68 троянов +мелочь

Прошу помощи! Недавно я скачал драйвер ATI с помощью программы Driver Genius. Во время попытки установки внезапно обнаружились 7 троянов. Запустив AVG я обнаружил более 60 троянов. Spybot так же обнаружил нескольких шпионов. Полная чистка компьютера антивирусом и антишпиком вроде бы удалило всё, но я не уверен. gmer выдал это:GMER 1.0.15.15507 — http://www.gmer.net
Rootkit quick scan 2010-12-24 20:49:53
Windows 5.1.2600 Service Pack 3 Harddisk0DR0 -> DeviceIdeIdeDeviceP0T0L0-3 ST31000528AS CC38
Running: gmer.exe; Driver: C:DOCUME~19335~1LOCALS~1Tempkfwiaaoc.sys

—- Devices — GMER 1.0.15 —-

Device FileSystemNtfs Ntfs 8A2097C0
Device FileSystemNtfs Ntfs 88CFC0D8
Device FileSystemNtfs Ntfs 88AA4648
Device FileSystemNtfs Ntfs 88B1E008

AttachedDevice FileSystemNtfs Ntfs dwprot.sys
AttachedDevice DriverTcpip DeviceIp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice DriverTcpip DeviceIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice DriverTcpip DeviceIp dwprot.sys
AttachedDevice DriverTcpip DeviceTcp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice DriverTcpip DeviceTcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice DriverTcpip DeviceTcp dwprot.sys
AttachedDevice DriverTcpip DeviceUdp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice DriverTcpip DeviceUdp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice DriverTcpip DeviceUdp dwprot.sys
AttachedDevice DriverTcpip DeviceRawIp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
AttachedDevice DriverTcpip DeviceRawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice DriverTcpip DeviceRawIp dwprot.sys

—- EOF — GMER 1.0.15 —-
Откровенно говоря я не понимаю суть результата, но мне всё это не нравится.

Теперь RSIT:
Logfile of random’s system information tool 1.08 (written by random/random)
Run by Администратор at 2010-12-24 20:44:53
Microsoft Windows XP Professional Service Pack 3
System drive C: has 315 GB (33%) free of 954 GB
Total RAM: 2047 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:44:59, on 24.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:Program FilesAVGAVG9avgchsvx.exe
C:Program FilesAVGAVG9avgrsx.exe
C:Program FilesAVGAVG9avgcsrvx.exe
C:WINDOWSExplorer.EXE
C:PROGRA~1AVGAVG9avgtray.exe
C:Program FilesASUSAASP1.00.05aaCenter.exe
C:Program FilesAnalog DevicesCoresmax4pnp.exe
C:Program FilesPC Tools Firewall PlusFirewallGUI.exe
C:program filessteamsteam.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe
C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
C:Program FilesAVGAVG9avgwdsvc.exe
C:Program FilesLogMeIn Hamachihamachi-2.exe
C:Program FilesICQ6ToolbarICQ Service.exe
C:Program FilesAVGAVG9avgnsx.exe
C:Program FilesAutodesk3ds Max 9mentalraysatelliteraysat_3dsmax9_32server.exe
C:Program FilesCDBurnerXPNMSAccessU.exe
C:Program FilesPC Tools Firewall PlusFWService.exe
C:WINDOWSsystem32PnkBstrA.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
C:Program FilesAVGAVG9avgemc.exe
C:WINDOWSsystem32mqsvc.exe
C:Program FilesAVGAVG9avgcsrvx.exe
C:WINDOWSsystem32mqtgsvc.exe
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesTuneUp Utilities 2010TuneUpUtilitiesService32.exe
C:Program FilesTuneUp Utilities 2010TuneUpUtilitiesApp32.exe
C:WINDOWShh.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesMozilla Firefoxplugin-container.exe
C:Program FilesDriver-SoftDriverGeniusDriverGenius.exe
C:DownloadsПрограммыRSIT.exe
C:Program Filestrend microАдминистратор.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://webalta.ru
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://webalta.ru
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ссылки
R3 — URLSearchHook: (no name) — — (no file)
R3 — URLSearchHook: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: AVG Safe Search — {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} — C:Program FilesAVGAVG9avgssie.dll
O2 — BHO: Windows Live ID Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: IE 4.x-6.x BHO for Download Master — {9961627E-4059-41B4-8E0E-A7D6B3854ADF} — C:PROGRA~1DOWNLO~1dmiehlp.dll
O2 — BHO: SkypeIEPluginBHO — {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O3 — Toolbar: ICQToolBar — {855F3B16-6D32-4fe6-8A56-BBB695989046} — C:Program FilesICQ6ToolbarICQToolBar.dll
O3 — Toolbar: DM Bar — {0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — C:Program FilesDownload Masterdmbar.dll
O3 — Toolbar: (no name) — {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} — (no file)
O4 — HKLM..Run: [AVG9_TRAY] C:PROGRA~1AVGAVG9avgtray.exe
O4 — HKLM..Run: [JMB36X IDE Setup] C:WINDOWSRaidToolxInsIDE.exe
O4 — HKLM..Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 — HKLM..Run: [AsusServiceProvider] C:Program FilesASUSAASP1.00.05aaCenter.exe
O4 — HKLM..Run: [36X Raid Configurer] C:WINDOWSsystem32xRaidSetup.exe boot
O4 — HKLM..Run: [SoundMAXPnP] C:Program FilesAnalog DevicesCoresmax4pnp.exe
O4 — HKLM..Run: [SoundMAX] «C:Program FilesAnalog DevicesSoundMAXSmax4.exe» /tray
O4 — HKLM..Run: [Adobe ARM] «C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe»
O4 — HKLM..Run: [StartCCC] «C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe» MSRun
O4 — HKLM..Run: [00PCTFW] «C:Program FilesPC Tools Firewall PlusFirewallGUI.exe» -s
O4 — HKCU..Run: [Steam] «c:program filessteamsteam.exe» -silent
O4 — HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 — HKCU..Run: [ISUSPM] «C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe» -scheduler
O4 — HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 — HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 — HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O6 — HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 — Extra context menu item: &Экспорт в Microsoft Excel — res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 — Extra context menu item: Закачать ВСЕ при помощи Download Master — C:Program FilesDownload Masterdmieall.htm
O8 — Extra context menu item: Закачать при помощи Download Master — C:Program FilesDownload Masterdmie.htm
O8 — Extra context menu item: Передать на удаленную закачку DM — C:Program FilesDownload Masterremdown.htm
O9 — Extra button: Skype Plug-In — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra ‘Tools’ menuitem: Skype Plug-In — {898EA8C8-E7FF-479B-8935-AEC46303B9E5} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O9 — Extra button: Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra ‘Tools’ menuitem: &Download Master — {8DAE90AD-4583-4977-9DD4-4360F7A45C74} — C:Program FilesDownload Masterdmaster.exe
O9 — Extra button: (no name) — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 — {e2e2dd38-d088-4134-82b7-f2ba38496583} — C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program FilesICQ6.5ICQ.exe
O16 — DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) — http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 — HKLMSystemCCSServicesTcpip..{0BA17EFA-2EB9-48C4-8500-31D656A94E46}: NameServer = 192.168.1.1
O17 — HKLMSystemCS1ServicesTcpip..{0BA17EFA-2EB9-48C4-8500-31D656A94E46}: NameServer = 192.168.1.1
O17 — HKLMSystemCS2ServicesTcpip..{0BA17EFA-2EB9-48C4-8500-31D656A94E46}: NameServer = 192.168.1.1
O17 — HKLMSystemCS3ServicesTcpip..{0BA17EFA-2EB9-48C4-8500-31D656A94E46}: NameServer = 192.168.1.1
O18 — Protocol: linkscanner — {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} — C:Program FilesAVGAVG9avgpp.dll
O18 — Protocol: skype-ie-addon-data — {91774881-D725-4E58-B298-07617B9B86A8} — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 — AppInit_DLLs:
O20 — Winlogon Notify: avgrsstarter — avgrsstx.dll (file missing)
O22 — SharedTaskScheduler: Предзагрузчик Browseui — {438755C2-A8BA-11D1-B96B-00A0C90312E1} — C:WINDOWSsystem32browseui.dll
O22 — SharedTaskScheduler: Демон кэша категорий компонентов — {8C7461EF-2B13-11d2-BE35-3078302C2030} — C:WINDOWSsystem32browseui.dll
O23 — Service: Application Driver Auto Removal Service (01) (appdrvrem01) — Protection Technology — C:WINDOWSSystem32appdrvrem01.exe
O23 — Service: Ati HotKey Poller — ATI Technologies Inc. — C:WINDOWSsystem32Ati2evxx.exe
O23 — Service: ATI Smart — Unknown owner — C:WINDOWSsystem32ati2sgag.exe
O23 — Service: Autodesk Licensing Service — Autodesk — C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
O23 — Service: AVG Free E-mail Scanner (avg9emc) — AVG Technologies CZ, s.r.o. — C:Program FilesAVGAVG9avgemc.exe
O23 — Service: AVG Free WatchDog (avg9wd) — AVG Technologies CZ, s.r.o. — C:Program FilesAVGAVG9avgwdsvc.exe
O23 — Service: Symantec Event Manager (ccEvtMgr) — Unknown owner — c:Program FilesCommon FilesSymantec SharedccEvtMgr.exe (file missing)
O23 — Service: Symantec Internet Security Password Validation (ccISPwdSvc) — Unknown owner — c:Program FilesNorton Internet SecurityccPwdSvc.exe (file missing)
O23 — Service: Symantec Settings Manager (ccSetMgr) — Unknown owner — c:Program FilesCommon FilesSymantec SharedccSetMgr.exe (file missing)
O23 — Service: COM Host (comHost) — Unknown owner — c:Program FilesNorton Internet SecuritycomHost.exe (file missing)
O23 — Service: Dragon Age: Origins — Content Updater (DAUpdaterSvc) — BioWare — C:Program FilesDragon Age Originsbin_shipDAUpdaterSvc.Service.exe
O23 — Service: Журнал событий (Eventlog) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) — LogMeIn Inc. — C:Program FilesLogMeIn Hamachihamachi-2.exe
O23 — Service: ICQ Service — Unknown owner — C:Program FilesICQ6ToolbarICQ Service.exe
O23 — Service: InstallDriver Table Manager (IDriverT) — Macrovision Corporation — C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 — Service: Служба COM записи компакт-дисков IMAPI (ImapiService) — Корпорация Майкрософт — C:WINDOWSsystem32imapi.exe
O23 — Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) — Unknown owner — C:Program FilesAutodesk3ds Max 9mentalraysatelliteraysat_3dsmax9_32server.exe
O23 — Service: NetMeeting Remote Desktop Sharing (mnmsrvc) — Корпорация Майкрософт — C:WINDOWSsystem32mnmsrvc.exe
O23 — Service: NMSAccess — Unknown owner — C:Program FilesCDBurnerXPNMSAccessU.exe
O23 — Service: Norton Protection Center Service (NSCService) — Unknown owner — c:Program FilesCommon FilesSymantec SharedSecurity ConsoleNSCSRVCE.EXE (file missing)
O23 — Service: PC Tools Firewall Plus (PCToolsFirewallPlus) — Unknown owner — C:Program FilesPC Tools Firewall PlusFWService.exe
O23 — Service: Plug and Play (PlugPlay) — Корпорация Майкрософт — C:WINDOWSsystem32services.exe
O23 — Service: PnkBstrA — Unknown owner — C:WINDOWSsystem32PnkBstrA.exe
O23 — Service: Stalker (Pro) Drivers Auto Removal (pr2ajtsb) (pr2ajtsb) — 1C: Multimedia — C:WINDOWSsystem32pr2ajtsb.exe
O23 — Service: Stalker (Pro) Drivers Auto Removal (pr2ajtsc) (pr2ajtsc) — 1C: Multimedia — C:WINDOWSsystem32pr2ajtsc.exe
O23 — Service: Ghost Recon — Advanced Warfighter 2 Drivers Auto Removal (pr2am84b) (pr2am84b) — Russobit-M — C:WINDOWSsystem32pr2am84b.exe
O23 — Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) — Корпорация Майкрософт — C:WINDOWSsystem32sessmgr.exe
O23 — Service: Смарт-карты (SCardSvr) — Корпорация Майкрософт — C:WINDOWSSystem32SCardSvr.exe
O23 — Service: Symantec Network Drivers Service (SNDSrvc) — Unknown owner — c:Program FilesCommon FilesSymantec SharedSNDSrvc.exe (file missing)
O23 — Service: Журналы и оповещения производительности (SysmonLog) — Корпорация Майкрософт — C:WINDOWSsystem32smlogsvc.exe
O23 — Service: TuneUp Drive Defrag Service (TuneUp.Defrag) — TuneUp Software — C:Program FilesTuneUp Utilities 2010TuneUpDefragService.exe
O23 — Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) — TuneUp Software — C:Program FilesTuneUp Utilities 2010TuneUpUtilitiesService32.exe
O23 — Service: Теневое копирование тома (VSS) — Корпорация Майкрософт — C:WINDOWSSystem32vssvc.exe
O23 — Service: Адаптер производительности WMI (WmiApSrv) — Корпорация Майкрософт — C:WINDOWSsystem32wbemwmiapsrv.exe

—
End of file — 12578 bytes

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search — C:Program FilesAVGAVG9avgssie.dll [2010-11-24 1623392]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9961627E-4059-41B4-8E0E-A7D6B3854ADF}]
IE 4.x-6.x BHO for Download Master — C:PROGRA~1DOWNLO~1dmiehlp.dll [2010-07-01 165184]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In — C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll [2010-09-27 1250696]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} — ICQToolBar — C:Program FilesICQ6ToolbarICQToolBar.dll [2009-06-01 962808]
{0E1230F8-EA50-42A9-983C-D22ABC2EED3C} — DM Bar — C:Program FilesDownload Masterdmbar.dll [2007-11-26 180224]
{0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7}

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«AVG9_TRAY»=C:PROGRA~1AVGAVG9avgtray.exe [2010-11-24 2069344]
«JMB36X IDE Setup»=C:WINDOWSRaidToolxInsIDE.exe [2010-09-07 43608]
«MsmqIntCert»=regsvr32 /s mqrt.dll []
«AsusServiceProvider»=C:Program FilesASUSAASP1.00.05aaCenter.exe [2006-08-03 591360]
«36X Raid Configurer»=C:WINDOWSsystem32xRaidSetup.exe [2010-09-07 1976920]
«SoundMAXPnP»=C:Program FilesAnalog DevicesCoresmax4pnp.exe [2006-06-23 847872]
«SoundMAX»=C:Program FilesAnalog DevicesSoundMAXSmax4.exe [2006-05-18 729088]
«Adobe ARM»=C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [2010-09-20 932288]
«StartCCC»=C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe [2009-09-18 98304]
«00PCTFW»=C:Program FilesPC Tools Firewall PlusFirewallGUI.exe [2010-11-29 2676696]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Steam»=c:program filessteamsteam.exe [2010-11-17 1242448]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]
«ISUSPM»=C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe [2006-09-10 218032]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregccApp.exe»]
c:Program FilesCommon FilesSymantec SharedccApp.exe []

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregCTFMON.EXE]
C:WINDOWSsystem32ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDownload Master]
C:Program FilesDownload Masterdmaster.exe [2010-12-15 3902272]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDriverChecker.exe]
[]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupreghamachi-2-ui.exe» —auto-start]
C:Program FilesLogMeIn Hamachihamachi-2-ui.exe [2010-12-06 1910152]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregICQ]
C:Program FilesICQ6.5ICQ.exe [2009-11-16 172792]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregJMB36X Configure]
C:WINDOWSsystem32JMRaidTool.exe [2006-06-02 385024]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregJMB36X IDE Setup]
C:WINDOWSJMJMInsIDE.exe [2006-10-30 36864]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLogMeIn Hamachi Ui]
C:Program FilesLogMeIn Hamachihamachi-2-ui.exe [2010-12-06 1910152]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregmsmsgs.exe» /background]
[]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]
C:Program FilesSkypePhoneSkype.exe [2010-10-11 14940040]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSoundMAX]
C:Program FilesAnalog DevicesSoundMAXSmax4.exe [2006-05-18 729088]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSoundMAXPnP]
C:Program FilesAnalog DevicesCoresmax4pnp.exe [2006-06-23 847872]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupreguTorrent]
C:Program FilesuTorrentuTorrent.exe [2010-12-17 395640]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupreguTorrent.exe»]
C:Program FilesuTorrentuTorrent.exe [2010-12-17 395640]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Главное меню^Программы^Автозагрузка^Microsoft Office.lnk]
C:PROGRA~1MICROS~2Office10OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^Администратор^Главное меню^Программы^Автозагрузка^HDDlife.lnk]
[]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
«AppInit_DLLs»=» «

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAtiExtEvent]
C:WINDOWSsystem32Ati2evxx.dll [2010-11-26 159744]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyavgrsstarter]
C:WINDOWSsystem32avgrsstx.dll [2010-07-15 12536]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPEVSystemStart]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalprocexp90.Sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSASCORE]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkHamachi2Svc]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPEVSystemStart]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkprocexp90.Sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkSASCORE]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«HonorAutoRunSetting»=1
«NoDriveTypeAutoRun»=60

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesuTorrentuTorrent.exe»=»C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent»
«C:Program FilesSteamSteam.exe»=»C:Program FilesSteamSteam.exe:*:Enabled:Steam»
«C:Program FilesCAPCOMLOSTPLANETCOLONIESLostPlanetColoniesDX9.exe»=»C:Program FilesCAPCOMLOSTPLANETCOLONIESLostPlanetColoniesDX9.exe:*:Enabled:LOSTPLANETCOLONIES_DX9»
«C:Program FilesCAPCOMLOSTPLANETCOLONIESLostPlanetColoniesDX10.exe»=»C:Program FilesCAPCOMLOSTPLANETCOLONIESLostPlanetColoniesDX10.exe:*:Enabled:LOSTPLANETCOLONIES_DX10»
«C:Program FilesSierra EntertainmentWorld in Conflictwic.exe»=»C:Program FilesSierra EntertainmentWorld in Conflictwic.exe:*:Enabled:World in Conflict»
«C:Program FilesSierra EntertainmentWorld in Conflictwic_online.exe»=»C:Program FilesSierra EntertainmentWorld in Conflictwic_online.exe:*:Enabled:World in Conflict — игра через Интернет»
«C:Program FilesSierra EntertainmentWorld in Conflictwic_ds.exe»=»C:Program FilesSierra EntertainmentWorld in Conflictwic_ds.exe:*:Enabled:World in Conflict — выделенный сервер»
«C:Program FilesNapoleon — Total WarNapoleon.exe»=»C:Program FilesNapoleon — Total WarNapoleon.exe:*:Enabled:Napoleon — Total War»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ6»
«C:Program FilesBukaDawn of War — Полное изданиеDawn of War — SoulstormSoulstorm.exe»=»C:Program FilesBukaDawn of War — Полное изданиеDawn of War — SoulstormSoulstorm.exe:*:Enabled:Soulstorm»
«C:Program FilesAVGAVG9avgemc.exe»=»C:Program FilesAVGAVG9avgemc.exe:*:Enabled:avgemc.exe»
«C:Program FilesAVGAVG9avgupd.exe»=»C:Program FilesAVGAVG9avgupd.exe:*:Enabled:avgupd.exe»
«C:Program FilesAVGAVG9avgnsx.exe»=»C:Program FilesAVGAVG9avgnsx.exe:*:Enabled:avgnsx.exe»
«C:Program FilesR.G. MechanicsBatman Arkham AsylumBinariesShippingPC-BmGame.exe»=»C:Program FilesR.G. MechanicsBatman Arkham AsylumBinariesShippingPC-BmGame.exe:*:Enabled:BmGame»
«C:WINDOWSsystem32PnkBstrA.exe»=»C:WINDOWSsystem32PnkBstrA.exe:*:Enabled:PnkBstrA»
«C:WINDOWSsystem32PnkBstrB.exe»=»C:WINDOWSsystem32PnkBstrB.exe:*:Enabled:PnkBstrB»
«C:Program FilesActivisionCall of Duty 4 — Modern Warfareiw3mp.exe»=»C:Program FilesActivisionCall of Duty 4 — Modern Warfareiw3mp.exe:*:Enabled:Call of Duty(R) 4 — Modern Warfare(TM) «
«C:Program FilesR.G. MechanicsFallout 3Fallout3.exe»=»C:Program FilesR.G. MechanicsFallout 3Fallout3.exe:*:Enabled:Fallout3»
«C:Program FilesNAMCO BANDAI GamesWarhammer® Печать Хаоса™Warhammer.exe»=»C:Program FilesNAMCO BANDAI GamesWarhammer® Печать Хаоса™Warhammer.exe:*:Enabled:Warhammer® Печать Хаоса™ Марш разрушения»
«C:Program FilesSteamsteamappscommonfear2FEAR2.exe»=»C:Program FilesSteamsteamappscommonfear2FEAR2.exe:*:Enabled:F.E.A.R. 2: Project Origin»
«C:Program FilesSplinter Cell ConvictionsrcsystemConviction_game.exe»=»C:Program FilesSplinter Cell ConvictionsrcsystemConviction_game.exe:*:Enabled:Conviction_game»
«C:Program FilesBukaDawn of War — Dark CrusadeDarkCrusade.exe»=»C:Program FilesBukaDawn of War — Dark CrusadeDarkCrusade.exe:*:Enabled:DarkCrusade»
«C:Program FilesGSC World PublishingS.T.A.L.K.E.RbinXR_3DA.exe»=»C:Program FilesGSC World PublishingS.T.A.L.K.E.RbinXR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. (CLI)»
«C:Program FilesGSC World PublishingS.T.A.L.K.E.RbindedicatedXR_3DA.exe»=»C:Program FilesGSC World PublishingS.T.A.L.K.E.RbindedicatedXR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. (SRV)»
«C:Program FilesActivisionWolfensteinMPWolf2MP.exe»=»C:Program FilesActivisionWolfensteinMPWolf2MP.exe:*:Enabled:Wolfenstein(TM)»
«C:Program FilesActivisionWolfensteinMPWolf2MPLite.exe»=»C:Program FilesActivisionWolfensteinMPWolf2MPLite.exe:*:Enabled:Wolfenstein(TM)»
«C:Program FilesCIV IV ColonizationColonization.exe»=»C:Program FilesCIV IV ColonizationColonization.exe:*:Enabled:Sid Meier’s Civilization IV: Колонизация»
«C:Program FilesGrand Theft Auto IV — Episodes From Liberty CityEFLC.exe»=»C:Program FilesGrand Theft Auto IV — Episodes From Liberty CityEFLC.exe:*:Enabled:Grand Theft Auto IV — Episodes From Liberty City»
«C:Program FilesUbisoftUbisoft Game LauncherUbisoftGameLauncher.exe»=»C:Program FilesUbisoftUbisoft Game LauncherUbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher»
«C:DownloadsПрограммыutorrent.exe»=»C:DownloadsПрограммыutorrent.exe:*:Enabled:µTorrent»
«C:Program FilesAutodesk3ds Max 93dsmax.exe»=»C:Program FilesAutodesk3ds Max 93dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit»
«C:Program FilesAutodeskBackburnermonitor.exe»=»C:Program FilesAutodeskBackburnermonitor.exe:*:Enabled:backburner 2.3 monitor»
«C:Program FilesAutodeskBackburnermanager.exe»=»C:Program FilesAutodeskBackburnermanager.exe:*:Enabled:backburner 2.3 manager»
«C:Program FilesAutodeskBackburnerserver.exe»=»C:Program FilesAutodeskBackburnerserver.exe:*:Enabled:backburner 2.3 server»
«C:Program FilesSteamsteamappscommonleft 4 deadleft4dead.exe»=»C:Program FilesSteamsteamappscommonleft 4 deadleft4dead.exe:*:Enabled:Left 4 Dead»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype»
«C:Program FilesSkypePlugin ManagerskypePM.exe»=»C:Program FilesSkypePlugin ManagerskypePM.exe:*:Enabled:Skype Extras Manager»
«C:Program FilesSteamsteamappscommonleft 4 deadbinSDKLauncher.exe»=»C:Program FilesSteamsteamappscommonleft 4 deadbinSDKLauncher.exe:*:Enabled:Left 4 Dead Authoring Tools»
«C:Program FilesSteamsteamappscommonleft 4 deadsrcds.exe»=»C:Program FilesSteamsteamappscommonleft 4 deadsrcds.exe:*:Enabled:Left 4 Dead Dedicated Server»
«C:WINDOWSsystem32mqsvc.exe»=»C:WINDOWSsystem32mqsvc.exe:*:Enabled:Message Queuing»
«C:Program FilesSteamsteamappscommondawn of war 2DOW2.exe»=»C:Program FilesSteamsteamappscommondawn of war 2DOW2.exe:*:Enabled:WarhammerВ® 40,000в„ў: Dawn of WarВ® II – Chaos Risingв„ў»
«C:Program FilesSteamsteamappscommonleft 4 dead 2srcds.exe»=»C:Program FilesSteamsteamappscommonleft 4 dead 2srcds.exe:*:Enabled:Left 4 Dead 2 Dedicated Server»
«C:Program FilesSteamsteamappscommonleft 4 dead 2left4dead2.exe»=»C:Program FilesSteamsteamappscommonleft 4 dead 2left4dead2.exe:*:Enabled:Left 4 Dead 2»
«C:Program FilesSteamsteamappscommonleft 4 dead 2binSDKLauncher.exe»=»C:Program FilesSteamsteamappscommonleft 4 dead 2binSDKLauncher.exe:*:Enabled:Left 4 Dead 2 Authoring Tools»
«C:DownloadsПрограммыMovieBario_FM.exe»=»C:DownloadsПрограммыMovieBario_FM.exe:*:Enabled:Facemoods Installer»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesCIV IV ColonizationColonization.exe»=»C:Program FilesCIV IV ColonizationColonization.exe:*:Enabled:Sid Meier’s Civilization IV: Колонизация»
«C:WINDOWSsystem32mqsvc.exe»=»C:WINDOWSsystem32mqsvc.exe:*:Enabled:Message Queuing»

======List of files/folders created in the last 1 months======

2010-12-24 20:41:59 —-D—- C:Program Filestrend micro
2010-12-24 20:41:53 —-D—- C:rsit
2010-12-23 20:39:46 —-D—- C:Program FilesSpybot — Search & Destroy
2010-12-23 20:39:46 —-D—- C:Documents and SettingsAll UsersApplication DataSpybot — Search & Destroy
2010-12-20 21:49:58 —-D—- C:Documents and SettingsАдминистраторApplication DataPCToolsFirewallPlus
2010-12-20 21:49:37 —-A—- C:WINDOWSsystem32driversPCTCore.sys
2010-12-20 21:49:37 —-A—- C:WINDOWSsystem32driversPCTAppEvent.sys
2010-12-20 21:49:35 —-A—- C:WINDOWSsystem32driverspctgntdi.sys
2010-12-20 21:48:45 —-D—- C:Program FilesCommon FilesPC Tools
2010-12-20 21:48:45 —-A—- C:WINDOWSsystem32driverspctNdis-PacketFilter.sys
2010-12-20 21:48:45 —-A—- C:WINDOWSsystem32driverspctNdis-DNS.sys
2010-12-20 21:48:45 —-A—- C:WINDOWSsystem32driverspctNdis.sys
2010-12-20 21:48:43 —-A—- C:WINDOWSsystem32driverspctplfw.sys
2010-12-20 21:48:42 —-D—- C:Program FilesPC Tools Firewall Plus
2010-12-16 18:41:06 —-HDC—- C:WINDOWS$NtUninstallKB2436673$
2010-12-16 18:40:44 —-HDC—- C:WINDOWS$NtUninstallKB2467659$
2010-12-16 18:37:31 —-HDC—- C:WINDOWS$NtUninstallKB2423089$
2010-12-15 23:56:59 —-D—- C:Downloads
2010-12-11 21:33:39 —-D—- C:Documents and SettingsAll UsersApplication DataSUPERAntiSpyware.com
2010-12-11 21:33:32 —-D—- C:Documents and SettingsAll UsersApplication DataSASCORE
2010-12-11 21:33:24 —-D—- C:Documents and SettingsАдминистраторApplication DataSUPERAntiSpyware.com
2010-12-11 21:31:53 —-A—- C:WINDOWSsystem32driversAtihdXP3.sys
2010-12-11 20:33:05 —-D—- C:RaidTool
2010-12-11 20:33:05 —-A—- C:WINDOWSsystem32xRaidSetup.exe
2010-12-11 20:33:05 —-A—- C:WINDOWSsystem32xRaidAPI.dll
2010-12-11 20:32:46 —-D—- C:WINDOWSRaidTool
2010-12-11 18:52:45 —-A—- C:WINDOWSsystem32TURegOpt.exe
2010-12-11 18:52:44 —-A—- C:WINDOWSsystem32uxtuneup.dll
2010-12-11 18:52:28 —-D—- C:Documents and SettingsАдминистраторApplication DataTuneUp Software
2010-12-11 18:52:16 —-D—- C:Program FilesTuneUp Utilities 2010
2010-12-11 18:52:09 —-D—- C:Documents and SettingsAll UsersApplication DataTuneUp Software
2010-12-11 18:52:01 —-SHD—- C:Documents and SettingsAll UsersApplication Data{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-12-11 18:24:14 —-D—- C:Program FilesDriver-Soft
2010-12-11 17:59:54 —-D—- C:Program FilesDriver Genius
2010-12-11 13:47:18 —-AH—- C:WINDOWSsystem32hamachi.sys
2010-12-11 13:47:02 —-D—- C:Program FilesLogMeIn Hamachi
2010-12-10 18:21:10 —-D—- C:Program FilesBabylon
2010-12-10 18:20:48 —-D—- C:Documents and SettingsАдминистраторApplication DataBabylon
2010-12-10 18:20:48 —-D—- C:Documents and SettingsAll UsersApplication DataBabylon
2010-12-10 18:11:07 —-D—- C:Documents and SettingsАдминистраторApplication Datavlc
2010-12-07 20:54:23 —-D—- C:Intel
2010-12-05 13:20:31 —-D—- C:Program FilesStartUPControl
2010-12-04 20:16:57 —-D—- C:Program FilesATI Stream
2010-12-04 18:28:51 —-D—- C:WINDOWSIIS Temporary Compressed Files
2010-12-04 18:28:39 —-D—- C:WINDOWSsystem32Cache
2010-12-04 18:27:55 —-D—- C:WINDOWSaddins
2010-12-04 15:38:30 —-D—- C:WINDOWSsystem32msmq
2010-12-04 14:52:38 —-D—- C:Program FilesMicrosoft CAPICOM 2.1.0.2
2010-12-04 14:08:02 —-A—- C:WINDOWSas_tmp.txt
2010-12-04 13:58:13 —-A—- C:WINDOWSsystem32LuResult.txt
2010-12-04 13:45:38 —-A—- C:WINDOWSsystem32S32EVNT1.DLL
2010-12-04 13:45:38 —-A—- C:WINDOWSsystem32driversSYMEVENT.SYS
2010-12-04 13:44:55 —-A—- C:WINDOWSsystem32capicom.dll
2010-12-04 13:44:53 —-D—- C:Program FilesSymantec
2010-12-04 13:44:47 —-D—- C:Documents and SettingsAll UsersApplication DataSymantec
2010-11-29 19:42:07 —-D—- C:Portable Programs
2010-11-25 16:37:41 —-D—- C:WINDOWSMinidump

======List of files/folders modified in the last 1 months======

2010-12-24 20:41:59 —-D—- C:Program Files
2010-12-24 20:38:35 —-D—- C:WINDOWSPrefetch
2010-12-24 18:57:56 —-SHD—- C:WINDOWSInstaller
2010-12-24 18:43:30 —-D—- C:WINDOWSsystem32drivers
2010-12-24 18:38:21 —-D—- C:Documents and SettingsАдминистраторApplication DatauTorrent
2010-12-24 18:38:15 —-D—- C:WINDOWSTemp
2010-12-24 18:38:10 —-AD—- C:Documents and SettingsAll UsersApplication DataTEMP
2010-12-24 18:38:08 —-D—- C:WINDOWSsystem32CatRoot2
2010-12-24 18:37:38 —-D—- C:Program FilesSteam
2010-12-24 18:36:18 —-A—- C:WINDOWSSchedLgU.Txt
2010-12-24 17:50:54 —-D—- C:WINDOWSsystem32driversAvg
2010-12-24 00:37:18 —-A—- C:Полезные сайты.txt
2010-12-23 20:20:35 —-D—- C:Program Filesзагрузки игр()
2010-12-21 22:15:26 —-D—- C:WINDOWS
2010-12-21 22:13:24 —-D—- C:WINDOWSsystem32
2010-12-21 22:11:06 —-DC—- C:WINDOWSsystem32dllcache
2010-12-21 22:10:53 —-D—- C:WINDOWSinf
2010-12-21 22:10:51 —-DC—- C:WINDOWSsystem32DRVSTORE
2010-12-20 21:51:43 —-D—- C:Program FilesDownload Master
2010-12-20 21:50:18 —-D—- C:WINDOWSsystem32CatRoot
2010-12-20 21:48:45 —-D—- C:Program FilesCommon Files
2010-12-18 15:32:05 —-HD—- C:Program FilesInstallShield Installation Information
2010-12-18 12:47:16 —-D—- C:Program FilesuTorrent
2010-12-16 18:41:30 —-D—- C:Program FilesInternet Explorer
2010-12-16 18:41:16 —-D—- C:WINDOWS$hf_mig$
2010-12-16 18:37:38 —-A—- C:WINDOWSsystem32MRT.exe
2010-12-16 18:37:33 —-D—- C:Program FilesOutlook Express
2010-12-13 23:36:01 —-D—- C:Program FilesRealtek
2010-12-13 18:21:24 —-D—- C:WINDOWSsystem
2010-12-13 18:21:03 —-A—- C:WINDOWSAS_Debug.txt
2010-12-11 21:48:59 —-D—- C:Program FilesCarambis
2010-12-11 21:45:19 —-D—- C:Program FilesCommon FilesWise Installation Wizard
2010-12-11 20:55:46 —-HDC—- C:WINDOWS$NtUninstallKB2160329$
2010-12-11 20:55:46 —-HDC—- C:WINDOWS$NtUninstallKB2121546$
2010-12-11 20:55:45 —-HDC—- C:WINDOWS$NtUninstallKB2345886$
2010-12-11 20:55:44 —-HDC—- C:WINDOWS$NtUninstallKB2378111_WM9$
2010-12-11 20:55:44 —-DC—- C:WINDOWS$NtUninstallKB898461$
2010-12-11 20:55:44 —-DC—- C:WINDOWS$NtUninstallKB888111WXPSP2$
2010-12-11 20:55:44 —-DC—- C:WINDOWS$NtUninstallKB884020$
2010-12-11 20:55:43 —-HDC—- C:WINDOWS$NtUninstallKB941569$
2010-12-11 20:55:42 —-DC—- C:WINDOWS$NtUninstallKB954155_WM9$
2010-12-11 20:55:41 —-DC—- C:WINDOWS$NtUninstallKB956844$
2010-12-11 20:55:40 —-DC—- C:WINDOWS$NtUninstallKB960859$
2010-12-11 20:55:40 —-DC—- C:WINDOWS$NtUninstallKB960803$
2010-12-11 20:55:40 —-DC—- C:WINDOWS$NtUninstallKB958869$
2010-12-11 20:55:39 —-DC—- C:WINDOWS$NtUninstallKB971737$
2010-12-11 20:55:39 —-DC—- C:WINDOWS$NtUninstallKB971657$
2010-12-11 20:55:39 —-DC—- C:WINDOWS$NtUninstallKB971468$
2010-12-11 20:55:39 —-DC—- C:WINDOWS$NtUninstallKB969947$
2010-12-11 20:55:39 —-DC—- C:WINDOWS$NtUninstallKB968816_WM9$
2010-12-11 20:55:38 —-DC—- C:WINDOWS$NtUninstallKB974112$
2010-12-11 20:55:38 —-DC—- C:WINDOWS$NtUninstallKB973540_WM9$
2010-12-11 20:55:36 —-DC—- C:WINDOWS$NtUninstallKB979402_WM9$
2010-12-11 20:55:36 —-DC—- C:WINDOWS$NtUninstallKB978695_WM9$
2010-12-11 20:55:36 —-DC—- C:WINDOWS$NtUninstallKB978601$
2010-12-11 20:55:35 —-DC—- C:WINDOWS$NtUninstallKB979559$
2010-12-11 20:55:34 —-HDC—- C:WINDOWS$NtUninstallKB981322$
2010-12-11 20:55:34 —-DC—- C:WINDOWS$NtUninstallKB981349$
2010-12-11 20:55:33 —-HDC—- C:WINDOWS$NtUninstallKB982214$
2010-12-11 20:55:33 —-HDC—- C:WINDOWS$NtUninstallKB982132$
2010-12-11 20:55:33 —-HDC—- C:WINDOWS$NtUninstallKB981957$
2010-12-11 20:55:31 —-HDC—- C:WINDOWS$NtUninstallWudf01000$
2010-12-11 20:54:25 —-A—- C:WINDOWSsystem32PerfStringBackup.INI
2010-12-11 20:32:56 —-D—- C:WINDOWSsystem32ReinstallBackups
2010-12-11 18:52:45 —-D—- C:WINDOWSsystem32config
2010-12-11 00:17:37 —-D—- C:Program FilesMozilla Firefox
2010-12-10 18:00:27 —-D—- C:Program FilesСейв
2010-12-09 00:07:16 —-D—- C:Documents and SettingsАдминистраторApplication DataMicrosoft
2010-12-06 23:34:31 —-D—- C:WINDOWSsystem32inetsrv
2010-12-06 23:34:31 —-D—- C:WINDOWSHelp
2010-12-06 23:32:57 —-D—- C:WINDOWSsystem32wbem
2010-12-06 23:32:42 —-D—- C:WINDOWSsystem32Microsoft
2010-12-06 23:31:57 —-D—- C:WINDOWSRegistration
2010-12-06 22:26:37 —-SHD—- C:RECYCLER
2010-12-05 14:57:45 —-D—- C:Documents and SettingsАдминистраторApplication DataSkype
2010-12-05 14:52:54 —-D—- C:Documents and SettingsАдминистраторApplication DataskypePM
2010-12-04 21:31:05 —-D—- C:WINDOWSWinSxS
2010-12-04 20:56:37 —-D—- C:Games
2010-12-04 20:39:30 —-D—- C:WINDOWSpss
2010-12-04 18:35:31 —-D—- C:WINDOWSsecurity
2010-12-04 18:32:45 —-SHD—- C:System Volume Information
2010-12-04 18:27:55 —-D—- C:Documents and SettingsAll UsersApplication DataMicrosoft
2010-12-04 15:17:46 —-A—- C:WINDOWSRtaUpd.exe
2010-12-04 15:17:45 —-A—- C:WINDOWSsystem32RHCoInstXP.dll
2010-12-04 14:44:38 —-A—- C:WINDOWSAscd_log.ini
2010-12-04 14:44:35 —-D—- C:WINDOWSJM
2010-12-04 14:31:10 —-A—- C:WINDOWSAscd_tmp.ini
2010-12-04 14:08:22 —-D—- C:Program FilesASUS
2010-12-04 13:58:26 —-D—- C:Program FilesCCleaner
2010-12-04 13:57:55 —-D—- C:WINDOWSTasks
2010-11-30 22:16:44 —-D—- C:WINDOWSsystem32DirectX
2010-11-28 23:43:36 —-D—- C:WINDOWSsystem32Restore
2010-11-28 17:33:52 —-D—- C:WINDOWSsystem32driversetc
2010-11-26 06:57:20 —-A—- C:WINDOWSsystem32atioglxx.dll
2010-11-26 06:23:36 —-A—- C:WINDOWSsystem32atiok3x2.dll
2010-11-26 06:12:42 —-A—- C:WINDOWSsystem32atiiiexx.dll
2010-11-26 06:07:34 —-A—- C:WINDOWSsystem32aticalrt.dll
2010-11-26 06:07:24 —-A—- C:WINDOWSsystem32aticalcl.dll
2010-11-26 06:06:14 —-A—- C:WINDOWSsystem32aticaldd.dll
2010-11-26 05:55:42 —-A—- C:WINDOWSsystem32ATIDEMGX.dll
2010-11-26 05:54:36 —-A—- C:WINDOWSsystem32ati2dvag.dll
2010-11-26 05:48:02 —-A—- C:WINDOWSsystem32ati3duag.dll
2010-11-26 05:39:40 —-A—- C:WINDOWSsystem32driversati2erec.dll
2010-11-26 05:34:50 —-A—- C:WINDOWSsystem32atipdlxx.dll
2010-11-26 05:34:38 —-A—- C:WINDOWSsystem32Oemdspif.dll
2010-11-26 05:34:28 —-A—- C:WINDOWSsystem32Ati2mdxx.exe
2010-11-26 05:34:22 —-A—- C:WINDOWSsystem32ati2edxx.dll
2010-11-26 05:34:10 —-A—- C:WINDOWSsystem32ati2evxx.dll
2010-11-26 05:32:42 —-A—- C:WINDOWSsystem32ati2evxx.exe
2010-11-26 05:32:24 —-A—- C:WINDOWSsystem32ativvaxx.dll
2010-11-26 05:31:16 —-A—- C:WINDOWSsystem32ATIDDC.DLL
2010-11-26 05:30:30 —-A—- C:WINDOWSsystem32atiapfxx.exe
2010-11-26 05:26:38 —-A—- C:WINDOWSsystem32atikvmag.dll
2010-11-26 05:24:46 —-A—- C:WINDOWSsystem32atiadlxx.dll
2010-11-26 05:24:22 —-A—- C:WINDOWSsystem32atitvo32.dll
2010-11-26 05:18:16 —-A—- C:WINDOWSsystem32ati2cqag.dll
2010-11-26 05:16:32 —-A—- C:WINDOWSsystem32atimpc32.dll
2010-11-26 05:16:32 —-A—- C:WINDOWSsystem32amdpcom32.dll
2010-11-25 20:54:40 —-D—- C:Program Filesдиски
2010-11-25 20:04:09 —-D—- C:Program FilesR.G. Mechanics
2010-11-25 16:45:50 —-D—- C:Program FilesWarhammer литература

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 4m7fczez;Vba32 Armour Driver; C:WINDOWSSystem32Drivers4m7fczez.sys [2010-11-06 35904]
R0 JGOGO;JMicron Hot-Plug Driver; C:WINDOWSsystem32DRIVERSJGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:WINDOWSsystem32DRIVERSjraid.sys [2010-10-29 104536]
R0 pe3ajtsb;Stalker (Pro) Environment Driver (pe3ajtsb); C:WINDOWSsystem32driverspe3ajtsb.sys [2007-03-05 65408]
R0 pe3ajtsc;Stalker (Pro) Environment Driver (pe3ajtsc); C:WINDOWSsystem32driverspe3ajtsc.sys [2008-03-07 64640]
R0 pe3am84b;Ghost Recon — Advanced Warfighter 2 Environment Driver (pe3am84b); C:WINDOWSsystem32driverspe3am84b.sys [2007-09-27 65192]
R0 ps6ajtsb;Stalker (Pro) Synchronization Driver (ps6ajtsb); C:WINDOWSsystem32driversps6ajtsb.sys [2007-03-05 52104]
R0 ps7ajtsc;Stalker (Pro) Synchronization Driver (ps7ajtsc); C:WINDOWSsystem32driversps7ajtsc.sys [2008-03-07 68744]
R0 ps7am84b;Ghost Recon — Advanced Warfighter 2 Synchronization Driver (ps7am84b); C:WINDOWSsystem32driversps7am84b.sys [2007-09-27 68784]
R1 appdrv01;Application Driver (01); C:WINDOWSSystem32Driversappdrv01.sys [2010-06-27 2915944]
R1 AsIO;AsIO; C:WINDOWSsystem32driversAsIO.sys [2010-11-04 12400]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:WINDOWSSystem32Driversavgldx86.sys [2010-07-15 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:WINDOWSSystem32Driversavgmfx86.sys [2010-06-16 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:WINDOWSSystem32Driversavgtdix.sys [2010-07-15 243024]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2008-04-14 40704]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2008-04-14 14720]
R1 pctgntdi;pctgntdi; ??C:WINDOWSsystem32driverspctgntdi.sys []
R1 uzm3mjux;AVZ-RK Kernel Driver; ??C:WINDOWSsystem32Driversuzm3mjux.sys []
R2 atksgt;atksgt; C:WINDOWSsystem32DRIVERSatksgt.sys [2010-07-06 271360]
R2 lirsgt;lirsgt; C:WINDOWSsystem32DRIVERSlirsgt.sys [2010-07-06 18048]
R2 PCTAppEvent;PCTAppEvent Driver; ??C:WINDOWSsystem32driversPCTAppEvent.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:WINDOWSsystem32driversADIHdAud.sys [2006-06-27 245760]
R3 AEAudio;AE Audio Service; C:WINDOWSsystem32driversAEAudio.sys [2006-04-27 93824]
R3 ati2mtag;ati2mtag; C:WINDOWSsystem32DRIVERSati2mtag.sys [2010-11-26 5555712]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:WINDOWSsystem32driversAtihdXP3.sys [2010-08-19 101904]
R3 hamachi;Hamachi Network Interface; C:WINDOWSsystem32DRIVERShamachi.sys [2010-02-03 26176]
R3 HDAudBus;Драйвер шины Microsoft UAA для High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2008-04-13 144384]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2008-04-13 10368]
R3 MQAC;Message Queuing access control; ??C:WINDOWSsystem32driversmqac.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:WINDOWSsystem32DRIVERSASACPI.sys [2004-08-13 5810]
R3 PCTFW-PacketFilter;PCTools Firewall — Packet filter driver; ??C:WINDOWSsystem32driverspctNdis-PacketFilter.sys []
R3 pctNdisMP;PC Tools Driver; C:WINDOWSsystem32DRIVERSpctNdis.sys [2010-07-08 57536]
R3 pctplfw;pctplfw; ??C:WINDOWSsystem32driverspctplfw.sys []
R3 RMCAST;Reliable Multicast Protocol driver; ??C:WINDOWSsystem32driversRMCast.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:WINDOWSsystem32DRIVERSRtenicxp.sys [2010-11-12 273512]
R3 SenFiltService;SenFilt Service; C:WINDOWSsystem32driversSenfilt.sys [2006-03-17 392960]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; ??C:Program FilesTuneUp Utilities 2010TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2008-04-13 32128]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2008-04-14 20608]
S2 ASInsHelp;ASInsHelp; ??C:WINDOWSsystem32driversAsInsHelp32.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:WINDOWSsystem32driversAtiHdmi.sys [2009-08-19 100368]
S3 CCDECODE;Closed Caption декодер; C:WINDOWSsystem32DRIVERSCCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Преобразователь потоков Tee/Sink-to-Sink Microsoft; C:WINDOWSsystem32driversMSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI кодек; C:WINDOWSsystem32DRIVERSNABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft видео или ТВ подключение; C:WINDOWSsystem32DRIVERSNdisIP.sys [2008-04-13 10880]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service; C:WINDOWSsystem32DRIVERSpctNdis.sys [2010-07-08 57536]
S3 RTHDMIAzAudService;Service for HDMI; C:WINDOWSsystem32driversRtKHDMI.sys [2010-12-04 4078400]
S3 SLIP;BDA Slip De-Framer; C:WINDOWSsystem32DRIVERSSLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; C:WINDOWSsystem32driversStarOpen.sys [2009-11-12 7168]
S3 streamip;BDA IPSink; C:WINDOWSsystem32DRIVERSStreamIP.sys [2008-04-13 15232]
S3 SymEvent;SymEvent; ??C:Program FilesSymantecSYMEVENT.SYS []
S3 usbser;USB Serial emulation modem driver; C:WINDOWSsystem32DRIVERSusbser.sys [2008-04-13 26112]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB-видеоустройство (WDM); C:WINDOWSSystem32Driversusbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;World Standard Teletext кодек; C:WINDOWSsystem32DRIVERSWSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:WINDOWSsystem32Ati2evxx.exe [2010-11-26 614400]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe [2010-10-23 72704]
R2 avg9emc;AVG Free E-mail Scanner; C:Program FilesAVGAVG9avgemc.exe [2010-07-20 921952]
R2 avg9wd;AVG Free WatchDog; C:Program FilesAVGAVG9avgwdsvc.exe [2010-07-15 308136]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:Program FilesLogMeIn Hamachihamachi-2.exe [2010-12-06 1238408]
R2 ICQ Service;ICQ Service; C:Program FilesICQ6ToolbarICQ Service.exe [2009-06-01 222968]
R2 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); C:Program FilesAutodesk3ds Max 9mentalraysatelliteraysat_3dsmax9_32server.exe [2006-09-29 65536]
R2 MSMQ;Message Queuing; C:WINDOWSsystem32mqsvc.exe [2008-04-14 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:WINDOWSsystem32mqtgsvc.exe [2008-04-14 117248]
R2 NMSAccess;NMSAccess; C:Program FilesCDBurnerXPNMSAccessU.exe [2010-03-04 71096]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:Program FilesPC Tools Firewall PlusFWService.exe [2010-11-17 287024]
R2 PnkBstrA;PnkBstrA; C:WINDOWSsystem32PnkBstrA.exe [2010-07-06 75064]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:Program FilesTuneUp Utilities 2010TuneUpUtilitiesService32.exe [2010-08-12 1051968]
R2 UxTuneUp;TuneUp Theme Extension; C:WINDOWSSystem32svchost.exe [2008-04-14 14336]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE [2009-08-18 1529728]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:WINDOWSSystem32appdrvrem01.exe [2010-06-27 304528]
S2 ATI Smart;ATI Smart; C:WINDOWSsystem32ati2sgag.exe [2009-09-18 593920]
S2 ccEvtMgr;Symantec Event Manager; c:Program FilesCommon FilesSymantec SharedccEvtMgr.exe []
S2 ccSetMgr;Symantec Settings Manager; c:Program FilesCommon FilesSymantec SharedccSetMgr.exe []
S2 pr2ajtsb;Stalker (Pro) Drivers Auto Removal (pr2ajtsb); C:WINDOWSsystem32pr2ajtsb.exe [2007-03-05 407168]
S2 pr2ajtsc;Stalker (Pro) Drivers Auto Removal (pr2ajtsc); C:WINDOWSsystem32pr2ajtsc.exe [2008-03-07 411000]
S2 pr2am84b;Ghost Recon — Advanced Warfighter 2 Drivers Auto Removal (pr2am84b); C:WINDOWSsystem32pr2am84b.exe [2007-09-27 411048]
S3 aspnet_state;ASP.NET State Service; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S3 ccISPwdSvc;Symantec Internet Security Password Validation; c:Program FilesNorton Internet SecurityccPwdSvc.exe []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
S3 comHost;COM Host; c:Program FilesNorton Internet SecuritycomHost.exe []
S3 DAUpdaterSvc;Dragon Age: Origins — Content Updater; C:Program FilesDragon Age Originsbin_shipDAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S3 LPDSVC;Сервер печати TCP/IP; C:WINDOWSsystem32tcpsvcs.exe [2001-10-20 19456]
S3 NSCService;Norton Protection Center Service; c:Program FilesCommon FilesSymantec SharedSecurity ConsoleNSCSRVCE.EXE []
S3 SNDSrvc;Symantec Network Drivers Service; c:Program FilesCommon FilesSymantec SharedSNDSrvc.exe []
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:Program FilesTuneUp Utilities 2010TuneUpDefragService.exe [2010-12-11 435008]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]

---

EOF

---