FA-969E-3D925C689DC4} — C:Program FilesRambler AssistantramblertoolbarU0.dll
O4 — HKLM..Run: [IAAnotif] «C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe»
O4 — HKLM..Run: [AzMixerSel] C:Program FilesRealtekInstallShieldAzMixerSel.exe
O4 — HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 — HKLM..Run: [nwiz] nwiz.exe /install
O4 — HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 — HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program FilesAdobeReader 8.0ReaderReader_sl.exe»
O4 — HKLM..Run: [Lingvo Launcher] «C:Program FilesABBYY Lingvo 12Lvagent.exe» /STARTUP
O4 — HKLM..Run: [MAgent] C:Program FilesMail.RuAgentMAgent.exe -LM
O4 — HKLM..Run: [NwOpenMS] rundll32.exe «C:Program FilesCommon FilesMicrosoft SharedWeb Foldersuqvrrue.dll»,DllRegisterServer
O4 — HKLM..Run: [ccApp] «C:Program FilesCommon FilesSymantec SharedccApp.exe»
O4 — HKLM..Run: [vptray] C:PROGRA~1SYMANT~1VPTray.exe
O4 — HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..Run: [VistaIcon] C:Program FilesVistaDriveIconVistaDrv.exe (User ‘SYSTEM’)
O4 — HKUSS-1-5-18..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 — HKUS.DEFAULT..RunOnce: [ZZZZ2_FirstLogonSetting] %SystemRoot%System32rundll32.exe advpack.dll,LaunchINFSection C:WINDOWSINFcustom.inf,NewUserFirstLogonInstall,0 (User ‘Default user’)
O4 — Global Startup: BTTray.lnk = ?
O8 — Extra context menu item: &Google Search — res://C:Program FilesGoogleGoogleToolbar1.dll/cmsearch.html
O8 — Extra context menu item: &Отправить на устройство Bluetooth… — C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
O8 — Extra context menu item: &Перевести — C:Program FilesArsenal CompanySOCRAT InternetHTMLWSocrat.js
O8 — Extra context menu item: &Перевести с помощью ABBYY Lingvo… — res://C:Program FilesABBYY Lingvo 12Lingvo.exe/3000
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~1OFFICE11EXCEL.EXE/3000
O8 — Extra context menu item: Backward Links — res://C:Program FilesGoogleGoogleToolbar1.dll/cmbacklinks.html
O8 — Extra context menu item: Cached Snapshot of Page — res://C:Program FilesGoogleGoogleToolbar1.dll/cmcache.html
O8 — Extra context menu item: Similar Pages — res://C:Program FilesGoogleGoogleToolbar1.dll/cmsimilar.html
O8 — Extra context menu item: Translate into English — res://C:Program FilesGoogleGoogleToolbar1.dll/cmtrans.html
O8 — Extra context menu item: Добавить в Rambler-Закладки — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/zakladki.htm
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Найти с помощью Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/search.htm
O8 — Extra context menu item: Перевести с помощью словарей Рамблера — res://C:Program FilesRambler AssistantramblertoolbarU0.dll/dic.htm
O8 — Extra context menu item: Поиск@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/282
O8 — Extra context menu item: Словари@Mail.Ru — res://C:Program FilesMail.RuSputnikMailRuSputnik.dll/283
O9 — Extra button: (no name) — DctMapping — (no file)
O9 — Extra button: (no name) — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_07binssv.dll
O9 — Extra ‘Tools’ menuitem: Sun Java Console — {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — C:Program FilesJavajre1.6.0_07binssv.dll
O9 — Extra button: СОКРАТ Интернет 3.0 — {17FA5CD6-5737-45c2-B194-74C8A4A7F7E7} — C:Program FilesArsenal CompanySOCRAT InternetSocratInternet.dll
O9 — Extra button: Настройки СОКРАТ Интернет 3.0 — {71F65890-5ED6-11d4-9665-00E02962D81A} — C:Program FilesArsenal CompanySOCRAT InternetSocratInternetT.dll
O9 — Extra button: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra ‘Tools’ menuitem: Mail.Ru Агент — {7558B7E5-7B26-4201-BEDB-00D5FF534523} — C:Program FilesMail.RuAgentmagent.exe
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: Справочные материалы — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~1MICROS~1OFFICE11REFIEBAR.DLL
O9 — Extra button: Перевести страницу — {DFDC8970-FD66-4385-B8C0-835A4AA1DA00} — C:Program FilesArsenal CompanySOCRAT InternetSocratInternet.dll
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O16 — DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) — http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 — Service: Bluetooth Service (btwdins) — Broadcom Corporation. — C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe
O23 — Service: Canon Camera Access Library 8 (CCALib8) — Canon Inc. — C:Program FilesCanonCALCALMAIN.exe
O23 — Service: Symantec Event Manager (ccEvtMgr) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 — Service: Symantec Password Validation (ccPwdSvc) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 — Service: Symantec Settings Manager (ccSetMgr) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
O23 — Service: Symantec AntiVirus Definition Watcher (DefWatch) — Symantec Corporation — C:Program FilesSymantec AntiVirusDefWatch.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: FLEXnet Licensing Service — Macrovision Europe Ltd. — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 — Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) — Intel Corporation — C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: NVIDIA Display Driver Service (NVSvc) — NVIDIA Corporation — C:WINDOWSsystem32nvsvc32.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Cyberlink RichVideo Service(CRVS) (RichVideo) — Unknown owner — C:Program FilesCyberLinkShared FilesRichVideo.exe
O23 — Service: SAVRoam (SavRoam) — symantec — C:Program FilesSymantec AntiVirusSavRoam.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Symantec Network Drivers Service (SNDSrvc) — Symantec Corporation — C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 — Service: Symantec AntiVirus — Symantec Corporation — C:Program FilesSymantec AntiVirusRtvscan.exe
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: NST ToolTipFixer (TTFixerService) — NeoSmart Technologies — C:Program FilesNeoSmart TechnologiesToolTipFixerToolTipFixer.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe—
End of file — 13385 bytes======Registry dump======
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-23 62080][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class — C:Program FilesJavajre1.6.0_07binssv.dll [2008-06-10 509328][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8984B388-A5BB-4DF7-B274-77B879E179DB}]
MailRuBHO Class — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-04-02 680624][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class — C:Documents and SettingsAdminApplication DataMicrosoftInternet Explorerqipsearchbar.dll [2009-02-10 119808][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2007-07-20 152064][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — c:program filesgooglegoogletoolbar1.dll [2008-12-01 720896][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AAF01C24-2681-4FE6-9EDC-F7772F810E73}]
Crypted Video Helper — C:Documents and SettingsAll UsersApplication DataMicrosoftMedia Playereurrvqu.dll [2007-04-06 610304][HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — &Google — c:program filesgooglegoogletoolbar1.dll [2008-12-01 720896]
{09900DE8-1DCA-443F-9243-26FF581438AF} — Спутник@Mail.Ru — C:Program FilesMail.RuSputnikMailRuSputnik.dll [2009-04-02 680624]
{468CD8A9-7C25-45FA-969E-3D925C689DC4} — Rambler-Ассистент — C:Program FilesRambler AssistantramblertoolbarU0.dll [2009-03-29 849392][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«IAAnotif»=C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe [2007-06-12 174872]
«AzMixerSel»=C:Program FilesRealtekInstallShieldAzMixerSel.exe [2006-07-17 53248]
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2007-06-06 8433664]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2007-06-06 81920]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2007-05-28 16132608]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 8.0ReaderReader_sl.exe [2008-10-15 39792]
«Lingvo Launcher»=C:Program FilesABBYY Lingvo 12Lvagent.exe [2008-05-03 258048]
«MAgent»=C:Program FilesMail.RuAgentMAgent.exe [2009-03-27 6209720]
«NwOpenMS»=C:Program FilesCommon FilesMicrosoft SharedWeb Foldersuqvrrue.dll [2007-04-04 610304]
«ccApp»=C:Program FilesCommon FilesSymantec SharedccApp.exe [2004-04-15 66656]
«vptray»=C:PROGRA~1SYMANT~1VPTray.exe [2004-04-15 124128][HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«CTFMON.EXE»=C:WINDOWSsystem32ctfmon.exe [2008-08-19 30208]
«VistaIcon»=C:Program FilesVistaDriveIconVistaDrv.exe [2008-01-02 132096]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2007-02-27 1254912]C:Documents and SettingsAll UsersГлавное менюПрограммыАвтозагрузка
BTTray.lnk — C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyNavLogon]
C:WINDOWSsystem32NavLogon.dll [2004-03-12 83176][HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32wpdshserviceobj.dll [2008-03-02 133632][HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=323
«NoSharedDocuments»=1
«NoSMConfigurePrograms»=1
«NoDriveAutoRun»=67108863
«NoDrives»=0[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=
«NoDriveTypeAutoRun»=
«NoDrives»=[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:WINDOWSsystem32sessmgr.exe»=»C:WINDOWSsystem32sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»======List of files/folders created in the last 1 months======
2009-04-02 15:45:08 —-SHD—- C:RECYCLER
2009-04-02 15:43:08 —-D—- C:WINDOWSsystem32CatRoot_bak
2009-04-02 13:38:02 —-A—- C:WINDOWSsystem32S32EVNT1.DLL
2009-04-02 13:37:54 —-D—- C:Program FilesSymantec AntiVirus
2009-04-02 10:13:36 —-D—- C:rsit
2009-04-02 10:13:36 —-D—- C:Program Filestrend micro
2009-04-02 10:09:03 —-D—- C:WINDOWStemp
2009-04-02 10:09:03 —-A—- C:ComboFix.txt
2009-04-02 10:07:38 —-D—- C:ComboFix
2009-04-02 09:10:48 —-A—- C:WINDOWSNIRCMD.exe
2009-04-02 01:29:24 —-A—- C:WINDOWSzip.exe
2009-04-02 01:29:24 —-A—- C:WINDOWSVFIND.exe
2009-04-02 01:29:24 —-A—- C:WINDOWSSWXCACLS.exe
2009-04-02 01:29:24 —-A—- C:WINDOWSSWSC.exe
2009-04-02 01:29:24 —-A—- C:WINDOWSSWREG.exe
2009-04-02 01:29:24 —-A—- C:WINDOWSsed.exe
2009-04-02 01:29:24 —-A—- C:WINDOWSgrep.exe
2009-04-02 01:29:24 —-A—- C:WINDOWSfdsv.exe
2009-04-02 01:29:19 —-D—- C:WINDOWSERDNT
2009-04-02 01:28:48 —-D—- C:Qoobox
2009-04-01 23:34:59 —-A—- C:WINDOWSUPGRADE.TXT
2009-04-01 22:42:29 —-D—- C:Program FilesOpera
2009-04-01 10:11:32 —-D—- C:WINDOWSie8updates
2009-04-01 10:11:27 —-HD—- C:WINDOWSmsdownld.tmp
2009-04-01 10:10:53 —-HDC—- C:WINDOWSie8
2009-04-01 08:47:18 —-A—- C:Documents and SettingsAll UsersApplication Dataeurrvqu.dll
2009-03-31 12:46:32 —-D—- C:Documents and SettingsAdminApplication DataQIP.Online
2009-03-31 12:46:09 —-D—- C:Program FilesQIP.Online
2009-03-31 12:41:11 —-D—- C:Documents and SettingsAdminApplication DataQIP
2009-03-31 12:40:48 —-D—- C:Program FilesQIP Infium
2009-03-31 12:27:49 —-HDC—- C:WINDOWS$NtUninstallKB956803$
2009-03-31 12:27:33 —-HDC—- C:WINDOWS$NtUninstallKB955839$
2009-03-31 12:24:52 —-A—- C:WINDOWSsystem32MRT.exe
2009-03-31 12:24:46 —-HDC—- C:WINDOWS$NtUninstallKB960225$
2009-03-31 12:24:40 —-HDC—- C:WINDOWS$NtUninstallKB956841$
2009-03-31 12:24:13 —-D—- C:Program FilesMicrosoft CAPICOM 2.1.0.2
2009-03-31 12:23:32 —-HDC—- C:WINDOWS$NtUninstallKB938464-v2$
2009-03-31 12:23:19 —-HDC—- C:WINDOWS$NtUninstallKB957097$
2009-03-31 12:23:14 —-HDC—- C:WINDOWS$NtUninstallKB960715$
2009-03-31 12:23:10 —-HDC—- C:WINDOWS$NtUninstallKB958687$
2009-03-31 12:22:43 —-HDC—- C:WINDOWS$NtUninstallKB958690$
2009-03-31 12:22:35 —-HDC—- C:WINDOWS$NtUninstallKB959772_WM11$
2009-03-31 12:22:20 —-HDC—- C:WINDOWS$NtUninstallKB954459$
2009-03-31 12:22:06 —-HDC—- C:WINDOWS$NtUninstallKB952069_WM9$
2009-03-31 12:21:26 —-D—- C:WINDOWSie7updates
2009-03-31 12:21:14 —-HDC—- C:WINDOWS$NtUninstallKB954600$
2009-03-31 12:21:10 —-HDC—- C:WINDOWS$NtUninstallKB958644$
2009-03-31 12:21:04 —-HDC—- C:WINDOWS$NtUninstallKB955069$
2009-03-31 12:20:59 —-HDC—- C:WINDOWS$NtUninstallKB956802$
2009-03-31 12:20:59 —-HD—- C:WINDOWS$hf_mig$
2009-03-31 12:20:53 —-D—- C:Program FilesMSXML 4.0
2009-03-31 12:20:41 —-HDC—- C:WINDOWS$NtUninstallKB954154_WM11$
2009-03-27 19:53:56 —-D—- C:Documents and SettingsAdminApplication Datarambler.ru
2009-03-27 19:53:55 —-D—- C:Program FilesRambler Assistant
2009-03-27 19:53:54 —-D—- C:Documents and SettingsAdminApplication DataMozilla
2009-03-27 19:52:42 —-D—- C:Documents and SettingsAdminApplication DataICQ
2009-03-27 19:52:22 —-D—- C:Program FilesICQ6.5
2009-03-27 19:29:09 —-D—- C:Documents and SettingsAdminApplication DataMra
2009-03-27 19:28:38 —-D—- C:Program FilesMail.Ru
2009-03-18 23:05:48 —-D—- C:WINDOWSsystem32блокнот
2009-03-13 22:55:45 —-A—- C:WINDOWSsystem32mucltui.dll.mui
2009-03-13 22:55:45 —-A—- C:WINDOWSsystem32mucltui.dll
2009-03-13 22:55:43 —-D—- C:WINDOWSsystem32SoftwareDistribution
2009-03-08 14:23:06 —-N—- C:WINDOWSsystem32msrating.dll.mui
2009-03-08 14:22:48 —-N—- C:WINDOWSsystem32mshta.exe.mui
2009-03-08 14:21:24 —-N—- C:WINDOWSsystem32ie4uinit.exe.mui
2009-03-08 14:21:04 —-N—- C:WINDOWSsystem32iedkcs32.dll.mui======List of files/folders modified in the last 1 months======
2009-04-06 09:26:57 —-A—- C:WINDOWSsystem32akelpad.ini
2009-04-06 09:12:57 —-AD—- C:WINDOWSsystem32
2009-04-06 09:12:57 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2009-04-06 09:06:45 —-A—- C:WINDOWSSchedLgU.Txt
2009-04-02 15:43:34 —-D—- C:WINDOWSsystem32CatRoot
2009-04-02 15:43:33 —-D—- C:WINDOWSsystem32CatRoot2
2009-04-02 15:43:31 —-HD—- C:WINDOWSinf
2009-04-02 15:43:08 —-D—- C:WINDOWS
2009-04-02 13:38:29 —-SHD—- C:WINDOWSInstaller
2009-04-02 13:38:29 —-D—- C:Program FilesCommon FilesSymantec Shared
2009-04-02 13:38:08 —-D—- C:Program FilesSymantec
2009-04-02 13:38:02 —-D—- C:WINDOWSsystem32drivers
2009-04-02 13:37:54 —-D—- C:Documents and SettingsAll UsersApplication DataSymantec
2009-04-02 13:37:54 —-AD—- C:Program Files
2009-04-02 10:08:22 —-A—- C:WINDOWSsystem.ini
2009-04-02 10:08:06 —-D—- C:WINDOWSAppPatch
2009-04-02 10:08:06 —-AD—- C:Program FilesCommon Files
2009-04-02 01:31:04 —-D—- C:WINDOWSsystem32config
2009-04-02 01:29:24 —-SHD—- C:System Volume Information
2009-04-02 01:29:24 —-D—- C:WINDOWSsystem32Restore
2009-04-02 00:13:05 —-D—- C:Program FilesInternet Explorer
2009-04-02 00:12:29 —-D—- C:WINDOWSsystem32ru-ru
2009-04-02 00:05:26 —-RSHDC—- C:WINDOWSsystem32dllcache
2009-04-01 22:41:24 —-D—- C:WINDOWSsystem32appmgmt
2009-04-01 12:44:05 —-SD—- C:Documents and SettingsAdminApplication DataMicrosoft
2009-04-01 10:45:28 —-A—- C:WINDOWSimsins.BAK
2009-04-01 10:12:47 —-D—- C:WINDOWSMedia
2009-04-01 10:12:47 —-D—- C:WINDOWSHelp
2009-04-01 08:45:57 —-A—- C:WINDOWSNeroDigital.ini
2009-03-31 19:49:15 —-D—- C:WINDOWSSoftwareDistribution
2009-03-31 12:33:49 —-D—- C:Program FilesQIP
2009-03-31 12:27:23 —-A—- C:WINDOWSwin.ini
2009-03-31 12:23:32 —-D—- C:WINDOWSWinSxS
2009-03-27 20:37:57 —-SD—- C:WINDOWSDownloaded Program Files
2009-03-27 19:53:57 —-HD—- C:Program FilesInstallShield Installation Information
2009-03-13 19:06:39 —-D—- C:Program FilesCity Guide 2.2
2009-03-13 19:01:19 —-D—- C:Program FilesCyberLink
2009-03-13 18:23:29 —-A—- C:WINDOWScdplayer.ini
2009-03-08 14:23:22 —-A—- C:WINDOWSsystem32ieframe.dll.mui
2009-03-08 14:21:22 —-A—- C:WINDOWSsystem32advpack.dll.mui
2009-03-08 14:09:26 —-A—- C:WINDOWSsystem32iedkcs32.dll
2009-03-08 04:41:16 —-A—- C:WINDOWSsystem32mshtml.dll
2009-03-08 04:39:48 —-A—- C:WINDOWSsystem32ieframe.dll
2009-03-08 04:34:58 —-A—- C:WINDOWSsystem32wininet.dll
2009-03-08 04:34:56 —-A—- C:WINDOWSsystem32urlmon.dll
2009-03-08 04:34:48 —-A—- C:WINDOWSsystem32WinFXDocObj.exe
2009-03-08 04:34:48 —-A—- C:WINDOWSsystem32webcheck.dll
2009-03-08 04:34:30 —-A—- C:WINDOWSsystem32licmgr10.dll
2009-03-08 04:34:28 —-A—- C:WINDOWSsystem32url.dll
2009-03-08 04:34:18 —-A—- C:WINDOWSsystem32occache.dll
2009-03-08 04:34:18 —-A—- C:WINDOWSsystem32msrating.dll
2009-03-08 04:33:40 —-A—- C:WINDOWSsystem32corpol.dll
2009-03-08 04:33:26 —-A—- C:WINDOWSsystem32jsproxy.dll
2009-03-08 04:33:16 —-A—- C:WINDOWSsystem32jscript.dll
2009-03-08 04:33:08 —-A—- C:WINDOWSsystem32ieaksie.dll
2009-03-08 04:33:06 —-A—- C:WINDOWSsystem32vbscript.dll
2009-03-08 04:33:02 —-A—- C:WINDOWSsystem32ieakeng.dll
2009-03-08 04:32:56 —-A—- C:WINDOWSsystem32admparse.dll
2009-03-08 04:32:54 —-A—- C:WINDOWSsystem32ie4uinit.exe
2009-03-08 04:32:52 —-A—- C:WINDOWSsystem32ieudinit.exe
2009-03-08 04:32:52 —-A—- C:WINDOWSsystem32ieakui.dll
2009-03-08 04:32:50 —-A—- C:WINDOWSsystem32iesetup.dll
2009-03-08 04:32:50 —-A—- C:WINDOWSsystem32iernonce.dll
2009-03-08 04:32:48 —-A—- C:WINDOWSsystem32advpack.dll
2009-03-08 04:32:46 —-A—- C:WINDOWSsystem32inseng.dll
2009-03-08 04:32:26 —-A—- C:WINDOWSsystem32msfeeds.dll
2009-03-08 04:32:22 —-A—- C:WINDOWSsystem32iertutil.dll
2009-03-08 04:32:04 —-A—- C:WINDOWSsystem32mstime.dll
2009-03-08 04:31:56 —-A—- C:WINDOWSsystem32iepeers.dll
2009-03-08 04:31:54 —-A—- C:WINDOWSsystem32msfeedssync.exe
2009-03-08 04:31:52 —-A—- C:WINDOWSsystem32msfeedsbs.dll
2009-03-08 04:31:52 —-A—- C:WINDOWSsystem32icardie.dll
2009-03-08 04:31:44 —-A—- C:WINDOWSsystem32dxtmsft.dll
2009-03-08 04:31:38 —-A—- C:WINDOWSsystem32imgutil.dll
2009-03-08 04:31:38 —-A—- C:WINDOWSsystem32dxtrans.dll
2009-03-08 04:31:36 —-A—- C:WINDOWSsystem32pngfilt.dll
2009-03-08 04:31:26 —-A—- C:WINDOWSsystem32mshtmled.dll
2009-03-08 04:31:18 —-A—- C:WINDOWSsystem32mshtmler.dll
2009-03-08 04:31:02 —-A—- C:WINDOWSsystem32mshta.exe
2009-03-08 04:22:46 —-A—- C:WINDOWSsystem32ieui.dll
2009-03-08 04:22:38 —-A—- C:WINDOWSsystem32msls31.dll
2009-03-08 04:11:12 —-A—- C:WINDOWSsystem32ieapfltr.dll======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-15 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-08-19 14720]
R1 SAVRT;SAVRT; ??C:Program FilesSymantec AntiVirussavrt.sys []
R1 SYMTDI;SYMTDI; C:WINDOWSSystem32DriversSYMTDI.SYS [2004-03-11 263616]
R1 WmiAcpi;Интерфейс управления для ACPI Microsoft Windows; C:WINDOWSsystem32DRIVERSwmiacpi.sys [2008-08-20 8832]
R2 mdmxsdk;mdmxsdk; C:WINDOWSsystem32DRIVERSmdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:WINDOWSsystem32DRIVERSrimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:WINDOWSsystem32DRIVERSrimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:WINDOWSsystem32DRIVERSrixdptsk.sys [2007-03-21 37376]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2008-07-08 62848]
R2 SAVRTPEL;SAVRTPEL; ??C:Program FilesSymantec AntiVirusSavrtpel.sys []
R3 Arp1394;Протокол клиента 1394 ARP; C:WINDOWSsystem32DRIVERSarp1394.sys [2008-08-19 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:WINDOWSsystem32DRIVERSb57xp32.sys [2007-10-22 161792]
R3 btaudio;Аудиоустройство Bluetooth; C:WINDOWSsystem32driversbtaudio.sys [2007-03-23 539072]
R3 BTDriver;Драйвер виртуальной связи Bluetooth; C:WINDOWSsystem32DRIVERSbtport.sys [2007-03-23 37424]
R3 BTKRNL;Нумератор шины Bluetooth; C:WINDOWSsystem32DRIVERSbtkrnl.sys [2007-03-31 876384]
R3 CmBatt;Драйвер батареи с ACPI-управлением (Майкрософт); C:WINDOWSsystem32DRIVERSCmBatt.sys [2008-08-20 13952]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-15 144384]
R3 hidshim;Service for HID-KMDF Shim layer; C:WINDOWSsystem32DRIVERShidshim.sys [2007-05-30 5632]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-15 10368]
R3 HSF_DPV;HSF_DPV; C:WINDOWSsystem32DRIVERSHSF_DPV.sys [2006-12-22 988800]
R3 HSFHWAZL;HSFHWAZL; C:WINDOWSsystem32DRIVERSHSFHWAZL.sys [2006-12-22 209664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2007-05-30 4424192]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2008-04-15 12160]
R3 NAVENG;NAVENG; ??C:PROGRA~1COMMON~1SYMANT~1VIRUSD~120090401.003naveng.sys []
R3 NAVEX15;NAVEX15; ??C:PROGRA~1COMMON~1SYMANT~1VIRUSD~120090401.003navex15.sys []
R3 NETw4x32;Драйвер адаптера Intel(R) Wireless WiFi Link для Windows XP 32 Bit; C:WINDOWSsystem32DRIVERSNETw4x32.sys [2007-04-27 2203520]
R3 NIC1394;Сетевой драйвер 1394; C:WINDOWSsystem32DRIVERSnic1394.sys [2008-08-19 61824]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2007-06-06 6349696]
R3 sdbus;sdbus; C:WINDOWSsystem32DRIVERSsdbus.sys [2008-04-15 79232]
R3 SymEvent;SymEvent; ??C:Program FilesSymantecSYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; C:WINDOWSSystem32DriversSYMREDRV.SYS [2004-03-11 16288]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-15 32128]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2008-08-20 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2008-08-20 59520]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-15 20608]
R3 usbvideo;USB-видеоустройство (WDM); C:WINDOWSSystem32Driversusbvideo.sys [2008-08-20 121984]
R3 Wdf01000;Wdf01000; C:WINDOWSsystem32DRIVERSWdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:WINDOWSsystem32DRIVERSHSF_CNXT.sys [2006-12-22 730112]
R3 winbondhidcir;Winbond HID CIR Receiver; C:WINDOWSsystem32DRIVERSwinbondhidcir.sys [2007-05-30 21504]
S3 BTWDNDIS;Сервер доступа к локальной сети Bluetooth; C:WINDOWSsystem32DRIVERSbtwdndis.sys [2007-03-23 149123]
S3 btwhid;btwhid; C:WINDOWSsystem32DRIVERSbtwhid.sys [2007-03-31 55352]
S3 btwmodem;Модем Bluetooth; C:WINDOWSsystem32DRIVERSbtwmodem.sys [2007-03-23 37280]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:WINDOWSSystem32Driversbtwusb.sys [2007-03-23 67960]
S3 catchme;catchme; ??C:WINDOWSTEMPcatchme.sys []
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-08-20 17024]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-08-20 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-08-20 10880]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-08-20 11136]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-08-20 15232]
S3 UIUSys;Conexant Setup API; C:WINDOWSsystem32DRIVERSUIUSYS.SYS []
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2008-08-19 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-08-19 26368]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-08-20 19200]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2008-03-02 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2008-03-02 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe [2007-04-01 273256]
R2 CCALib8;Canon Camera Access Library 8; C:Program FilesCanonCALCALMAIN.exe [2005-09-30 96341]
R2 ccEvtMgr;Symantec Event Manager; C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe [2004-04-15 255072]
R2 ccSetMgr;Symantec Settings Manager; C:Program FilesCommon FilesSymantec SharedccSetMgr.exe [2004-04-15 242784]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:Program FilesSymantec AntiVirusDefWatch.exe [2004-04-15 29928]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe [2007-06-12 355096]
R2 MDM;Machine Debug Manager; C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2007-06-06 163908]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:Program FilesCyberLinkShared FilesRichVideo.exe [2005-08-08 167936]
R2 Symantec AntiVirus;Symantec AntiVirus; C:Program FilesSymantec AntiVirusRtvscan.exe [2004-04-15 1225960]
R2 TTFixerService;NST ToolTipFixer; C:Program FilesNeoSmart TechnologiesToolTipFixerToolTipFixer.exe [2007-06-27 10240]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2007-10-24 33800]
S3 ccPwdSvc;Symantec Password Validation; C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe [2004-04-15 87136]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2008-11-22 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:WINDOWSMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; c:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2007-10-11 864256]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2003-07-28 89136]
S3 SavRoam;SAVRoam; C:Program FilesSymantec AntiVirusSavRoam.exe [2004-04-15 169192]
S3 SNDSrvc;Symantec Network Drivers Service; C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe [2004-03-11 193760]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:Program FilesWindows Media Playerwmpnetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-15 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2007-10-11 122880]
EOF
