Баннер от 3PIC.COM

[dezt]

Итак вчера возникла проблема выскочил баннер от 3pic.com с просьбой отправить смс
Я прочитал инструкцию на форуме сделал все правильно сейчас выложу лог от RSIT
info.txt logfile of random’s system information tool 1.06 2010-04-30 00:45:53

======Uninstall list======

—>MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
—>msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {744C859F-C225-48A9-A524-4DED432F36C7}
—>MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
—>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
7-Zip 4.46 beta—>»C:Program Files7-ZipUninstall.exe»
ACDSee 9 Photo Manager—>MsiExec.exe /I{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)—>MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Bridge 1.0—>MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer—>MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 10 Plugin—>C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Flash Player 9 ActiveX—>C:WINDOWSsystem32MacromedFlashFlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX—>C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Help Center 1.0—>MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2—>msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8 — Russian—>MsiExec.exe /I{AC76BA86-7AD7-1049-7B44-A81200000003}
Adobe Shockwave Player—>C:WINDOWSsystem32MacromedSHOCKW~1UNWISE.EXE C:WINDOWSsystem32MacromedSHOCKW~1Install.log
Adobe Stock Photos 1.0—>MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Aliens versus Predator Gold Edition—>C:WINDOWSIsUninst.exe -f»d:gamesAliens Vs. Predator GoldUninst.isu»
Aliens vs. Predator—>»D:GAMESAliens vs. Predator 2010Uninstallunins000.exe»
AnalogX Scratch—>C:Program FilesAnalogXScratchscratchu.exe
Apple Application Support—>MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support—>MsiExec.exe /I{8FC46258-0843-4D79-B7F0-F2B82FE6173B}
Apple Software Update—>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Apple Software Update—>MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
ASIO4ALL—>C:Program FilesASIO4ALL v2uninstall.exe
Assassin’s Creed—>»D:GAMESAssassins Creedunins000.exe»
avast! Antivirus—>C:Program FilesAlwil SoftwareAvast4aswRunDll.exe «C:Program FilesAlwil SoftwareAvast4Setupsetiface.dll»,RunSetup
AVP II — PRIMAL HUNT v.1.0—>»D:GAMESAVP II — PRIMAL HUNTunins000.exe»
CheMax Rus 9.1—>»C:Program FilesCheMaxRusunins000.exe»
Collab—>C:Program FilesImage-LineCollabuninstall.exe
Counter-Strike 1.1 Full Version—>D:GAMESCOUNTE~1UNWISE.EXE D:GAMESCOUNTE~1INSTALL.LOG
Counter-strike 1.6—>»D:GAMESParanoiauninstall.exe»
Counter-Strike(TM)—>MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
Counter-Strike: Source—>MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
Day of Defeat—>»D:GAMESSTEAMsteam.exe» steam://uninstall/30
Deathmatch Classic—>»D:GAMESSTEAMsteam.exe» steam://uninstall/40
eSpeak version 1.41.01—>»C:Program FileseSpeakunins000.exe»
FIFA08—>C:Program FilesInstallShield Installation Information{F7399AF3-822B-4D80-92C8-D88B22A76A52}setup.exe -runfromtemp -l0x0419
FL Studio 8—>C:Program FilesImage-LineFL Studio 8uninstall.exe
FormatFactory 2.15—>D:ProgrammsFormatFactoryuninst.exe
Frontlines: Fuel of War—>D:GAMESFRONTL~1UNWISE.EXE D:GAMESFRONTL~1INSTALL.LOG
G-Force—>C:Program FilesSoundSpectrumG-ForceUninstall.exe
Gigabyte Raid Configurer—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}SETUP.EXE» -l0x19 -removeonly
Guild Wars—>»D:GAMESGuild WarsGw.exe» -uninstall
Half-Life 2: Episode One—>»D:GAMESSTEAMsteam.exe» steam://uninstall/380
Half-Life 2: Episode Two—>»D:GAMESSTEAMsteam.exe» steam://uninstall/420
Half-Life 2—>»D:GAMESSTEAMsteam.exe» steam://uninstall/220
Half-Life(R)—>MsiExec.exe /I{BACBC990-8681-4D00-9227-F3A32123BB7A}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)—>C:WINDOWSsystem32msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=»»
IL Download Manager—>C:Program FilesImage-LineDownloaderuninstall.exe
Inkscape 0.47pre0—>D:ProgrammsInkscapeUninstall.exe
Java 2 Runtime Environment, SE v1.4.2_03—>MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 20—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
K-Lite Codec Pack 3.4.0 Full—>»C:Program FilesK-Lite Codec Packunins000.exe»
Left 4 Dead 2—>»D:GAMESSTEAMsteam.exe» steam://uninstall/550
Left 4 Dead—>»D:GAMESSTEAMsteam.exe» steam://uninstall/500
Microsoft .NET Framework 1.1 Hotfix (KB886903)—>»C:WINDOWSMicrosoft.NETFrameworkv1.1.4322Updateshotfix.exe» «»
Microsoft .NET Framework 1.1 Russian Language Pack—>MsiExec.exe /X{2BB372D9-52B4-410A-BC1A-FEAB63181EEF}
Microsoft .NET Framework 1.1—>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1—>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack — RUS—>MsiExec.exe /I{736D8DEB-66C6-3655-9D59-DF6493A81F77}
Microsoft .NET Framework 2.0 Service Pack 2—>MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Russian Language Pack—>C:WINDOWSMicrosoft.NETFrameworkv3.0Microsoft .NET Framework 3.0 Russian Language Packsetup.exe
Microsoft .NET Framework 3.0 Russian Language Pack—>MsiExec.exe /X{855B04CC-4F7A-4FBB-B7BA-D965D23F7AD5}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack — RUS—>MsiExec.exe /I{6CF6A814-CE65-39FC-BBBC-6CB340A4028B}
Microsoft .NET Framework 3.0 Service Pack 2—>MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 — rus—>MsiExec.exe /I{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}
Microsoft .NET Framework 3.5 SP1—>C:WINDOWSMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5 SP1setup.exe
Microsoft .NET Framework 3.5 SP1—>MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Games for Windows — LIVE —>MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
Microsoft Games for Windows — LIVE Redistributable—>MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft Office Excel MUI (Russian) 2007—>MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Russian) 2007—>MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Russian) 2007—>MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007—>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007—>MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007—>MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007—>MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007—>MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Standard 2007—>MsiExec.exe /X{90120000-0012-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (Russian) 2007—>MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft Office Стандартный 2007—>»C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall STANDARD /dll OSETUP.DLL
Microsoft User-Mode Driver Framework Feature Pack 1.0—>»C:WINDOWS$NtUninstallWudf01000$spuninstspuninst.exe»
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable — x86 9.0.21022—>MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mozilla Firefox (3.6.3)—>C:Program FilesMozilla Firefoxuninstallhelper.exe
MSXML 4.0 SP2 (KB927978)—>MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 6.0 Parser (KB927977)—>MsiExec.exe /I{CDC55141-E531-44A6-AB13-1AF4B7157D46}
MTS Connect—>C:Program FilesMTS Connectuninst.exe
MuzRu—>MsiExec.exe /I{8884BCB5-E5AD-42BB-827A-9558DF8B74F5}
Need for Speed ProStreet—>C:Program FilesInstallShield Installation Information{24912945-17EA-4943-863C-6949274694A1}setup.exe -runfromtemp -l0x0419
Nero 6 Ultra Edition—>C:Program FilesNeronerouninstallUNNERO.exe /UNINSTALL
NHL 08—>D:GAMESNHL08UNWISE.EXE D:GAMESNHL08INSTALL.LOG
NHL® 08—>D:GAMESNHL08unwise.exe
NVIDIA Drivers—>C:WINDOWSsystem32nvuninst.exe UninstallGUI
NVIDIA PhysX—>MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
OCR Software by I.R.I.S 7.0—>C:Program FilesHPDigital ImagingOCRhpzscr01.exe -datfile hpqbud11.dat
OpenAL—>»C:Program FilesOpenALoalinst.exe» /U
Opera 9.23—>MsiExec.exe /X{9B8C03F2-206E-4781-910B-46F2CD63608C}
PoiZone—>C:Program FilesImage-LinePoiZoneuninstall.exe
Portal—>»D:GAMESSTEAMsteam.exe» steam://uninstall/400
QuickTime—>MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Realtek High Definition Audio Driver—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1150Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}SETUP.EXE» -l0x19 -removeonly
Ricochet—>»D:GAMESSTEAMsteam.exe» steam://uninstall/60
Rockstar Games Social Club—>»C:Program FilesInstallShield Installation Information{08B3869E-D282-424C-9AFC-870E04A4BA14}setup.exe» -runfromtemp -l0x0009 -removeonly
SAMSUNG CDMA Modem Driver Set—>C:WINDOWSsystem32Samsung_USB_Drivers3SSCDUninstall.exe
Samsung Master—>C:Program FilesInstallShield Installation Information{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}Setup.exe -runfromtemp -l0x0019 -removeonly
Samsung Mobile phone USB driver Software—>C:WINDOWSsystem32Samsung_USB_Drivers5SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software—>C:WINDOWSsystem32Samsung_USB_Drivers1SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software—>C:WINDOWSsystem32Samsung_USB_Drivers2SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}setup.exe» -l0x9 -removeonly
Samsung PC Studio—>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime1050Intel32Ctor.dll,LaunchSetup «C:Program FilesInstallShield Installation Information{C4A4722E-79F9-417C-BD72-8D359A090C97}setup.exe» -l0x9 -removeonly
Shockwave—>C:WINDOWSsystem32MacromedShockwave 8UNWISE.EXE C:WINDOWSsystem32MacromedShockwave 8Install.log
SiN—>»D:GAMESSTEAMsteam.exe» steam://uninstall/1313
Steam(TM)—>MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Team Fortress 2—>»D:GAMESSTEAMsteam.exe» steam://uninstall/440
Toxic Biohazard—>C:Program FilesImage-LineToxic Biohazarduninstall.exe
Translation Dictionary & Tools Professional 4.3—>MsiExec.exe /I{6E335785-6EF4-4746-91B6-DE3341CA0745}
TVicHW32 Version 1.0—>»C:Program FilesGIGABYTETVicHW32unins000.exe»
Unlocker 1.8.5—>C:Program FilesUnlockeruninst.exe
VGA Utility—>MsiExec.exe /I{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}
Windows Imaging Component—>»C:WINDOWS$NtUninstallWIC$spuninstspuninst.exe»
Windows Media Format 11 runtime—>»C:Program FilesWindows Media Playerwmsetsdk.exe» /UninstallAll
Windows Media Format 11 runtime—>»C:WINDOWS$NtUninstallWMFDist11$spuninstspuninst.exe»
Windows Media Player 11—>»C:WINDOWS$NtUninstallwmp11$spuninstspuninst.exe»
Windows Presentation Foundation Language Pack (RUS)—>MsiExec.exe /X{D83A3DFC-8528-4E31-93DC-0A41C477109C}
Windows Presentation Foundation—>MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
XML Paper Specification Shared Components Language Pack 1.0—>»C:WINDOWS$NtUninstallXPSEPSCLP$spuninstspuninst.exe»
Архиватор WinRAR—>C:Program FilesWinRARuninstall.exe
Галактика Знакомств—>MsiExec.exe /I{9BD4548D-FE1D-48F1-BD28-704BA84D88CA}
Интерактивный курс игры на пианино—>C:Program FilesInstallShield Installation Information{1FE2E388-D39E-489F-AB05-A475A5C2D30D}setup.exe
Пакет обновления 2 для клиента управления правами Windows с поддержкой прежних версий—>MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
Пакет обновления 2 для клиента управления правами Windows—>MsiExec.exe /X{9350CD11-D3F0-4B6D-B18F-74E968D5770A}
Проигрыватель Windows Media 11—>»C:Program FilesWindows Media PlayerSetup_wm.exe» /Uninstall
Языковой пакет Microsoft .NET Framework 3.5 SP1 — RUS—>C:WINDOWSMicrosoft.NETFrameworkv3.5Microsoft .NET Framework 3.5 Language Pack SP1 — russetup.exe

======Security center information======

AV: avast! antivirus 4.8.1368 [VPS 100403-0] (outdated)

======System event log======

Computer Name: REANIMAT-102218
Event Code: 83
Message: Port A is down

Record Number: 42582
Source Name: yukonwxp
Time Written: 20100315113551.000000+180
Event Type: информация
User:

Computer Name: REANIMAT-102218
Event Code: 4201
Message: Система обнаружила, что сетевой адаптер DEVICETCPIP_{74E2BEDF-1DB6-402F-AC23-41AD724AD920} был подключен к сети,
и инициировала нормальную работу через этот сетевой адаптер.

Record Number: 42581
Source Name: Tcpip
Time Written: 20100315113547.000000+180
Event Type: информация
User:

Computer Name: REANIMAT-102218
Event Code: 121
Message: Port A is up with 100 Mbps

Record Number: 42580
Source Name: yukonwxp
Time Written: 20100315113546.000000+180
Event Type: информация
User:

Computer Name: REANIMAT-102218
Event Code: 7036
Message: Служба «Диспетчер подключений удаленного доступа» перешла в состояние Работает.

Record Number: 42579
Source Name: Service Control Manager
Time Written: 20100315113134.000000+180
Event Type: информация
User:

Computer Name: REANIMAT-102218
Event Code: 7036
Message: Служба «Служба шлюза уровня приложения» перешла в состояние Работает.

Record Number: 42578
Source Name: Service Control Manager
Time Written: 20100315113124.000000+180
Event Type: информация
User:

=====Application event log=====

Computer Name: REANIMAT-102218
Event Code: 1001
Message: User profile hive cleanup service version 1.6.30.0 started successfully.

Record Number: 3464
Source Name: UPHClean
Time Written: 20100117121058.000000+180
Event Type: информация
User:

Computer Name: REANIMAT-102218
Event Code: 1010
Message: User profile hive cleanup service stopped successfully.

Record Number: 3463
Source Name: UPHClean
Time Written: 20100117051130.000000+180
Event Type: информация
User:

Computer Name: REANIMAT-102218
Event Code: 1401
Message: The following handles in user profile hive REANIMAT-102218Admin (S-1-5-21-1409082233-1844237615-839522115-500) have been remapped because they were preventing the profile from unloading successfully:

svchost.exe (948)
HKCU (0x24c)

Record Number: 3462
Source Name: UPHClean
Time Written: 20100117051126.000000+180
Event Type: информация
User: REANIMAT-102218Admin

Computer Name: REANIMAT-102218
Event Code: 0
Message:
Record Number: 3461
Source Name: MuzRuWMPPlugin
Time Written: 20100117014044.000000+180
Event Type: ошибка
User:

Computer Name: REANIMAT-102218
Event Code: 0
Message:
Record Number: 3460
Source Name: MuzRuWMPPlugin
Time Written: 20100117014044.000000+180
Event Type: ошибка
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program FilesSamsungSamsung PC Studio 3;C:Program FilesCommon FilesAdobeAGL;C:Program FilesQuickTimeQTSystem
«windir»=%SystemRoot%
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«PROCESSOR_ARCHITECTURE»=x86
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=x86 Family 6 Model 15 Stepping 6, GenuineIntel
«PROCESSOR_REVISION»=0f06
«NUMBER_OF_PROCESSORS»=2
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«DEVMGR_SHOW_DETAILS»=1
«DEVMGR_SHOW_NONPRESENT_DEVICES»=1
«CLASSPATH»=.;C:Program FilesJavaj2re1.4.2_03libextQTJava.zip
«QTJAVA»=C:Program FilesJavaj2re1.4.2_03libextQTJava.zip
«RGSCLauncher»=D:GAMESRockstar ClubRockstar Games Social Club
«RGSC»=D:GAMESRockstar ClubRockstar Games Social Club1_0_0_0

---

EOF

---

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Admin at 2010-04-30 11:33:06
Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (21%) free of 52 GB
Total RAM: 2046 MB (81% free)

HijackThis download failed

======Scheduled tasks folder======

C:WINDOWStasksAppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program FilesJavajre6binjp2ssv.dll [2010-04-29 41760]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class — C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2010-04-29 79648]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«Punto Switcher»=C:program filespunto switcherps.exe [2004-11-14 205824]
«VolumeControl»=C:program filesVolumeControlvolume.exe [2003-09-16 36864]
«RTHDCPL»=C:WINDOWSRTHDCPL.EXE [2006-07-21 16261632]
«SkyTel»=C:WINDOWSSkyTel.EXE [2006-05-16 2879488]
«Alcmtr»=C:WINDOWSALCMTR.EXE [2005-05-03 69632]
«GBB36X Configure»=C:WINDOWSsystem32JMRaidTool.exe [2006-07-12 356352]
«ISUSPM Startup»=C:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe [2005-08-11 249856]
«ISUSScheduler»=C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe [2005-08-11 81920]
«NeroFilterCheck»=C:WINDOWSsystem32NeroCheck.exe [2006-01-12 155648]
«avast!»=C:PROGRA~1ALWILS~1Avast4ashDisp.exe [2009-11-25 81000]
«UnlockerAssistant»=C:Program FilesUnlockerUnlockerAssistant.exe [2006-09-07 15872]
«KernelFaultCheck»=C:WINDOWSsystem32dumprep 0 -k []
«NvCplDaemon»=C:WINDOWSsystem32NvCpl.dll [2009-03-27 13684736]
«nwiz»=nwiz.exe /install []
«NvMediaCenter»=C:WINDOWSsystem32NvMcTray.dll [2009-03-27 86016]
«SunJavaUpdateSched»=C:Program FilesCommon FilesJavaJava Updatejusched.exe [2010-02-18 248040]
«QuickTime Task»=C:Program FilesQuickTimeQTTask.exe [2009-09-05 417792]
«Adobe Reader Speed Launcher»=C:Program FilesAdobeReader 8.0ReaderReader_sl.exe [2008-01-11 39792]
«C:Documents and SettingsAdmin.REANIMAT-102218Рабочий столTrojan Remover 6.8.0.2586.exe»=C:Documents and SettingsAdmin.REANIMAT-102218Рабочий столTrojan Remover 6.8.0.2586.exe [2009-08-05 8681800]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«ctfmon.exe»=C:WINDOWSsystem32ctfmon.exe [2004-08-18 15360]
«NBJ»=C:Program FilesNeroNero BackItUpNBJ.exe [2006-09-15 2048000]
«Shell»=C:Documents and SettingsAll Userssystems.exe [2010-04-29 336384]

C:Documents and SettingsAll Users.WINDOWSГлавное менюПрограммыАвтозагрузка
Быстрый запуск HP Photosmart Premier.lnk — C:Program FilesHPDigital Imagingbinhpqthb08.exe

C:Documents and SettingsAdmin.REANIMAT-102218Главное менюПрограммыАвтозагрузка
Adobe Gamma.lnk — C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
GIGABYTE VGA Utility.lnk — C:Documents and SettingsAdmin.REANIMAT-102218Application DataMicrosoftInstaller{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
WPDShServiceObj — {AAA288BA-9A4C-45B0-95D7-94D524869DB5} — C:WINDOWSsystem32WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«InstallVisualStyle»=C:WINDOWSResourcesThemesRoyaleRoyale.msstyles
«InstallTheme»=C:WINDOWSResourcesThemesRoyale.theme
«SynchronousMachineGroupPolicy»=0
«SynchronousUserGroupPolicy»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveTypeAutoRun»=145
«ForceClassicControlPanel»=1
«NoSMConfigurePrograms»=1
«NoSMHelp»=1
«NoDrives»=262144

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»
«C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE»=»C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook»
«D:GAMESSTEAMSteamAppsfactessin episodes emergenceSinEpisodes.exe»=»D:GAMESSTEAMSteamAppsfactessin episodes emergenceSinEpisodes.exe:*:Enabled:SiN Episodes: Emergence»
«D:GAMESSTEAMSteamAppsfactesdark messiah might and magic multi-playerrunme.exe»=»D:GAMESSTEAMSteamAppsfactesdark messiah might and magic multi-playerrunme.exe:*:Enabled:Dark Messiah Might and Magic Multi-Player»
«D:GAMESSTEAMSteamAppsfactescodename gordoncg.exe»=»D:GAMESSTEAMSteamAppsfactescodename gordoncg.exe:*:Enabled:Codename Gordon»
«D:GAMESSTEAMSteamAppscommonpeggle extremePeggleExtreme.exe»=»D:GAMESSTEAMSteamAppscommonpeggle extremePeggleExtreme.exe:*:Enabled:Peggle Extreme»
«D:GAMESSTEAMSteamAppsfactescondition zero deleted sceneshl.exe»=»D:GAMESSTEAMSteamAppsfactescondition zero deleted sceneshl.exe:*:Disabled:Half-Life Launcher»
«C:Program FilesICQ6.5ICQ.exe»=»C:Program FilesICQ6.5ICQ.exe:*:Enabled:ICQ»
«C:Program FilesHPDigital Imagingbinhpqtra08.exe»=»C:Program FilesHPDigital Imagingbinhpqtra08.exe:*:Enabled:hpqtra08.exe»
«C:Program FilesHPDigital Imagingbinhpqste08.exe»=»C:Program FilesHPDigital Imagingbinhpqste08.exe:*:Enabled:hpqste08.exe»
«C:Program FilesHPDigital Imagingbinhpofxm08.exe»=»C:Program FilesHPDigital Imagingbinhpofxm08.exe:*:Enabled:hpofxm08.exe»
«C:Program FilesHPDigital Imagingbinhposfx08.exe»=»C:Program FilesHPDigital Imagingbinhposfx08.exe:*:Enabled:hposfx08.exe»
«C:Program FilesHPDigital Imagingbinhposid01.exe»=»C:Program FilesHPDigital Imagingbinhposid01.exe:*:Enabled:hposid01.exe»
«C:Program FilesHPDigital Imagingbinhpqscnvw.exe»=»C:Program FilesHPDigital Imagingbinhpqscnvw.exe:*:Enabled:hpqscnvw.exe»
«C:Program FilesHPDigital Imagingbinhpqkygrp.exe»=»C:Program FilesHPDigital Imagingbinhpqkygrp.exe:*:Enabled:hpqkygrp.exe»
«C:Program FilesHPDigital ImagingbinhpqCopy.exe»=»C:Program FilesHPDigital ImagingbinhpqCopy.exe:*:Enabled:hpqcopy.exe»
«C:Program FilesHPDigital Imagingbinhpfccopy.exe»=»C:Program FilesHPDigital Imagingbinhpfccopy.exe:*:Enabled:hpfccopy.exe»
«C:Program FilesHPDigital Imagingbinhpzwiz01.exe»=»C:Program FilesHPDigital Imagingbinhpzwiz01.exe:*:Enabled:hpzwiz01.exe»
«C:Program FilesHPDigital ImagingUnloadHpqPhUnl.exe»=»C:Program FilesHPDigital ImagingUnloadHpqPhUnl.exe:*:Enabled:hpqphunl.exe»
«C:Program FilesHPDigital ImagingUnloadHpqDIA.exe»=»C:Program FilesHPDigital ImagingUnloadHpqDIA.exe:*:Enabled:hpqdia.exe»
«C:Program FilesHPDigital Imagingbinhpoews01.exe»=»C:Program FilesHPDigital Imagingbinhpoews01.exe:*:Enabled:hpoews01.exe»
«C:Program FilesHPDigital Imagingbinhpqnrs08.exe»=»C:Program FilesHPDigital Imagingbinhpqnrs08.exe:*:Enabled:hpqnrs08.exe»
«D:GAMESSTEAMSteam.exe»=»D:GAMESSTEAMSteam.exe:*:Enabled:Steam»
«C:Program FilesIcecast2 Win32Icecast2win.exe»=»C:Program FilesIcecast2 Win32Icecast2win.exe:*:Enabled:Icecast2win»
«D:GAMESFAR CRY 2binFarCry2.exe»=»D:GAMESFAR CRY 2binFarCry2.exe:*:Enabled:Far Cry® 2»
«D:GAMESCOD5CoDWaW.exe»=»D:GAMESCOD5CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop»
«D:GAMESCOD5CoDWaWmp.exe»=»D:GAMESCOD5CoDWaWmp.exe:*:Enabled:Call of Duty(R): World at War Multiplayer»
«D:GAMESFAR CRY 2binFC2Editor.exe»=»D:GAMESFAR CRY 2binFC2Editor.exe:*:Enabled:Far Cry 2 Map Editor»
«D:GAMESSerious SamBinSeriousSam.exe»=»D:GAMESSerious SamBinSeriousSam.exe:*:Enabled:SeriousSam»
«D:GAMESRESIDENT EVIL 5RE5DX9.EXE»=»D:GAMESRESIDENT EVIL 5RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5»
«D:GAMESSTALKER CALL OF PRIPYATbinxrEngine.exe»=»D:GAMESSTALKER CALL OF PRIPYATbinxrEngine.exe:*:Enabled:xrEngine»
«D:GAMESNeed For Speed ShiftEADMCore.exe»=»D:GAMESNeed For Speed ShiftEADMCore.exe:*:Enabled:EA Download Manager»
«C:Program FilesWindows Media Playerwmplayer.exe»=»C:Program FilesWindows Media Playerwmplayer.exe:*:Enabled:Windows Media Player»
«D:GAMESSTALKER CLEAR SKYbinxrEngine.exe»=»D:GAMESSTALKER CLEAR SKYbinxrEngine.exe:*:Enabled:xrEngine»
«D:GAMESBattlestations — Pacificbsp.exe»=»D:GAMESBattlestations — Pacificbsp.exe:*:Enabled:Battlestations: Pacific»
«C:Program FilesSkypePhoneSkype.exe»=»C:Program FilesSkypePhoneSkype.exe:*:Enabled:Skype «
«D:GAMESENDWARBinariesEndWar.exe»=»D:GAMESENDWARBinariesEndWar.exe:*:Enabled:Tom Clancy’s EndWar»
«D:GAMESSTALKERSTALKER SHADOW OF CHERNOBYLbinXR_3DA.exe»=»D:GAMESSTALKERSTALKER SHADOW OF CHERNOBYLbinXR_3DA.exe:*:Enabled:XR_3DA»
«D:GAMESSTALKERSTALKER CALL OF PRIPYATbinxrEngine.exe»=»D:GAMESSTALKERSTALKER CALL OF PRIPYATbinxrEngine.exe:*:Enabled:xrEngine»
«D:GAMESSTALKERSTALKER CLEAR SKYbinxrEngine.exe»=»D:GAMESSTALKERSTALKER CLEAR SKYbinxrEngine.exe:*:Enabled:xrEngine»
«D:GAMESLEFT 4 DEAD 2left4dead2.exe»=»D:GAMESLEFT 4 DEAD 2left4dead2.exe:*:Enabled:left4dead2»
«D:GAMESSTEAMSteamAppsfactesteam fortress 2hl2.exe»=»D:GAMESSTEAMSteamAppsfactesteam fortress 2hl2.exe:*:Enabled:hl2»
«D:GAMESSTEAMSteamAppsfacteshalf-life blue shifthl.exe»=»D:GAMESSTEAMSteamAppsfacteshalf-life blue shifthl.exe:*:Enabled:Half-Life Launcher»
«D:GAMESRockstar ClubRockstar Games Social ClubRGSCLauncher.exe»=»D:GAMESRockstar ClubRockstar Games Social ClubRGSCLauncher.exe:*:Enabled:Rockstar Games Social Club»
«D:GAMESGTA IVGTAIV.exe»=»D:GAMESGTA IVGTAIV.exe:*:Enabled:Grand Theft Auto IV»
«C:Documents and SettingsAdmin.REANIMAT-102218Рабочий столFIFA08.exe»=»C:Documents and SettingsAdmin.REANIMAT-102218Рабочий столFIFA08.exe:*:Enabled:FIFA08»
«D:GAMESBattlefield — Vietnambfvietnam.exe»=»D:GAMESBattlefield — Vietnambfvietnam.exe:*:Enabled:bfvietnam»
«D:GAMESfac2fakk2.exe»=»D:GAMESfac2fakk2.exe:*:Enabled:Heavy Metal : Fakk 2»
«D:SierraCounter-Strikehl.exe»=»D:SierraCounter-Strikehl.exe:*:Enabled:Half-Life Launcher»
«D:GAMESAliens Vs. Predator GoldavpR.exe»=»D:GAMESAliens Vs. Predator GoldavpR.exe:*:Enabled:avpR»
«D:GAMESAliens vs. Predator 2010AvP.exe»=»D:GAMESAliens vs. Predator 2010AvP.exe:*:Enabled:Aliens vs. Predator (DX9)»
«D:GAMESAliens vs. Predator 2010AvP_DX11.exe»=»D:GAMESAliens vs. Predator 2010AvP_DX11.exe:*:Enabled:Aliens vs. Predator (DX11)»
«D:GAMESSTEAMSteamAppsfactescondition zerohl.exe»=»D:GAMESSTEAMSteamAppsfactescondition zerohl.exe:*:Enabled:Condition Zero»
«D:GAMESSTEAMSteamAppsfactescounter-strike sourcehl2.exe»=»D:GAMESSTEAMSteamAppsfactescounter-strike sourcehl2.exe:*:Enabled:Counter-Strike: Source»
«D:GAMESSTEAMSteamAppsfactesteam fortress classichl.exe»=»D:GAMESSTEAMSteamAppsfactesteam fortress classichl.exe:*:Enabled:Team Fortress Classic»
«D:GAMESSTEAMSteamAppsfacteshalf-life sourcehl2.exe»=»D:GAMESSTEAMSteamAppsfacteshalf-life sourcehl2.exe:*:Enabled:Half-Life: Source»
«D:GAMESSTEAMSteamAppsfactesdeathmatch classichl.exe»=»D:GAMESSTEAMSteamAppsfactesdeathmatch classichl.exe:*:Enabled:Deathmatch Classic»
«D:GAMESSTEAMSteamAppsfactesopposing forcehl.exe»=»D:GAMESSTEAMSteamAppsfactesopposing forcehl.exe:*:Enabled:Half-Life: Opposing Force»
«D:GAMESSTEAMSteamAppscommonleft 4 deadleft4dead.exe»=»D:GAMESSTEAMSteamAppscommonleft 4 deadleft4dead.exe:*:Enabled:Left 4 Dead»
«D:GAMESSTEAMSteamAppsfactesricochethl.exe»=»D:GAMESSTEAMSteamAppsfactesricochethl.exe:*:Enabled:Ricochet»
«D:GAMESSTEAMSteamAppsfactescounter-strikehl.exe»=»D:GAMESSTEAMSteamAppsfactescounter-strikehl.exe:*:Enabled:Counter-Strike»
«D:GAMESSTEAMSteamAppsfacteshalf-lifehl.exe»=»D:GAMESSTEAMSteamAppsfacteshalf-lifehl.exe:*:Enabled:Half-Life»
«D:GAMESSTEAMSteamAppscommonleft 4 dead 2left4dead2.exe»=»D:GAMESSTEAMSteamAppscommonleft 4 dead 2left4dead2.exe:*:Enabled:Left 4 Dead 2»

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
«%windir%system32sessmgr.exe»=»%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019»
«%windir%Network Diagnosticxpnetdiag.exe»=»%windir%Network Diagnosticxpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000»

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2E]
shellAutoRuncommand — E:AutoRun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{7af24e4a-1ed7-11df-949f-001a4d6877e2}]
shellAutoRuncommand — G:AutoRun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{7af24e4e-1ed7-11df-949f-001a4d6877e2}]
shellAutoRuncommand — G:AutoRun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c2ce1626-255e-11df-94b3-001a4d6877e2}]
shellAutoRuncommand — G:AutoRun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c2ce162a-255e-11df-94b3-001a4d6877e2}]
shellAutoRuncommand — G:AutoRun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c2ce162b-255e-11df-94b3-001a4d6877e2}]
shellAutoRuncommand — E:AutoRun.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c2ce162e-255e-11df-94b3-001a4d6877e2}]
shellAutoRuncommand — E:AutoRun.exe

======File associations======

.reg — open — «regedit.exe» «%1»

======List of files/folders created in the last 1 months======

2010-04-30 00:45:51 —-D—- C:Program Filestrend micro
2010-04-30 00:45:49 —-D—- C:rsit
2010-04-29 19:49:14 —-A—- C:WINDOWSsystem32netprotocol.dll
2010-04-29 18:44:50 —-D—- C:Documents and SettingsAll Users.WINDOWSApplication DataSun
2010-04-29 18:44:07 —-A—- C:WINDOWSsystem32javaws.exe
2010-04-29 18:44:07 —-A—- C:WINDOWSsystem32javaw.exe
2010-04-29 18:44:07 —-A—- C:WINDOWSsystem32java.exe
2010-04-29 18:44:07 —-A—- C:WINDOWSsystem32deployJava1.dll
2010-04-29 18:40:37 —-A—- C:Documents and SettingsAdmin.REANIMAT-102218Application Datanetprotocol.exe
2010-04-04 13:18:42 —-D—- C:Program FilesASIO4ALL v2
2010-04-04 13:17:36 —-D—- C:Program FilesOutsim

======List of files/folders modified in the last 1 months======

2010-04-30 11:31:56 —-D—- C:WINDOWSTemp
2010-04-30 11:26:45 —-AD—- C:WINDOWS
2010-04-30 11:26:04 —-D—- C:WINDOWSsystem32drivers
2010-04-30 00:45:51 —-D—- C:Program Files
2010-04-29 22:00:34 —-D—- C:Program FilesOpera
2010-04-29 22:00:32 —-D—- C:Program FilesMozilla Firefox
2010-04-29 19:49:14 —-AD—- C:WINDOWSsystem32
2010-04-29 18:44:50 —-SHD—- C:WINDOWSInstaller
2010-04-28 19:19:09 —-D—- C:WINDOWSsystem32CatRoot2
2010-04-24 22:52:36 —-A—- C:WINDOWSiltwain.ini
2010-04-18 01:48:07 —-A—- C:WINDOWSNeroDigital.ini
2010-04-17 20:49:37 —-A—- C:WINDOWSmusicmaker.INI
2010-04-04 13:18:44 —-D—- C:Program FilesImage-Line
2010-04-04 13:18:35 —-D—- C:Program FilesVstPlugins
2010-04-04 13:18:26 —-AHD—- C:WINDOWSinf

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:WINDOWSsystem32driversAavmker4.sys [2009-11-25 27408]
R1 appdrv01;Application Driver (01); C:WINDOWSSystem32Driversappdrv01.sys [2009-11-04 3100776]
R1 aswSP;avast! Self Protection; C:WINDOWSsystem32driversaswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:WINDOWSsystem32driversaswTdi.sys [2009-11-25 48560]
R1 intelppm;Драйвер Intel процессора; C:WINDOWSsystem32DRIVERSintelppm.sys [2007-02-16 40448]
R1 kbdhid;Драйвер клавиатуры HID; C:WINDOWSsystem32DRIVERSkbdhid.sys [2004-08-18 14848]
R1 StarOpen;StarOpen; C:WINDOWSsystem32driversStarOpen.sys [2006-07-24 5632]
R2 aswFsBlk;aswFsBlk; C:WINDOWSsystem32DRIVERSaswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:WINDOWSsystem32driversaswMon2.sys [2009-11-25 94160]
R2 rspndr;Ответчик обнаружения топологии уровня связи; C:WINDOWSsystem32DRIVERSrspndr.sys [2006-12-04 62336]
R2 TVicHW32;TVicHW32; C:WINDOWSsystem32driversTVicHW32.sys [2006-10-13 29536]
R3 aswRdr;aswRdr; C:WINDOWSsystem32driversaswRdr.sys [2009-11-25 23120]
R3 FStarForce;FStarForce; C:WINDOWSsystem32DRIVERSFStarForce.sys [2008-10-16 7680]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:WINDOWSsystem32DRIVERSHDAudBus.sys [2005-12-26 138752]
R3 hidusb;Драйвер класса HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2004-08-18 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:WINDOWSsystem32driversRtkHDAud.sys [2006-07-24 4353024]
R3 mouhid;Драйвер мыши HID; C:WINDOWSsystem32DRIVERSmouhid.sys [2007-02-17 12160]
R3 nv;nv; C:WINDOWSsystem32DRIVERSnv4_mini.sys [2009-03-27 6280416]
R3 pfc;Padus ASPI Shell; C:WINDOWSsystem32driverspfc.sys [2010-02-01 10368]
R3 usbccgp;Драйвер универсального родительского устройства USB (Microsoft); C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-18 31616]
R3 usbehci;Драйвер минипорта Microsoft USB 2.0 расширенного хост-контроллера; C:WINDOWSsystem32DRIVERSusbehci.sys [2007-02-16 30208]
R3 usbhub;USB2 концентратор; C:WINDOWSsystem32DRIVERSusbhub.sys [2006-10-23 59264]
R3 usbuhci;Драйвер минипорта Microsoft USB универсального хост-контроллера; C:WINDOWSsystem32DRIVERSusbuhci.sys [2006-10-23 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:WINDOWSsystem32DRIVERSyk51x86.sys [2006-07-12 248192]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:WINDOWSsystem32DRIVERSHPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:WINDOWSsystem32DRIVERSHPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:WINDOWSsystem32DRIVERSHPZius12.sys [2006-04-13 21568]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:WINDOWSsystem32DRIVERSewusbmdm.sys [2008-12-13 102400]
S3 hwusbfake;Huawei DataCard USB Fake; C:WINDOWSsystem32DRIVERSewusbfake.sys [2008-12-30 102656]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:WINDOWSsystem32DRIVERSssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:WINDOWSsystem32DRIVERSssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:WINDOWSsystem32DRIVERSssm_mdm.sys [2005-08-30 94000]
S3 StillCam;Драйвер цифровой фотокамеры для посл. порта; C:WINDOWSsystem32DRIVERSserscan.sys [2001-10-19 6912]
S3 usbaudio;Аудио драйвер USB (WDM); C:WINDOWSsystem32driversusbaudio.sys [2004-08-03 59264]
S3 usbprint;Класс принтеров Microsoft USB; C:WINDOWSsystem32DRIVERSusbprint.sys [2004-08-03 25856]
S3 usbscan;Драйвер USB-сканера; C:WINDOWSsystem32DRIVERSusbscan.sys [2004-08-03 15104]
S3 USBSTOR;Драйвер запоминающих устройств для USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S3 WudfPf;Windows Driver Foundation — User-mode Driver Framework Platform Driver; C:WINDOWSsystem32DRIVERSWudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation — User-mode Driver Framework Reflector; C:WINDOWSsystem32DRIVERSwudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:Program FilesAlwil SoftwareAvast4ashServ.exe [2009-11-25 138680]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6binjqs.exe [2010-04-29 153376]
R2 Netprotocol;Network Protocol Driver; C:Documents and SettingsAdmin.REANIMAT-102218Application Datanetprotocol.exe [2010-04-29 76800]
R2 NVSvc;NVIDIA Display Driver Service; C:WINDOWSsystem32nvsvc32.exe [2009-03-27 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WINDOWSsystem32HPZipm12.exe [2006-03-03 69632]
R2 UPHClean;User Profile Hive Cleanup; C:WINDOWSsystem32uphclean.exe [2006-01-16 241725]
R3 avast! Mail Scanner;avast! Mail Scanner; C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:Program FilesAlwil SoftwareAvast4ashWebSv.exe [2009-11-25 352920]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:WINDOWSSystem32appdrvrem01.exe svc []
S3 Adobe LM Service;Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [2008-04-04 72704]
S3 aspnet_state;Служба состояний ASP.NET; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:WINDOWSMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:WINDOWSMicrosoft.NETFrameworkv3.0WPFPresentationFontCache.exe [2008-07-29 46104]
S3 HP Port Resolver;HP Port Resolver; C:WINDOWSsystem32spooldriversw32x863HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:WINDOWSsystem32spooldriversw32x863HPBOID.EXE [2004-10-16 73728]
S3 idsvc;Windows CardSpace; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Служба общих сетевых ресурсов проигрывателя Windows Media; C:Program FilesWindows Media PlayerWMPNetwk.exe [2006-11-03 914944]
S3 WudfSvc;Windows Driver Foundation — User-mode Driver Framework; C:WINDOWSsystem32svchost.exe [2004-08-18 14336]
S4 NetTcpPortSharing;Служба общего доступа к портам Net.Tcp; C:WINDOWSMicrosoft.NETFrameworkv3.0Windows Communication FoundationSMSvcHost.exe [2008-07-29 132096]

---

EOF

---

[Автор]

Сообщения